Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/W9-x6K0LFVQDsGxaz2VNZMM9afQ.roa
File:                     W9-x6K0LFVQDsGxaz2VNZMM9afQ.roa (raw, json)
Hash identifier:          /oEr/Kfqo0RslM4yv0hPZhgJVinbWKRPhSTEIhvrtio=
Subject key identifier:   5B:DF:B1:E8:AD:0B:15:54:03:B0:6C:5A:CF:65:4D:64:C3:3D:69:F4
Certificate issuer:       /CN=68c5f09b3a903950f3fcd1b255086ede4876eb11
Certificate serial:       056F54A3
Authority key identifier: 68:C5:F0:9B:3A:90:39:50:F3:FC:D1:B2:55:08:6E:DE:48:76:EB:11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/W9-x6K0LFVQDsGxaz2VNZMM9afQ.roa
Signing time:             Sat 01 Jan 2022 00:53:53 +0000
ROA not before:           Sat 01 Jan 2022 00:53:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     29063
IP address blocks:        193.221.85.0/24 maxlen: 24
                          193.221.84.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 91182243 (0x56f54a3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68c5f09b3a903950f3fcd1b255086ede4876eb11
        Validity
            Not Before: Jan  1 00:53:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5bdfb1e8ad0b155403b06c5acf654d64c33d69f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:34:f2:61:b3:35:05:d8:b5:83:44:73:a6:36:
                    9b:cd:4b:7b:a2:85:05:ac:4e:84:5d:d4:70:f4:8d:
                    3c:77:34:55:03:2b:ad:4f:e0:6c:b6:0a:dd:a0:47:
                    e4:76:12:f8:5b:43:94:a3:64:d1:08:f0:33:68:4b:
                    a9:32:0b:5a:0e:13:74:51:05:3c:e1:22:05:1a:e2:
                    05:a1:4f:32:73:ae:6c:e2:0a:6a:e0:38:f0:b0:5d:
                    59:98:3f:32:e3:d9:f3:1e:fc:b6:92:68:5e:76:4f:
                    53:c6:59:25:5c:79:c8:ed:87:0a:f7:c9:19:c5:72:
                    1f:3a:7c:13:7c:76:f3:29:0b:4a:1c:7c:9c:83:a1:
                    e3:f2:ae:42:27:04:6b:71:cf:ca:6d:c9:fb:e7:a9:
                    8c:72:8a:a1:9b:15:da:19:a7:73:fe:e0:53:61:93:
                    ea:17:dd:71:ea:1f:3f:05:5a:79:c9:b3:04:79:33:
                    c5:7c:79:3a:c3:0a:b9:38:bf:cf:0b:bb:f4:a6:0b:
                    0d:d5:02:5b:d5:36:cd:44:47:f9:25:de:f1:3c:37:
                    af:36:83:70:67:fb:95:48:7d:80:8f:54:fa:c6:47:
                    80:95:8f:65:d5:83:85:73:b1:65:e3:fa:87:35:5a:
                    4a:44:6e:9a:cc:f1:ef:c3:a3:0d:79:15:d1:8c:73:
                    87:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:DF:B1:E8:AD:0B:15:54:03:B0:6C:5A:CF:65:4D:64:C3:3D:69:F4
            X509v3 Authority Key Identifier:
                keyid:68:C5:F0:9B:3A:90:39:50:F3:FC:D1:B2:55:08:6E:DE:48:76:EB:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/W9-x6K0LFVQDsGxaz2VNZMM9afQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.221.84.0/23

    Signature Algorithm: sha256WithRSAEncryption
         42:51:32:eb:25:87:1f:4e:33:e2:17:d0:d9:0e:b9:f3:67:24:
         e0:6f:5f:06:89:de:56:e8:f2:d4:c0:fa:01:78:af:57:fe:77:
         f8:23:ae:6e:5b:47:57:ac:f4:7b:b4:ba:3b:cf:0c:3b:ad:a7:
         4b:18:7c:db:d8:16:11:e8:ef:8d:5f:4e:2a:32:68:4c:e8:43:
         39:bc:31:f7:b0:ce:c5:7f:3d:1f:7b:d3:50:51:a7:d1:fb:ce:
         45:06:e5:a4:b2:7b:0c:46:5e:e6:5b:53:e6:6f:9e:32:bc:54:
         cf:f7:e1:80:63:ca:71:47:d6:79:b9:80:0b:55:df:a1:2f:ad:
         84:c7:87:e0:93:1c:78:2e:85:7a:ab:b8:0b:66:a8:2d:8d:6f:
         ad:e1:84:84:4b:2b:1c:fd:a1:0f:18:97:06:86:be:31:d8:29:
         18:c2:7e:55:ac:c1:96:fa:c9:2d:5e:71:04:71:51:e8:80:40:
         49:c6:6f:e3:b1:4c:67:24:84:e7:60:b4:b4:53:4c:3f:d8:61:
         ff:96:cd:77:43:b7:89:96:20:52:af:7a:51:19:b6:ff:3e:46:
         e6:1f:10:5c:b1:b1:a9:b3:e3:d6:4c:ac:8d:67:1b:3b:a3:4d:
         41:69:7b:79:4e:25:3d:1e:d8:2b:c8:ec:8e:27:42:18:fe:29:
         09:ac:d3:37
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBW9UozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OGM1ZjA5YjNhOTAzOTUwZjNmY2QxYjI1NTA4NmVkZTQ4NzZlYjExMB4XDTIyMDEw
MTAwNTM1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWJkZmIxZThhZDBi
MTU1NDAzYjA2YzVhY2Y2NTRkNjRjMzNkNjlmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMk08mGzNQXYtYNEc6Y2m81Le6KFBaxOhF3UcPSNPHc0VQMr
rU/gbLYK3aBH5HYS+FtDlKNk0QjwM2hLqTILWg4TdFEFPOEiBRriBaFPMnOubOIK
auA48LBdWZg/MuPZ8x78tpJoXnZPU8ZZJVx5yO2HCvfJGcVyHzp8E3x28ykLShx8
nIOh4/KuQicEa3HPym3J++epjHKKoZsV2hmnc/7gU2GT6hfdceofPwVaecmzBHkz
xXx5OsMKuTi/zwu79KYLDdUCW9U2zURH+SXe8Tw3rzaDcGf7lUh9gI9U+sZHgJWP
ZdWDhXOxZeP6hzVaSkRumszx78OjDXkV0Yxzh9MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRb37HorQsVVAOwbFrPZU1kwz1p9DAfBgNVHSMEGDAWgBRoxfCbOpA5UPP8
0bJVCG7eSHbrETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FNWHdtenFRT1ZEel9OR3lWUWh1M2toMjZ4RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjcvZWZhMThkLTA5MDctNDU5My1hYmI4LTk0ODAyNjM2YmFkOS8x
L1c5LXg2SzBMRlZRRHNHeGF6MlZOWk1NOWFmUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjcv
ZWZhMThkLTA5MDctNDU5My1hYmI4LTk0ODAyNjM2YmFkOS8xL2FNWHdtenFRT1ZE
el9OR3lWUWh1M2toMjZ4RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcHdVDANBgkqhkiG9w0BAQsFAAOC
AQEAQlEy6yWHH04z4hfQ2Q6582ck4G9fBoneVujy1MD6AXivV/53+COubltHV6z0
e7S6O88MO62nSxh829gWEejvjV9OKjJoTOhDObwx97DOxX89H3vTUFGn0fvORQbl
pLJ7DEZe5ltT5m+eMrxUz/fhgGPKcUfWebmAC1XfoS+thMeH4JMceC6Fequ4C2ao
LY1vreGEhEsrHP2hDxiXBoa+MdgpGMJ+VazBlvrJLV5xBHFR6IBAScZv47FMZySE
52C0tFNMP9hh/5bNd0O3iZYgUq96URm2/z5G5h8QXLGxqbPj1kysjWcbO6NNQWl7
eU4lPR7YK8jsjidCGP4pCazTNw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:15 2024 by rpki-client on console-ams.rpki-client.org