Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/95ff8f-66bc-4b11-98f0-0ab21b2f2754/1/whYif5Qa4pUlImfox0hCxOVj20o.roa
File:                     whYif5Qa4pUlImfox0hCxOVj20o.roa (raw, json)
Hash identifier:          o7tzCH19HGpIAh60PcUFWfS8/jtFym2TgXqc28jt5CM=
Subject key identifier:   C2:16:22:7F:94:1A:E2:95:25:22:67:E8:C7:48:42:C4:E5:63:DB:4A
Certificate issuer:       /CN=597b44c4a7931c66a6ff9e92dbb32ca723d4ccf7
Certificate serial:       0B3E5EAE
Authority key identifier: 59:7B:44:C4:A7:93:1C:66:A6:FF:9E:92:DB:B3:2C:A7:23:D4:CC:F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WXtExKeTHGam_56S27MspyPUzPc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/95ff8f-66bc-4b11-98f0-0ab21b2f2754/1/whYif5Qa4pUlImfox0hCxOVj20o.roa
Signing time:             Sat 01 Jan 2022 13:03:52 +0000
ROA not before:           Sat 01 Jan 2022 13:03:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39743
IP address blocks:        5.254.28.0/24 maxlen: 24
                          5.254.49.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 188636846 (0xb3e5eae)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=597b44c4a7931c66a6ff9e92dbb32ca723d4ccf7
        Validity
            Not Before: Jan  1 13:03:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c216227f941ae295252267e8c74842c4e563db4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:c8:67:54:21:d9:19:22:de:2c:ff:91:8a:bf:
                    3c:cf:a7:8e:ad:90:20:97:6f:7a:f5:00:67:c4:23:
                    73:33:46:94:7b:b3:5f:93:66:6d:41:18:c6:45:99:
                    7a:88:b8:69:24:74:a2:55:b7:25:dc:20:ee:27:f1:
                    49:d7:bf:70:fb:c4:5c:f2:f2:71:62:6f:92:6f:79:
                    31:78:b8:a1:6b:a4:72:03:c4:74:2a:c6:14:35:8a:
                    35:e3:aa:ac:b8:88:99:3a:84:6c:a5:95:b1:5c:cb:
                    1e:2e:66:c2:e5:48:45:ba:11:90:1b:7a:4c:f8:80:
                    5b:b7:d9:50:e6:f3:6d:72:27:33:4a:93:a5:cd:bf:
                    cd:c3:24:a9:d9:81:07:33:cb:ce:22:f7:bc:65:51:
                    98:37:04:2b:6f:e6:6f:bf:bd:20:55:ca:77:6e:52:
                    9c:50:51:99:d5:f1:a0:bd:db:f1:97:07:55:54:1b:
                    f5:a0:89:f8:cb:4f:6b:10:34:b5:5d:17:cd:07:15:
                    02:d2:0f:87:1f:45:44:5f:93:11:a6:ce:60:57:71:
                    78:92:63:c2:4e:d4:f1:27:c4:90:ca:07:69:cc:70:
                    1f:99:77:46:a4:55:a7:24:9b:eb:02:6a:6c:72:c8:
                    ee:34:40:6c:d3:95:d1:d1:af:79:76:03:77:a7:9d:
                    e0:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:16:22:7F:94:1A:E2:95:25:22:67:E8:C7:48:42:C4:E5:63:DB:4A
            X509v3 Authority Key Identifier:
                keyid:59:7B:44:C4:A7:93:1C:66:A6:FF:9E:92:DB:B3:2C:A7:23:D4:CC:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WXtExKeTHGam_56S27MspyPUzPc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/95ff8f-66bc-4b11-98f0-0ab21b2f2754/1/whYif5Qa4pUlImfox0hCxOVj20o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/95ff8f-66bc-4b11-98f0-0ab21b2f2754/1/WXtExKeTHGam_56S27MspyPUzPc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.254.28.0/24
                  5.254.49.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:fb:db:20:9b:40:fc:75:58:c4:70:4e:71:2e:ee:5f:87:36:
         cb:e8:18:a7:9b:2d:02:7d:89:1c:cf:cf:c0:63:ab:69:20:00:
         b9:ec:46:89:e9:1e:c6:2a:e3:e9:e1:17:ab:4b:50:81:44:13:
         8c:7f:5b:fa:aa:9c:cf:df:b9:26:b3:90:ac:54:d7:34:10:bd:
         6e:8a:ca:ec:7e:59:56:3a:e2:6b:dd:8a:e3:35:df:45:74:97:
         e9:79:44:7d:8a:76:82:57:5d:de:b9:bd:93:02:a8:d1:61:4c:
         6d:cd:55:c6:93:35:6e:a3:1c:b4:79:9f:13:5b:30:f9:11:79:
         a0:d8:73:f8:75:7b:c8:0c:94:ba:e7:48:51:a6:7c:6f:e0:4a:
         f6:e9:c0:c8:02:72:0a:f9:98:14:17:d5:19:e5:cd:d6:64:a2:
         bb:00:d5:df:d6:ed:20:8e:c0:4e:6c:73:1b:b5:67:56:a8:b2:
         e0:eb:ff:34:72:c4:7c:15:aa:9c:41:01:b2:09:05:df:70:15:
         a5:05:26:d1:c2:db:20:44:bd:65:c7:c2:ac:0d:93:6c:23:c7:
         2d:f5:01:65:ab:cf:ce:81:76:e0:0c:6a:ad:7d:48:bb:c4:fa:
         a9:9e:2c:8c:36:9b:f2:24:90:a2:81:74:31:d0:0d:9d:c6:cf:
         85:04:4e:50
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECz5erjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
OTdiNDRjNGE3OTMxYzY2YTZmZjllOTJkYmIzMmNhNzIzZDRjY2Y3MB4XDTIyMDEw
MTEzMDM1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzIxNjIyN2Y5NDFh
ZTI5NTI1MjI2N2U4Yzc0ODQyYzRlNTYzZGI0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALrIZ1Qh2Rki3iz/kYq/PM+njq2QIJdvevUAZ8QjczNGlHuz
X5NmbUEYxkWZeoi4aSR0olW3Jdwg7ifxSde/cPvEXPLycWJvkm95MXi4oWukcgPE
dCrGFDWKNeOqrLiImTqEbKWVsVzLHi5mwuVIRboRkBt6TPiAW7fZUObzbXInM0qT
pc2/zcMkqdmBBzPLziL3vGVRmDcEK2/mb7+9IFXKd25SnFBRmdXxoL3b8ZcHVVQb
9aCJ+MtPaxA0tV0XzQcVAtIPhx9FRF+TEabOYFdxeJJjwk7U8SfEkMoHacxwH5l3
RqRVpySb6wJqbHLI7jRAbNOV0dGveXYDd6ed4N8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTCFiJ/lBrilSUiZ+jHSELE5WPbSjAfBgNVHSMEGDAWgBRZe0TEp5McZqb/
npLbsyynI9TM9zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dYdEV4S2VUSEdhbV81NlMyN01zcHlQVXpQYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2UvOTVmZjhmLTY2YmMtNGIxMS05OGYwLTBhYjIxYjJmMjc1NC8x
L3doWWlmNVFhNHBVbEltZm94MGhDeE9WajIwby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Uv
OTVmZjhmLTY2YmMtNGIxMS05OGYwLTBhYjIxYjJmMjc1NC8xL1dYdEV4S2VUSEdh
bV81NlMyN01zcHlQVXpQYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAAX+HAMEAAX+MTANBgkqhkiG9w0B
AQsFAAOCAQEAB/vbIJtA/HVYxHBOcS7uX4c2y+gYp5stAn2JHM/PwGOraSAAuexG
iekexirj6eEXq0tQgUQTjH9b+qqcz9+5JrOQrFTXNBC9borK7H5ZVjria92K4zXf
RXSX6XlEfYp2gldd3rm9kwKo0WFMbc1VxpM1bqMctHmfE1sw+RF5oNhz+HV7yAyU
uudIUaZ8b+BK9unAyAJyCvmYFBfVGeXN1mSiuwDV39btII7ATmxzG7VnVqiy4Ov/
NHLEfBWqnEEBsgkF33AVpQUm0cLbIES9ZcfCrA2TbCPHLfUBZavPzoF24AxqrX1I
u8T6qZ4sjDab8iSQooF0MdANncbPhQROUA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:01 2024 by rpki-client on console-ams.rpki-client.org