Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/a2a52c-136a-43a8-967c-f6d966ca4f07/1/WbQHUYCEp1BzDpniSa_WgGkvw4c.roa
File:                     WbQHUYCEp1BzDpniSa_WgGkvw4c.roa (raw, json)
Hash identifier:          jpWbjBMNaVYf8oXLapify8PaS0rnK1ewXo2krHFPLNU=
Subject key identifier:   59:B4:07:51:80:84:A7:50:73:0E:99:E2:49:AF:D6:80:69:2F:C3:87
Certificate issuer:       /CN=088e0321271332afc77e4c8579f0e5559cc09c50
Certificate serial:       038667BD
Authority key identifier: 08:8E:03:21:27:13:32:AF:C7:7E:4C:85:79:F0:E5:55:9C:C0:9C:50
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CI4DIScTMq_HfkyFefDlVZzAnFA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/a2a52c-136a-43a8-967c-f6d966ca4f07/1/WbQHUYCEp1BzDpniSa_WgGkvw4c.roa
Signing time:             Sat 01 Jan 2022 07:02:17 +0000
ROA not before:           Sat 01 Jan 2022 07:02:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207104
IP address blocks:        185.163.158.0/24 maxlen: 24
                          185.163.157.0/24 maxlen: 24
                          185.163.156.0/24 maxlen: 24
                          185.163.159.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 59140029 (0x38667bd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=088e0321271332afc77e4c8579f0e5559cc09c50
        Validity
            Not Before: Jan  1 07:02:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=59b407518084a750730e99e249afd680692fc387
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:9d:ce:c1:09:29:8a:df:17:3f:c2:ce:a3:17:
                    3c:0b:33:9d:a8:ca:a3:ba:9b:2a:2f:45:83:07:92:
                    c4:b4:2f:d6:8c:40:86:43:b7:30:48:51:be:af:74:
                    46:fb:a7:88:0a:ac:98:ef:93:ad:ea:31:f5:f8:47:
                    8c:3f:d7:8e:4c:0e:4c:19:cd:f5:1a:7f:54:2e:d1:
                    b2:ed:ae:4a:a9:3f:b6:d9:2f:66:a2:bc:d4:d4:94:
                    12:02:54:7b:0d:ea:da:15:c9:62:ce:3e:e0:b3:4d:
                    3b:04:6c:3a:46:75:13:ee:90:3d:d7:f5:74:3b:e2:
                    7e:a9:04:60:6a:5a:f9:50:80:ba:f5:11:94:c7:c8:
                    62:19:51:de:3c:27:37:61:0e:24:fd:07:b3:46:13:
                    07:ce:51:39:11:9d:3f:89:d6:65:13:6e:24:15:97:
                    c9:cc:09:46:12:9b:c3:3d:d6:2f:dd:7b:d8:cf:f1:
                    a5:a8:74:cf:3a:c0:b0:7a:b8:bd:fb:e5:b1:f4:e3:
                    9a:4c:20:0e:e2:aa:74:a5:29:58:d4:5b:cd:ca:c9:
                    53:ad:97:ea:47:da:37:62:ce:b1:33:27:c9:5a:cd:
                    d7:7f:f2:02:d7:8e:24:b0:b4:23:4a:39:71:53:88:
                    9d:6b:a7:44:a1:65:fb:f2:8f:66:46:3b:34:91:97:
                    cc:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:B4:07:51:80:84:A7:50:73:0E:99:E2:49:AF:D6:80:69:2F:C3:87
            X509v3 Authority Key Identifier:
                keyid:08:8E:03:21:27:13:32:AF:C7:7E:4C:85:79:F0:E5:55:9C:C0:9C:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CI4DIScTMq_HfkyFefDlVZzAnFA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/a2a52c-136a-43a8-967c-f6d966ca4f07/1/WbQHUYCEp1BzDpniSa_WgGkvw4c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/a2a52c-136a-43a8-967c-f6d966ca4f07/1/CI4DIScTMq_HfkyFefDlVZzAnFA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.163.156.0/22

    Signature Algorithm: sha256WithRSAEncryption
         78:62:3b:1a:89:12:8a:ed:f8:b6:5d:98:23:8b:68:7a:8e:42:
         45:35:e3:a7:1c:ca:46:d0:8f:c0:6d:85:7b:08:58:02:7e:a6:
         d1:9f:1c:83:02:e7:b8:55:50:e4:dc:2c:eb:4b:55:35:7a:85:
         6c:8f:a1:47:45:7b:7e:27:31:50:9e:d6:06:b6:41:5f:8d:42:
         14:b9:9b:61:19:26:3a:24:bb:9f:68:f2:67:32:ea:77:df:61:
         de:9f:2f:5b:97:74:c4:67:dc:c1:10:49:9b:72:5f:37:5c:ef:
         4d:92:5f:9a:7f:21:ad:1a:07:9c:47:cd:36:b8:0f:f9:7a:22:
         2b:12:f0:e1:77:ee:41:3c:b4:18:d4:7e:f2:bb:4e:b1:68:c1:
         04:1c:8d:d5:25:13:f4:ce:7f:c3:5d:4b:30:01:5c:64:18:84:
         bb:6c:6d:95:cc:e4:5c:98:3d:df:fa:03:fb:25:ac:ed:ad:4b:
         b1:e0:7e:d3:4f:c8:08:1c:f0:60:a9:14:3a:16:77:99:91:f8:
         83:fb:e9:58:0f:60:5a:62:cd:f7:30:e7:2d:78:ab:4d:29:fb:
         f9:ba:8d:fe:88:64:07:6c:03:26:2a:34:4b:eb:45:b2:82:2d:
         64:21:b6:60:52:da:84:fb:d2:93:cd:d6:32:a8:00:bb:18:24:
         1c:05:05:52
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA4ZnvTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ODhlMDMyMTI3MTMzMmFmYzc3ZTRjODU3OWYwZTU1NTljYzA5YzUwMB4XDTIyMDEw
MTA3MDIxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTliNDA3NTE4MDg0
YTc1MDczMGU5OWUyNDlhZmQ2ODA2OTJmYzM4NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMCdzsEJKYrfFz/CzqMXPAsznajKo7qbKi9FgweSxLQv1oxA
hkO3MEhRvq90RvuniAqsmO+Treox9fhHjD/XjkwOTBnN9Rp/VC7Rsu2uSqk/ttkv
ZqK81NSUEgJUew3q2hXJYs4+4LNNOwRsOkZ1E+6QPdf1dDvifqkEYGpa+VCAuvUR
lMfIYhlR3jwnN2EOJP0Hs0YTB85RORGdP4nWZRNuJBWXycwJRhKbwz3WL9172M/x
pah0zzrAsHq4vfvlsfTjmkwgDuKqdKUpWNRbzcrJU62X6kfaN2LOsTMnyVrN13/y
AteOJLC0I0o5cVOInWunRKFl+/KPZkY7NJGXzLMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRZtAdRgISnUHMOmeJJr9aAaS/DhzAfBgNVHSMEGDAWgBQIjgMhJxMyr8d+
TIV58OVVnMCcUDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NJNERJU2NUTXFfSGZreUZlZkRsVlp6QW5GQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvYTJhNTJjLTEzNmEtNDNhOC05NjdjLWY2ZDk2NmNhNGYwNy8x
L1diUUhVWUNFcDFCekRwbmlTYV9XZ0drdnc0Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
YTJhNTJjLTEzNmEtNDNhOC05NjdjLWY2ZDk2NmNhNGYwNy8xL0NJNERJU2NUTXFf
SGZreUZlZkRsVlp6QW5GQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmjnDANBgkqhkiG9w0BAQsFAAOC
AQEAeGI7GokSiu34tl2YI4toeo5CRTXjpxzKRtCPwG2FewhYAn6m0Z8cgwLnuFVQ
5Nws60tVNXqFbI+hR0V7ficxUJ7WBrZBX41CFLmbYRkmOiS7n2jyZzLqd99h3p8v
W5d0xGfcwRBJm3JfN1zvTZJfmn8hrRoHnEfNNrgP+XoiKxLw4XfuQTy0GNR+8rtO
sWjBBByN1SUT9M5/w11LMAFcZBiEu2xtlczkXJg93/oD+yWs7a1LseB+00/ICBzw
YKkUOhZ3mZH4g/vpWA9gWmLN9zDnLXirTSn7+bqN/ohkB2wDJio0S+tFsoItZCG2
YFLahPvSk83WMqgAuxgkHAUFUg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:48 2024 by rpki-client on console-fra.rpki-client.org