Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/wWTMs1vlarAT788ugzylr77DHKI.roa
File:                     wWTMs1vlarAT788ugzylr77DHKI.roa (raw, json)
Hash identifier:          OoxsziQ9USoo5KuS1KEw6ErqXvtFiAEkmxqKOPc72jk=
Subject key identifier:   C1:64:CC:B3:5B:E5:6A:B0:13:EF:CF:2E:83:3C:A5:AF:BE:C3:1C:A2
Certificate issuer:       /CN=dd640339e59addc75fd978101b40082b5d2b8796
Certificate serial:       2DC880
Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/wWTMs1vlarAT788ugzylr77DHKI.roa
Signing time:             Fri 25 Feb 2022 05:25:51 +0000
ROA not before:           Fri 25 Feb 2022 05:25:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44592
IP address blocks:        185.191.144.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3000448 (0x2dc880)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796
        Validity
            Not Before: Feb 25 05:25:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c164ccb35be56ab013efcf2e833ca5afbec31ca2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:40:e3:20:0c:10:d9:6b:7f:4a:fe:d7:fe:03:
                    98:e3:57:9a:3e:0d:3e:8a:47:f3:e5:68:43:d0:c8:
                    95:88:33:17:54:8a:6c:32:69:c3:f9:7c:51:61:54:
                    06:47:69:43:39:97:43:45:e9:95:99:f4:2c:8c:28:
                    3c:c3:d7:fa:1c:3c:17:59:f4:a5:60:19:af:03:f2:
                    87:3c:74:27:53:5c:5d:6c:1e:e7:32:19:78:60:7f:
                    b9:4e:0d:fa:43:f5:42:0f:b3:b3:7e:a5:23:f4:db:
                    4b:48:46:ef:86:69:8d:94:70:8e:59:84:33:23:a0:
                    c6:84:9c:2e:3a:40:7a:1e:91:83:79:24:5b:04:b5:
                    86:7e:0f:ce:91:9e:5d:aa:25:8d:2f:be:55:fa:b4:
                    73:1e:e1:83:9f:1e:9d:bc:ed:f0:7d:7f:4d:03:d9:
                    4d:9f:d3:b7:08:cb:ff:92:85:70:50:fa:ac:fd:c3:
                    7a:68:7f:35:0d:87:ae:bc:98:e9:be:ad:1e:7c:a5:
                    61:db:28:09:8a:42:4a:76:4f:f4:1e:6f:78:1f:46:
                    71:12:73:fc:d8:84:69:33:d5:6f:2f:60:02:ab:d7:
                    d0:51:0a:05:ce:a7:c8:da:a2:c3:1a:f7:14:9d:f6:
                    2a:75:85:0d:98:53:02:50:07:b8:1b:ca:97:21:36:
                    66:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:64:CC:B3:5B:E5:6A:B0:13:EF:CF:2E:83:3C:A5:AF:BE:C3:1C:A2
            X509v3 Authority Key Identifier:
                keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/wWTMs1vlarAT788ugzylr77DHKI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.191.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:c9:44:5a:fc:5b:c9:d3:47:b0:68:e5:1e:1e:58:67:ba:82:
         0c:d8:95:9a:40:20:94:26:c7:60:07:8d:26:2a:63:75:f6:14:
         1c:57:87:5a:ba:b9:f6:45:76:fb:5e:a1:a6:ca:ae:96:10:76:
         83:9c:65:57:41:a9:76:bb:db:4b:27:2f:3e:15:28:a6:c6:c3:
         ad:24:44:00:41:57:fb:f5:e7:f4:29:20:b5:01:c9:2d:c8:2b:
         f0:36:18:5b:0a:cb:63:51:ff:60:03:e6:84:69:0c:f8:e5:4e:
         46:37:64:b3:c5:e4:d6:49:9f:99:38:2e:5e:1a:db:c7:57:f0:
         ba:bb:75:7f:03:5d:bd:0d:58:0f:0f:30:9e:27:46:ef:99:d6:
         3b:ee:0a:ac:f9:73:2d:54:16:a1:b2:3c:ab:0e:ce:ce:0a:a2:
         7b:54:91:b1:49:44:44:00:f0:8e:3a:01:4a:40:92:a7:5e:3e:
         cc:44:f7:4d:3d:8c:0f:ec:17:fb:45:2c:70:ee:a4:0d:f8:dc:
         db:c2:b9:37:f2:8d:9e:bb:4a:5c:17:fd:2c:13:3c:1a:69:a6:
         b6:b5:7e:7b:29:19:8b:44:e5:aa:33:f4:d8:b0:13:e7:97:bb:
         11:b2:05:58:df:49:c1:9f:fd:fa:70:62:d3:27:82:75:94:26:
         22:d0:e1:22
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDLciAMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGRk
NjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQyYjg3OTYwHhcNMjIwMjI1
MDUyNTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjMTY0Y2NiMzViZTU2
YWIwMTNlZmNmMmU4MzNjYTVhZmJlYzMxY2EyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqEDjIAwQ2Wt/Sv7X/gOY41eaPg0+ikfz5WhD0MiViDMXVIps
MmnD+XxRYVQGR2lDOZdDRemVmfQsjCg8w9f6HDwXWfSlYBmvA/KHPHQnU1xdbB7n
Mhl4YH+5Tg36Q/VCD7OzfqUj9NtLSEbvhmmNlHCOWYQzI6DGhJwuOkB6HpGDeSRb
BLWGfg/OkZ5dqiWNL75V+rRzHuGDnx6dvO3wfX9NA9lNn9O3CMv/koVwUPqs/cN6
aH81DYeuvJjpvq0efKVh2ygJikJKdk/0Hm94H0ZxEnP82IRpM9VvL2ACq9fQUQoF
zqfI2qLDGvcUnfYqdYUNmFMCUAe4G8qXITZmcQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFMFkzLNb5WqwE+/PLoM8pa++wxyiMB8GA1UdIwQYMBaAFN1kAznlmt3HX9l4
EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
M1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRiLzEv
d1dUTXMxdmxhckFUNzg4dWd6eWxyNzdESEtJLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83
NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRiLzEvM1dRRE9lV2EzY2Rm
MlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub+QMA0GCSqGSIb3DQEBCwUAA4IB
AQCLyURa/FvJ00ewaOUeHlhnuoIM2JWaQCCUJsdgB40mKmN19hQcV4daurn2RXb7
XqGmyq6WEHaDnGVXQal2u9tLJy8+FSimxsOtJEQAQVf79ef0KSC1AcktyCvwNhhb
CstjUf9gA+aEaQz45U5GN2SzxeTWSZ+ZOC5eGtvHV/C6u3V/A129DVgPDzCeJ0bv
mdY77gqs+XMtVBahsjyrDs7OCqJ7VJGxSUREAPCOOgFKQJKnXj7MRPdNPYwP7Bf7
RSxw7qQN+Nzbwrk38o2eu0pcF/0sEzwaaaa2tX57KRmLROWqM/TYsBPnl7sRsgVY
30nBn/36cGLTJ4J1lCYi0OEi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:09 2024 by rpki-client on console-fra.rpki-client.org