Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/4f8c2d-ec40-4d3c-8426-b75ef563720c/1/wjQjSnQlf-6SQUJrOrb2udTpw1E.roa
File:                     wjQjSnQlf-6SQUJrOrb2udTpw1E.roa (raw, json)
Hash identifier:          LXYgZX9Sz1IcutsYsyGrb8FaCyIXD9CbOHIOHMv8Pdo=
Subject key identifier:   C2:34:23:4A:74:25:7F:EE:92:41:42:6B:3A:B6:F6:B9:D4:E9:C3:51
Certificate issuer:       /CN=9937c7f55b8cf0e74a5de090329ad9b728c6ad77
Certificate serial:       0954F3E6
Authority key identifier: 99:37:C7:F5:5B:8C:F0:E7:4A:5D:E0:90:32:9A:D9:B7:28:C6:AD:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mTfH9VuM8OdKXeCQMprZtyjGrXc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/4f8c2d-ec40-4d3c-8426-b75ef563720c/1/wjQjSnQlf-6SQUJrOrb2udTpw1E.roa
Signing time:             Sat 01 Jan 2022 06:56:33 +0000
ROA not before:           Sat 01 Jan 2022 06:56:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206324
IP address blocks:        185.189.144.0/22 maxlen: 23
                          2a0b:ed80::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 156562406 (0x954f3e6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9937c7f55b8cf0e74a5de090329ad9b728c6ad77
        Validity
            Not Before: Jan  1 06:56:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c234234a74257fee9241426b3ab6f6b9d4e9c351
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:29:86:b7:7a:42:8f:bf:fd:09:12:b9:13:10:
                    3b:d6:8d:cd:88:4c:15:c8:1a:ad:91:2c:d5:c9:61:
                    26:bf:69:c7:85:61:e0:17:56:fa:ef:a7:bc:09:e4:
                    76:14:59:71:05:e0:d5:68:bc:b2:27:4e:58:68:17:
                    ef:0a:26:88:f0:09:46:95:7f:34:6a:04:50:bc:e6:
                    d4:15:bb:06:54:4f:8b:2a:96:da:ff:f2:82:79:fa:
                    2d:eb:5b:62:80:3c:e8:8a:f4:8f:83:4a:84:7a:53:
                    90:9c:8f:09:3f:1c:0b:a8:ba:34:91:45:ac:07:ca:
                    82:d6:23:59:6a:d8:76:f0:27:9c:2e:63:60:09:ba:
                    fc:27:2e:09:ae:75:f5:a7:c3:cb:89:46:f5:e6:73:
                    dc:e0:d8:f9:c0:41:dd:c2:17:05:78:97:fb:f6:6a:
                    e0:21:2f:3a:4b:04:03:6f:6f:0b:0c:0a:db:cc:6a:
                    14:09:aa:49:9c:60:8a:9a:52:c6:fd:2d:be:2e:ad:
                    bf:7a:51:e1:95:bb:0a:44:1f:8c:98:50:0f:ee:06:
                    25:a8:08:15:6b:9b:f8:30:47:a4:b8:1d:fe:68:d1:
                    33:7a:ea:45:c1:b0:9a:57:69:05:bc:aa:2a:c2:8f:
                    06:dc:f1:b6:cc:46:dc:68:0b:54:1f:68:44:92:bf:
                    4f:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:34:23:4A:74:25:7F:EE:92:41:42:6B:3A:B6:F6:B9:D4:E9:C3:51
            X509v3 Authority Key Identifier:
                keyid:99:37:C7:F5:5B:8C:F0:E7:4A:5D:E0:90:32:9A:D9:B7:28:C6:AD:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mTfH9VuM8OdKXeCQMprZtyjGrXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4f8c2d-ec40-4d3c-8426-b75ef563720c/1/wjQjSnQlf-6SQUJrOrb2udTpw1E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4f8c2d-ec40-4d3c-8426-b75ef563720c/1/mTfH9VuM8OdKXeCQMprZtyjGrXc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.189.144.0/22
                IPv6:
                  2a0b:ed80::/29

    Signature Algorithm: sha256WithRSAEncryption
         34:93:6f:32:16:67:5c:05:63:b9:f5:b5:35:95:49:bc:80:10:
         57:ca:a0:74:0d:10:f2:0a:e4:34:d7:02:e8:9a:fa:27:3f:04:
         b2:ef:f9:4f:da:5d:63:ce:75:8e:8d:1b:f3:c1:0c:1f:b6:e1:
         74:2a:46:8a:78:3c:cb:69:07:8c:e1:8e:cd:56:68:b8:f6:8c:
         1a:6d:4e:e7:2f:8c:f5:6f:28:f1:34:70:d7:ff:c2:47:42:01:
         79:e8:47:98:d0:42:4c:a6:d1:e4:66:09:15:56:1c:b6:e7:12:
         36:78:e0:8a:25:71:67:31:d2:c5:08:9b:54:e3:51:90:bc:28:
         48:3c:2d:58:bf:75:ce:98:0a:6d:ed:f7:86:ab:23:51:19:e8:
         82:93:82:67:0f:3a:67:ca:fc:f4:8c:c8:3e:4e:8e:1c:45:57:
         62:3f:94:20:21:45:7b:af:18:a9:03:58:04:27:d8:3a:aa:c5:
         11:37:7d:f6:ad:5b:cc:51:7e:a8:4f:6b:b7:88:ff:33:e6:f4:
         28:a0:7a:0e:00:e0:88:98:0f:59:7a:0d:58:7a:55:b4:1c:ea:
         e6:36:7a:3b:76:b5:d4:8e:1e:10:20:8f:be:da:dc:ce:16:74:
         bd:72:48:2a:98:64:dc:18:54:07:7a:61:88:1e:91:8d:8f:13:
         cf:ac:09:40
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECVTz5jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OTM3YzdmNTViOGNmMGU3NGE1ZGUwOTAzMjlhZDliNzI4YzZhZDc3MB4XDTIyMDEw
MTA2NTYzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzIzNDIzNGE3NDI1
N2ZlZTkyNDE0MjZiM2FiNmY2YjlkNGU5YzM1MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALcphrd6Qo+//QkSuRMQO9aNzYhMFcgarZEs1clhJr9px4Vh
4BdW+u+nvAnkdhRZcQXg1Wi8sidOWGgX7womiPAJRpV/NGoEULzm1BW7BlRPiyqW
2v/ygnn6LetbYoA86Ir0j4NKhHpTkJyPCT8cC6i6NJFFrAfKgtYjWWrYdvAnnC5j
YAm6/CcuCa519afDy4lG9eZz3ODY+cBB3cIXBXiX+/Zq4CEvOksEA29vCwwK28xq
FAmqSZxgippSxv0tvi6tv3pR4ZW7CkQfjJhQD+4GJagIFWub+DBHpLgd/mjRM3rq
RcGwmldpBbyqKsKPBtzxtsxG3GgLVB9oRJK/T/0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTCNCNKdCV/7pJBQms6tva51OnDUTAfBgNVHSMEGDAWgBSZN8f1W4zw50pd
4JAymtm3KMatdzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21UZkg5VnVNOE9kS1hlQ1FNcHJadHlqR3JYYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTkvNGY4YzJkLWVjNDAtNGQzYy04NDI2LWI3NWVmNTYzNzIwYy8x
L3dqUWpTblFsZi02U1FVSnJPcmIydWRUcHcxRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkv
NGY4YzJkLWVjNDAtNGQzYy04NDI2LWI3NWVmNTYzNzIwYy8xL21UZkg5VnVNOE9k
S1hlQ1FNcHJadHlqR3JYYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArm9kDANBAIAAjAHAwUDKgvtgDAN
BgkqhkiG9w0BAQsFAAOCAQEANJNvMhZnXAVjufW1NZVJvIAQV8qgdA0Q8grkNNcC
6Jr6Jz8Esu/5T9pdY851jo0b88EMH7bhdCpGing8y2kHjOGOzVZouPaMGm1O5y+M
9W8o8TRw1//CR0IBeehHmNBCTKbR5GYJFVYctucSNnjgiiVxZzHSxQibVONRkLwo
SDwtWL91zpgKbe33hqsjURnogpOCZw86Z8r89IzIPk6OHEVXYj+UICFFe68YqQNY
BCfYOqrFETd99q1bzFF+qE9rt4j/M+b0KKB6DgDgiJgPWXoNWHpVtBzq5jZ6O3a1
1I4eECCPvtrczhZ0vXJIKphk3BhUB3phiB6RjY8Tz6wJQA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:21 2024 by rpki-client on console-fra.rpki-client.org