Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/MgPGV-xxKsmOw7sKmWbDNfGKyb0.roa
File:                     MgPGV-xxKsmOw7sKmWbDNfGKyb0.roa (raw, json)
Hash identifier:          XInv1bBYn7Yu1nc8drAJ8pqt/B1FgjNCz9uleHLKMs8=
Subject key identifier:   32:03:C6:57:EC:71:2A:C9:8E:C3:BB:0A:99:66:C3:35:F1:8A:C9:BD
Certificate issuer:       /CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Certificate serial:       0B5C61A0
Authority key identifier: 56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/MgPGV-xxKsmOw7sKmWbDNfGKyb0.roa
Signing time:             Sat 01 Jan 2022 08:58:36 +0000
ROA not before:           Sat 01 Jan 2022 08:58:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39253
IP address blocks:        62.244.243.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 190603680 (0xb5c61a0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
        Validity
            Not Before: Jan  1 08:58:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3203c657ec712ac98ec3bb0a9966c335f18ac9bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:71:42:52:e0:2a:32:c4:12:fa:95:f0:81:68:
                    47:47:d1:a7:df:81:1e:af:35:52:df:70:31:d0:dd:
                    4d:12:f3:94:30:0c:1e:c2:66:34:4c:4d:f0:21:f4:
                    3b:b3:cb:d4:36:20:47:91:9e:51:84:33:29:7b:d5:
                    20:0a:c5:95:54:58:45:64:ce:63:f6:0c:c8:92:07:
                    fc:d9:98:07:cb:6e:5f:00:68:19:10:12:76:fb:6c:
                    d5:27:48:d4:8b:bc:f3:3d:0c:d0:68:d2:25:2d:eb:
                    91:96:5f:d0:a3:9e:f6:75:fc:47:99:4c:3d:b6:a5:
                    3c:09:2d:ef:55:61:0d:0f:5c:8c:3b:e8:b3:b3:5e:
                    2d:57:1c:7b:cb:a3:ab:73:4a:18:0e:ae:d2:16:37:
                    73:12:ad:86:7f:3c:3d:4f:d8:66:4e:ff:f1:6a:c6:
                    11:9d:0b:5a:a1:3b:9f:0f:84:46:55:62:66:7c:3d:
                    ad:85:c0:42:38:b5:77:17:8d:5f:53:8f:63:38:59:
                    43:31:72:e4:b7:a2:85:e1:fe:2c:a5:d9:a5:75:6f:
                    ef:5e:8e:91:6f:e0:e7:99:79:53:96:16:f5:62:3d:
                    da:62:b3:d2:1c:79:ca:d5:bb:1a:ce:84:32:c6:db:
                    b7:48:07:f6:aa:f3:b1:ca:20:76:23:69:5d:ac:42:
                    54:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:03:C6:57:EC:71:2A:C9:8E:C3:BB:0A:99:66:C3:35:F1:8A:C9:BD
            X509v3 Authority Key Identifier:
                keyid:56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/MgPGV-xxKsmOw7sKmWbDNfGKyb0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.244.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3d:10:77:ff:bf:1e:27:1b:e3:b7:4b:fb:27:8b:1d:26:34:99:
         fc:bf:ea:9b:7e:72:10:d1:06:a2:39:2a:a0:7c:71:eb:30:c6:
         43:af:82:ae:95:83:da:56:15:00:77:49:65:6d:84:85:1a:b2:
         7a:be:7e:f3:6e:5f:73:56:39:e2:b8:2c:75:38:af:77:58:bc:
         97:e1:66:0f:e7:16:2b:a5:32:a0:a1:7d:c8:ca:16:78:35:15:
         43:5d:35:f8:e3:11:f1:ee:d0:b2:3e:5d:ed:da:47:9e:36:80:
         f3:9c:33:99:af:0a:29:ab:79:f0:a9:33:eb:ae:d9:89:b4:99:
         41:66:26:c1:9e:4c:88:4e:83:c1:1c:59:43:37:3c:c5:62:02:
         a5:16:fb:ab:28:c5:6c:4e:aa:52:7e:fa:44:89:cf:2e:d7:c6:
         33:21:20:7d:d5:23:d5:d5:b6:d3:70:50:0d:44:c1:6b:93:97:
         b1:cb:9b:0f:ac:6e:76:e4:c6:49:36:00:fa:67:27:79:4e:9a:
         91:01:1f:2a:e4:66:c0:7d:2d:e6:f7:57:a3:2d:d0:38:46:00:
         e9:1f:fd:7b:d5:49:ac:52:33:89:65:35:5d:8a:ce:69:86:de:
         71:4c:73:f6:de:ca:27:5c:dc:95:67:15:08:cd:72:e6:0b:3d:
         10:ea:55:e2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC1xhoDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NjhmZTM1Y2M5NjI2MzNhMjc1N2FmMTBhMGU2ZThhYjZkMDFmNGM5MB4XDTIyMDEw
MTA4NTgzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzIwM2M2NTdlYzcx
MmFjOThlYzNiYjBhOTk2NmMzMzVmMThhYzliZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANVxQlLgKjLEEvqV8IFoR0fRp9+BHq81Ut9wMdDdTRLzlDAM
HsJmNExN8CH0O7PL1DYgR5GeUYQzKXvVIArFlVRYRWTOY/YMyJIH/NmYB8tuXwBo
GRASdvts1SdI1Iu88z0M0GjSJS3rkZZf0KOe9nX8R5lMPbalPAkt71VhDQ9cjDvo
s7NeLVcce8ujq3NKGA6u0hY3cxKthn88PU/YZk7/8WrGEZ0LWqE7nw+ERlViZnw9
rYXAQji1dxeNX1OPYzhZQzFy5LeiheH+LKXZpXVv716OkW/g55l5U5YW9WI92mKz
0hx5ytW7Gs6EMsbbt0gH9qrzscogdiNpXaxCVPsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQyA8ZX7HEqyY7DuwqZZsM18YrJvTAfBgNVHSMEGDAWgBRWj+NcyWJjOidX
rxCg5uirbQH0yTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZvX2pYTWxpWXpvblY2OFFvT2JvcTIwQjlNay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvMzdlYmU2LThiZmUtNGMxZi1hMTgzLTgzZDY0OGY3OTc0Ni8x
L01nUEdWLXh4S3NtT3c3c0ttV2JETmZHS3liMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
MzdlYmU2LThiZmUtNGMxZi1hMTgzLTgzZDY0OGY3OTc0Ni8xL1ZvX2pYTWxpWXpv
blY2OFFvT2JvcTIwQjlNay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAD708zANBgkqhkiG9w0BAQsFAAOC
AQEAPRB3/78eJxvjt0v7J4sdJjSZ/L/qm35yENEGojkqoHxx6zDGQ6+CrpWD2lYV
AHdJZW2EhRqyer5+825fc1Y54rgsdTivd1i8l+FmD+cWK6UyoKF9yMoWeDUVQ101
+OMR8e7Qsj5d7dpHnjaA85wzma8KKat58Kkz667ZibSZQWYmwZ5MiE6DwRxZQzc8
xWICpRb7qyjFbE6qUn76RInPLtfGMyEgfdUj1dW203BQDUTBa5OXscubD6xuduTG
STYA+mcneU6akQEfKuRmwH0t5vdXoy3QOEYA6R/9e9VJrFIziWU1XYrOaYbecUxz
9t7KJ1zclWcVCM1y5gs9EOpV4g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:56 2024 by rpki-client on console-fra.rpki-client.org