Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/w5w71MLgYpjFK34nqWWdGvozNfo.roa
File:                     w5w71MLgYpjFK34nqWWdGvozNfo.roa (raw, json)
Hash identifier:          FmDMyMLqYTIAO1LzOsCOyIJq85+O9ixDHXgPKlkw4R4=
Subject key identifier:   C3:9C:3B:D4:C2:E0:62:98:C5:2B:7E:27:A9:65:9D:1A:FA:33:35:FA
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0183CBCDABBA5571326F24C789CC3530659E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/w5w71MLgYpjFK34nqWWdGvozNfo.roa
Signing time:             Wed 12 Oct 2022 10:46:37 +0000
ROA not before:           Wed 12 Oct 2022 10:46:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35619
IP address blocks:        193.58.239.0/24 maxlen: 24
                          2a10:ccc2::/36 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:cb:cd:ab:ba:55:71:32:6f:24:c7:89:cc:35:30:65:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Oct 12 10:46:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c39c3bd4c2e06298c52b7e27a9659d1afa3335fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:6c:b0:5d:3a:8c:65:de:e2:33:d0:f7:24:ad:
                    5c:61:39:0f:4f:ce:5b:64:2e:e3:38:13:a3:76:be:
                    48:ed:37:15:f0:13:12:3d:ca:13:c6:2e:36:70:66:
                    02:ca:82:9e:dc:74:18:7a:3e:37:7e:e7:33:08:71:
                    28:f1:95:4a:08:79:19:b1:f1:46:2d:06:52:1f:35:
                    b7:89:d9:99:5f:ba:bb:b7:c9:47:fc:1f:ea:57:9a:
                    0e:1c:11:9c:ff:d3:1c:ad:4f:03:00:85:5c:ae:ee:
                    ec:7b:a7:47:92:e1:f7:ea:fb:0f:d0:be:74:f4:2a:
                    bc:a1:70:e1:62:00:04:bc:85:80:ce:09:9a:70:d3:
                    2a:04:25:72:2a:e3:87:9b:f4:05:af:b3:1a:12:6b:
                    be:4f:20:17:97:82:d6:f2:2b:df:f6:c6:48:9f:7b:
                    c1:9f:84:a0:19:87:72:dd:db:e5:d3:84:ba:a1:bd:
                    a1:17:73:21:c0:08:5f:4e:a7:e9:62:93:9f:05:d4:
                    00:1a:ee:78:af:ef:b0:88:d3:5e:0e:a3:67:b9:a3:
                    d1:30:7e:d4:d1:c9:1b:65:34:bc:6b:4d:65:e6:43:
                    61:6d:a1:a7:46:de:a5:4f:8c:32:4a:d6:cb:8a:44:
                    82:83:3e:3e:33:e6:3e:fe:fa:16:9c:d6:04:70:ce:
                    e0:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:9C:3B:D4:C2:E0:62:98:C5:2B:7E:27:A9:65:9D:1A:FA:33:35:FA
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/w5w71MLgYpjFK34nqWWdGvozNfo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.58.239.0/24
                IPv6:
                  2a10:ccc2::/36

    Signature Algorithm: sha256WithRSAEncryption
         5a:c5:15:72:94:17:af:b4:6e:32:23:1b:d9:d4:de:2e:aa:d7:
         02:14:40:9d:97:3a:06:9d:06:d1:e6:74:35:fd:3d:54:e3:fc:
         98:b8:9e:de:4f:02:6e:33:29:3f:8c:3e:10:85:81:5c:09:d3:
         41:42:c9:fb:a2:05:ba:9f:6d:6a:99:9b:4c:76:c1:0e:39:d5:
         3e:ed:57:0f:32:51:31:06:38:0c:a9:49:e5:05:69:df:6a:00:
         9b:72:40:f3:78:3f:6e:c0:26:86:68:42:23:37:58:49:46:5e:
         32:bf:bf:63:77:63:0e:d8:8b:cc:e8:3a:0a:c6:d0:9e:2c:fc:
         bf:f4:64:56:4c:39:40:60:9d:68:90:70:fd:76:cf:d1:6e:f7:
         d8:db:cb:6d:ce:01:90:41:8e:bf:72:9e:53:45:74:0f:7d:bb:
         84:a5:68:22:ae:2a:3c:9d:1e:1c:cb:a6:04:ef:00:11:d2:b5:
         28:2e:a2:1b:fb:94:3c:c1:7b:cc:b5:77:d8:36:44:78:ea:0e:
         32:1c:2a:43:90:03:5e:87:4b:84:de:aa:68:69:24:92:14:b2:
         5b:7a:29:72:10:c0:19:f1:ba:36:e0:c8:67:db:02:91:5d:8a:
         60:8a:84:35:6a:b8:72:8e:a9:c4:cd:4d:73:c2:80:59:84:6d:
         44:bf:4a:a6
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYPLzau6VXEybyTHicw1MGWeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDEyMTA0NjM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzljM2JkNGMyZTA2Mjk4YzUyYjdlMjdhOTY1OWQxYWZhMzMzNWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGywXTqMZd7iM9D3JK1cYTkPT85b
ZC7jOBOjdr5I7TcV8BMSPcoTxi42cGYCyoKe3HQYej43fuczCHEo8ZVKCHkZsfFG
LQZSHzW3idmZX7q7t8lH/B/qV5oOHBGc/9McrU8DAIVcru7se6dHkuH36vsP0L50
9Cq8oXDhYgAEvIWAzgmacNMqBCVyKuOHm/QFr7MaEmu+TyAXl4LW8ivf9sZIn3vB
n4SgGYdy3dvl04S6ob2hF3MhwAhfTqfpYpOfBdQAGu54r++wiNNeDqNnuaPRMH7U
0ckbZTS8a01l5kNhbaGnRt6lT4wyStbLikSCgz4+M+Y+/voWnNYEcM7gAQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFMOcO9TC4GKYxSt+J6llnRr6MzX6MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdzV3NzFNTGdZcGpGSzM0bnFXV2RHdm96TmZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAwTrvMA4E
AgACMAgDBgQqEMzCADANBgkqhkiG9w0BAQsFAAOCAQEAWsUVcpQXr7RuMiMb2dTe
LqrXAhRAnZc6Bp0G0eZ0Nf09VOP8mLie3k8CbjMpP4w+EIWBXAnTQULJ+6IFup9t
apmbTHbBDjnVPu1XDzJRMQY4DKlJ5QVp32oAm3JA83g/bsAmhmhCIzdYSUZeMr+/
Y3djDtiLzOg6CsbQniz8v/RkVkw5QGCdaJBw/XbP0W732NvLbc4BkEGOv3KeU0V0
D327hKVoIq4qPJ0eHMumBO8AEdK1KC6iG/uUPMF7zLV32DZEeOoOMhwqQ5ADXodL
hN6qaGkkkhSyW3opchDAGfG6NuDIZ9sCkV2KYIqENWq4co6pxM1Nc8KAWYRtRL9K
pg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:34 2024 by rpki-client on console-ams.rpki-client.org