Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/b24786-e777-4b2f-9d81-5a7bfb3cd08b/1/RW-wKIALwGZoj7ts7EXrgm5AZt0.roa
File:                     RW-wKIALwGZoj7ts7EXrgm5AZt0.roa (raw, json)
Hash identifier:          m6dW8igKB7pr05q5SeMB2M/CPgwvVWZucVw/IdONkqY=
Subject key identifier:   45:6F:B0:28:80:0B:C0:66:68:8F:BB:6C:EC:45:EB:82:6E:40:66:DD
Certificate issuer:       /CN=b9aa01ab3526b8ebb8afb17b98a7127f0f54ca45
Certificate serial:       045ABC9A
Authority key identifier: B9:AA:01:AB:35:26:B8:EB:B8:AF:B1:7B:98:A7:12:7F:0F:54:CA:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uaoBqzUmuOu4r7F7mKcSfw9UykU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/b24786-e777-4b2f-9d81-5a7bfb3cd08b/1/RW-wKIALwGZoj7ts7EXrgm5AZt0.roa
Signing time:             Sat 01 Jan 2022 04:58:25 +0000
ROA not before:           Sat 01 Jan 2022 04:58:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     197060
IP address blocks:        91.216.86.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 73055386 (0x45abc9a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9aa01ab3526b8ebb8afb17b98a7127f0f54ca45
        Validity
            Not Before: Jan  1 04:58:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=456fb028800bc066688fbb6cec45eb826e4066dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:b1:44:15:df:7a:54:f3:10:40:bb:ee:ec:e3:
                    20:f7:34:96:2a:a2:78:30:38:d6:b5:14:b6:19:0d:
                    c7:c0:ca:ec:ed:55:2f:aa:6c:b9:62:dd:e6:5f:a2:
                    33:b6:f0:3d:20:ac:9c:19:3e:8d:62:ac:93:ca:e0:
                    e5:b0:c9:01:bb:6c:3e:ba:b2:b5:6f:7f:d2:a4:67:
                    2f:89:4a:85:0a:3e:49:13:b6:3c:a3:ff:cd:96:68:
                    0c:e9:95:b9:51:b9:cb:3a:3f:5f:ad:a2:ce:db:1b:
                    b8:53:f4:a0:83:c1:65:2f:2b:17:fe:9b:55:6e:f8:
                    76:ab:13:73:a5:f5:d2:bd:b6:8a:3f:a8:44:e1:88:
                    0b:dd:cf:af:18:b1:fc:47:18:b5:d9:4d:13:40:6f:
                    c8:64:cf:9c:7e:c3:b7:98:66:43:8d:ea:3d:8b:64:
                    1f:e7:f3:57:95:1d:16:cd:e5:b5:7a:6b:8b:a9:45:
                    a9:13:18:c4:aa:3a:9b:36:c0:f4:93:12:86:46:20:
                    4f:59:15:93:8c:7e:d6:be:ee:25:c7:65:aa:dd:ba:
                    36:e3:91:b3:6b:ba:13:43:0c:05:68:24:c1:5b:80:
                    d3:4f:0c:2f:0e:87:be:43:99:10:44:0e:6d:71:41:
                    f8:f5:2c:41:7d:14:aa:70:dc:25:04:f8:ee:6c:1f:
                    24:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:6F:B0:28:80:0B:C0:66:68:8F:BB:6C:EC:45:EB:82:6E:40:66:DD
            X509v3 Authority Key Identifier:
                keyid:B9:AA:01:AB:35:26:B8:EB:B8:AF:B1:7B:98:A7:12:7F:0F:54:CA:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uaoBqzUmuOu4r7F7mKcSfw9UykU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/b24786-e777-4b2f-9d81-5a7bfb3cd08b/1/RW-wKIALwGZoj7ts7EXrgm5AZt0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/b24786-e777-4b2f-9d81-5a7bfb3cd08b/1/uaoBqzUmuOu4r7F7mKcSfw9UykU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.216.86.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:07:3e:30:a1:44:0c:96:c9:47:c8:c6:95:96:04:fc:ca:f1:
         b1:f5:98:98:ab:95:33:56:f9:fd:5e:4a:58:79:50:0a:cd:c5:
         f8:f5:19:a8:05:c6:27:7f:81:8a:ac:ae:fe:20:4f:14:95:9a:
         ba:a0:d2:3b:74:49:5c:49:a9:6b:7e:d8:a1:b1:ce:bc:9d:82:
         1a:8d:cd:3b:c4:8f:72:6e:2a:13:85:f8:a1:0c:ef:b7:a8:01:
         a4:6c:49:82:0e:f1:bd:fb:46:26:d3:58:49:b8:2f:29:4d:ad:
         2f:29:a3:4c:d7:bb:ea:19:55:85:4a:70:34:48:a9:10:9c:82:
         90:c8:d3:b5:34:91:0c:4b:41:3a:45:18:de:dc:5c:72:a7:68:
         28:8d:35:b0:ec:dd:d4:52:48:36:82:4e:c3:92:78:ff:9c:de:
         39:fb:b5:9f:0e:d5:a1:10:3b:1b:a7:02:58:6a:85:a1:a0:30:
         70:44:f2:93:67:88:f5:d3:dc:d9:fc:cf:43:fc:4b:49:a3:63:
         d0:88:6b:0b:31:a2:ac:06:fd:9e:fb:19:0b:9a:f0:6b:93:bd:
         aa:d1:24:5d:4b:a8:45:97:24:c9:d7:69:6d:d0:72:4e:11:79:
         7d:d2:ce:ab:23:6d:fd:3f:77:c6:b8:9f:3b:d2:f5:cb:c3:b0:
         35:38:c0:f5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBFq8mjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OWFhMDFhYjM1MjZiOGViYjhhZmIxN2I5OGE3MTI3ZjBmNTRjYTQ1MB4XDTIyMDEw
MTA0NTgyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDU2ZmIwMjg4MDBi
YzA2NjY4OGZiYjZjZWM0NWViODI2ZTQwNjZkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALixRBXfelTzEEC77uzjIPc0liqieDA41rUUthkNx8DK7O1V
L6psuWLd5l+iM7bwPSCsnBk+jWKsk8rg5bDJAbtsPrqytW9/0qRnL4lKhQo+SRO2
PKP/zZZoDOmVuVG5yzo/X62iztsbuFP0oIPBZS8rF/6bVW74dqsTc6X10r22ij+o
ROGIC93Prxix/EcYtdlNE0BvyGTPnH7Dt5hmQ43qPYtkH+fzV5UdFs3ltXpri6lF
qRMYxKo6mzbA9JMShkYgT1kVk4x+1r7uJcdlqt26NuORs2u6E0MMBWgkwVuA008M
Lw6HvkOZEEQObXFB+PUsQX0UqnDcJQT47mwfJHUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRFb7AogAvAZmiPu2zsReuCbkBm3TAfBgNVHSMEGDAWgBS5qgGrNSa467iv
sXuYpxJ/D1TKRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Vhb0JxelVtdU91NHI3RjdtS2NTZnc5VXlrVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjUvYjI0Nzg2LWU3NzctNGIyZi05ZDgxLTVhN2JmYjNjZDA4Yi8x
L1JXLXdLSUFMd0dab2o3dHM3RVhyZ201QVp0MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjUv
YjI0Nzg2LWU3NzctNGIyZi05ZDgxLTVhN2JmYjNjZDA4Yi8xL3Vhb0JxelVtdU91
NHI3RjdtS2NTZnc5VXlrVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvYVjANBgkqhkiG9w0BAQsFAAOC
AQEAAgc+MKFEDJbJR8jGlZYE/MrxsfWYmKuVM1b5/V5KWHlQCs3F+PUZqAXGJ3+B
iqyu/iBPFJWauqDSO3RJXEmpa37YobHOvJ2CGo3NO8SPcm4qE4X4oQzvt6gBpGxJ
gg7xvftGJtNYSbgvKU2tLymjTNe76hlVhUpwNEipEJyCkMjTtTSRDEtBOkUY3txc
cqdoKI01sOzd1FJINoJOw5J4/5zeOfu1nw7VoRA7G6cCWGqFoaAwcETyk2eI9dPc
2fzPQ/xLSaNj0IhrCzGirAb9nvsZC5rwa5O9qtEkXUuoRZckyddpbdByThF5fdLO
qyNt/T93xrifO9L1y8OwNTjA9Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:49 2024 by rpki-client on console-fra.rpki-client.org