Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/309d36-c420-4321-9540-f3df673ea58c/1/wa0RxNG_Qtw86JC_j1NpIAEB9cA.roa
File:                     wa0RxNG_Qtw86JC_j1NpIAEB9cA.roa (raw, json)
Hash identifier:          31L/9pgQ0FGzATstlSGMunOiLUiVJODFj/fGjGFk8rs=
Subject key identifier:   C1:AD:11:C4:D1:BF:42:DC:3C:E8:90:BF:8F:53:69:20:01:01:F5:C0
Certificate issuer:       /CN=4d1527d1839bf830360d71590134354e6d904697
Certificate serial:       08AFB076
Authority key identifier: 4D:15:27:D1:83:9B:F8:30:36:0D:71:59:01:34:35:4E:6D:90:46:97
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TRUn0YOb-DA2DXFZATQ1Tm2QRpc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/309d36-c420-4321-9540-f3df673ea58c/1/wa0RxNG_Qtw86JC_j1NpIAEB9cA.roa
Signing time:             Thu 30 Jun 2022 08:36:02 +0000
ROA not before:           Thu 30 Jun 2022 08:36:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     197033
IP address blocks:        193.34.35.0/24 maxlen: 24
                          193.34.32.0/22 maxlen: 22
                          91.224.230.0/23 maxlen: 23
                          185.97.204.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 145731702 (0x8afb076)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d1527d1839bf830360d71590134354e6d904697
        Validity
            Not Before: Jun 30 08:36:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c1ad11c4d1bf42dc3ce890bf8f5369200101f5c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:8b:c6:a6:4f:d5:25:f4:ae:d2:d0:b8:ce:0a:
                    07:80:6a:0f:8c:79:c0:b7:ec:78:33:6f:75:e8:60:
                    ba:7c:8b:fe:87:a1:bd:e0:e4:1a:f2:07:f9:c6:12:
                    90:b9:88:8c:75:52:91:03:2e:64:85:e7:a2:da:c5:
                    5d:b4:8a:75:a8:37:5c:32:a5:e8:71:42:3d:7e:75:
                    a4:1d:6b:da:3f:ca:a5:e9:31:0b:15:33:db:e7:aa:
                    76:ed:39:76:5d:84:0e:73:4f:c6:31:bd:0e:e1:a4:
                    45:21:59:79:72:09:d8:c7:6b:ed:b6:0e:33:ba:cb:
                    4e:66:c5:4d:21:a6:b0:81:2f:41:cf:63:8b:c9:d0:
                    a7:f0:ae:3e:45:d6:82:f8:09:fa:e1:77:f1:f1:1c:
                    4a:1f:31:73:41:1d:68:7e:16:f5:fe:3a:1f:19:0e:
                    dc:a3:40:ac:9f:fa:09:8a:f3:6d:7e:d5:73:db:e0:
                    31:91:c3:09:ad:df:69:4d:3e:8e:63:da:54:ac:9e:
                    2e:be:c0:87:d7:15:70:fb:84:90:55:f7:fc:42:eb:
                    ab:cf:62:e7:4a:67:87:18:ba:e1:b8:94:d5:c9:27:
                    59:8e:ac:5d:ed:3e:be:9d:01:83:13:8a:6e:ec:b9:
                    ae:e6:b0:92:1a:20:03:85:cc:ba:78:e7:88:71:ac:
                    b1:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:AD:11:C4:D1:BF:42:DC:3C:E8:90:BF:8F:53:69:20:01:01:F5:C0
            X509v3 Authority Key Identifier:
                keyid:4D:15:27:D1:83:9B:F8:30:36:0D:71:59:01:34:35:4E:6D:90:46:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TRUn0YOb-DA2DXFZATQ1Tm2QRpc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/309d36-c420-4321-9540-f3df673ea58c/1/wa0RxNG_Qtw86JC_j1NpIAEB9cA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/309d36-c420-4321-9540-f3df673ea58c/1/TRUn0YOb-DA2DXFZATQ1Tm2QRpc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.224.230.0/23
                  185.97.204.0/22
                  193.34.32.0/22

    Signature Algorithm: sha256WithRSAEncryption
         98:5e:0e:8a:ac:0b:a0:80:72:78:d8:ea:8f:80:3a:7a:3a:59:
         5f:94:86:b2:5d:e4:f8:dc:28:b9:ce:7b:b1:2b:1b:92:6d:15:
         f8:8d:6e:69:22:a1:e6:cf:e8:df:1e:00:8d:b0:7b:98:4e:25:
         5f:c9:30:86:7e:cf:21:94:f4:20:9b:f0:8f:e6:07:a6:56:20:
         75:b9:64:89:dd:4b:99:6e:26:cc:0f:a0:0d:90:56:2a:05:7c:
         b4:e8:5e:cf:7a:5f:7a:a4:08:0c:9b:42:5b:1b:74:04:89:38:
         48:ca:8f:78:cf:bf:76:fe:9a:a7:69:0f:7c:2c:fe:99:42:ca:
         33:d9:a4:bf:df:54:df:41:0a:98:c3:49:98:0f:67:e9:f1:d0:
         7a:0f:05:d0:22:35:ac:e5:ef:17:c2:80:d8:d6:3b:46:fa:c7:
         c0:40:66:b1:e8:10:c0:dd:bc:92:57:35:8e:71:ab:26:81:68:
         c7:b3:eb:a8:d8:26:4e:ca:ba:f0:4e:4a:4f:4c:bc:d0:a0:89:
         12:70:d7:e9:a8:3e:de:56:cb:92:db:96:b5:c3:c5:1d:4d:42:
         bf:c1:6d:dd:c8:66:20:27:f0:a9:e7:c2:6f:a6:fb:47:c4:06:
         77:d4:9f:1b:cf:cc:31:07:6a:c0:4a:eb:13:3a:8e:64:fe:98:
         e5:a9:56:59
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECK+wdjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZDE1MjdkMTgzOWJmODMwMzYwZDcxNTkwMTM0MzU0ZTZkOTA0Njk3MB4XDTIyMDYz
MDA4MzYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzFhZDExYzRkMWJm
NDJkYzNjZTg5MGJmOGY1MzY5MjAwMTAxZjVjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKqLxqZP1SX0rtLQuM4KB4BqD4x5wLfseDNvdehgunyL/oeh
veDkGvIH+cYSkLmIjHVSkQMuZIXnotrFXbSKdag3XDKl6HFCPX51pB1r2j/Kpekx
CxUz2+eqdu05dl2EDnNPxjG9DuGkRSFZeXIJ2Mdr7bYOM7rLTmbFTSGmsIEvQc9j
i8nQp/CuPkXWgvgJ+uF38fEcSh8xc0EdaH4W9f46HxkO3KNArJ/6CYrzbX7Vc9vg
MZHDCa3faU0+jmPaVKyeLr7Ah9cVcPuEkFX3/ELrq89i50pnhxi64biU1cknWY6s
Xe0+vp0BgxOKbuy5ruawkhogA4XMunjniHGssdkCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTBrRHE0b9C3DzokL+PU2kgAQH1wDAfBgNVHSMEGDAWgBRNFSfRg5v4MDYN
cVkBNDVObZBGlzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RSVW4wWU9iLURBMkRYRlpBVFExVG0yUVJwYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTMvMzA5ZDM2LWM0MjAtNDMyMS05NTQwLWYzZGY2NzNlYTU4Yy8x
L3dhMFJ4TkdfUXR3ODZKQ19qMU5wSUFFQjljQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTMv
MzA5ZDM2LWM0MjAtNDMyMS05NTQwLWYzZGY2NzNlYTU4Yy8xL1RSVW4wWU9iLURB
MkRYRlpBVFExVG0yUVJwYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAVvg5gMEArlhzAMEAsEiIDANBgkq
hkiG9w0BAQsFAAOCAQEAmF4OiqwLoIByeNjqj4A6ejpZX5SGsl3k+Nwouc57sSsb
km0V+I1uaSKh5s/o3x4AjbB7mE4lX8kwhn7PIZT0IJvwj+YHplYgdblkid1LmW4m
zA+gDZBWKgV8tOhez3pfeqQIDJtCWxt0BIk4SMqPeM+/dv6ap2kPfCz+mULKM9mk
v99U30EKmMNJmA9n6fHQeg8F0CI1rOXvF8KA2NY7RvrHwEBmsegQwN28klc1jnGr
JoFox7PrqNgmTsq68E5KT0y80KCJEnDX6ag+3lbLktuWtcPFHU1Cv8Ft3chmICfw
qefCb6b7R8QGd9SfG8/MMQdqwErrEzqOZP6Y5alWWQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:16 2024 by rpki-client on console-fra.rpki-client.org