Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/JHgnLRgPQkesg-ursa_po6VfSAI.roa
File:                     JHgnLRgPQkesg-ursa_po6VfSAI.roa (raw, json)
Hash identifier:          uVrflPKeDmhDss3VPECwFDB3leX+7ypTxFzTOqZOkF8=
Subject key identifier:   24:78:27:2D:18:0F:42:47:AC:83:EB:AB:B1:AF:E9:A3:A5:5F:48:02
Certificate issuer:       /CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Certificate serial:       3844F3D1
Authority key identifier: E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/JHgnLRgPQkesg-ursa_po6VfSAI.roa
Signing time:             Wed 26 Jan 2022 10:35:32 +0000
ROA not before:           Wed 26 Jan 2022 10:35:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49544
IP address blocks:        87.251.20.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 944042961 (0x3844f3d1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e501815c6f98f3a2b6184afebf18ea341be882ea
        Validity
            Not Before: Jan 26 10:35:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2478272d180f4247ac83ebabb1afe9a3a55f4802
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:ab:07:79:06:de:12:51:dc:06:a3:4b:0f:c1:
                    be:6a:67:68:e8:52:79:c1:03:0a:0e:44:cf:ac:d9:
                    d8:36:3c:e1:1a:3c:ad:4d:23:f4:4e:89:93:4f:9d:
                    e3:21:c3:3b:7d:92:53:c4:4d:b2:f4:6b:59:23:d8:
                    6a:96:2c:1e:f4:1e:8b:03:24:0a:cb:1d:0e:57:03:
                    a1:bd:1f:8d:0c:b1:ff:60:80:f3:09:da:8e:29:ba:
                    94:ce:ce:ac:db:21:5d:e0:63:66:96:70:39:ed:cc:
                    93:b0:fd:62:03:c5:80:71:ff:1c:5f:63:53:82:06:
                    3a:0b:d1:85:83:d3:05:80:b7:41:a2:d7:ba:c2:b4:
                    fe:8e:2b:2c:35:50:14:64:46:4d:a4:3f:ce:6d:9c:
                    e0:7d:49:9a:bc:d2:c4:5f:25:36:a2:96:2b:d7:06:
                    5d:0e:0f:13:db:ed:c3:46:bb:1e:2d:2a:4a:41:71:
                    25:ea:6c:4f:e3:09:fb:fa:ce:fc:c6:dc:aa:26:e0:
                    d3:3b:b7:67:62:09:48:d7:98:d9:54:59:00:58:3b:
                    3e:9c:97:3f:20:5a:25:cb:1d:d4:36:27:8d:d9:87:
                    e0:27:28:9e:d2:3e:f2:a2:58:c9:ac:8c:a2:c8:a5:
                    ac:2a:95:d5:0a:66:72:fa:1d:57:0d:39:63:79:9b:
                    8c:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:78:27:2D:18:0F:42:47:AC:83:EB:AB:B1:AF:E9:A3:A5:5F:48:02
            X509v3 Authority Key Identifier:
                keyid:E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/JHgnLRgPQkesg-ursa_po6VfSAI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/5QGBXG-Y86K2GEr-vxjqNBvoguo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.251.20.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:69:38:8d:3b:bc:44:75:aa:27:be:1e:aa:d8:c9:61:80:07:
         84:25:7f:a0:62:30:d4:7f:08:a8:0c:6c:f0:24:48:e4:c4:6d:
         ca:64:cd:a1:33:e4:1d:84:54:83:70:27:0b:79:98:98:4d:c9:
         3b:c4:d7:56:17:fc:c6:84:85:a4:27:bf:d1:89:df:78:55:b8:
         2c:4d:e7:d0:f6:dc:92:69:05:4d:33:68:c2:27:87:9a:73:06:
         ce:4a:3e:ba:2a:12:9d:eb:6b:65:53:66:42:9d:a1:65:d7:03:
         79:74:10:53:0c:be:94:80:7f:e2:fd:b8:e7:6b:3d:cf:58:99:
         d2:3b:83:f3:36:6d:f4:d1:81:2e:31:a6:f0:44:a7:a8:93:78:
         97:d9:2d:da:30:5f:42:65:c5:9d:16:63:07:92:4e:db:47:8d:
         cd:00:17:34:0c:aa:19:e9:d2:20:2d:e9:df:d0:ad:c0:63:d9:
         e6:81:93:df:27:e6:f4:95:02:d3:fd:01:dc:e0:fc:49:4a:16:
         73:81:38:6b:4a:0f:c9:f9:09:b1:b7:be:9b:90:33:c6:8e:8c:
         dc:57:fb:3f:ad:2e:a6:68:aa:f7:cb:e0:5d:d3:e7:57:74:36:
         54:22:70:c7:b4:63:9e:2f:4e:ff:45:43:a3:01:9f:00:8f:30:
         65:35:82:cf
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOETz0TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NTAxODE1YzZmOThmM2EyYjYxODRhZmViZjE4ZWEzNDFiZTg4MmVhMB4XDTIyMDEy
NjEwMzUzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjQ3ODI3MmQxODBm
NDI0N2FjODNlYmFiYjFhZmU5YTNhNTVmNDgwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALKrB3kG3hJR3AajSw/BvmpnaOhSecEDCg5Ez6zZ2DY84Ro8
rU0j9E6Jk0+d4yHDO32SU8RNsvRrWSPYapYsHvQeiwMkCssdDlcDob0fjQyx/2CA
8wnajim6lM7OrNshXeBjZpZwOe3Mk7D9YgPFgHH/HF9jU4IGOgvRhYPTBYC3QaLX
usK0/o4rLDVQFGRGTaQ/zm2c4H1JmrzSxF8lNqKWK9cGXQ4PE9vtw0a7Hi0qSkFx
JepsT+MJ+/rO/Mbcqibg0zu3Z2IJSNeY2VRZAFg7PpyXPyBaJcsd1DYnjdmH4Cco
ntI+8qJYyayMosilrCqV1QpmcvodVw05Y3mbjAUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQkeCctGA9CR6yD66uxr+mjpV9IAjAfBgNVHSMEGDAWgBTlAYFcb5jzorYY
Sv6/GOo0G+iC6jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVRR0JYRy1ZODZLMkdFci12eGpxTkJ2b2d1by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvNWIwMjIyLWVkNjQtNGY1NS1iNDViLTAwNTlmNzM3ZWYwNS8x
L0pIZ25MUmdQUWtlc2ctdXJzYV9wbzZWZlNBSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
NWIwMjIyLWVkNjQtNGY1NS1iNDViLTAwNTlmNzM3ZWYwNS8xLzVRR0JYRy1ZODZL
MkdFci12eGpxTkJ2b2d1by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFf7FDANBgkqhkiG9w0BAQsFAAOC
AQEAK2k4jTu8RHWqJ74eqtjJYYAHhCV/oGIw1H8IqAxs8CRI5MRtymTNoTPkHYRU
g3AnC3mYmE3JO8TXVhf8xoSFpCe/0YnfeFW4LE3n0PbckmkFTTNowieHmnMGzko+
uioSnetrZVNmQp2hZdcDeXQQUwy+lIB/4v2452s9z1iZ0juD8zZt9NGBLjGm8ESn
qJN4l9kt2jBfQmXFnRZjB5JO20eNzQAXNAyqGenSIC3p39CtwGPZ5oGT3yfm9JUC
0/0B3OD8SUoWc4E4a0oPyfkJsbe+m5Azxo6M3Ff7P60upmiq98vgXdPnV3Q2VCJw
x7Rjni9O/0VDowGfAI8wZTWCzw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:31 2024 by rpki-client on console-fra.rpki-client.org