Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/G50DixtLHLWstTa91U7NpT1XAh0.roa
File:                     G50DixtLHLWstTa91U7NpT1XAh0.roa (raw, json)
Hash identifier:          wX1LWfpRpwrKP9zfZ0TVCy1Zn/cw3wiVdSU1kIBtG7A=
Subject key identifier:   1B:9D:03:8B:1B:4B:1C:B5:AC:B5:36:BD:D5:4E:CD:A5:3D:57:02:1D
Certificate issuer:       /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial:       1C74BAFD
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/G50DixtLHLWstTa91U7NpT1XAh0.roa
Signing time:             Fri 10 Jun 2022 21:11:03 +0000
ROA not before:           Fri 10 Jun 2022 21:11:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     134526
IP address blocks:        87.248.136.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 477412093 (0x1c74bafd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
        Validity
            Not Before: Jun 10 21:11:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1b9d038b1b4b1cb5acb536bdd54ecda53d57021d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:5f:00:e7:62:f1:27:70:d9:32:42:df:47:32:
                    3d:df:01:10:26:2c:da:eb:1e:f1:83:83:41:7c:3e:
                    63:9f:64:d2:6f:86:1d:1b:cf:3c:11:03:e2:d9:80:
                    a6:37:59:aa:4c:7c:79:ce:e5:ad:29:2a:df:f1:12:
                    97:1a:8d:4b:9a:7d:e4:ad:25:3b:38:af:8f:21:0a:
                    e4:17:6b:18:c5:09:60:ba:53:ab:aa:07:34:38:05:
                    16:0c:0a:a7:a1:3d:f6:88:48:74:a9:ff:51:a5:7e:
                    0b:9a:03:6c:fb:f3:f9:e0:91:f1:90:87:a7:65:f0:
                    bc:d8:39:91:c2:e9:4c:07:5c:d7:1d:73:b6:16:af:
                    12:21:6a:d5:c2:a0:45:7b:40:6d:52:d3:8b:2c:40:
                    22:14:93:d7:09:13:49:d9:6e:08:0a:f1:12:e7:90:
                    86:65:aa:f7:a9:3b:d5:d2:35:e5:2c:33:80:50:fa:
                    8e:c4:8d:27:00:90:62:37:a8:a5:25:02:d6:0d:2a:
                    99:90:39:ca:b9:8c:ef:b3:85:56:b9:c6:2e:17:33:
                    ed:fb:af:c1:d4:18:78:61:8d:7b:88:19:e3:88:aa:
                    64:f9:90:2e:cc:1d:bc:1e:1d:d5:15:af:e6:0e:1b:
                    0c:ca:dd:21:c3:83:78:de:31:da:d3:b3:c1:f4:c8:
                    75:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:9D:03:8B:1B:4B:1C:B5:AC:B5:36:BD:D5:4E:CD:A5:3D:57:02:1D
            X509v3 Authority Key Identifier:
                keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/G50DixtLHLWstTa91U7NpT1XAh0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.248.136.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:68:2a:32:85:79:6a:6d:52:c0:d5:01:96:6d:a8:75:40:57:
         7e:04:7c:26:51:0b:66:2d:0d:a0:15:03:02:60:03:b1:71:3b:
         ac:5c:9b:c0:d9:12:18:8d:a4:13:f7:da:51:00:47:53:73:43:
         ec:9d:42:c6:4a:55:5d:3c:ef:90:26:a9:de:a1:8a:8e:bc:0f:
         dd:3c:01:48:f6:94:8c:97:42:d0:38:88:4d:92:26:d6:bc:f6:
         10:33:57:cb:84:dd:c1:95:d3:ae:ee:5f:d1:15:40:db:6b:bb:
         ee:43:d7:fa:1f:5a:e3:4f:90:71:a9:2a:2f:7a:af:1c:b3:ce:
         ab:6f:8b:89:5e:4d:a3:ae:e7:80:fd:e4:b5:c3:b4:76:b8:15:
         b2:1a:4e:25:42:45:c4:2c:0c:c6:c0:48:a5:49:ca:de:1d:1c:
         cc:ea:2f:40:e6:c4:cd:93:ce:16:6d:49:aa:fb:39:84:89:9d:
         64:0e:19:22:c7:b9:ff:1b:e2:c3:8a:91:4b:e9:94:8d:3e:d1:
         fd:e9:66:df:78:f4:a3:0d:53:92:56:19:17:5e:2c:d6:44:36:
         ee:62:9a:d5:0e:40:7d:cf:57:31:48:58:4c:a6:b0:af:fb:2a:
         22:16:40:ec:3d:a1:9a:43:ab:c0:21:cf:14:50:a2:9e:4b:fb:
         1a:8c:d7:3d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEHHS6/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
N2Y2MWZjN2MwYWI0MWNlMTU0ZTdiY2IwOGVmOTYyMzUxYTQ2Nzg0MB4XDTIyMDYx
MDIxMTEwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWI5ZDAzOGIxYjRi
MWNiNWFjYjUzNmJkZDU0ZWNkYTUzZDU3MDIxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJFfAOdi8Sdw2TJC30cyPd8BECYs2use8YODQXw+Y59k0m+G
HRvPPBED4tmApjdZqkx8ec7lrSkq3/ESlxqNS5p95K0lOzivjyEK5BdrGMUJYLpT
q6oHNDgFFgwKp6E99ohIdKn/UaV+C5oDbPvz+eCR8ZCHp2XwvNg5kcLpTAdc1x1z
thavEiFq1cKgRXtAbVLTiyxAIhST1wkTSdluCArxEueQhmWq96k71dI15SwzgFD6
jsSNJwCQYjeopSUC1g0qmZA5yrmM77OFVrnGLhcz7fuvwdQYeGGNe4gZ44iqZPmQ
LswdvB4d1RWv5g4bDMrdIcODeN4x2tOzwfTIdQsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQbnQOLG0sctay1Nr3VTs2lPVcCHTAfBgNVHSMEGDAWgBR39h/HwKtBzhVO
e8sI75YjUaRnhDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RfWWZ4OENyUWM0VlRudkxDTy1XSTFHa1o0US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvOTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1NC8x
L0c1MERpeHRMSExXc3RUYTkxVTdOcFQxWEFoMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
OTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1NC8xL2RfWWZ4OENyUWM0
VlRudkxDTy1XSTFHa1o0US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFf4iDANBgkqhkiG9w0BAQsFAAOC
AQEAkGgqMoV5am1SwNUBlm2odUBXfgR8JlELZi0NoBUDAmADsXE7rFybwNkSGI2k
E/faUQBHU3ND7J1CxkpVXTzvkCap3qGKjrwP3TwBSPaUjJdC0DiITZIm1rz2EDNX
y4TdwZXTru5f0RVA22u77kPX+h9a40+QcakqL3qvHLPOq2+LiV5No67ngP3ktcO0
drgVshpOJUJFxCwMxsBIpUnK3h0czOovQObEzZPOFm1Jqvs5hImdZA4ZIse5/xvi
w4qRS+mUjT7R/elm33j0ow1TklYZF14s1kQ27mKa1Q5Afc9XMUhYTKawr/sqIhZA
7D2hmkOrwCHPFFCinkv7GozXPQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:35 2024 by rpki-client on console-fra.rpki-client.org