Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/rWvMxqywUL3qnoUsXIrJIe3DeTs.roa
File:                     rWvMxqywUL3qnoUsXIrJIe3DeTs.roa (raw, json)
Hash identifier:          R6RCP/vYohgspSwvHB3A+R33Tv3PSj/Hl2hLJqvIosU=
Subject key identifier:   AD:6B:CC:C6:AC:B0:50:BD:EA:9E:85:2C:5C:8A:C9:21:ED:C3:79:3B
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       07FB7D37
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/rWvMxqywUL3qnoUsXIrJIe3DeTs.roa
Signing time:             Sat 01 Jan 2022 03:02:07 +0000
ROA not before:           Sat 01 Jan 2022 03:02:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201936
IP address blocks:        94.241.132.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 133922103 (0x7fb7d37)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: Jan  1 03:02:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ad6bccc6acb050bdea9e852c5c8ac921edc3793b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:59:43:9b:70:f8:03:00:c3:2d:74:dd:0d:9f:
                    59:df:9c:b7:0f:1f:f6:28:93:21:53:4e:d5:7a:06:
                    44:c9:96:70:65:2e:d5:58:12:2c:cd:ae:f3:5f:33:
                    f1:c3:d1:7b:88:1e:69:9b:e9:f7:19:de:32:f8:4a:
                    a9:ac:a8:fb:7a:f1:68:a4:90:07:7e:12:46:22:ad:
                    5c:57:01:86:31:ce:7b:fd:23:89:41:24:5e:60:8a:
                    33:38:70:6e:9f:df:db:5c:47:a4:c6:73:cd:a2:c0:
                    7d:3b:92:3f:99:1a:2f:2b:33:ca:ec:ed:43:b3:57:
                    e8:ce:b3:f1:24:bf:c3:92:9d:f7:bb:ee:32:0e:f0:
                    46:b8:48:e8:97:f0:32:e0:df:6e:8d:7a:27:5b:aa:
                    53:6f:0a:a4:9b:db:d0:f5:be:1c:91:47:c5:4b:b6:
                    90:e7:07:0f:28:91:82:32:ee:61:89:f6:eb:cd:41:
                    b0:65:06:14:5a:28:16:ce:1c:46:04:5c:4b:09:61:
                    4b:86:e4:d8:1f:f2:27:62:d6:07:2e:ca:3c:19:28:
                    89:00:0f:6f:ee:83:d4:aa:eb:56:fe:43:e6:15:43:
                    bb:30:8b:be:0f:f2:f0:a7:ca:54:b5:5b:02:8a:ff:
                    55:51:1b:48:e0:96:58:d8:26:31:97:ce:a2:55:40:
                    de:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:6B:CC:C6:AC:B0:50:BD:EA:9E:85:2C:5C:8A:C9:21:ED:C3:79:3B
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/rWvMxqywUL3qnoUsXIrJIe3DeTs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.241.132.0/22

    Signature Algorithm: sha256WithRSAEncryption
         46:46:ea:69:ea:d1:bb:cd:b6:90:0c:c5:50:c6:e1:2c:58:f6:
         71:bb:b3:cc:68:91:50:21:c4:03:a8:d4:84:96:e4:31:de:a3:
         98:94:33:12:8d:a7:e1:37:32:c3:7a:38:ef:12:79:b1:47:4e:
         fc:ee:37:cf:92:ff:68:a1:90:40:6e:78:ac:68:8f:26:5e:9f:
         47:8d:b7:2c:29:85:d4:ce:05:a6:db:df:95:df:78:fd:45:9b:
         7b:7c:16:21:41:35:4b:82:ea:6a:d4:b5:c5:1c:1d:f5:f6:02:
         32:f9:3a:f1:a0:3c:d9:36:a2:e5:75:3a:c2:a4:ca:6b:81:88:
         97:b6:1a:dc:c8:a4:64:3c:58:1a:62:25:ed:32:90:ac:f8:5a:
         c8:9b:46:61:61:f0:4e:7c:eb:0c:14:39:9d:6a:17:0f:5c:11:
         a6:93:19:7f:47:15:22:15:98:35:44:cc:e9:21:75:8f:90:50:
         45:ad:7c:38:17:5a:10:d7:b3:e3:56:8a:d7:a2:bc:f2:84:6f:
         c9:a1:10:9d:ee:74:00:f0:0e:cb:90:79:31:28:b2:01:39:3a:
         f8:f9:3f:a7:a8:51:15:58:2c:6a:aa:2b:0e:96:cd:41:bb:74:
         88:ff:bf:c6:e5:3a:1e:4d:d8:80:de:bd:a6:6e:d5:71:8f:0d:
         cb:2c:8b:09
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB/t9NzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Mjc3OGRlMmE5YmU5ODAyMTIwMzgyZTc1MGQxNTllOTU4NzJjMmFlMB4XDTIyMDEw
MTAzMDIwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWQ2YmNjYzZhY2Iw
NTBiZGVhOWU4NTJjNWM4YWM5MjFlZGMzNzkzYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL1ZQ5tw+AMAwy103Q2fWd+ctw8f9iiTIVNO1XoGRMmWcGUu
1VgSLM2u818z8cPRe4geaZvp9xneMvhKqayo+3rxaKSQB34SRiKtXFcBhjHOe/0j
iUEkXmCKMzhwbp/f21xHpMZzzaLAfTuSP5kaLyszyuztQ7NX6M6z8SS/w5Kd97vu
Mg7wRrhI6JfwMuDfbo16J1uqU28KpJvb0PW+HJFHxUu2kOcHDyiRgjLuYYn2681B
sGUGFFooFs4cRgRcSwlhS4bk2B/yJ2LWBy7KPBkoiQAPb+6D1KrrVv5D5hVDuzCL
vg/y8KfKVLVbAor/VVEbSOCWWNgmMZfOolVA3lcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSta8zGrLBQveqehSxciskh7cN5OzAfBgNVHSMEGDAWgBTCd43iqb6YAhID
gudQ0VnpWHLCrjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3duZU40cW0tbUFJU0E0TG5VTkZaNlZoeXdxNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvNDEwOTMwLTlkNjUtNGJlOC05ZWJhLWY5OGRhNTRhZjQzNC8x
L3JXdk14cXl3VUwzcW5vVXNYSXJKSWUzRGVUcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
NDEwOTMwLTlkNjUtNGJlOC05ZWJhLWY5OGRhNTRhZjQzNC8xL3duZU40cW0tbUFJ
U0E0TG5VTkZaNlZoeXdxNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAl7xhDANBgkqhkiG9w0BAQsFAAOC
AQEARkbqaerRu822kAzFUMbhLFj2cbuzzGiRUCHEA6jUhJbkMd6jmJQzEo2n4Tcy
w3o47xJ5sUdO/O43z5L/aKGQQG54rGiPJl6fR423LCmF1M4Fptvfld94/UWbe3wW
IUE1S4LqatS1xRwd9fYCMvk68aA82Tai5XU6wqTKa4GIl7Ya3MikZDxYGmIl7TKQ
rPhayJtGYWHwTnzrDBQ5nWoXD1wRppMZf0cVIhWYNUTM6SF1j5BQRa18OBdaENez
41aK16K88oRvyaEQne50APAOy5B5MSiyATk6+Pk/p6hRFVgsaqorDpbNQbt0iP+/
xuU6Hk3YgN69pm7VcY8NyyyLCQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:20 2024 by rpki-client on console-ams.rpki-client.org