Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/WRw13BXERgDxQnqSltaq45H4IDE.roa
File:                     WRw13BXERgDxQnqSltaq45H4IDE.roa (raw, json)
Hash identifier:          JED+Kp9/FD+5VUN7MYWQvtxGZ2u6d1SRQW2f6DX3YPU=
Subject key identifier:   59:1C:35:DC:15:C4:46:00:F1:42:7A:92:96:D6:AA:E3:91:F8:20:31
Certificate issuer:       /CN=96bfc5a172654dd6009db1d82d92ffaf71234120
Certificate serial:       0183A1B0ABE0CD52D4139B00AA7A3A7A64C9
Authority key identifier: 96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/WRw13BXERgDxQnqSltaq45H4IDE.roa
Signing time:             Tue 04 Oct 2022 06:30:53 +0000
ROA not before:           Tue 04 Oct 2022 06:30:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     213081
IP address blocks:        91.194.139.0/24 maxlen: 24
                          147.78.194.0/23 maxlen: 24
                          185.203.114.0/23 maxlen: 23
                          2a0a:e5c0::/29 maxlen: 48
                          2a09:2940::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:a1:b0:ab:e0:cd:52:d4:13:9b:00:aa:7a:3a:7a:64:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96bfc5a172654dd6009db1d82d92ffaf71234120
        Validity
            Not Before: Oct  4 06:30:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=591c35dc15c44600f1427a9296d6aae391f82031
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:3f:f3:dc:02:ea:72:0f:4b:04:69:64:37:27:
                    ec:27:4c:66:2b:38:47:42:42:b7:75:e2:2b:1a:e6:
                    c0:d5:3d:4d:3c:09:0e:db:47:7e:5a:81:a2:21:09:
                    8b:1f:62:58:97:76:b7:2d:14:32:76:55:a8:f1:d4:
                    33:6a:5b:7b:8e:87:c4:2d:5a:0b:76:d2:bb:9c:d6:
                    89:97:5d:13:6e:63:e8:8a:53:86:9e:20:50:a9:de:
                    da:2e:46:7e:77:25:b6:bf:c0:e6:d8:ad:16:ae:19:
                    61:1d:46:90:ee:02:a0:d6:83:04:55:91:8a:cf:88:
                    0a:92:4a:30:2d:bd:5b:2b:eb:d8:df:f1:8f:4d:af:
                    ce:3c:41:64:e6:f7:ec:12:ed:05:fc:e9:f1:2e:5f:
                    8e:9c:21:ee:3f:52:14:02:9c:10:aa:f6:c0:11:9a:
                    75:db:1f:fc:7b:8f:55:01:e5:88:30:fb:e9:23:7b:
                    cf:81:17:ee:1b:b2:6c:54:3c:03:27:f2:c8:37:08:
                    60:f7:d7:4c:18:a7:5c:6e:e9:d6:0c:3b:b5:53:cf:
                    cf:c9:ef:6e:3f:ab:a2:92:7c:e8:47:92:5f:aa:48:
                    2a:cf:f7:98:cf:e8:27:9d:ba:a7:cc:62:f9:ab:b8:
                    7d:bb:32:d3:e9:9a:e0:7c:79:bf:a1:c3:94:98:38:
                    cc:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:1C:35:DC:15:C4:46:00:F1:42:7A:92:96:D6:AA:E3:91:F8:20:31
            X509v3 Authority Key Identifier:
                keyid:96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/WRw13BXERgDxQnqSltaq45H4IDE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/lr_FoXJlTdYAnbHYLZL_r3EjQSA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.194.139.0/24
                  147.78.194.0/23
                  185.203.114.0/23
                IPv6:
                  2a09:2940::/29
                  2a0a:e5c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         57:dc:3b:68:08:1f:b6:fd:28:89:d0:5a:1c:96:19:de:d6:dd:
         a1:47:a9:50:e6:12:0b:d0:4d:ea:a3:e9:7a:bb:01:6b:bf:83:
         20:7f:ef:46:bd:d9:a0:d5:6e:e6:c6:8a:69:23:76:bf:c9:61:
         d9:ee:9f:ae:5c:14:cf:72:99:03:a4:61:62:fb:6f:45:e0:d5:
         b4:b0:36:b9:6d:25:a5:cf:b6:8c:e3:13:18:04:cc:db:fa:b8:
         f9:79:5f:a3:3a:c7:52:1b:3d:cf:9e:40:4a:9c:ad:a3:7e:6d:
         87:45:c8:cd:c0:3f:c3:c9:80:ab:ea:a9:71:78:7b:ed:21:63:
         2a:32:b9:4c:10:19:8f:0c:49:0b:1d:f6:ae:71:4f:bb:71:3c:
         80:ea:42:65:ef:91:6d:ca:bd:94:91:32:71:b5:0a:fe:93:be:
         48:4f:c2:5c:f4:fe:23:23:a5:e4:34:12:c1:91:21:62:39:c9:
         3a:b9:36:6f:19:63:fc:37:59:41:a2:df:d7:5b:a7:ac:20:bd:
         6a:51:82:7f:0b:8c:c9:7b:b9:f6:dc:b5:76:36:38:03:dd:72:
         a5:b4:ad:15:25:7d:3c:6f:78:7b:df:99:f2:fb:09:1d:e0:7f:
         2c:90:89:78:07:93:f4:f5:0e:5f:cb:bd:06:b4:bc:ae:6f:39:
         53:56:82:fa
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYOhsKvgzVLUE5sAqno6emTJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YmZjNWExNzI2NTRkZDYwMDlkYjFkODJkOTJmZmFmNzEy
MzQxMjAwHhcNMjIxMDA0MDYzMDUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTFjMzVkYzE1YzQ0NjAwZjE0MjdhOTI5NmQ2YWFlMzkxZjgyMDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3j/z3ALqcg9LBGlkNyfsJ0xmKzhH
QkK3deIrGubA1T1NPAkO20d+WoGiIQmLH2JYl3a3LRQydlWo8dQzalt7jofELVoL
dtK7nNaJl10TbmPoilOGniBQqd7aLkZ+dyW2v8Dm2K0WrhlhHUaQ7gKg1oMEVZGK
z4gKkkowLb1bK+vY3/GPTa/OPEFk5vfsEu0F/OnxLl+OnCHuP1IUApwQqvbAEZp1
2x/8e49VAeWIMPvpI3vPgRfuG7JsVDwDJ/LINwhg99dMGKdcbunWDDu1U8/Pye9u
P6uiknzoR5Jfqkgqz/eYz+gnnbqnzGL5q7h9uzLT6ZrgfHm/ocOUmDjMgQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFFkcNdwVxEYA8UJ6kpbWquOR+CAxMB8GA1UdIwQY
MBaAFJa/xaFyZU3WAJ2x2C2S/69xI0EgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJfRm9YSmxUZFlBbmJIWUxaTF9yM0VqUVNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8zNjMwY2ItZWJlYy00ZDg2LWIxMmIt
YmZmYjc1N2MzMTM0LzEvV1J3MTNCWEVSZ0R4UW5xU2x0YXE0NUg0SURFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8zNjMwY2ItZWJlYy00ZDg2LWIxMmItYmZmYjc1N2MzMTM0
LzEvbHJfRm9YSmxUZFlBbmJIWUxaTF9yM0VqUVNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQAW8KLAwQB
k07CAwQBuctyMBQEAgACMA4DBQMqCSlAAwUDKgrlwDANBgkqhkiG9w0BAQsFAAOC
AQEAV9w7aAgftv0oidBaHJYZ3tbdoUepUOYSC9BN6qPpersBa7+DIH/vRr3ZoNVu
5saKaSN2v8lh2e6frlwUz3KZA6RhYvtvReDVtLA2uW0lpc+2jOMTGATM2/q4+Xlf
ozrHUhs9z55ASpyto35th0XIzcA/w8mAq+qpcXh77SFjKjK5TBAZjwxJCx32rnFP
u3E8gOpCZe+Rbcq9lJEycbUK/pO+SE/CXPT+IyOl5DQSwZEhYjnJOrk2bxlj/DdZ
QaLf11unrCC9alGCfwuMyXu59ty1djY4A91ypbStFSV9PG94e9+Z8vsJHeB/LJCJ
eAeT9PUOX8u9BrS8rm85U1aC+g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:07 2024 by rpki-client on console-fra.rpki-client.org