Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/WZ4ImXgrmPnZRA7TVXE215QzDd0.roa
File:                     WZ4ImXgrmPnZRA7TVXE215QzDd0.roa (raw, json)
Hash identifier:          eyr9/O40jlQZKeMOq6wqZXgmcoj8y/PrB1EDppMNy+8=
Subject key identifier:   59:9E:08:99:78:2B:98:F9:D9:44:0E:D3:55:71:36:D7:94:33:0D:DD
Certificate issuer:       /CN=5fbe65ae23f207fa695255f55a907ac1608be094
Certificate serial:       01820B160A0E889922290CFF215B6F8F1C6C
Authority key identifier: 5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/WZ4ImXgrmPnZRA7TVXE215QzDd0.roa
Signing time:             Sun 17 Jul 2022 07:36:09 +0000
ROA not before:           Sun 17 Jul 2022 07:36:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211183
IP address blocks:        79.133.181.0/24 maxlen: 24
                          185.240.103.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:0b:16:0a:0e:88:99:22:29:0c:ff:21:5b:6f:8f:1c:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5fbe65ae23f207fa695255f55a907ac1608be094
        Validity
            Not Before: Jul 17 07:36:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=599e0899782b98f9d9440ed3557136d794330ddd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:57:05:62:f8:2b:7d:80:8e:77:a1:23:d0:87:
                    c2:0a:8a:fb:22:c8:af:4c:9a:04:cb:94:6b:7f:29:
                    c2:26:70:83:ea:74:c3:a2:47:15:eb:24:f9:69:7f:
                    fe:1b:d7:dc:97:f7:32:26:a0:bf:be:a2:c8:88:9d:
                    7b:5d:78:0e:ec:1d:6c:19:52:a0:8f:a2:cd:24:e4:
                    8f:70:f6:d5:4e:62:58:8e:8a:98:ad:43:3d:93:d6:
                    57:17:66:3a:d6:72:bc:36:4c:dd:15:93:aa:36:73:
                    bd:d4:2d:ec:ba:ff:db:9a:05:9b:c5:a1:37:39:46:
                    a3:d1:c8:04:1a:3c:26:6b:85:da:07:f4:20:b6:c6:
                    25:1f:8c:0e:a4:73:fd:a1:ee:5a:5b:16:33:c2:73:
                    6b:70:1d:32:7f:39:0b:6a:2f:ea:6f:49:48:ab:98:
                    10:7f:c3:b9:c8:92:5d:f2:d5:73:af:5f:ae:86:b9:
                    ef:d7:e6:e2:e0:3e:e9:af:f0:f0:76:7d:80:97:17:
                    88:d7:91:1b:4c:36:78:3d:78:6c:09:84:3d:12:8b:
                    12:9c:b3:1a:80:d8:95:33:f3:df:be:e1:67:83:c7:
                    b9:59:56:26:29:64:63:24:7e:67:55:f5:26:8b:8e:
                    c9:91:14:68:8d:5b:3a:8c:40:a3:30:f4:9b:2c:2f:
                    90:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:9E:08:99:78:2B:98:F9:D9:44:0E:D3:55:71:36:D7:94:33:0D:DD
            X509v3 Authority Key Identifier:
                keyid:5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/WZ4ImXgrmPnZRA7TVXE215QzDd0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.133.181.0/24
                  185.240.103.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:77:c8:de:6b:f1:4c:b7:29:dc:2b:91:4f:9c:6d:ab:7c:5f:
         1a:63:0e:e9:1e:01:57:9a:48:d4:06:d9:f2:1b:90:ed:ea:dc:
         fb:01:e6:2d:fc:14:7f:91:e7:db:21:11:30:10:0b:16:4c:54:
         1e:9f:d9:3f:e2:f3:c2:10:65:c1:07:be:f9:52:6d:23:70:9b:
         71:37:65:d4:ff:fb:f8:f8:85:76:fb:32:cd:1c:f2:b9:ea:86:
         d6:e4:1d:0c:08:b9:44:16:7f:bc:90:5e:d7:00:85:3a:17:2e:
         fa:86:09:c2:e1:74:d0:c8:3d:17:56:61:2d:c2:80:55:de:3d:
         ed:2e:b4:6b:9c:db:38:73:37:c0:fc:8a:6f:04:32:7b:08:75:
         b1:8d:28:59:ac:fe:6d:51:0a:f3:18:bc:84:6d:82:69:cc:4a:
         a6:3a:39:0e:e5:02:69:9e:a4:d4:89:1c:3c:96:c5:2e:1e:d6:
         c9:96:bc:bb:10:e1:11:47:75:1d:62:ad:e7:ad:1d:7c:43:44:
         c3:5d:05:97:b8:c2:ec:84:a6:37:6e:10:5c:49:83:c9:63:df:
         7f:63:af:2c:30:40:9c:85:f5:4f:0c:71:1b:15:c5:eb:86:87:
         f1:f7:9a:43:b1:ac:88:00:31:1a:5b:38:53:13:75:d9:60:68:
         eb:92:1c:78
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYILFgoOiJkiKQz/IVtvjxxsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmU2NWFlMjNmMjA3ZmE2OTUyNTVmNTVhOTA3YWMxNjA4
YmUwOTQwHhcNMjIwNzE3MDczNjA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTllMDg5OTc4MmI5OGY5ZDk0NDBlZDM1NTcxMzZkNzk0MzMwZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlcFYvgrfYCOd6Ej0IfCCor7Isiv
TJoEy5RrfynCJnCD6nTDokcV6yT5aX/+G9fcl/cyJqC/vqLIiJ17XXgO7B1sGVKg
j6LNJOSPcPbVTmJYjoqYrUM9k9ZXF2Y61nK8NkzdFZOqNnO91C3suv/bmgWbxaE3
OUaj0cgEGjwma4XaB/QgtsYlH4wOpHP9oe5aWxYzwnNrcB0yfzkLai/qb0lIq5gQ
f8O5yJJd8tVzr1+uhrnv1+bi4D7pr/Dwdn2AlxeI15EbTDZ4PXhsCYQ9EosSnLMa
gNiVM/PfvuFng8e5WVYmKWRjJH5nVfUmi47JkRRojVs6jECjMPSbLC+Q6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFmeCJl4K5j52UQO01VxNteUMw3dMB8GA1UdIwQY
MBaAFF++Za4j8gf6aVJV9VqQesFgi+CUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUt
NDkyYWIzNzI2ODlkLzEvV1o0SW1YZ3JtUG5aUkE3VFZYRTIxNVF6RGQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUtNDkyYWIzNzI2ODlk
LzEvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAT4W1AwQA
ufBnMA0GCSqGSIb3DQEBCwUAA4IBAQCWd8jea/FMtyncK5FPnG2rfF8aYw7pHgFX
mkjUBtnyG5Dt6tz7AeYt/BR/kefbIREwEAsWTFQen9k/4vPCEGXBB775Um0jcJtx
N2XU//v4+IV2+zLNHPK56obW5B0MCLlEFn+8kF7XAIU6Fy76hgnC4XTQyD0XVmEt
woBV3j3tLrRrnNs4czfA/IpvBDJ7CHWxjShZrP5tUQrzGLyEbYJpzEqmOjkO5QJp
nqTUiRw8lsUuHtbJlry7EOERR3UdYq3nrR18Q0TDXQWXuMLshKY3bhBcSYPJY99/
Y68sMECchfVPDHEbFcXrhofx95pDsayIADEaWzhTE3XZYGjrkhx4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:02 2024 by rpki-client on console-ams.rpki-client.org