Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Wp1bLULiwzoqgYb7m61Zp1yhaO4.roa
File:                     Wp1bLULiwzoqgYb7m61Zp1yhaO4.roa (raw, json)
Hash identifier:          nVzIJlpT6pE+xUdQLOOIORmfk3khMZ+2VOmYA0mgAZE=
Subject key identifier:   5A:9D:5B:2D:42:E2:C3:3A:2A:81:86:FB:9B:AD:59:A7:5C:A1:68:EE
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       01824AA8A97BA9334091FF3DE05115778E97
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Wp1bLULiwzoqgYb7m61Zp1yhaO4.roa
Signing time:             Fri 29 Jul 2022 15:52:23 +0000
ROA not before:           Fri 29 Jul 2022 15:52:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204339
IP address blocks:        45.95.200.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:4a:a8:a9:7b:a9:33:40:91:ff:3d:e0:51:15:77:8e:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Jul 29 15:52:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5a9d5b2d42e2c33a2a8186fb9bad59a75ca168ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:a4:fb:2f:e3:cf:6e:7a:1a:d3:64:b1:2a:94:
                    aa:c0:ff:d2:46:c3:eb:a6:77:fa:37:e2:93:d1:de:
                    bd:2f:d7:fb:72:a9:5b:db:27:d1:65:ec:a5:6f:e0:
                    04:6e:73:88:14:fc:e2:15:a6:d5:39:5c:e4:81:98:
                    a1:7c:f7:f9:f3:7c:00:db:fa:dc:1c:4a:13:95:22:
                    25:5c:44:85:70:5f:ec:ca:bd:e2:a9:89:66:d6:9e:
                    f6:23:e7:ae:74:37:de:23:92:2b:a2:3b:1f:8a:d1:
                    d1:5a:d1:52:82:4b:e5:76:3d:d6:42:49:43:ef:00:
                    75:67:19:08:26:73:16:8e:5e:0a:db:1e:d4:e7:25:
                    ab:0c:4c:5f:dd:67:f3:7f:74:63:76:3d:ac:bb:49:
                    8b:1e:f6:80:fa:f6:92:9d:d8:df:40:12:20:47:5f:
                    2a:d9:80:3a:02:cd:78:8e:c3:03:89:b8:9c:ba:5d:
                    43:4f:96:03:d1:cb:f6:b8:1a:27:82:dd:60:35:b1:
                    cb:ee:3f:24:31:a3:a7:92:8c:da:2b:35:20:a1:65:
                    a5:11:05:95:be:ba:26:6d:c0:52:af:9c:e8:53:dc:
                    93:6d:cd:0d:2f:c1:88:a7:89:bc:f2:61:82:a5:c2:
                    8a:11:14:b8:ec:60:1d:05:a0:f4:6b:0c:1c:01:e9:
                    67:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:9D:5B:2D:42:E2:C3:3A:2A:81:86:FB:9B:AD:59:A7:5C:A1:68:EE
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Wp1bLULiwzoqgYb7m61Zp1yhaO4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.95.200.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:b2:ed:0c:df:92:ee:0c:cd:45:5c:86:38:04:46:e1:fb:52:
         aa:06:fa:35:52:42:20:6f:3e:39:e2:7e:6e:53:cb:e3:b0:90:
         35:c0:00:63:e2:f8:70:75:91:18:28:76:0e:90:c5:41:e6:61:
         64:a8:20:87:b0:8e:79:26:00:a8:31:64:73:a9:e2:1e:e6:9b:
         a1:d3:45:8b:2a:06:26:6d:15:ce:54:23:65:f3:0d:02:c0:65:
         27:e8:e3:c7:8d:97:ef:37:f2:c3:c8:b2:06:1b:03:af:0d:89:
         0a:a7:41:03:e3:f8:ca:ec:da:ea:0c:f7:b5:6a:f4:e0:a0:f1:
         b7:c8:c2:a9:60:67:0b:df:f5:9b:40:e8:85:24:18:7f:e6:fd:
         20:30:8d:e9:ea:35:76:96:0d:61:2c:64:e6:2b:37:27:85:92:
         0d:72:71:85:c5:db:b5:e5:90:04:78:ce:31:f4:af:3e:d1:66:
         a6:9a:96:bd:f7:01:7d:2a:54:ff:e1:c5:ee:6f:f9:87:4a:18:
         21:f9:7f:20:0f:b1:3f:15:8c:64:c6:ba:a5:73:5e:aa:66:75:
         ff:9f:18:ce:85:51:bb:69:80:f7:37:70:b8:be:02:77:aa:88:
         b4:e8:9d:f7:ce:7b:77:73:ba:33:ff:f8:75:8f:77:8c:3d:07:
         e7:77:ca:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJKqKl7qTNAkf894FEVd46XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIwNzI5MTU1MjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTlkNWIyZDQyZTJjMzNhMmE4MTg2ZmI5YmFkNTlhNzVjYTE2OGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaT7L+PPbnoa02SxKpSqwP/SRsPr
pnf6N+KT0d69L9f7cqlb2yfRZeylb+AEbnOIFPziFabVOVzkgZihfPf583wA2/rc
HEoTlSIlXESFcF/syr3iqYlm1p72I+eudDfeI5IrojsfitHRWtFSgkvldj3WQklD
7wB1ZxkIJnMWjl4K2x7U5yWrDExf3Wfzf3Rjdj2su0mLHvaA+vaSndjfQBIgR18q
2YA6As14jsMDibicul1DT5YD0cv2uBongt1gNbHL7j8kMaOnkozaKzUgoWWlEQWV
vrombcBSr5zoU9yTbc0NL8GIp4m88mGCpcKKERS47GAdBaD0awwcAelnYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFqdWy1C4sM6KoGG+5utWadcoWjuMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvV3AxYkxVTGl3em9xZ1liN202MVpwMXloYU80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALV/IMA0G
CSqGSIb3DQEBCwUAA4IBAQCJsu0M35LuDM1FXIY4BEbh+1KqBvo1UkIgbz454n5u
U8vjsJA1wABj4vhwdZEYKHYOkMVB5mFkqCCHsI55JgCoMWRzqeIe5puh00WLKgYm
bRXOVCNl8w0CwGUn6OPHjZfvN/LDyLIGGwOvDYkKp0ED4/jK7NrqDPe1avTgoPG3
yMKpYGcL3/WbQOiFJBh/5v0gMI3p6jV2lg1hLGTmKzcnhZINcnGFxdu15ZAEeM4x
9K8+0Wammpa99wF9KlT/4cXub/mHShgh+X8gD7E/FYxkxrqlc16qZnX/nxjOhVG7
aYD3N3C4vgJ3qoi06J33znt3c7oz//h1j3eMPQfnd8pv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org