Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/5_Wkt5al_jF3bhsV2yFA_e01IX4.roa
File:                     5_Wkt5al_jF3bhsV2yFA_e01IX4.roa (raw, json)
Hash identifier:          SkuTW1cXRxuC0sI4IaiGS05Tnp8Mxwfv3hIMbrAz9Q0=
Subject key identifier:   E7:F5:A4:B7:96:A5:FE:31:77:6E:1B:15:DB:21:40:FD:ED:35:21:7E
Certificate issuer:       /CN=5794afdb5e6a1885780920a54ffa82408ea85ba1
Certificate serial:       018460F2EF95C566EAD8799818D0AEA01EC8
Authority key identifier: 57:94:AF:DB:5E:6A:18:85:78:09:20:A5:4F:FA:82:40:8E:A8:5B:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V5Sv215qGIV4CSClT_qCQI6oW6E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/5_Wkt5al_jF3bhsV2yFA_e01IX4.roa
Signing time:             Thu 10 Nov 2022 09:50:44 +0000
ROA not before:           Thu 10 Nov 2022 09:50:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     397071
IP address blocks:        178.236.234.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:60:f2:ef:95:c5:66:ea:d8:79:98:18:d0:ae:a0:1e:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5794afdb5e6a1885780920a54ffa82408ea85ba1
        Validity
            Not Before: Nov 10 09:50:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e7f5a4b796a5fe31776e1b15db2140fded35217e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:03:92:42:c3:14:50:e7:72:0c:37:e8:70:21:
                    ba:7d:e9:a4:2e:45:05:a0:77:88:ee:80:e5:ad:2b:
                    bb:84:5e:f9:bb:12:00:07:79:6e:8d:86:15:78:e8:
                    43:d4:5a:4b:aa:25:90:ff:ec:49:bf:47:df:09:71:
                    4e:8f:6d:59:93:1e:9c:96:47:75:63:7a:89:50:7a:
                    80:29:6c:e1:89:5c:a8:28:76:bd:14:d2:e1:64:56:
                    20:2f:2c:5f:ad:79:b5:76:14:b0:83:81:23:87:89:
                    b9:f4:66:a4:d9:58:13:e2:26:5f:32:ab:a3:f1:5d:
                    85:15:f8:28:a5:cf:da:d4:92:45:e3:93:73:e1:91:
                    17:ab:a1:9d:78:8e:f7:95:e6:e7:e1:bb:ec:f3:f4:
                    8b:0e:54:21:0d:f9:45:b9:9c:22:43:84:e0:49:8f:
                    9c:40:4e:1e:5e:8e:2c:37:2c:fe:b5:93:55:4d:8c:
                    fe:3a:bf:5a:a8:1b:bd:67:9d:2a:8d:04:83:0f:cc:
                    b6:c8:95:85:78:87:c4:a0:0f:2a:9c:67:4b:38:c2:
                    5a:d7:9c:18:b9:71:ff:7a:a9:7d:fa:c4:a5:d4:f7:
                    b9:e4:1b:6e:7f:4e:e2:bf:3d:7b:cf:7b:b9:8b:0f:
                    62:9f:1c:a8:64:02:ab:28:21:c7:22:c9:00:f8:90:
                    4e:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:F5:A4:B7:96:A5:FE:31:77:6E:1B:15:DB:21:40:FD:ED:35:21:7E
            X509v3 Authority Key Identifier:
                keyid:57:94:AF:DB:5E:6A:18:85:78:09:20:A5:4F:FA:82:40:8E:A8:5B:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5Sv215qGIV4CSClT_qCQI6oW6E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/5_Wkt5al_jF3bhsV2yFA_e01IX4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/V5Sv215qGIV4CSClT_qCQI6oW6E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.236.234.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:06:2d:53:eb:fe:23:60:4b:d1:38:3a:9c:1f:18:5f:70:1b:
         d2:a3:03:87:c7:51:4b:ad:6c:c0:9f:b3:4c:36:d6:c8:ec:30:
         09:51:68:6c:c9:c7:84:e6:da:09:71:d8:97:a3:31:5f:31:82:
         8b:89:a0:08:5d:a1:60:cf:db:5a:81:79:d4:37:e8:9c:65:e9:
         61:fe:e1:df:45:3a:f7:d6:ef:6d:84:fe:17:0a:8a:f3:3a:76:
         5f:1f:25:6b:78:4b:0f:df:75:ed:15:71:f9:06:28:2e:b5:d2:
         27:8e:61:e0:8b:b5:ae:a7:b6:26:09:7b:0d:a6:ee:f4:1d:1e:
         8e:5d:0c:6c:a3:64:60:7e:9c:9e:bd:a8:ed:6b:28:7d:d9:21:
         56:07:fc:bb:dc:b4:f1:7a:ce:21:79:7f:6d:54:cb:37:7f:79:
         aa:6a:49:66:15:93:11:e0:ae:d2:dd:40:3a:bc:3b:e1:3b:3c:
         5a:dc:fc:64:4f:ac:70:c2:5c:a3:0f:55:f5:38:41:0b:19:6b:
         ed:c5:36:18:27:17:0c:5e:1f:b4:a5:eb:af:66:78:6f:21:85:
         d4:af:2b:42:7a:9a:36:3c:99:14:52:68:eb:88:83:e3:88:d2:
         2a:63:76:fa:c6:fd:63:3e:c0:9a:4e:3d:a1:19:65:00:29:c5:
         8b:07:bb:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRg8u+VxWbq2HmYGNCuoB7IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OTRhZmRiNWU2YTE4ODU3ODA5MjBhNTRmZmE4MjQwOGVh
ODViYTEwHhcNMjIxMTEwMDk1MDQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2Y1YTRiNzk2YTVmZTMxNzc2ZTFiMTVkYjIxNDBmZGVkMzUyMTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQOSQsMUUOdyDDfocCG6femkLkUF
oHeI7oDlrSu7hF75uxIAB3lujYYVeOhD1FpLqiWQ/+xJv0ffCXFOj21Zkx6clkd1
Y3qJUHqAKWzhiVyoKHa9FNLhZFYgLyxfrXm1dhSwg4Ejh4m59Gak2VgT4iZfMquj
8V2FFfgopc/a1JJF45Nz4ZEXq6GdeI73lebn4bvs8/SLDlQhDflFuZwiQ4TgSY+c
QE4eXo4sNyz+tZNVTYz+Or9aqBu9Z50qjQSDD8y2yJWFeIfEoA8qnGdLOMJa15wY
uXH/eql9+sSl1Pe55Btuf07ivz17z3u5iw9inxyoZAKrKCHHIskA+JBOWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOf1pLeWpf4xd24bFdshQP3tNSF+MB8GA1UdIwQY
MBaAFFeUr9teahiFeAkgpU/6gkCOqFuhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjVTdjIxNXFHSVY0Q1NDbFRfcUNRSTZvVzZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9kZGNlNGQtOTkxMi00ODdkLWI1NWQt
NDdkODJhNDFhOGYzLzEvNV9Xa3Q1YWxfakYzYmhzVjJ5RkFfZTAxSVg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9kZGNlNGQtOTkxMi00ODdkLWI1NWQtNDdkODJhNDFhOGYz
LzEvVjVTdjIxNXFHSVY0Q1NDbFRfcUNRSTZvVzZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsuzqMA0G
CSqGSIb3DQEBCwUAA4IBAQA5Bi1T6/4jYEvRODqcHxhfcBvSowOHx1FLrWzAn7NM
NtbI7DAJUWhsyceE5toJcdiXozFfMYKLiaAIXaFgz9tagXnUN+icZelh/uHfRTr3
1u9thP4XCorzOnZfHyVreEsP33XtFXH5BigutdInjmHgi7Wup7YmCXsNpu70HR6O
XQxso2Rgfpyevajtayh92SFWB/y73LTxes4heX9tVMs3f3mqaklmFZMR4K7S3UA6
vDvhOzxa3PxkT6xwwlyjD1X1OEELGWvtxTYYJxcMXh+0peuvZnhvIYXUrytCepo2
PJkUUmjriIPjiNIqY3b6xv1jPsCaTj2hGWUAKcWLB7vH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:19 2024 by rpki-client on console-fra.rpki-client.org