Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/WiNHbY8-eTzkdw8jXyOycsYrjZw.roa
File:                     WiNHbY8-eTzkdw8jXyOycsYrjZw.roa (raw, json)
Hash identifier:          Q3qceX1bXXZNyAYYALtRccJ2UcXrtdv6fwak96qRys8=
Subject key identifier:   5A:23:47:6D:8F:3E:79:3C:E4:77:0F:23:5F:23:B2:72:C6:2B:8D:9C
Certificate issuer:       /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial:       0183CBBC497F4D3C9D0E2BA4A898387F5726
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/WiNHbY8-eTzkdw8jXyOycsYrjZw.roa
Signing time:             Wed 12 Oct 2022 10:27:37 +0000
ROA not before:           Wed 12 Oct 2022 10:27:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47692
IP address blocks:        185.51.8.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:cb:bc:49:7f:4d:3c:9d:0e:2b:a4:a8:98:38:7f:57:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
        Validity
            Not Before: Oct 12 10:27:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5a23476d8f3e793ce4770f235f23b272c62b8d9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:98:17:d3:01:7b:e9:38:b6:e7:7e:4b:28:c5:
                    98:e3:84:8d:01:ec:5c:17:01:4e:80:f0:fe:41:c9:
                    34:1a:16:91:ed:18:9f:20:3c:b8:4c:61:b3:2e:8e:
                    66:ca:9b:22:01:fa:6b:8e:3f:ec:8d:0f:a1:b2:d5:
                    69:24:93:c2:9a:1e:64:12:f6:87:4f:97:38:d6:4e:
                    eb:2f:03:12:ca:45:5b:0f:05:7c:39:fc:de:e8:d4:
                    39:76:28:f7:a9:2c:9c:29:cb:61:5d:ad:f4:63:1e:
                    e4:ce:f1:e6:70:ca:99:16:8f:d3:f4:19:a4:98:7e:
                    67:1e:93:44:9c:17:69:4d:a2:d5:28:a2:a3:f8:ce:
                    c1:1c:c1:6a:9a:0b:f9:0d:21:5b:4d:de:06:eb:63:
                    28:d7:6a:c0:0b:7a:dc:1a:36:ac:d0:30:e3:23:b0:
                    03:c5:f4:4f:da:b9:d2:e7:47:b5:01:c5:82:0e:bd:
                    8a:26:17:61:29:f1:20:90:64:a9:3b:54:e1:88:ea:
                    b5:ba:e5:80:48:74:c6:a1:96:c2:1c:33:d6:98:f1:
                    c6:a9:84:97:aa:d4:e0:67:f0:2b:d1:b9:03:8b:9c:
                    91:5f:4b:7b:ae:f1:b2:5c:b8:ca:fb:38:46:87:c5:
                    d7:13:90:b7:be:b5:4a:25:88:89:7e:d5:23:14:d9:
                    c4:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:23:47:6D:8F:3E:79:3C:E4:77:0F:23:5F:23:B2:72:C6:2B:8D:9C
            X509v3 Authority Key Identifier:
                keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/WiNHbY8-eTzkdw8jXyOycsYrjZw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.51.8.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6d:5a:75:29:d4:35:7b:ea:f3:21:f4:04:d5:30:75:31:48:d5:
         1c:c4:be:c2:7e:eb:1c:af:46:1f:06:9b:17:c4:f5:8c:59:70:
         d1:80:62:84:5e:81:5a:12:7e:7e:41:2e:4f:fc:e0:cd:11:0c:
         c5:a4:8b:a2:08:5e:86:c9:55:70:68:69:78:44:bf:b0:8c:29:
         21:67:69:df:2b:7a:cb:4d:80:04:dc:fa:25:4a:60:4c:91:ca:
         64:08:4c:ac:49:32:99:1d:15:ea:0c:e6:fc:62:72:27:92:d6:
         69:71:2b:9a:c9:75:e3:56:77:4c:14:56:4d:60:28:75:a1:2d:
         00:75:41:16:47:83:f4:f1:7c:46:58:44:2d:51:a9:06:da:2e:
         bc:92:01:89:4f:c9:e5:f5:d6:fd:94:57:93:d8:dc:27:37:bd:
         ff:d6:6f:cd:77:23:2a:83:42:6a:28:21:64:b5:23:eb:00:fb:
         21:77:48:05:59:0e:1d:8a:1e:c7:bb:dd:0b:0a:f0:b5:7b:dd:
         f2:68:88:b1:80:59:17:98:80:7f:fe:e7:e0:47:6f:55:80:82:
         ea:79:64:ef:2a:4e:bc:bd:cd:c7:82:e4:47:57:bb:ea:7e:fd:
         ec:48:e4:54:52:ff:66:0e:fa:34:94:64:c2:3c:e4:9b:09:e6:
         d7:8b:66:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPLvEl/TTydDiukqJg4f1cmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjIxMDEyMTAyNzM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTIzNDc2ZDhmM2U3OTNjZTQ3NzBmMjM1ZjIzYjI3MmM2MmI4ZDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5gX0wF76Ti2535LKMWY44SNAexc
FwFOgPD+Qck0GhaR7RifIDy4TGGzLo5mypsiAfprjj/sjQ+hstVpJJPCmh5kEvaH
T5c41k7rLwMSykVbDwV8Ofze6NQ5dij3qSycKcthXa30Yx7kzvHmcMqZFo/T9Bmk
mH5nHpNEnBdpTaLVKKKj+M7BHMFqmgv5DSFbTd4G62Mo12rAC3rcGjas0DDjI7AD
xfRP2rnS50e1AcWCDr2KJhdhKfEgkGSpO1ThiOq1uuWASHTGoZbCHDPWmPHGqYSX
qtTgZ/Ar0bkDi5yRX0t7rvGyXLjK+zhGh8XXE5C3vrVKJYiJftUjFNnE4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFojR22PPnk85HcPI18jsnLGK42cMB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEvV2lOSGJZOC1lVHprZHc4alh5T3ljc1lyalp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTMIMA0G
CSqGSIb3DQEBCwUAA4IBAQBtWnUp1DV76vMh9ATVMHUxSNUcxL7Cfuscr0YfBpsX
xPWMWXDRgGKEXoFaEn5+QS5P/ODNEQzFpIuiCF6GyVVwaGl4RL+wjCkhZ2nfK3rL
TYAE3PolSmBMkcpkCEysSTKZHRXqDOb8YnInktZpcSuayXXjVndMFFZNYCh1oS0A
dUEWR4P08XxGWEQtUakG2i68kgGJT8nl9db9lFeT2NwnN73/1m/NdyMqg0JqKCFk
tSPrAPshd0gFWQ4dih7Hu90LCvC1e93yaIixgFkXmIB//ufgR29VgILqeWTvKk68
vc3HguRHV7vqfv3sSORUUv9mDvo0lGTCPOSbCebXi2ZT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:44 2024 by rpki-client on console-fra.rpki-client.org