Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/932fb7-db05-409c-a16a-97a4283b6292/1/WFO5MvqEQnuQwRkP5LZwVOO0brs.roa
File:                     WFO5MvqEQnuQwRkP5LZwVOO0brs.roa (raw, json)
Hash identifier:          HD/gbPbb2ovAgPn1Xt0HPnT6DhgCk/yjYIZ+hjLTKQ4=
Subject key identifier:   58:53:B9:32:FA:84:42:7B:90:C1:19:0F:E4:B6:70:54:E3:B4:6E:BB
Certificate issuer:       /CN=52f629f34cd083bc68054069b1cc5ee7971f8bbb
Certificate serial:       0FF320DD
Authority key identifier: 52:F6:29:F3:4C:D0:83:BC:68:05:40:69:B1:CC:5E:E7:97:1F:8B:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UvYp80zQg7xoBUBpscxe55cfi7s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/932fb7-db05-409c-a16a-97a4283b6292/1/WFO5MvqEQnuQwRkP5LZwVOO0brs.roa
Signing time:             Sat 01 Jan 2022 12:55:35 +0000
ROA not before:           Sat 01 Jan 2022 12:55:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200432
IP address blocks:        185.107.63.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 267591901 (0xff320dd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52f629f34cd083bc68054069b1cc5ee7971f8bbb
        Validity
            Not Before: Jan  1 12:55:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5853b932fa84427b90c1190fe4b67054e3b46ebb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:e0:c0:a2:a3:d9:ae:1f:14:cb:79:1c:24:85:
                    84:a9:cd:9a:50:ee:72:b0:ab:9e:d7:ff:66:9d:3a:
                    78:c5:50:ce:1c:f7:92:a1:93:b9:6b:81:5f:e5:05:
                    a0:df:0e:b5:ed:df:3e:84:9d:21:7e:3d:97:d9:ea:
                    9f:56:b1:6e:db:28:6a:87:f1:2c:cc:9b:b7:fa:ac:
                    8c:9a:a7:32:41:14:96:98:09:2e:0d:69:ce:64:3c:
                    94:d4:b0:d8:aa:e7:cd:ac:d4:f7:0e:f0:7b:3a:19:
                    37:3d:b0:b1:4d:2e:87:b1:f3:f9:a8:c1:98:10:20:
                    55:8c:d1:af:cd:c0:9e:a3:d3:0d:d3:0c:c9:4b:01:
                    70:4e:2b:82:ba:0d:3c:f7:f6:b9:f8:70:d1:ff:e0:
                    04:fc:26:16:67:f1:cd:ad:44:a8:05:74:23:52:43:
                    a0:fe:a1:11:dc:5f:d8:86:21:62:bb:02:74:98:c1:
                    cb:64:0b:62:0b:21:4e:1c:7a:72:d9:4e:38:85:5d:
                    12:e4:a3:92:21:3f:af:db:a5:2c:35:81:04:96:f8:
                    f1:12:c9:66:e4:81:50:5c:16:ad:cf:c6:dd:bd:85:
                    ae:e7:9c:d0:f9:f1:7a:ec:04:35:96:9f:ff:70:4f:
                    47:6a:b8:f8:db:cb:15:1a:85:d6:8f:15:7a:c0:c0:
                    03:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:53:B9:32:FA:84:42:7B:90:C1:19:0F:E4:B6:70:54:E3:B4:6E:BB
            X509v3 Authority Key Identifier:
                keyid:52:F6:29:F3:4C:D0:83:BC:68:05:40:69:B1:CC:5E:E7:97:1F:8B:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UvYp80zQg7xoBUBpscxe55cfi7s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/932fb7-db05-409c-a16a-97a4283b6292/1/WFO5MvqEQnuQwRkP5LZwVOO0brs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/932fb7-db05-409c-a16a-97a4283b6292/1/UvYp80zQg7xoBUBpscxe55cfi7s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.107.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3a:83:c2:c2:34:60:61:64:48:a3:2b:63:9b:0a:ec:6d:54:79:
         1d:1a:25:6e:a2:cd:34:5d:41:eb:f7:f4:5a:23:58:66:b6:57:
         d4:87:1e:70:b1:b9:07:ae:b7:ed:18:5a:cf:b0:1b:80:71:89:
         69:58:96:64:e2:a5:a6:fb:14:b8:6f:ec:45:1d:61:d5:de:1c:
         ff:d8:02:a5:33:09:d6:88:78:d6:d7:66:1c:9b:0d:6d:90:b7:
         df:30:16:74:b2:00:f5:2b:80:0e:1b:b3:8c:21:7c:8a:c5:76:
         9e:6b:cb:fc:2f:b4:d6:60:39:80:71:e7:eb:b6:76:5e:3d:e9:
         b7:d3:cc:71:de:a1:60:33:e0:58:f3:86:9f:6c:bc:22:31:c2:
         10:92:85:ff:a3:d4:ca:f4:5c:68:37:03:b7:03:62:cb:f1:e6:
         82:20:94:f5:3c:41:f9:b1:f9:a0:0f:5e:ad:10:1e:3b:d1:cb:
         1f:c5:8f:c9:57:1a:53:fb:fc:ea:56:ec:3d:3c:b7:0b:e2:d4:
         cf:47:68:6f:80:d1:e2:b9:87:32:37:8b:77:b1:2e:5a:84:17:
         b9:cb:77:1b:47:45:ce:bd:21:1c:65:ed:7a:bc:59:0e:2d:4a:
         bd:4f:36:38:a8:01:0d:ed:14:e9:a7:f2:02:78:80:d4:fb:49:
         2a:a3:fa:30
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIED/Mg3TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MmY2MjlmMzRjZDA4M2JjNjgwNTQwNjliMWNjNWVlNzk3MWY4YmJiMB4XDTIyMDEw
MTEyNTUzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTg1M2I5MzJmYTg0
NDI3YjkwYzExOTBmZTRiNjcwNTRlM2I0NmViYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMfgwKKj2a4fFMt5HCSFhKnNmlDucrCrntf/Zp06eMVQzhz3
kqGTuWuBX+UFoN8Ote3fPoSdIX49l9nqn1axbtsoaofxLMybt/qsjJqnMkEUlpgJ
Lg1pzmQ8lNSw2KrnzazU9w7wezoZNz2wsU0uh7Hz+ajBmBAgVYzRr83AnqPTDdMM
yUsBcE4rgroNPPf2ufhw0f/gBPwmFmfxza1EqAV0I1JDoP6hEdxf2IYhYrsCdJjB
y2QLYgshThx6ctlOOIVdEuSjkiE/r9ulLDWBBJb48RLJZuSBUFwWrc/G3b2Fruec
0PnxeuwENZaf/3BPR2q4+NvLFRqF1o8VesDAA9cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRYU7ky+oRCe5DBGQ/ktnBU47RuuzAfBgNVHSMEGDAWgBRS9inzTNCDvGgF
QGmxzF7nlx+LuzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1V2WXA4MHpRZzd4b0JVQnBzY3hlNTVjZmk3cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWYvOTMyZmI3LWRiMDUtNDA5Yy1hMTZhLTk3YTQyODNiNjI5Mi8x
L1dGTzVNdnFFUW51UXdSa1A1TFp3Vk9PMGJycy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYv
OTMyZmI3LWRiMDUtNDA5Yy1hMTZhLTk3YTQyODNiNjI5Mi8xL1V2WXA4MHpRZzd4
b0JVQnBzY3hlNTVjZmk3cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlrPzANBgkqhkiG9w0BAQsFAAOC
AQEAOoPCwjRgYWRIoytjmwrsbVR5HRolbqLNNF1B6/f0WiNYZrZX1IcecLG5B663
7Rhaz7AbgHGJaViWZOKlpvsUuG/sRR1h1d4c/9gCpTMJ1oh41tdmHJsNbZC33zAW
dLIA9SuADhuzjCF8isV2nmvL/C+01mA5gHHn67Z2Xj3pt9PMcd6hYDPgWPOGn2y8
IjHCEJKF/6PUyvRcaDcDtwNiy/HmgiCU9TxB+bH5oA9erRAeO9HLH8WPyVcaU/v8
6lbsPTy3C+LUz0dob4DR4rmHMjeLd7EuWoQXuct3G0dFzr0hHGXterxZDi1KvU82
OKgBDe0U6afyAniA1PtJKqP6MA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:11 2024 by rpki-client on console-fra.rpki-client.org