Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/451b53-4152-4ce3-ab98-ebef8597452d/1/vwc9CmEvZsbhFfPIjqo5j5MkiSk.roa
File:                     vwc9CmEvZsbhFfPIjqo5j5MkiSk.roa (raw, json)
Hash identifier:          YPrhn4c1S0DYeteggGcH6gjYwycXSVb+Gfa/WLLoA8g=
Subject key identifier:   BF:07:3D:0A:61:2F:66:C6:E1:15:F3:C8:8E:AA:39:8F:93:24:89:29
Certificate issuer:       /CN=2eeb616915d6e4ad39434e85da0e972b0e681d75
Certificate serial:       0136371A
Authority key identifier: 2E:EB:61:69:15:D6:E4:AD:39:43:4E:85:DA:0E:97:2B:0E:68:1D:75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LuthaRXW5K05Q06F2g6XKw5oHXU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/451b53-4152-4ce3-ab98-ebef8597452d/1/vwc9CmEvZsbhFfPIjqo5j5MkiSk.roa
Signing time:             Sat 01 Jan 2022 11:55:08 +0000
ROA not before:           Sat 01 Jan 2022 11:55:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        5.57.213.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20330266 (0x136371a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2eeb616915d6e4ad39434e85da0e972b0e681d75
        Validity
            Not Before: Jan  1 11:55:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bf073d0a612f66c6e115f3c88eaa398f93248929
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:49:8d:13:fb:33:66:bc:79:a2:83:86:4d:83:
                    90:1e:52:27:01:c5:4e:bf:52:d8:ea:3d:b5:65:05:
                    f6:79:95:f1:33:c8:89:53:3b:e7:83:37:9e:54:21:
                    93:40:34:05:61:67:0a:e7:4a:d6:b9:ff:61:fc:8f:
                    00:0f:60:dc:30:57:c4:e4:0f:50:83:14:9a:da:da:
                    8a:44:ad:65:7e:05:36:8b:8c:06:29:cd:5c:41:8c:
                    ef:19:6d:80:91:d8:c3:69:9b:9b:0a:ee:0c:e8:0a:
                    28:89:da:fe:b0:36:96:0f:39:48:38:21:5c:79:17:
                    01:11:97:28:45:85:fa:74:46:9d:b2:0a:2c:26:26:
                    2d:6a:72:6a:b8:86:87:05:c5:0c:c0:42:42:61:4e:
                    6a:ce:c7:e8:ea:32:04:08:d4:4c:5e:77:65:e8:ef:
                    20:f4:fa:ab:ca:38:24:ca:06:5a:fa:7b:c5:f3:b1:
                    76:56:db:b2:ec:04:ba:5d:9a:d0:9d:ea:d0:02:58:
                    7f:b6:69:ef:9d:48:59:f3:1d:bc:6b:92:55:23:ed:
                    7e:dd:73:cd:b9:56:91:9d:2c:30:bb:15:26:c3:8f:
                    d7:b2:43:ef:28:95:b6:78:0e:75:7e:af:8a:9a:8b:
                    7f:7b:4c:59:53:a3:c1:2c:60:75:9b:ee:b9:d0:5a:
                    46:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:07:3D:0A:61:2F:66:C6:E1:15:F3:C8:8E:AA:39:8F:93:24:89:29
            X509v3 Authority Key Identifier:
                keyid:2E:EB:61:69:15:D6:E4:AD:39:43:4E:85:DA:0E:97:2B:0E:68:1D:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LuthaRXW5K05Q06F2g6XKw5oHXU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/451b53-4152-4ce3-ab98-ebef8597452d/1/vwc9CmEvZsbhFfPIjqo5j5MkiSk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/451b53-4152-4ce3-ab98-ebef8597452d/1/LuthaRXW5K05Q06F2g6XKw5oHXU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.57.213.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:5f:36:d9:57:3b:de:54:6a:96:f3:e5:7c:29:3b:72:3e:26:
         a2:95:fe:39:c1:31:84:8c:f8:b2:d7:2f:f3:90:37:09:4e:4a:
         1c:8f:99:8b:dd:91:11:5b:be:ec:3c:12:5c:fb:2d:aa:16:1c:
         cd:83:d3:05:8a:75:9d:d3:3f:60:9f:20:5f:30:8a:e6:20:2c:
         c6:7f:cb:92:35:e4:19:a9:7d:80:06:65:33:2c:f6:47:6c:fb:
         67:56:c9:78:6a:50:fe:3f:51:a8:3c:b6:ac:4c:89:c7:d0:17:
         92:9e:04:e8:46:08:e7:7a:db:29:37:1d:8c:01:61:7b:bc:a9:
         ab:1c:2b:39:40:7c:39:30:3f:0f:06:34:0b:d4:ee:44:88:dc:
         6d:fb:46:0e:07:0b:ac:a9:6e:8e:e6:07:96:cf:04:56:bf:bd:
         69:8f:ac:21:a2:31:a3:08:39:26:73:90:c9:a0:26:d8:52:77:
         9d:ac:d9:1b:c6:da:8b:17:45:4a:b6:aa:75:78:91:0c:f3:1f:
         6e:28:f7:73:26:10:95:96:c3:21:8f:89:08:1c:f4:ae:e7:97:
         0a:10:ff:17:6b:4a:69:04:46:01:b6:34:75:8d:ae:44:69:ab:
         5f:8b:1d:89:35:52:22:d4:01:bf:b5:8f:09:3f:1c:3f:2f:b7:
         e8:70:7d:c2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEATY3GjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZWViNjE2OTE1ZDZlNGFkMzk0MzRlODVkYTBlOTcyYjBlNjgxZDc1MB4XDTIyMDEw
MTExNTUwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmYwNzNkMGE2MTJm
NjZjNmUxMTVmM2M4OGVhYTM5OGY5MzI0ODkyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJFJjRP7M2a8eaKDhk2DkB5SJwHFTr9S2Oo9tWUF9nmV8TPI
iVM754M3nlQhk0A0BWFnCudK1rn/YfyPAA9g3DBXxOQPUIMUmtraikStZX4FNouM
BinNXEGM7xltgJHYw2mbmwruDOgKKIna/rA2lg85SDghXHkXARGXKEWF+nRGnbIK
LCYmLWpyariGhwXFDMBCQmFOas7H6OoyBAjUTF53ZejvIPT6q8o4JMoGWvp7xfOx
dlbbsuwEul2a0J3q0AJYf7Zp751IWfMdvGuSVSPtft1zzblWkZ0sMLsVJsOP17JD
7yiVtngOdX6vipqLf3tMWVOjwSxgdZvuudBaRssCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS/Bz0KYS9mxuEV88iOqjmPkySJKTAfBgNVHSMEGDAWgBQu62FpFdbkrTlD
ToXaDpcrDmgddTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0x1dGhhUlhXNUswNVEwNkYyZzZYS3c1b0hYVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjEvNDUxYjUzLTQxNTItNGNlMy1hYjk4LWViZWY4NTk3NDUyZC8x
L3Z3YzlDbUV2WnNiaEZmUElqcW81ajVNa2lTay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEv
NDUxYjUzLTQxNTItNGNlMy1hYjk4LWViZWY4NTk3NDUyZC8xL0x1dGhhUlhXNUsw
NVEwNkYyZzZYS3c1b0hYVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAU51TANBgkqhkiG9w0BAQsFAAOC
AQEAZ1822Vc73lRqlvPlfCk7cj4mopX+OcExhIz4stcv85A3CU5KHI+Zi92REVu+
7DwSXPstqhYczYPTBYp1ndM/YJ8gXzCK5iAsxn/LkjXkGal9gAZlMyz2R2z7Z1bJ
eGpQ/j9RqDy2rEyJx9AXkp4E6EYI53rbKTcdjAFhe7ypqxwrOUB8OTA/DwY0C9Tu
RIjcbftGDgcLrKlujuYHls8EVr+9aY+sIaIxowg5JnOQyaAm2FJ3nazZG8baixdF
SraqdXiRDPMfbij3cyYQlZbDIY+JCBz0rueXChD/F2tKaQRGAbY0dY2uRGmrX4sd
iTVSItQBv7WPCT8cPy+36HB9wg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:56:58 2023 by rpki-client on console-fra.rpki-client.org