Route Origin Authorization

$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/87Y1kIGoPxN9gqdcFM_LrI3msQw.roa
File:                     87Y1kIGoPxN9gqdcFM_LrI3msQw.roa (raw, json)
Hash identifier:          mlCNaRzoXDP8ga0FAnLx1Ftdl4e+qLlbdVcK2NqeAUA=
Subject key identifier:   F3:B6:35:90:81:A8:3F:13:7D:82:A7:5C:14:CF:CB:AC:8D:E6:B1:0C
Certificate issuer:       /CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
Certificate serial:       D624
Authority key identifier: 6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
Subject info access:      rsync://ca.rg.net/rpki/RGnet-OU/87Y1kIGoPxN9gqdcFM_LrI3msQw.roa
Signing time:             Fri 17 Jun 2022 00:05:08 +0000
ROA not before:           Fri 17 Jun 2022 00:05:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3130
IP address blocks:        147.28.7.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 54820 (0xd624)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
        Validity
            Not Before: Jun 17 00:05:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=F3B6359081A83F137D82A75C14CFCBAC8DE6B10C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:c5:02:2e:f6:71:6b:cc:c8:16:ee:4b:3d:34:
                    90:b2:db:3b:39:05:06:21:66:e8:83:07:2b:c1:55:
                    77:a0:d1:4c:76:b6:d1:e1:db:cc:47:80:ca:cb:6c:
                    c9:c9:7d:f6:bf:f9:7e:0b:6a:e1:fa:ba:1f:21:39:
                    a2:60:51:30:37:96:7d:38:b4:d2:ac:af:ea:d3:20:
                    f6:6a:fe:36:b4:28:09:ae:9e:e8:d4:8c:bf:de:f9:
                    cb:ef:0d:81:22:14:a5:2b:25:8e:5d:09:bd:62:88:
                    f3:36:59:f1:6a:b9:a0:b2:b6:a0:40:2a:0a:de:5e:
                    b8:b9:f0:19:7d:95:b2:49:01:d7:94:c8:36:c2:76:
                    7d:f1:9d:d7:a7:27:b6:5f:6a:0e:98:a2:89:6c:f2:
                    5a:38:f2:fa:ca:24:9e:cc:0a:c6:08:8b:b1:e7:b5:
                    7e:1f:e3:37:02:c3:3b:12:d0:b6:2b:cc:4f:48:1b:
                    c9:85:3c:f5:c7:15:d5:b8:d5:a3:b0:5d:f3:0a:9d:
                    15:dd:21:70:cb:74:f3:eb:56:34:75:fd:23:23:70:
                    c5:1b:34:4f:b4:59:55:ea:ec:89:05:ad:16:60:32:
                    c3:b2:31:02:94:a8:1a:82:77:ca:58:fd:a1:cd:71:
                    2d:4a:32:a6:0f:68:a0:ff:ef:f6:d9:fd:3c:aa:a9:
                    c1:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:B6:35:90:81:A8:3F:13:7D:82:A7:5C:14:CF:CB:AC:8D:E6:B1:0C
            X509v3 Authority Key Identifier:
                keyid:6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/87Y1kIGoPxN9gqdcFM_LrI3msQw.roa
                RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.28.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:28:53:b8:9a:e3:cc:8f:c9:51:be:d6:73:67:d3:22:25:d0:
         ce:f6:8b:03:c3:5b:52:41:c5:e1:a9:49:ed:e6:90:ef:1a:e2:
         b7:84:b8:26:a6:44:03:4c:56:f0:f8:c1:09:86:00:79:a5:a3:
         7a:6a:36:80:11:88:60:54:b2:0e:11:b7:13:51:ca:11:22:1f:
         da:ae:17:84:33:93:67:08:9d:50:12:56:c1:88:75:6c:c9:4f:
         48:d3:8c:8c:53:38:a8:5e:3a:b4:e1:aa:c3:d4:77:ae:7c:84:
         d1:61:9d:b9:dd:48:bc:f1:8e:73:3f:b8:44:d0:0e:d8:9c:07:
         07:71:91:1c:80:a6:24:9a:8d:e5:4f:f2:d3:3d:88:a9:30:ae:
         c7:34:d6:24:0f:3c:72:9a:7f:ca:61:52:55:e6:ec:f4:7b:4a:
         a6:84:3e:f5:0c:4e:ee:05:57:0d:3c:74:77:4e:6e:ae:17:82:
         41:92:3f:bc:d2:29:cc:1b:7f:76:7b:a0:c3:45:35:04:46:a1:
         28:49:10:bb:25:6a:6c:05:5f:66:3b:de:c0:01:0b:9a:80:68:
         d2:23:e2:40:aa:5d:c5:b8:13:de:50:cc:c6:f9:13:38:f5:3c:
         43:34:b9:b6:33:d4:12:ad:fa:4b:b6:ee:57:c1:98:80:20:9c:
         fe:36:cf:ef
-----BEGIN CERTIFICATE-----
MIIEuTCCA6GgAwIBAgIDANYkMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDZk
NmZiZmE5NzUzZGI4ZDg0NjQzM2RiNTM1MWQ5YTllYzA3Yzk2YmQwHhcNMjIwNjE3
MDAwNTA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhGM0I2MzU5MDgxQTgz
RjEzN0Q4MkE3NUMxNENGQ0JBQzhERTZCMTBDMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuMUCLvZxa8zIFu5LPTSQsts7OQUGIWbogwcrwVV3oNFMdrbR
4dvMR4DKy2zJyX32v/l+C2rh+rofITmiYFEwN5Z9OLTSrK/q0yD2av42tCgJrp7o
1Iy/3vnL7w2BIhSlKyWOXQm9YojzNlnxarmgsragQCoK3l64ufAZfZWySQHXlMg2
wnZ98Z3Xpye2X2oOmKKJbPJaOPL6yiSezArGCIux57V+H+M3AsM7EtC2K8xPSBvJ
hTz1xxXVuNWjsF3zCp0V3SFwy3Tz61Y0df0jI3DFGzRPtFlV6uyJBa0WYDLDsjEC
lKgagnfKWP2hzXEtSjKmD2ig/+/22f08qqnBpwIDAQABo4IB1DCCAdAwHQYDVR0O
BBYEFPO2NZCBqD8TfYKnXBTPy6yN5rEMMB8GA1UdIwQYMBaAFG1vv6l1PbjYRkM9
tTUdmp7AfJa9MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwUAYDVR0fBEkwRzBF
oEOgQYY/cnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9SR25ldC1PVS9iVy1fcVhVOXVO
aEdRejIxTlIyYW5zQjhscjAuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcw
AoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iVy1f
cVhVOXVOaEdRejIxTlIyYW5zQjhscjAuY2VyMA4GA1UdDwEB/wQEAwIHgDCBigYI
KwYBBQUHAQsEfjB8MEsGCCsGAQUFBzALhj9yc3luYzovL2NhLnJnLm5ldC9ycGtp
L1JHbmV0LU9VLzg3WTFrSUdvUHhOOWdxZGNGTV9MckkzbXNRdy5yb2EwLQYIKwYB
BQUHMA2GIWh0dHBzOi8vY2EucmcubmV0L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAJMcBzANBgkqhkiG9w0BAQsFAAOCAQEATihT
uJrjzI/JUb7Wc2fTIiXQzvaLA8NbUkHF4alJ7eaQ7xrit4S4JqZEA0xW8PjBCYYA
eaWjemo2gBGIYFSyDhG3E1HKESIf2q4XhDOTZwidUBJWwYh1bMlPSNOMjFM4qF46
tOGqw9R3rnyE0WGdud1IvPGOcz+4RNAO2JwHB3GRHICmJJqN5U/y0z2IqTCuxzTW
JA88cpp/ymFSVebs9HtKpoQ+9QxO7gVXDTx0d05urheCQZI/vNIpzBt/dnugw0U1
BEahKEkQuyVqbAVfZjvewAELmoBo0iPiQKpdxbgT3lDMxvkTOPU8QzS5tjPUEq36
S7buV8GYgCCc/jbP7w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:52 2024 by rpki-client on console-fra.rpki-client.org