Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/wTpZ5vpDtQcOtiO601LzL0YyMSA.roa
File:                     wTpZ5vpDtQcOtiO601LzL0YyMSA.roa (raw, json)
Hash identifier:          xqH3oX2woCAYix+6K+2mioCBVU9xkryPYaoHLnKiG7s=
Subject key identifier:   C1:3A:59:E6:FA:43:B5:07:0E:B6:23:BA:D3:52:F3:2F:46:32:31:20
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       1A4EF37A
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/wTpZ5vpDtQcOtiO601LzL0YyMSA.roa
Signing time:             Tue 31 May 2022 22:10:14 +0000
ROA not before:           Tue 31 May 2022 22:10:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     26636
IP address blocks:        213.232.104.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 441381754 (0x1a4ef37a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: May 31 22:10:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c13a59e6fa43b5070eb623bad352f32f46323120
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:ce:e4:c8:82:d4:9b:5c:24:3e:49:17:06:2c:
                    92:07:e6:80:1b:8f:f9:7b:05:a0:0a:96:3e:4c:f2:
                    36:6d:c3:29:ad:6d:75:5e:c5:7e:0c:43:d8:85:8a:
                    23:7d:2c:44:59:ae:ec:36:66:04:56:c4:35:01:f6:
                    9d:1e:f0:d3:33:d5:39:69:37:32:f5:d7:4e:64:b4:
                    65:29:f8:f5:ba:22:0e:6c:c7:0b:1a:0b:2b:86:8f:
                    b3:24:83:3f:bf:aa:a8:4c:d1:76:5f:1c:af:f7:e7:
                    24:14:a1:ea:5f:fd:ad:ff:ef:fa:bf:c1:24:27:5d:
                    c4:08:fa:0b:17:70:e9:31:1a:4e:25:00:0c:fd:f2:
                    fe:6d:07:b0:2a:b9:c3:8d:a5:03:df:03:1c:2b:2d:
                    27:c8:89:b8:7d:52:ec:4a:93:5e:65:9b:c9:57:9f:
                    ae:f2:85:da:c7:0a:3d:27:8b:a8:a1:86:e6:75:4a:
                    c4:b6:9d:2f:50:1f:61:6b:ba:d3:75:7c:62:70:4d:
                    21:05:61:0c:06:95:65:a5:80:e9:b4:6d:2c:87:14:
                    95:4b:10:4e:11:cc:da:1e:fe:1a:6f:c8:75:0c:8c:
                    ec:4b:a7:cb:15:eb:3b:c7:67:fd:4f:7b:1c:5b:57:
                    9b:6e:2e:58:9e:68:14:57:a5:c6:8c:58:1d:72:3e:
                    96:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:3A:59:E6:FA:43:B5:07:0E:B6:23:BA:D3:52:F3:2F:46:32:31:20
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/wTpZ5vpDtQcOtiO601LzL0YyMSA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.232.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:95:45:d9:5c:ca:59:02:cb:ac:68:cf:fe:c1:66:16:52:1d:
         f6:ac:d4:c0:b7:8f:6f:8a:1e:40:10:67:4b:08:4c:c9:a9:ad:
         dc:76:b2:47:47:aa:57:80:f8:69:4e:3e:16:dd:77:4d:53:e6:
         66:2b:37:06:08:a2:a9:71:37:db:79:b1:b6:fd:81:08:c2:6a:
         4c:4e:3f:cf:aa:e1:78:bc:be:6e:de:bf:c3:bf:5b:ef:d9:b6:
         50:64:cc:d3:da:25:d2:fd:f3:6f:c3:e9:ee:2c:fa:f4:bb:79:
         0c:0d:d2:13:6c:88:c3:e0:01:fa:22:cc:25:81:9d:1f:d5:e3:
         ea:66:63:e7:bb:0a:41:cf:20:31:03:49:97:83:ac:b9:58:fc:
         53:f8:17:c5:5d:95:92:2f:70:f6:09:57:86:7f:30:dd:cd:bf:
         b9:a0:4c:9d:80:d9:a8:63:d0:d7:05:4c:7f:bb:d9:34:09:b0:
         71:73:d9:a4:81:2e:1a:c0:24:51:53:b3:f5:5c:19:47:e9:0b:
         7e:0f:a4:ef:5b:9d:31:65:51:cb:0b:a2:87:a6:b8:81:66:3b:
         84:56:34:dd:56:26:83:2a:47:c2:54:0f:2d:63:92:37:43:d8:
         18:b2:ab:be:8a:d8:3c:ee:de:6e:01:4e:4f:63:5c:7a:b2:e7:
         dd:cd:1f:49
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGk7zejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDUz
MTIyMTAxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzEzYTU5ZTZmYTQz
YjUwNzBlYjYyM2JhZDM1MmYzMmY0NjMyMzEyMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMjO5MiC1JtcJD5JFwYskgfmgBuP+XsFoAqWPkzyNm3DKa1t
dV7FfgxD2IWKI30sRFmu7DZmBFbENQH2nR7w0zPVOWk3MvXXTmS0ZSn49boiDmzH
CxoLK4aPsySDP7+qqEzRdl8cr/fnJBSh6l/9rf/v+r/BJCddxAj6Cxdw6TEaTiUA
DP3y/m0HsCq5w42lA98DHCstJ8iJuH1S7EqTXmWbyVefrvKF2scKPSeLqKGG5nVK
xLadL1AfYWu603V8YnBNIQVhDAaVZaWA6bRtLIcUlUsQThHM2h7+Gm/IdQyM7Eun
yxXrO8dn/U97HFtXm24uWJ5oFFelxoxYHXI+lpECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTBOlnm+kO1Bw62I7rTUvMvRjIxIDAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L3dUcFo1dnBEdFFjT3RpTzYwMUx6TDBZeU1TQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANXoaDANBgkqhkiG9w0BAQsFAAOC
AQEAapVF2VzKWQLLrGjP/sFmFlId9qzUwLePb4oeQBBnSwhMyamt3HayR0eqV4D4
aU4+Ft13TVPmZis3BgiiqXE323mxtv2BCMJqTE4/z6rheLy+bt6/w79b79m2UGTM
09ol0v3zb8Pp7iz69Lt5DA3SE2yIw+AB+iLMJYGdH9Xj6mZj57sKQc8gMQNJl4Os
uVj8U/gXxV2Vki9w9glXhn8w3c2/uaBMnYDZqGPQ1wVMf7vZNAmwcXPZpIEuGsAk
UVOz9VwZR+kLfg+k71udMWVRywuih6a4gWY7hFY03VYmgypHwlQPLWOSN0PYGLKr
vorYPO7ebgFOT2NcerLn3c0fSQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:46 2024 by rpki-client on console-fra.rpki-client.org