Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/WrAqyvmK4qnf47qBI417TyWH_TI.roa
File:                     WrAqyvmK4qnf47qBI417TyWH_TI.roa (raw, json)
Hash identifier:          L0runiI885oz92AYkUYbZjlwnUsYdrLngKIDWMYzZmo=
Subject key identifier:   5A:B0:2A:CA:F9:8A:E2:A9:DF:E3:BA:81:23:8D:7B:4F:25:87:FD:32
Certificate issuer:       /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial:       0DE343AB
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/WrAqyvmK4qnf47qBI417TyWH_TI.roa
Signing time:             Sat 01 Jan 2022 10:54:07 +0000
ROA not before:           Sat 01 Jan 2022 10:54:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        168.199.128.0/17 maxlen: 24
                          168.199.64.0/19 maxlen: 24
                          185.170.68.0/22 maxlen: 24
                          185.171.252.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 232997803 (0xde343ab)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
        Validity
            Not Before: Jan  1 10:54:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5ab02acaf98ae2a9dfe3ba81238d7b4f2587fd32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:92:85:d6:5f:37:96:f4:16:55:80:e6:91:10:
                    14:6c:25:c5:76:42:47:67:12:f4:c2:16:f6:3a:20:
                    06:a5:e9:ad:86:da:1b:97:60:b2:56:b6:33:18:3f:
                    1f:29:ba:78:9d:d9:46:51:e0:79:fa:32:5e:97:98:
                    f0:0d:ce:6c:ab:23:ee:48:4d:04:3b:bc:67:f4:02:
                    42:26:d5:c3:4f:a2:b6:90:f8:dd:04:a9:d2:42:db:
                    5e:44:3a:3c:b4:c0:07:2a:e9:d0:3f:71:71:d2:29:
                    2f:ac:aa:44:39:6f:61:54:00:f7:67:e2:0e:69:73:
                    9c:3e:ab:e5:16:e9:30:e5:09:e9:f4:9a:7d:bb:7c:
                    04:fb:ff:ef:92:91:79:59:5f:68:52:e1:21:f5:19:
                    76:ed:66:6a:09:bd:32:35:32:0b:68:d5:5b:e0:ee:
                    3b:6a:79:d0:47:cd:c9:2e:fd:c0:87:1c:c4:2b:12:
                    c6:30:ef:2d:3d:23:e5:e8:4c:cb:2f:29:15:30:37:
                    ab:0d:1a:5b:b4:94:d6:30:ab:a6:7b:4c:5d:e6:55:
                    b8:ee:01:af:92:65:83:df:62:1a:75:7c:5a:c1:1d:
                    25:78:78:01:8c:9f:84:af:e4:a4:0a:e8:25:f9:3f:
                    c3:f1:ad:14:d1:f1:ce:78:df:1c:b0:ea:ff:f4:9d:
                    09:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:B0:2A:CA:F9:8A:E2:A9:DF:E3:BA:81:23:8D:7B:4F:25:87:FD:32
            X509v3 Authority Key Identifier:
                keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/WrAqyvmK4qnf47qBI417TyWH_TI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.199.64.0/19
                  168.199.128.0/17
                  185.170.68.0/22
                  185.171.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         36:23:53:bb:21:b7:5b:6e:0c:c6:9d:db:5b:c1:85:9f:33:7a:
         d1:ea:3f:d3:01:ad:95:d6:9e:d9:50:74:c7:54:87:b1:bf:9b:
         26:a8:02:1a:3c:23:22:25:84:35:26:c2:44:99:79:e4:5d:43:
         6c:5c:b3:f2:d8:d5:41:76:d7:fc:20:61:83:4a:8a:2b:04:4a:
         dd:18:98:1b:b6:76:85:a9:c5:83:cd:32:e2:b0:27:73:04:88:
         d4:6f:49:06:09:df:e9:bf:23:0c:ff:07:c9:93:ed:bc:74:92:
         dc:13:e3:ec:33:03:56:61:e4:f4:24:60:ff:33:88:f7:97:df:
         b1:2d:6d:50:a6:e7:4a:92:a0:da:89:af:4c:da:0d:58:e5:c7:
         bb:78:45:f6:32:d0:67:b8:99:0c:79:1e:da:e6:28:14:84:88:
         aa:98:37:15:61:e2:36:b4:25:97:37:8e:42:ba:74:ef:e0:d8:
         d4:bf:89:12:c3:d9:79:13:44:b1:c1:33:07:0f:62:d1:8c:5e:
         9e:b3:79:17:c9:1f:65:c5:aa:d2:7a:0c:15:e0:75:22:c1:82:
         7d:20:34:13:6a:6b:a8:5a:d8:98:96:bf:43:a5:56:51:f6:1c:
         5a:20:98:2a:55:c3:16:52:0f:7b:05:0b:e8:e7:ed:41:b2:e4:
         01:9e:b7:fc
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEDeNDqzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MjY2MDViNGQyN2YxMzk2OGU4Nzk0ZTZlZjA5MTIyMzc0ODgxN2Q4MB4XDTIyMDEw
MTEwNTQwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWFiMDJhY2FmOThh
ZTJhOWRmZTNiYTgxMjM4ZDdiNGYyNTg3ZmQzMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALmShdZfN5b0FlWA5pEQFGwlxXZCR2cS9MIW9jogBqXprYba
G5dgsla2Mxg/Hym6eJ3ZRlHgefoyXpeY8A3ObKsj7khNBDu8Z/QCQibVw0+itpD4
3QSp0kLbXkQ6PLTAByrp0D9xcdIpL6yqRDlvYVQA92fiDmlznD6r5RbpMOUJ6fSa
fbt8BPv/75KReVlfaFLhIfUZdu1magm9MjUyC2jVW+DuO2p50EfNyS79wIccxCsS
xjDvLT0j5ehMyy8pFTA3qw0aW7SU1jCrpntMXeZVuO4Br5Jlg99iGnV8WsEdJXh4
AYyfhK/kpAroJfk/w/GtFNHxznjfHLDq//SdCQUCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRasCrK+Yriqd/juoEjjXtPJYf9MjAfBgNVHSMEGDAWgBSCZgW00n8Tlo6H
lObvCRIjdIgX2DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dtWUZ0TkpfRTVhT2g1VG03d2tTSTNTSUY5Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvZmJjYzMyLTMzYzgtNDFmZi04OWZhLTJkMTkxOGJhMWMwZS8x
L1dyQXF5dm1LNHFuZjQ3cUJJNDE3VHlXSF9USS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
ZmJjYzMyLTMzYzgtNDFmZi04OWZhLTJkMTkxOGJhMWMwZS8xL2dtWUZ0TkpfRTVh
T2g1VG03d2tTSTNTSUY5Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEBajHQAMEB6jHgAMEArmqRAMEArmr
/DANBgkqhkiG9w0BAQsFAAOCAQEANiNTuyG3W24Mxp3bW8GFnzN60eo/0wGtldae
2VB0x1SHsb+bJqgCGjwjIiWENSbCRJl55F1DbFyz8tjVQXbX/CBhg0qKKwRK3RiY
G7Z2hanFg80y4rAncwSI1G9JBgnf6b8jDP8HyZPtvHSS3BPj7DMDVmHk9CRg/zOI
95ffsS1tUKbnSpKg2omvTNoNWOXHu3hF9jLQZ7iZDHke2uYoFISIqpg3FWHiNrQl
lzeOQrp07+DY1L+JEsPZeRNEscEzBw9i0YxenrN5F8kfZcWq0noMFeB1IsGCfSA0
E2prqFrYmJa/Q6VWUfYcWiCYKlXDFlIPewUL6OftQbLkAZ63/A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:50 2024 by rpki-client on console-fra.rpki-client.org