Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/WrgaVWHueK2XlTw68o7-Pu6LWnY.roa
File:                     WrgaVWHueK2XlTw68o7-Pu6LWnY.roa (raw, json)
Hash identifier:          NeDcXq+fKJgGrAWgMtEGpuOywOgwiTjCUfexTIUybdY=
Subject key identifier:   5A:B8:1A:55:61:EE:78:AD:97:95:3C:3A:F2:8E:FE:3E:EE:8B:5A:76
Certificate issuer:       /CN=2a4472336c9d02a488cdd77534d65fb1465ec09a
Certificate serial:       01851A35DA9419BD8A882B2F986F743BC977
Authority key identifier: 2A:44:72:33:6C:9D:02:A4:88:CD:D7:75:34:D6:5F:B1:46:5E:C0:9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KkRyM2ydAqSIzdd1NNZfsUZewJo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/WrgaVWHueK2XlTw68o7-Pu6LWnY.roa
Signing time:             Fri 16 Dec 2022 09:13:35 +0000
ROA not before:           Fri 16 Dec 2022 09:13:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50837
IP address blocks:        91.92.71.0/24 maxlen: 24
                          2a01:9980::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:1a:35:da:94:19:bd:8a:88:2b:2f:98:6f:74:3b:c9:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a4472336c9d02a488cdd77534d65fb1465ec09a
        Validity
            Not Before: Dec 16 09:13:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5ab81a5561ee78ad97953c3af28efe3eee8b5a76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:6e:3f:e2:11:e1:ec:18:99:f5:59:a9:c6:77:
                    48:10:f8:14:8b:97:84:4d:0a:db:f6:4c:e4:38:22:
                    cc:b8:35:12:99:df:b2:06:63:02:73:a0:56:6d:65:
                    51:86:34:e9:d8:48:41:ff:68:d8:b8:b0:04:9f:81:
                    e0:a4:ad:c9:6a:5d:a1:fb:c7:e8:ab:f4:87:7d:14:
                    b8:af:8a:05:58:b7:8e:7a:34:cf:01:af:ae:73:1b:
                    73:9e:70:c0:d9:6f:85:75:47:b1:c1:5c:a6:52:79:
                    0f:fa:2e:1f:24:46:6e:5f:f4:0a:da:d8:aa:e7:87:
                    1f:94:3e:24:2b:10:73:e8:91:e8:81:1d:c4:5a:5e:
                    39:77:36:b1:44:fd:d8:65:66:8f:1a:d5:18:a8:b5:
                    af:bb:7a:4b:57:27:cb:d5:d0:71:83:5c:b4:80:14:
                    5d:38:30:67:c3:31:83:4c:9c:cd:d8:0e:02:ea:0c:
                    a1:5b:0e:64:c2:a0:6e:ae:57:9f:31:02:44:31:6a:
                    9c:f0:25:ee:df:eb:a0:06:93:e0:ef:1e:04:b4:54:
                    65:50:35:b6:20:a1:0c:37:07:04:f7:03:66:b6:4c:
                    49:10:3f:7d:68:29:e1:f8:ca:c6:66:ce:c1:2f:18:
                    df:51:8d:12:34:c2:55:61:89:30:02:cb:50:da:13:
                    b7:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:B8:1A:55:61:EE:78:AD:97:95:3C:3A:F2:8E:FE:3E:EE:8B:5A:76
            X509v3 Authority Key Identifier:
                keyid:2A:44:72:33:6C:9D:02:A4:88:CD:D7:75:34:D6:5F:B1:46:5E:C0:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KkRyM2ydAqSIzdd1NNZfsUZewJo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/WrgaVWHueK2XlTw68o7-Pu6LWnY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/KkRyM2ydAqSIzdd1NNZfsUZewJo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.92.71.0/24
                IPv6:
                  2a01:9980::/32

    Signature Algorithm: sha256WithRSAEncryption
         89:61:03:28:74:f0:59:62:29:d0:f8:34:2b:55:7b:68:0f:98:
         6e:54:11:f1:fd:a9:56:a3:9b:4b:bf:f0:ef:f3:fa:30:96:47:
         62:94:86:09:0a:96:ea:c8:c5:63:53:3d:4e:70:fa:d2:32:96:
         01:46:bb:b6:0f:13:1a:93:ea:d9:b3:23:ee:de:05:45:85:08:
         9b:23:52:2f:ce:2b:ed:f7:af:06:0a:cd:1b:30:1f:bb:3f:9f:
         c5:76:27:d9:f7:47:c2:32:14:af:0f:21:e2:4e:24:b4:02:ba:
         5d:23:4e:b9:a4:ce:a2:a8:a6:a0:2d:8d:4e:53:fa:74:bc:36:
         af:fb:79:9b:f1:2d:af:fc:53:a9:83:20:c6:14:a1:c9:67:8a:
         db:02:f5:81:58:07:18:80:ab:f4:6a:1b:32:ca:56:ea:5d:4a:
         d6:42:e9:65:7f:64:09:9a:f1:35:b0:5e:4f:ef:ee:17:f3:ee:
         17:c7:ab:97:49:61:d9:05:36:94:00:cb:98:5b:d3:48:cc:25:
         15:34:f2:16:03:53:45:ee:09:48:21:57:17:b8:73:50:fd:79:
         75:62:54:26:8a:ed:22:76:fc:11:10:3d:e9:8d:bc:35:61:95:
         cb:3e:4b:87:eb:17:07:43:54:27:ae:bd:cf:24:bc:4b:09:ef:
         d2:e0:54:d2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYUaNdqUGb2KiCsvmG90O8l3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNDQ3MjMzNmM5ZDAyYTQ4OGNkZDc3NTM0ZDY1ZmIxNDY1
ZWMwOWEwHhcNMjIxMjE2MDkxMzM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWI4MWE1NTYxZWU3OGFkOTc5NTNjM2FmMjhlZmUzZWVlOGI1YTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiW4/4hHh7BiZ9VmpxndIEPgUi5eE
TQrb9kzkOCLMuDUSmd+yBmMCc6BWbWVRhjTp2EhB/2jYuLAEn4HgpK3Jal2h+8fo
q/SHfRS4r4oFWLeOejTPAa+ucxtznnDA2W+FdUexwVymUnkP+i4fJEZuX/QK2tiq
54cflD4kKxBz6JHogR3EWl45dzaxRP3YZWaPGtUYqLWvu3pLVyfL1dBxg1y0gBRd
ODBnwzGDTJzN2A4C6gyhWw5kwqBurlefMQJEMWqc8CXu3+ugBpPg7x4EtFRlUDW2
IKEMNwcE9wNmtkxJED99aCnh+MrGZs7BLxjfUY0SNMJVYYkwAstQ2hO3eQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFq4GlVh7nitl5U8OvKO/j7ui1p2MB8GA1UdIwQY
MBaAFCpEcjNsnQKkiM3XdTTWX7FGXsCaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2tSeU0yeWRBcVNJemRkMU5OWmZzVVpld0pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wMWRiODItNDE3Mi00NDA1LWFiNTUt
MDA4NmQwMjM4NWQ2LzEvV3JnYVZXSHVlSzJYbFR3NjhvNy1QdTZMV25ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wMWRiODItNDE3Mi00NDA1LWFiNTUtMDA4NmQwMjM4NWQ2
LzEvS2tSeU0yeWRBcVNJemRkMU5OWmZzVVpld0pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW1xHMA0E
AgACMAcDBQAqAZmAMA0GCSqGSIb3DQEBCwUAA4IBAQCJYQModPBZYinQ+DQrVXto
D5huVBHx/alWo5tLv/Dv8/owlkdilIYJCpbqyMVjUz1OcPrSMpYBRru2DxMak+rZ
syPu3gVFhQibI1Ivzivt968GCs0bMB+7P5/FdifZ90fCMhSvDyHiTiS0ArpdI065
pM6iqKagLY1OU/p0vDav+3mb8S2v/FOpgyDGFKHJZ4rbAvWBWAcYgKv0ahsyylbq
XUrWQullf2QJmvE1sF5P7+4X8+4Xx6uXSWHZBTaUAMuYW9NIzCUVNPIWA1NF7glI
IVcXuHNQ/Xl1YlQmiu0idvwRED3pjbw1YZXLPkuH6xcHQ1Qnrr3PJLxLCe/S4FTS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:23 2024 by rpki-client on console-fra.rpki-client.org