Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/ee43a0-edf5-447d-b473-b2a13a3a9b8a/1/wDWho8QvmAp0MM7I9FUVZl4GZmo.roa
File:                     wDWho8QvmAp0MM7I9FUVZl4GZmo.roa (raw, json)
Hash identifier:          ItXkBj4WWsXH69cOs4Gvaa87rXqsg659IWO1lQxgaZg=
Subject key identifier:   C0:35:A1:A3:C4:2F:98:0A:74:30:CE:C8:F4:55:15:66:5E:06:66:6A
Certificate issuer:       /CN=24b708b6527abbd2de2b9b373496abc1d748b6e7
Certificate serial:       04F8EFCC
Authority key identifier: 24:B7:08:B6:52:7A:BB:D2:DE:2B:9B:37:34:96:AB:C1:D7:48:B6:E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JLcItlJ6u9LeK5s3NJarwddItuc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/ee43a0-edf5-447d-b473-b2a13a3a9b8a/1/wDWho8QvmAp0MM7I9FUVZl4GZmo.roa
Signing time:             Wed 11 May 2022 11:55:02 +0000
ROA not before:           Wed 11 May 2022 11:55:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200470
IP address blocks:        185.104.103.0/24 maxlen: 24
                          185.104.100.0/23 maxlen: 23
                          185.104.102.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 83423180 (0x4f8efcc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24b708b6527abbd2de2b9b373496abc1d748b6e7
        Validity
            Not Before: May 11 11:55:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c035a1a3c42f980a7430cec8f45515665e06666a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:a1:91:69:3d:d9:fd:5e:37:3e:54:25:71:1a:
                    ea:0e:f8:98:f0:c2:7f:d5:76:35:cc:c7:c4:7d:89:
                    dc:e3:c8:c6:f7:6e:b5:c2:55:cd:68:2c:e1:2f:c9:
                    bb:9f:5f:d1:5b:8f:0e:f5:17:dd:0c:12:3d:63:58:
                    cb:80:85:1b:78:95:ae:01:4d:95:fc:5f:f4:05:e7:
                    7c:3f:1b:88:12:8d:8d:4c:27:72:84:9a:e5:15:15:
                    7b:fb:22:81:6e:95:6c:9f:79:48:a6:21:4f:54:c8:
                    47:38:33:37:ca:2a:bc:c4:61:7c:1c:2e:7d:9d:57:
                    c7:8c:af:59:9e:b9:6f:84:f7:dd:eb:39:82:e9:8b:
                    62:4c:2b:fe:ff:c5:00:c7:ef:1e:76:34:8d:5a:7b:
                    c6:cf:f1:e6:95:96:8a:67:4c:6d:14:a6:b2:93:d2:
                    57:b1:a3:04:ec:5e:6c:a0:de:2d:2d:b4:a6:24:5d:
                    dc:9d:9d:bd:54:a1:e9:9d:92:84:67:95:6c:b2:11:
                    62:e6:cb:ff:23:a7:9c:70:20:8d:d6:27:91:f9:8a:
                    25:96:27:40:f6:4b:b4:a0:cc:bc:27:eb:c2:85:6b:
                    b6:9f:2c:ef:cb:e0:19:72:a1:fc:6d:93:2d:db:0f:
                    06:a7:25:1e:fb:2a:c9:bd:59:bf:be:43:b4:5b:42:
                    7b:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:35:A1:A3:C4:2F:98:0A:74:30:CE:C8:F4:55:15:66:5E:06:66:6A
            X509v3 Authority Key Identifier:
                keyid:24:B7:08:B6:52:7A:BB:D2:DE:2B:9B:37:34:96:AB:C1:D7:48:B6:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JLcItlJ6u9LeK5s3NJarwddItuc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/ee43a0-edf5-447d-b473-b2a13a3a9b8a/1/wDWho8QvmAp0MM7I9FUVZl4GZmo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/ee43a0-edf5-447d-b473-b2a13a3a9b8a/1/JLcItlJ6u9LeK5s3NJarwddItuc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.104.100.0/22

    Signature Algorithm: sha256WithRSAEncryption
         67:79:02:4b:93:7e:87:23:9c:52:af:36:d0:7d:14:71:f5:49:
         7f:55:ac:e6:9a:b0:fd:a8:76:62:0c:c5:d7:b6:c2:22:02:12:
         71:2e:42:2f:fa:95:4f:af:34:36:93:47:4f:42:67:a0:71:f6:
         4d:a1:3e:1c:19:cd:19:2e:09:34:01:4b:c7:d2:27:d8:21:77:
         19:ca:ca:6c:34:61:79:81:38:8f:96:c8:30:31:5e:6b:3a:68:
         7a:f6:81:7e:42:81:47:e6:28:46:0b:7b:1b:c1:ce:74:a9:4b:
         be:18:49:07:ef:c8:a1:2b:d2:0c:41:c8:09:33:3c:6a:59:bf:
         8a:14:de:65:7b:6b:60:55:c1:0b:e2:7e:16:35:34:eb:f1:3b:
         cb:ae:d5:2a:82:aa:88:3e:66:d6:06:a7:b2:ee:6e:d8:30:6e:
         f1:36:9d:ec:55:3e:c1:2a:1c:77:75:a2:18:fd:76:ff:7e:ad:
         84:51:6d:3d:bf:be:76:7c:36:8e:4c:fa:9b:3a:e0:23:aa:72:
         92:df:2c:be:42:c4:1d:5d:8f:4c:f0:c3:4e:8a:3c:bf:57:1b:
         47:99:2c:9c:d5:68:88:f1:06:a3:4b:23:fe:68:a2:d1:a6:9b:
         41:bf:83:ed:c2:b8:14:f2:d3:af:5a:8e:91:f5:93:cd:7b:a3:
         e6:8b:4f:b5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBPjvzDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NGI3MDhiNjUyN2FiYmQyZGUyYjliMzczNDk2YWJjMWQ3NDhiNmU3MB4XDTIyMDUx
MTExNTUwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzAzNWExYTNjNDJm
OTgwYTc0MzBjZWM4ZjQ1NTE1NjY1ZTA2NjY2YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJihkWk92f1eNz5UJXEa6g74mPDCf9V2NczHxH2J3OPIxvdu
tcJVzWgs4S/Ju59f0VuPDvUX3QwSPWNYy4CFG3iVrgFNlfxf9AXnfD8biBKNjUwn
coSa5RUVe/sigW6VbJ95SKYhT1TIRzgzN8oqvMRhfBwufZ1Xx4yvWZ65b4T33es5
gumLYkwr/v/FAMfvHnY0jVp7xs/x5pWWimdMbRSmspPSV7GjBOxebKDeLS20piRd
3J2dvVSh6Z2ShGeVbLIRYubL/yOnnHAgjdYnkfmKJZYnQPZLtKDMvCfrwoVrtp8s
78vgGXKh/G2TLdsPBqclHvsqyb1Zv75DtFtCe+sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTANaGjxC+YCnQwzsj0VRVmXgZmajAfBgNVHSMEGDAWgBQktwi2Unq70t4r
mzc0lqvB10i25zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pMY0l0bEo2dTlMZUs1czNOSmFyd2RkSXR1Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWIvZWU0M2EwLWVkZjUtNDQ3ZC1iNDczLWIyYTEzYTNhOWI4YS8x
L3dEV2hvOFF2bUFwME1NN0k5RlVWWmw0R1ptby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIv
ZWU0M2EwLWVkZjUtNDQ3ZC1iNDczLWIyYTEzYTNhOWI4YS8xL0pMY0l0bEo2dTlM
ZUs1czNOSmFyd2RkSXR1Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArloZDANBgkqhkiG9w0BAQsFAAOC
AQEAZ3kCS5N+hyOcUq820H0UcfVJf1Ws5pqw/ah2YgzF17bCIgIScS5CL/qVT680
NpNHT0JnoHH2TaE+HBnNGS4JNAFLx9In2CF3GcrKbDRheYE4j5bIMDFeazpoevaB
fkKBR+YoRgt7G8HOdKlLvhhJB+/IoSvSDEHICTM8alm/ihTeZXtrYFXBC+J+FjU0
6/E7y67VKoKqiD5m1gansu5u2DBu8Tad7FU+wSocd3WiGP12/36thFFtPb++dnw2
jkz6mzrgI6pykt8svkLEHV2PTPDDToo8v1cbR5ksnNVoiPEGo0sj/mii0aabQb+D
7cK4FPLTr1qOkfWTzXuj5otPtQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:11 2024 by rpki-client on console-fra.rpki-client.org