Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/WcUWn9LUC--y806EbosnofqWkos.roa
File:                     WcUWn9LUC--y806EbosnofqWkos.roa (raw, json)
Hash identifier:          m2oxdImmoJZQuLhkU/5ufgi8WjI2dzYqYhMTB3NbPco=
Subject key identifier:   59:C5:16:9F:D2:D4:0B:EF:B2:F3:4E:84:6E:8B:27:A1:FA:96:92:8B
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0E019B9D
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/WcUWn9LUC--y806EbosnofqWkos.roa
Signing time:             Tue 26 Apr 2022 16:48:51 +0000
ROA not before:           Tue 26 Apr 2022 16:48:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210977
IP address blocks:        185.217.116.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 234986397 (0xe019b9d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Apr 26 16:48:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=59c5169fd2d40befb2f34e846e8b27a1fa96928b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:32:df:aa:a1:09:66:1d:26:04:e6:38:82:ad:
                    eb:02:70:e3:2f:7e:b3:a4:24:54:b9:40:b5:8c:6a:
                    60:da:2f:e2:27:e1:6f:f6:a1:92:25:10:3b:6a:df:
                    0f:ce:af:13:39:d9:8c:be:88:c0:e7:a6:79:b1:af:
                    6e:13:c1:44:fd:28:6a:9c:b4:be:5e:5b:2b:4d:ef:
                    65:0b:34:37:15:36:8c:22:a1:c7:0b:2a:88:e7:ca:
                    4c:9d:9e:47:c4:59:c7:05:fe:df:02:37:ec:10:d3:
                    a3:00:2c:93:d4:9a:e2:b6:bc:e6:ec:93:a2:1c:8a:
                    78:a2:5d:ad:f1:ff:6d:32:79:65:00:95:74:3b:d8:
                    fa:2c:f9:5c:5e:cf:de:17:ed:45:0b:d5:f3:34:a0:
                    07:4e:6a:3a:17:88:6e:73:79:86:dc:9c:d9:f6:4c:
                    72:40:fa:05:cd:4c:68:63:6d:cf:92:45:52:95:70:
                    69:bc:ed:ce:b0:ba:af:89:a2:05:41:5d:f5:ec:85:
                    41:a2:3c:54:d5:0e:ec:ce:ff:dc:a2:39:24:cf:b4:
                    91:c2:03:a3:ba:45:f4:8f:58:fa:0a:b4:89:a8:4d:
                    6d:78:5e:89:02:46:ea:7a:43:31:ab:66:34:b5:0b:
                    79:43:e2:60:0a:0f:f4:4e:c2:4c:03:1c:f0:a0:75:
                    c1:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:C5:16:9F:D2:D4:0B:EF:B2:F3:4E:84:6E:8B:27:A1:FA:96:92:8B
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/WcUWn9LUC--y806EbosnofqWkos.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.217.116.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:e5:be:38:8c:97:e8:7c:d4:7d:b4:3e:f7:93:95:dd:2d:3a:
         e0:92:e9:dc:aa:82:4e:0f:d1:ed:73:98:68:8a:65:bd:15:16:
         cd:54:8f:d2:1e:57:c7:e5:18:89:96:31:91:06:bd:2f:d6:2b:
         5e:38:c0:a8:22:85:75:b7:83:7b:e9:f3:0b:28:05:c5:72:44:
         6c:ab:63:45:17:64:c9:5f:cf:59:55:13:4c:de:d8:5f:fc:12:
         9d:30:da:7b:42:91:1a:a7:64:11:b1:5f:60:ce:9f:00:de:85:
         5c:39:79:18:be:99:1c:17:c0:91:da:b0:6d:e5:8c:18:2b:a5:
         f3:57:ec:b5:1b:b2:4a:53:61:69:61:bb:cf:f1:a1:ac:ef:94:
         be:f4:6f:69:2c:39:27:f4:c7:c9:d1:4e:07:66:f4:df:17:84:
         a0:15:38:5c:e9:18:21:30:63:50:85:11:30:3e:dc:60:54:4c:
         0c:b9:b9:bf:0d:ae:8a:20:69:0f:74:75:d8:26:39:7d:c3:c6:
         6a:50:96:a2:fc:bc:cd:f6:ba:b5:8e:3a:42:ae:2c:35:41:46:
         8a:bd:18:64:ea:75:f4:4c:fa:5d:d7:79:7a:77:cd:ca:66:fb:
         20:ab:9c:8b:02:e2:75:d4:70:6a:69:81:fe:06:a8:4e:5c:ca:
         7f:d2:73:f8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDgGbnTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDQy
NjE2NDg1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTljNTE2OWZkMmQ0
MGJlZmIyZjM0ZTg0NmU4YjI3YTFmYTk2OTI4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIoy36qhCWYdJgTmOIKt6wJw4y9+s6QkVLlAtYxqYNov4ifh
b/ahkiUQO2rfD86vEznZjL6IwOemebGvbhPBRP0oapy0vl5bK03vZQs0NxU2jCKh
xwsqiOfKTJ2eR8RZxwX+3wI37BDTowAsk9Sa4ra85uyTohyKeKJdrfH/bTJ5ZQCV
dDvY+iz5XF7P3hftRQvV8zSgB05qOheIbnN5htyc2fZMckD6Bc1MaGNtz5JFUpVw
abztzrC6r4miBUFd9eyFQaI8VNUO7M7/3KI5JM+0kcIDo7pF9I9Y+gq0iahNbXhe
iQJG6npDMatmNLULeUPiYAoP9E7CTAMc8KB1wdsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRZxRaf0tQL77LzToRuiyeh+paSizAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L1djVVduOUxVQy0teTgwNkVib3Nub2ZxV2tvcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnZdDANBgkqhkiG9w0BAQsFAAOC
AQEAauW+OIyX6HzUfbQ+95OV3S064JLp3KqCTg/R7XOYaIplvRUWzVSP0h5Xx+UY
iZYxkQa9L9YrXjjAqCKFdbeDe+nzCygFxXJEbKtjRRdkyV/PWVUTTN7YX/wSnTDa
e0KRGqdkEbFfYM6fAN6FXDl5GL6ZHBfAkdqwbeWMGCul81fstRuySlNhaWG7z/Gh
rO+UvvRvaSw5J/THydFOB2b03xeEoBU4XOkYITBjUIURMD7cYFRMDLm5vw2uiiBp
D3R12CY5fcPGalCWovy8zfa6tY46Qq4sNUFGir0YZOp19Ez6Xdd5enfNymb7IKuc
iwLiddRwammB/gaoTlzKf9Jz+A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:46 2024 by rpki-client on console-fra.rpki-client.org