Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Wz84PSgeZvFror-k-bGpGUXWMS0.roa
File:                     Wz84PSgeZvFror-k-bGpGUXWMS0.roa (raw, json)
Hash identifier:          qvYmWGgl//y4Mwooo3+fYh1KgcOyFs64DIz3ZC1tWg8=
Subject key identifier:   5B:3F:38:3D:28:1E:66:F1:6B:A2:BF:A4:F9:B1:A9:19:45:D6:31:2D
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       0183F428B44879E3E9EBFFACB36E910D3143
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Wz84PSgeZvFror-k-bGpGUXWMS0.roa
Signing time:             Thu 20 Oct 2022 06:50:51 +0000
ROA not before:           Thu 20 Oct 2022 06:50:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39639
IP address blocks:        2a01:7680::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:f4:28:b4:48:79:e3:e9:eb:ff:ac:b3:6e:91:0d:31:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Oct 20 06:50:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5b3f383d281e66f16ba2bfa4f9b1a91945d6312d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:a4:53:f8:2f:d3:12:24:9b:50:d1:5f:1c:ad:
                    9d:45:99:dd:9b:bf:69:ea:3d:c4:19:09:37:73:d1:
                    d1:9b:d6:86:47:2d:4d:13:ba:f2:02:05:9f:be:ef:
                    08:7c:5d:de:53:2e:0a:e4:6b:47:37:6a:a3:6b:ad:
                    35:6c:07:48:a9:a4:6d:89:d1:b9:08:aa:5d:20:dd:
                    db:85:46:d0:e5:fe:26:a0:69:4d:a3:13:83:9a:23:
                    87:d7:2d:18:2b:05:9e:c4:e5:39:f2:19:44:c2:1b:
                    b6:d3:a5:d6:4f:84:10:0a:5d:06:e5:34:01:7d:70:
                    01:af:33:50:9e:bc:81:25:a1:16:2c:91:41:b3:76:
                    86:30:db:79:66:05:eb:e0:d9:4f:94:16:04:10:0b:
                    ae:01:0e:a2:7a:67:9d:80:ab:8e:02:fc:32:5e:c5:
                    d3:ef:9d:eb:eb:e9:14:e5:90:1c:48:63:3e:e4:51:
                    ba:4d:93:eb:02:5c:10:7a:6d:b6:b7:82:fe:ac:c1:
                    a2:9d:6b:74:78:fe:3d:0a:61:7d:ea:7c:5d:05:45:
                    ee:1f:c4:b2:de:10:ab:e3:ff:35:d6:6d:23:c2:8d:
                    84:2d:86:5c:d0:3d:d7:05:89:00:bc:b2:b3:87:d6:
                    61:b7:be:0c:7d:e0:a7:3d:82:52:f1:33:d9:4c:08:
                    88:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:3F:38:3D:28:1E:66:F1:6B:A2:BF:A4:F9:B1:A9:19:45:D6:31:2D
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Wz84PSgeZvFror-k-bGpGUXWMS0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a01:7680::/32

    Signature Algorithm: sha256WithRSAEncryption
         5f:ee:f5:e2:3c:16:9a:0b:a1:be:4f:9f:d4:39:3e:b3:d4:df:
         a8:b9:4c:49:ca:67:a5:26:85:95:2b:c4:43:fb:52:16:d8:fc:
         66:a6:74:5f:56:ef:b8:a5:84:50:93:6e:dc:fb:13:23:fb:76:
         f6:ab:d7:48:d2:87:22:cc:2a:82:12:6a:b8:91:ce:b8:2d:0d:
         8e:e8:a2:96:ac:d7:cc:6b:3a:cd:9d:d4:95:64:46:f9:e8:28:
         1a:7d:77:a9:b8:e8:45:aa:37:84:47:2f:2e:2a:67:a9:9b:47:
         01:98:2e:75:1e:20:57:ba:1d:a2:0d:f8:3e:26:79:c8:df:b2:
         da:7a:fa:b8:2d:fa:ad:93:52:45:31:1a:e2:a1:15:3f:08:cb:
         f6:0c:1c:6c:66:79:bb:da:4a:e9:df:ce:eb:55:e8:75:9a:35:
         4c:ad:d1:4d:e8:db:73:e7:34:7b:e5:e8:12:a1:81:51:c9:71:
         82:e6:96:03:69:e1:df:64:94:7e:31:5c:54:be:8c:59:3c:6e:
         7b:b3:f0:0f:2c:f3:68:ca:8f:ec:24:3b:69:4c:6f:8a:b8:f6:
         8d:44:c8:b3:98:53:9b:44:0b:c3:35:a7:f1:58:a4:c8:05:16:
         1b:e3:8b:f4:02:66:82:02:0d:7e:b1:b5:31:ad:da:d5:95:f2:
         b1:d5:4e:d0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYP0KLRIeePp6/+ss26RDTFDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjIxMDIwMDY1MDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjNmMzgzZDI4MWU2NmYxNmJhMmJmYTRmOWIxYTkxOTQ1ZDYzMTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6RT+C/TEiSbUNFfHK2dRZndm79p
6j3EGQk3c9HRm9aGRy1NE7ryAgWfvu8IfF3eUy4K5GtHN2qja601bAdIqaRtidG5
CKpdIN3bhUbQ5f4moGlNoxODmiOH1y0YKwWexOU58hlEwhu206XWT4QQCl0G5TQB
fXABrzNQnryBJaEWLJFBs3aGMNt5ZgXr4NlPlBYEEAuuAQ6iemedgKuOAvwyXsXT
753r6+kU5ZAcSGM+5FG6TZPrAlwQem22t4L+rMGinWt0eP49CmF96nxdBUXuH8Sy
3hCr4/811m0jwo2ELYZc0D3XBYkAvLKzh9Zht74MfeCnPYJS8TPZTAiIDQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFs/OD0oHmbxa6K/pPmxqRlF1jEtMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvV3o4NFBTZ2VadkZyb3Itay1iR3BHVVhXTVMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgF2gDAN
BgkqhkiG9w0BAQsFAAOCAQEAX+714jwWmguhvk+f1Dk+s9TfqLlMScpnpSaFlSvE
Q/tSFtj8ZqZ0X1bvuKWEUJNu3PsTI/t29qvXSNKHIswqghJquJHOuC0NjuiilqzX
zGs6zZ3UlWRG+egoGn13qbjoRao3hEcvLipnqZtHAZgudR4gV7odog34PiZ5yN+y
2nr6uC36rZNSRTEa4qEVPwjL9gwcbGZ5u9pK6d/O61XodZo1TK3RTejbc+c0e+Xo
EqGBUclxguaWA2nh32SUfjFcVL6MWTxue7PwDyzzaMqP7CQ7aUxvirj2jUTIs5hT
m0QLwzWn8VikyAUWG+OL9AJmggINfrG1Ma3a1ZXysdVO0A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:35 2024 by rpki-client on console-ams.rpki-client.org