Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/WXKbFI1BQwFshvmYFLlqX0_oJmQ.roa
File:                     WXKbFI1BQwFshvmYFLlqX0_oJmQ.roa (raw, json)
Hash identifier:          K/wxaDAj/hDhVs+gvPaRB+Af7u/RJ4rbkGBfQnRxKz4=
Subject key identifier:   59:72:9B:14:8D:41:43:01:6C:86:F9:98:14:B9:6A:5F:4F:E8:26:64
Certificate issuer:       /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial:       0181CFE0DA71ACA7EA8EC81A0E87D816253F
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/WXKbFI1BQwFshvmYFLlqX0_oJmQ.roa
Signing time:             Tue 05 Jul 2022 19:40:28 +0000
ROA not before:           Tue 05 Jul 2022 19:40:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207326
IP address blocks:        217.25.3.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:cf:e0:da:71:ac:a7:ea:8e:c8:1a:0e:87:d8:16:25:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
        Validity
            Not Before: Jul  5 19:40:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=59729b148d4143016c86f99814b96a5f4fe82664
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:c6:a2:fc:f0:6f:93:37:17:b0:ef:c3:c4:1e:
                    63:53:17:ca:1f:cc:e8:5b:ec:19:c7:f8:7d:3f:40:
                    6b:f9:d5:7b:e5:2a:04:a5:9e:ab:10:be:cb:30:5d:
                    36:70:4f:a1:ef:40:2f:1e:af:39:ff:8f:61:d6:a1:
                    d8:83:96:00:96:e3:1b:8a:a6:a6:9f:f1:d8:e4:cc:
                    cd:9b:a9:56:19:8d:f8:5b:88:44:97:31:49:94:c8:
                    3f:93:23:9a:52:80:06:6a:84:4f:93:25:72:20:84:
                    93:b7:c2:c5:f7:c7:f5:de:96:62:c5:ee:b6:28:e5:
                    4b:3c:73:d2:7c:08:bb:47:37:2a:8a:0f:39:36:b5:
                    17:7d:ca:6f:7d:35:5c:89:7f:6f:4a:36:56:75:2b:
                    33:90:4b:2f:aa:c8:08:b5:89:d3:9c:24:50:96:03:
                    28:fc:69:94:6e:d7:2d:56:40:de:c3:11:d0:9e:55:
                    41:f9:73:95:38:88:63:11:df:99:e4:75:04:76:20:
                    62:52:dd:22:5a:37:5d:78:a5:ee:dd:d7:42:73:f6:
                    e4:88:94:38:5a:c3:c5:de:d3:5f:77:98:63:23:9c:
                    9d:db:a6:01:af:85:af:a8:48:af:17:84:a4:32:37:
                    5e:14:01:0f:8d:e8:d3:b9:2b:3b:44:85:bb:14:fa:
                    35:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:72:9B:14:8D:41:43:01:6C:86:F9:98:14:B9:6A:5F:4F:E8:26:64
            X509v3 Authority Key Identifier:
                keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/WXKbFI1BQwFshvmYFLlqX0_oJmQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.25.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:ef:58:da:25:99:3a:0f:10:a6:5d:21:57:4a:32:cb:8c:a2:
         00:d9:b1:c3:cc:79:26:20:1d:15:4d:f8:89:68:4b:5f:7e:b7:
         47:8b:a6:5d:be:60:5b:8e:2c:31:29:41:3e:7c:66:ff:a1:74:
         94:41:db:43:d3:2d:6e:a7:79:00:5d:ef:a2:60:c1:fe:2f:37:
         98:b3:1c:cb:ab:5c:07:23:7e:41:54:3b:1f:4c:9b:f4:56:c7:
         b3:07:b4:d2:84:0b:40:48:2b:e7:67:78:ae:28:1f:5c:f5:c9:
         86:eb:8d:0e:91:7a:15:49:0e:d1:be:97:44:37:d6:8c:0e:9d:
         58:ef:68:36:fb:93:a7:2f:bb:79:e2:01:3b:1e:c7:a0:0d:78:
         ce:b5:e5:71:15:2d:d2:3e:77:93:8b:85:fc:ff:5c:a7:72:e6:
         79:73:ef:2e:ae:cb:e4:18:16:19:6d:d3:e4:72:3e:34:35:b3:
         f6:09:be:85:29:e2:64:61:69:a3:c0:d8:82:76:96:4b:13:f8:
         9e:14:90:4c:9e:6a:9c:bd:93:ec:79:1f:50:8e:19:1d:e5:8f:
         9d:9e:e5:71:b1:c6:02:04:73:7c:cf:9c:d8:1a:70:31:78:02:
         64:6a:2d:13:ff:d9:a7:56:37:45:43:83:51:28:da:93:8c:4c:
         54:ad:ee:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHP4NpxrKfqjsgaDofYFiU/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjIwNzA1MTk0MDI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTcyOWIxNDhkNDE0MzAxNmM4NmY5OTgxNGI5NmE1ZjRmZTgyNjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsai/PBvkzcXsO/DxB5jUxfKH8zo
W+wZx/h9P0Br+dV75SoEpZ6rEL7LMF02cE+h70AvHq85/49h1qHYg5YAluMbiqam
n/HY5MzNm6lWGY34W4hElzFJlMg/kyOaUoAGaoRPkyVyIISTt8LF98f13pZixe62
KOVLPHPSfAi7Rzcqig85NrUXfcpvfTVciX9vSjZWdSszkEsvqsgItYnTnCRQlgMo
/GmUbtctVkDewxHQnlVB+XOVOIhjEd+Z5HUEdiBiUt0iWjddeKXu3ddCc/bkiJQ4
WsPF3tNfd5hjI5yd26YBr4WvqEivF4SkMjdeFAEPjejTuSs7RIW7FPo10QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFlymxSNQUMBbIb5mBS5al9P6CZkMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvV1hLYkZJMUJRd0ZzaHZtWUZMbHFYMF9vSm1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RkDMA0G
CSqGSIb3DQEBCwUAA4IBAQBF71jaJZk6DxCmXSFXSjLLjKIA2bHDzHkmIB0VTfiJ
aEtffrdHi6ZdvmBbjiwxKUE+fGb/oXSUQdtD0y1up3kAXe+iYMH+LzeYsxzLq1wH
I35BVDsfTJv0VsezB7TShAtASCvnZ3iuKB9c9cmG640OkXoVSQ7RvpdEN9aMDp1Y
72g2+5OnL7t54gE7HsegDXjOteVxFS3SPneTi4X8/1yncuZ5c+8ursvkGBYZbdPk
cj40NbP2Cb6FKeJkYWmjwNiCdpZLE/ieFJBMnmqcvZPseR9Qjhkd5Y+dnuVxscYC
BHN8z5zYGnAxeAJkai0T/9mnVjdFQ4NRKNqTjExUre6r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:04 2024 by rpki-client on console-fra.rpki-client.org