Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/wgQDZ0hMX5gKXnM5dyqrG5dUYHQ.roa
File:                     wgQDZ0hMX5gKXnM5dyqrG5dUYHQ.roa (raw, json)
Hash identifier:          oTRb80uKjB1q9YPHrL190yy+e7XQrBTZAAG7b3XDANg=
Subject key identifier:   C2:04:03:67:48:4C:5F:98:0A:5E:73:39:77:2A:AB:1B:97:54:60:74
Certificate issuer:       /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial:       01835563D98E95B16C78BABCB283329B96A5
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/wgQDZ0hMX5gKXnM5dyqrG5dUYHQ.roa
Signing time:             Mon 19 Sep 2022 10:55:50 +0000
ROA not before:           Mon 19 Sep 2022 10:55:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42675
IP address blocks:        194.32.147.0/24 maxlen: 24
                          194.32.146.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:55:63:d9:8e:95:b1:6c:78:ba:bc:b2:83:32:9b:96:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
        Validity
            Not Before: Sep 19 10:55:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c2040367484c5f980a5e7339772aab1b97546074
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:3f:2d:ca:25:56:2c:c4:d2:b3:2f:58:8e:73:
                    2d:d5:b3:63:34:52:da:3e:30:87:5c:53:0f:45:13:
                    31:37:2a:b4:ef:e3:0f:a3:c0:e5:9e:62:62:e7:61:
                    c7:2a:52:71:ad:17:6e:a5:0a:a3:79:16:ea:c0:64:
                    28:43:0e:45:1c:ab:2c:41:c2:1a:8a:ad:7d:82:83:
                    b1:48:2b:ad:4b:df:9d:f9:c0:fc:4e:64:a9:1f:5e:
                    d9:23:44:d0:ce:54:d4:8b:a8:55:a2:28:84:46:9e:
                    90:9f:c8:76:a8:d2:5f:9a:eb:7d:3b:d3:3a:21:d4:
                    df:10:27:54:d7:ae:84:3f:cd:25:4c:4f:1f:ed:d5:
                    04:c4:99:d6:8f:d5:7d:fd:da:20:a9:34:85:30:b5:
                    74:7a:15:6b:d3:1b:7e:dc:db:81:42:c7:51:f2:95:
                    87:78:14:0c:9a:f7:84:e4:a3:91:e9:2c:6a:79:f0:
                    ef:d2:c8:15:b1:78:98:0b:44:0b:2a:92:a4:41:e1:
                    6c:69:60:b2:72:0f:dd:5e:d2:b0:a6:32:13:65:bf:
                    16:19:8f:bc:92:28:37:1a:fd:17:36:a1:af:fb:3b:
                    37:bf:08:39:73:84:8e:e4:7c:d5:d2:25:8e:07:f5:
                    5c:48:34:ef:52:35:a2:2a:b6:6c:38:6e:81:fb:ed:
                    ff:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:04:03:67:48:4C:5F:98:0A:5E:73:39:77:2A:AB:1B:97:54:60:74
            X509v3 Authority Key Identifier:
                keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/wgQDZ0hMX5gKXnM5dyqrG5dUYHQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.32.146.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8d:e1:d6:3b:14:b1:c2:2b:6a:1a:d9:fc:b3:89:2e:bb:d0:77:
         78:d8:00:69:06:5b:ef:96:a2:d6:f7:a9:1d:4f:d2:47:b0:1a:
         cf:ef:75:ed:a4:32:38:63:6d:7b:4b:c4:52:e6:3d:1f:34:e0:
         69:3b:fe:d5:06:20:34:43:14:8e:6e:52:e7:9e:38:ba:9f:b1:
         c6:6c:4c:12:9f:6f:83:86:18:09:37:f8:f9:e1:46:7b:e0:5c:
         cf:b5:9e:4b:a8:fe:50:cd:cf:fc:79:73:27:d8:5d:b6:fc:54:
         b3:a8:c2:ad:c9:12:89:ea:25:1f:23:40:6b:23:10:5f:55:70:
         c2:a5:59:09:cd:90:7b:9f:22:60:22:f5:ce:7b:ee:97:94:fa:
         6a:6c:2d:c3:c9:7e:95:7a:a2:45:be:7d:cd:f7:2f:bf:14:41:
         52:fc:dd:4e:b2:8a:97:0d:6c:78:f4:3a:43:44:80:84:a4:fb:
         15:74:58:4d:4f:b0:c6:96:02:b2:24:c6:fb:f2:a0:99:d8:71:
         e0:e3:9e:01:fc:ba:f5:50:9b:f2:75:7c:38:16:10:a1:7d:62:
         6d:19:cb:d8:3b:49:00:c3:03:c9:67:ed:85:5e:21:aa:85:b7:
         a8:bc:eb:f5:f7:63:91:d7:fd:e5:0e:72:cb:7e:17:d8:60:73:
         17:ba:fb:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNVY9mOlbFseLq8soMym5alMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjIwOTE5MTA1NTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjA0MDM2NzQ4NGM1Zjk4MGE1ZTczMzk3NzJhYWIxYjk3NTQ2MDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkj8tyiVWLMTSsy9YjnMt1bNjNFLa
PjCHXFMPRRMxNyq07+MPo8DlnmJi52HHKlJxrRdupQqjeRbqwGQoQw5FHKssQcIa
iq19goOxSCutS9+d+cD8TmSpH17ZI0TQzlTUi6hVoiiERp6Qn8h2qNJfmut9O9M6
IdTfECdU166EP80lTE8f7dUExJnWj9V9/dogqTSFMLV0ehVr0xt+3NuBQsdR8pWH
eBQMmveE5KOR6SxqefDv0sgVsXiYC0QLKpKkQeFsaWCycg/dXtKwpjITZb8WGY+8
kig3Gv0XNqGv+zs3vwg5c4SO5HzV0iWOB/VcSDTvUjWiKrZsOG6B++3/FwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMIEA2dITF+YCl5zOXcqqxuXVGB0MB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvd2dRRFowaE1YNWdLWG5NNWR5cXJHNWRVWUhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwiCSMA0G
CSqGSIb3DQEBCwUAA4IBAQCN4dY7FLHCK2oa2fyziS670Hd42ABpBlvvlqLW96kd
T9JHsBrP73XtpDI4Y217S8RS5j0fNOBpO/7VBiA0QxSOblLnnji6n7HGbEwSn2+D
hhgJN/j54UZ74FzPtZ5LqP5Qzc/8eXMn2F22/FSzqMKtyRKJ6iUfI0BrIxBfVXDC
pVkJzZB7nyJgIvXOe+6XlPpqbC3DyX6VeqJFvn3N9y+/FEFS/N1OsoqXDWx49DpD
RICEpPsVdFhNT7DGlgKyJMb78qCZ2HHg454B/Lr1UJvydXw4FhChfWJtGcvYO0kA
wwPJZ+2FXiGqhbeovOv192OR1/3lDnLLfhfYYHMXuvs/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:21 2024 by rpki-client on console-fra.rpki-client.org