Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/wKNwTOX3T5jCDnQjwVqFyCM4YaY.roa
File:                     wKNwTOX3T5jCDnQjwVqFyCM4YaY.roa (raw, json)
Hash identifier:          /h8QYqKNepK0y1W4JEN0MvFhnMJ/x2EdsSYcqbZZS2s=
Subject key identifier:   C0:A3:70:4C:E5:F7:4F:98:C2:0E:74:23:C1:5A:85:C8:23:38:61:A6
Certificate issuer:       /CN=2874e46bf636ea63e5d12362f551b80b27714780
Certificate serial:       0181EE9E7108EDAD1997AC064EF813E42527
Authority key identifier: 28:74:E4:6B:F6:36:EA:63:E5:D1:23:62:F5:51:B8:0B:27:71:47:80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KHTka_Y26mPl0SNi9VG4CydxR4A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/wKNwTOX3T5jCDnQjwVqFyCM4YaY.roa
Signing time:             Mon 11 Jul 2022 18:56:09 +0000
ROA not before:           Mon 11 Jul 2022 18:56:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203875
IP address blocks:        2a00:4cc5::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:ee:9e:71:08:ed:ad:19:97:ac:06:4e:f8:13:e4:25:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2874e46bf636ea63e5d12362f551b80b27714780
        Validity
            Not Before: Jul 11 18:56:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c0a3704ce5f74f98c20e7423c15a85c8233861a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:f9:c2:3f:ac:96:21:36:24:f6:8f:f2:ad:18:
                    fa:d6:ae:72:49:c1:a4:fd:c5:0f:1e:3c:05:1a:c8:
                    27:03:6d:90:f0:f5:5c:46:6b:8e:ff:da:cf:f9:f6:
                    47:43:0f:e6:f7:75:f5:c0:37:f4:e6:d8:22:e9:1c:
                    5b:8e:90:ee:7a:64:83:6d:d1:b7:94:87:5a:1e:20:
                    0c:a5:58:61:f3:0f:a5:d3:27:c3:06:f3:fc:b9:01:
                    59:e2:5d:92:3f:f0:b3:82:14:f9:34:85:47:78:46:
                    82:1a:e5:2f:5b:1b:8f:f9:4e:00:28:84:98:a1:05:
                    0a:7d:32:28:6a:1d:b0:62:7d:f4:90:9e:88:a6:e7:
                    28:4a:ae:1d:ee:74:77:46:d0:90:3b:f2:6a:8a:94:
                    a9:4b:59:da:91:64:e2:a0:a1:f9:ee:85:e4:60:e5:
                    5e:72:3a:54:4a:03:ba:82:09:9c:36:cb:67:f7:ea:
                    93:20:4c:90:96:42:f1:1d:96:94:27:90:a1:cb:c5:
                    07:aa:23:17:45:ce:b1:ea:21:4c:09:cb:6e:77:ce:
                    a9:a3:26:89:9d:e9:56:bd:8c:f4:98:ba:62:2a:0a:
                    42:52:84:a7:f2:2c:06:c3:a8:34:91:02:f6:9c:2b:
                    ce:3c:89:97:ff:28:02:7f:d2:36:ad:75:bd:0a:4c:
                    05:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:A3:70:4C:E5:F7:4F:98:C2:0E:74:23:C1:5A:85:C8:23:38:61:A6
            X509v3 Authority Key Identifier:
                keyid:28:74:E4:6B:F6:36:EA:63:E5:D1:23:62:F5:51:B8:0B:27:71:47:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KHTka_Y26mPl0SNi9VG4CydxR4A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/wKNwTOX3T5jCDnQjwVqFyCM4YaY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/KHTka_Y26mPl0SNi9VG4CydxR4A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:4cc5::/32

    Signature Algorithm: sha256WithRSAEncryption
         0e:2d:b4:e9:30:bb:f1:85:3a:09:14:e4:01:73:88:ca:51:b7:
         e0:3c:60:7f:62:c0:87:e2:e4:12:b7:0c:8e:3b:d2:42:b5:99:
         e4:62:ba:97:a0:7f:39:f9:d1:5f:d9:04:56:9a:1a:fa:e3:46:
         29:94:da:d4:b8:6d:47:7c:cf:8c:21:bc:f8:9a:cd:c0:4c:c2:
         76:75:2b:fd:49:51:ed:87:7d:19:71:cb:df:f1:67:39:93:de:
         b0:34:43:aa:59:0b:26:67:76:e1:44:7e:b7:87:7a:17:e3:e4:
         41:1b:94:2c:8b:a6:29:32:b0:16:cf:14:fd:f6:54:2f:8b:2f:
         67:bc:ac:9a:64:7f:7b:76:b5:18:29:6f:be:47:93:5e:0f:b5:
         44:fa:7c:34:a2:58:07:66:be:0c:b5:26:16:18:0d:08:ce:3f:
         2b:3b:50:19:31:ba:ee:d0:67:6f:3d:b8:9f:c4:83:e7:6d:5d:
         d0:c5:dd:5b:25:aa:bc:66:f8:42:38:97:82:05:18:09:ed:f1:
         f6:0e:64:3b:c0:d7:1e:cc:ef:8b:80:42:c7:02:0c:77:d5:65:
         7f:1c:2d:07:ab:13:29:e5:84:2f:72:9d:83:ab:98:98:2b:29:
         08:d3:6d:73:d0:55:28:c9:8c:55:76:88:ad:ff:dd:8d:41:91:
         ff:da:d6:44
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYHunnEI7a0Zl6wGTvgT5CUnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NzRlNDZiZjYzNmVhNjNlNWQxMjM2MmY1NTFiODBiMjc3
MTQ3ODAwHhcNMjIwNzExMTg1NjA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGEzNzA0Y2U1Zjc0Zjk4YzIwZTc0MjNjMTVhODVjODIzMzg2MWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfnCP6yWITYk9o/yrRj61q5yScGk
/cUPHjwFGsgnA22Q8PVcRmuO/9rP+fZHQw/m93X1wDf05tgi6RxbjpDuemSDbdG3
lIdaHiAMpVhh8w+l0yfDBvP8uQFZ4l2SP/CzghT5NIVHeEaCGuUvWxuP+U4AKISY
oQUKfTIoah2wYn30kJ6IpucoSq4d7nR3RtCQO/JqipSpS1nakWTioKH57oXkYOVe
cjpUSgO6ggmcNstn9+qTIEyQlkLxHZaUJ5Chy8UHqiMXRc6x6iFMCctud86poyaJ
nelWvYz0mLpiKgpCUoSn8iwGw6g0kQL2nCvOPImX/ygCf9I2rXW9CkwFBQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMCjcEzl90+Ywg50I8FahcgjOGGmMB8GA1UdIwQY
MBaAFCh05Gv2Nupj5dEjYvVRuAsncUeAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0hUa2FfWTI2bVBsMFNOaTlWRzRDeWR4UjRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9lZGRjMDUtNDAyZC00ZGE3LTk3ZWYt
YzEwZGE2YWFjMWIxLzEvd0tOd1RPWDNUNWpDRG5RandWcUZ5Q000WWFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9lZGRjMDUtNDAyZC00ZGE3LTk3ZWYtYzEwZGE2YWFjMWIx
LzEvS0hUa2FfWTI2bVBsMFNOaTlWRzRDeWR4UjRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgBMxTAN
BgkqhkiG9w0BAQsFAAOCAQEADi206TC78YU6CRTkAXOIylG34Dxgf2LAh+LkErcM
jjvSQrWZ5GK6l6B/OfnRX9kEVpoa+uNGKZTa1LhtR3zPjCG8+JrNwEzCdnUr/UlR
7Yd9GXHL3/FnOZPesDRDqlkLJmd24UR+t4d6F+PkQRuULIumKTKwFs8U/fZUL4sv
Z7ysmmR/e3a1GClvvkeTXg+1RPp8NKJYB2a+DLUmFhgNCM4/KztQGTG67tBnbz24
n8SD521d0MXdWyWqvGb4QjiXggUYCe3x9g5kO8DXHszvi4BCxwIMd9VlfxwtB6sT
KeWEL3Kdg6uYmCspCNNtc9BVKMmMVXaIrf/djUGR/9rWRA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:31 2024 by rpki-client on console-ams.rpki-client.org