Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/WWhdwPPNcbGUHsym6z3E770IfMw.roa
File:                     WWhdwPPNcbGUHsym6z3E770IfMw.roa (raw, json)
Hash identifier:          Bzfbhm8nuzjcHck2z6OTy6hIqNYry5q7Pgy3tJ+iXNY=
Subject key identifier:   59:68:5D:C0:F3:CD:71:B1:94:1E:CC:A6:EB:3D:C4:EF:BD:08:7C:CC
Certificate issuer:       /CN=21bfb9e219e15feda6add29639b8d73f5c2cd802
Certificate serial:       026703
Authority key identifier: 21:BF:B9:E2:19:E1:5F:ED:A6:AD:D2:96:39:B8:D7:3F:5C:2C:D8:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ib-54hnhX-2mrdKWObjXP1ws2AI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/WWhdwPPNcbGUHsym6z3E770IfMw.roa
Signing time:             Thu 02 Jun 2022 11:19:29 +0000
ROA not before:           Thu 02 Jun 2022 11:19:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35378
IP address blocks:        95.171.96.0/19 maxlen: 19
                          37.123.200.0/21 maxlen: 21
                          176.241.72.0/21 maxlen: 21
                          77.91.0.0/18 maxlen: 18
                          185.14.112.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 157443 (0x26703)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21bfb9e219e15feda6add29639b8d73f5c2cd802
        Validity
            Not Before: Jun  2 11:19:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=59685dc0f3cd71b1941ecca6eb3dc4efbd087ccc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:6b:e6:29:33:2d:19:ef:08:26:c9:a7:98:1c:
                    96:59:cc:81:91:25:21:e7:8f:f7:ce:82:39:10:5c:
                    51:6d:d9:c4:08:c6:b1:74:72:6b:b4:0a:fc:b7:f2:
                    21:f4:1e:12:b6:86:0b:7d:72:c5:88:fe:ac:70:d1:
                    d2:0b:fa:fa:97:3c:7f:25:44:f3:36:9e:ba:b4:1e:
                    c8:1d:a0:81:b2:6a:9a:ce:3b:4b:db:c6:3a:a6:06:
                    58:d5:0f:09:73:09:60:68:cb:71:04:73:d7:4e:2a:
                    16:9e:7f:36:2c:b1:b4:d6:3a:a6:0f:15:47:b1:71:
                    ca:da:f6:72:f9:45:90:32:03:2f:ec:92:b7:5c:be:
                    7b:8c:64:04:bb:b6:a2:3e:e5:3c:6a:bc:4e:35:f1:
                    29:02:1c:bf:a1:7b:7e:42:e8:d0:18:42:a5:9a:c4:
                    9d:90:d8:ff:32:bd:c7:f7:e1:b2:a0:43:3f:b3:85:
                    32:0e:9f:a9:81:50:80:70:31:00:b1:bf:b8:ef:31:
                    99:05:05:b2:1f:b5:bd:de:4d:f0:b4:93:29:fc:08:
                    d4:b8:54:cb:05:df:78:fd:0b:31:26:bf:1b:87:e5:
                    9f:45:76:2f:cc:e2:2e:2c:73:88:79:7e:2a:6b:20:
                    12:94:0d:fc:f4:34:b4:cc:68:61:68:ce:e1:31:52:
                    e7:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:68:5D:C0:F3:CD:71:B1:94:1E:CC:A6:EB:3D:C4:EF:BD:08:7C:CC
            X509v3 Authority Key Identifier:
                keyid:21:BF:B9:E2:19:E1:5F:ED:A6:AD:D2:96:39:B8:D7:3F:5C:2C:D8:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ib-54hnhX-2mrdKWObjXP1ws2AI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/WWhdwPPNcbGUHsym6z3E770IfMw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/Ib-54hnhX-2mrdKWObjXP1ws2AI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.123.200.0/21
                  77.91.0.0/18
                  95.171.96.0/19
                  176.241.72.0/21
                  185.14.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         22:8a:19:a1:9b:eb:f9:ad:3a:12:c5:59:cd:12:cd:26:a8:1a:
         d9:be:80:ec:ba:10:40:20:1c:6f:b4:ad:e5:08:25:9a:bd:a0:
         df:cc:cd:24:e1:ab:c1:7a:e7:40:9d:09:17:f5:0a:02:30:40:
         de:42:47:b0:c2:9c:8d:1a:1f:3a:77:ca:77:90:21:e1:8d:b7:
         17:9b:46:34:79:d8:9b:c3:19:c5:e3:54:c0:07:cb:17:31:da:
         3d:26:87:aa:29:a6:b5:aa:84:5f:e2:30:aa:b1:1f:be:bc:38:
         89:27:9e:38:d4:4d:f2:03:14:57:49:cb:c7:06:b5:d3:dc:06:
         01:f6:21:89:10:63:d8:24:7b:11:20:ca:c2:c9:3b:bc:40:fb:
         f7:b8:03:4b:a2:c2:5f:64:60:93:41:7c:e0:4c:79:c8:65:70:
         8e:cf:b9:1d:8c:29:f1:06:88:cd:ba:ef:66:8f:47:3b:c4:31:
         af:7b:ba:90:75:6e:7f:eb:d6:c9:02:24:50:44:c4:8a:ec:ff:
         02:94:47:b5:d4:df:e1:78:8b:a8:00:ca:11:3d:6d:a5:ca:63:
         2c:18:a9:99:c8:1e:23:90:57:a6:ee:f0:4c:75:b6:3b:37:60:
         f2:fb:88:8b:61:b4:a6:e0:17:6c:7e:88:72:66:d2:0d:92:7f:
         0e:47:49:f6
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIDAmcDMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDIx
YmZiOWUyMTllMTVmZWRhNmFkZDI5NjM5YjhkNzNmNWMyY2Q4MDIwHhcNMjIwNjAy
MTExOTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1OTY4NWRjMGYzY2Q3
MWIxOTQxZWNjYTZlYjNkYzRlZmJkMDg3Y2NjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnWvmKTMtGe8IJsmnmByWWcyBkSUh54/3zoI5EFxRbdnECMax
dHJrtAr8t/Ih9B4StoYLfXLFiP6scNHSC/r6lzx/JUTzNp66tB7IHaCBsmqazjtL
28Y6pgZY1Q8JcwlgaMtxBHPXTioWnn82LLG01jqmDxVHsXHK2vZy+UWQMgMv7JK3
XL57jGQEu7aiPuU8arxONfEpAhy/oXt+QujQGEKlmsSdkNj/Mr3H9+GyoEM/s4Uy
Dp+pgVCAcDEAsb+47zGZBQWyH7W93k3wtJMp/AjUuFTLBd94/QsxJr8bh+WfRXYv
zOIuLHOIeX4qayASlA389DS0zGhhaM7hMVLncwIDAQABo4ICITCCAh0wHQYDVR0O
BBYEFFloXcDzzXGxlB7Mpus9xO+9CHzMMB8GA1UdIwQYMBaAFCG/ueIZ4V/tpq3S
ljm41z9cLNgCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
SWItNTRobmhYLTJtcmRLV09ialhQMXdzMkFJLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iNC9hYWFlMzgtMWIyOC00NDlkLWJlODItNzNmZDJjMDM1ZWI1LzEv
V1doZHdQUE5jYkdVSHN5bTZ6M0U3NzBJZk13LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9h
YWFlMzgtMWIyOC00NDlkLWJlODItNzNmZDJjMDM1ZWI1LzEvSWItNTRobmhYLTJt
cmRLV09ialhQMXdzMkFJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDcG
CCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDJXvIAwQGTVsAAwQFX6tgAwQDsPFI
AwQCuQ5wMA0GCSqGSIb3DQEBCwUAA4IBAQAiihmhm+v5rToSxVnNEs0mqBrZvoDs
uhBAIBxvtK3lCCWavaDfzM0k4avBeudAnQkX9QoCMEDeQkewwpyNGh86d8p3kCHh
jbcXm0Y0edibwxnF41TAB8sXMdo9JoeqKaa1qoRf4jCqsR++vDiJJ5441E3yAxRX
ScvHBrXT3AYB9iGJEGPYJHsRIMrCyTu8QPv3uANLosJfZGCTQXzgTHnIZXCOz7kd
jCnxBojNuu9mj0c7xDGve7qQdW5/69bJAiRQRMSK7P8ClEe11N/heIuoAMoRPW2l
ymMsGKmZyB4jkFem7vBMdbY7N2Dy+4iLYbSm4BdsfohyZtINkn8OR0n2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:43 2024 by rpki-client on console-fra.rpki-client.org