Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/80353d-4f22-4d94-bead-dd20e2994cd0/1/WwmP29C_j1KMWH-yddB67OmDUhA.roa
File:                     WwmP29C_j1KMWH-yddB67OmDUhA.roa (raw, json)
Hash identifier:          OHiT+76nxCLXK+pYJeUHwFXz80ITdQnwp0X3db1/F2Y=
Subject key identifier:   5B:09:8F:DB:D0:BF:8F:52:8C:58:7F:B2:75:D0:7A:EC:E9:83:52:10
Certificate issuer:       /CN=aba10057bcd00762eef43823c030e7e32d572241
Certificate serial:       0A13B00D
Authority key identifier: AB:A1:00:57:BC:D0:07:62:EE:F4:38:23:C0:30:E7:E3:2D:57:22:41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q6EAV7zQB2Lu9DgjwDDn4y1XIkE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/80353d-4f22-4d94-bead-dd20e2994cd0/1/WwmP29C_j1KMWH-yddB67OmDUhA.roa
Signing time:             Sat 01 Jan 2022 10:56:25 +0000
ROA not before:           Sat 01 Jan 2022 10:56:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        160.202.20.0/24 maxlen: 24
                          160.202.22.0/24 maxlen: 24
                          160.202.21.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 169062413 (0xa13b00d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aba10057bcd00762eef43823c030e7e32d572241
        Validity
            Not Before: Jan  1 10:56:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5b098fdbd0bf8f528c587fb275d07aece9835210
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:17:7d:b4:61:23:a5:32:52:c8:98:8a:ce:24:
                    1f:33:ab:34:19:74:43:9a:e6:66:82:c9:3e:51:3b:
                    d3:02:7e:47:4b:65:3b:a7:37:ec:0f:0b:c3:e1:f1:
                    e5:99:4b:c9:54:4b:a2:01:39:41:b7:c9:86:e3:f6:
                    e9:06:8a:a2:67:5d:79:32:90:bf:c6:ea:dd:59:75:
                    52:27:65:3f:55:42:6a:9c:11:03:92:f6:15:d1:ac:
                    85:21:b8:21:59:c1:20:a4:2b:24:df:ff:7c:b0:a6:
                    a3:bc:4f:a8:23:cf:4e:5a:0b:54:ba:c6:f4:30:9d:
                    cf:e6:00:bc:41:45:a2:5c:9e:65:8c:16:90:b9:a8:
                    37:49:d7:f5:74:89:a0:45:4f:a5:cd:fd:3b:ab:fc:
                    bc:8e:2c:b1:97:21:41:bd:43:4f:ea:79:b1:d8:dc:
                    be:4a:b9:35:d0:c6:a7:f9:c7:31:13:7a:7e:f8:9c:
                    52:0d:42:85:cb:dc:ec:13:6a:e0:de:31:7b:39:a4:
                    ac:61:71:6d:47:f7:cc:6d:6a:ad:bb:b0:dd:69:83:
                    2f:dd:1e:61:02:2f:95:52:62:4a:c3:47:08:54:af:
                    63:93:d8:63:09:e1:d9:29:9a:aa:27:33:85:5e:a7:
                    9e:63:d3:f5:40:1c:a9:d5:9f:8c:b5:7e:31:92:c0:
                    a3:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:09:8F:DB:D0:BF:8F:52:8C:58:7F:B2:75:D0:7A:EC:E9:83:52:10
            X509v3 Authority Key Identifier:
                keyid:AB:A1:00:57:BC:D0:07:62:EE:F4:38:23:C0:30:E7:E3:2D:57:22:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q6EAV7zQB2Lu9DgjwDDn4y1XIkE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/80353d-4f22-4d94-bead-dd20e2994cd0/1/WwmP29C_j1KMWH-yddB67OmDUhA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/80353d-4f22-4d94-bead-dd20e2994cd0/1/q6EAV7zQB2Lu9DgjwDDn4y1XIkE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.202.20.0-160.202.22.255

    Signature Algorithm: sha256WithRSAEncryption
         c5:c5:fa:3e:dd:e7:d2:37:80:2c:c6:9b:a6:d4:6d:3d:11:42:
         33:f5:95:5b:fa:f8:ce:70:b5:ad:9d:96:a5:d4:c7:b3:a0:80:
         a7:f7:dd:73:96:62:3b:15:7e:47:d3:b5:cf:1b:54:e4:a3:b4:
         77:eb:c4:96:43:0b:8c:02:71:1e:03:5a:0c:3b:f3:53:b8:35:
         3b:49:7d:49:28:e0:aa:68:a7:29:be:d2:9b:11:96:04:63:dd:
         51:b0:b9:f0:1f:a2:93:88:5b:37:9f:66:66:01:c3:9c:a0:87:
         9a:c4:0a:47:0e:dc:3a:71:ba:9d:8e:c1:b5:d3:ba:52:4f:b4:
         db:4b:88:33:7d:c3:fa:d0:d5:8e:76:f4:1e:4f:ad:29:19:6c:
         d0:6a:be:56:40:11:d7:48:9a:28:4b:ab:22:12:bb:df:60:4c:
         96:de:86:62:36:36:3a:2a:7c:0f:73:3a:5d:ab:f7:d7:a5:ae:
         73:9b:98:6e:b6:e1:4f:19:4c:e7:7e:f6:9a:5c:d8:3f:1f:94:
         de:63:23:ec:a3:f1:23:c3:4f:80:09:32:23:12:09:f2:a8:ba:
         81:df:8a:0e:7e:dc:27:6a:ff:2e:66:d8:fa:0d:51:e1:82:53:
         21:5d:46:22:e9:07:0a:41:bd:de:e7:20:66:58:ad:86:6d:10:
         b4:97:e1:fd
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEChOwDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YmExMDA1N2JjZDAwNzYyZWVmNDM4MjNjMDMwZTdlMzJkNTcyMjQxMB4XDTIyMDEw
MTEwNTYyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWIwOThmZGJkMGJm
OGY1MjhjNTg3ZmIyNzVkMDdhZWNlOTgzNTIxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMEXfbRhI6UyUsiYis4kHzOrNBl0Q5rmZoLJPlE70wJ+R0tl
O6c37A8Lw+Hx5ZlLyVRLogE5QbfJhuP26QaKomddeTKQv8bq3Vl1UidlP1VCapwR
A5L2FdGshSG4IVnBIKQrJN//fLCmo7xPqCPPTloLVLrG9DCdz+YAvEFFolyeZYwW
kLmoN0nX9XSJoEVPpc39O6v8vI4ssZchQb1DT+p5sdjcvkq5NdDGp/nHMRN6fvic
Ug1Chcvc7BNq4N4xezmkrGFxbUf3zG1qrbuw3WmDL90eYQIvlVJiSsNHCFSvY5PY
Ywnh2SmaqiczhV6nnmPT9UAcqdWfjLV+MZLAo5ECAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBRbCY/b0L+PUoxYf7J10Hrs6YNSEDAfBgNVHSMEGDAWgBSroQBXvNAHYu70
OCPAMOfjLVciQTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3E2RUFWN3pRQjJMdTlEZ2p3RERuNHkxWElrRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvODAzNTNkLTRmMjItNGQ5NC1iZWFkLWRkMjBlMjk5NGNkMC8x
L1d3bVAyOUNfajFLTVdILXlkZEI2N09tRFVoQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
ODAzNTNkLTRmMjItNGQ5NC1iZWFkLWRkMjBlMjk5NGNkMC8xL3E2RUFWN3pRQjJM
dTlEZ2p3RERuNHkxWElrRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQCoMoUAwQAoMoWMA0GCSqGSIb3
DQEBCwUAA4IBAQDFxfo+3efSN4Asxpum1G09EUIz9ZVb+vjOcLWtnZal1MezoICn
991zlmI7FX5H07XPG1Tko7R368SWQwuMAnEeA1oMO/NTuDU7SX1JKOCqaKcpvtKb
EZYEY91RsLnwH6KTiFs3n2ZmAcOcoIeaxApHDtw6cbqdjsG107pST7TbS4gzfcP6
0NWOdvQeT60pGWzQar5WQBHXSJooS6siErvfYEyW3oZiNjY6KnwPczpdq/fXpa5z
m5hutuFPGUznfvaaXNg/H5TeYyPso/Ejw0+ACTIjEgnyqLqB34oOftwnav8uZtj6
DVHhglMhXUYi6QcKQb3e5yBmWK2GbRC0l+H9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:01 2024 by rpki-client on console-ams.rpki-client.org