Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/Iv3wGH6x_G2LgyJqpzMtgiQKrnE.roa
File:                     Iv3wGH6x_G2LgyJqpzMtgiQKrnE.roa (raw, json)
Hash identifier:          p03KC6w8+lSn82ATpPeC3Ql8vfW0AoBuFudvyym8CIk=
Subject key identifier:   22:FD:F0:18:7E:B1:FC:6D:8B:83:22:6A:A7:33:2D:82:24:0A:AE:71
Certificate issuer:       /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial:       1C1BCC5A
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/Iv3wGH6x_G2LgyJqpzMtgiQKrnE.roa
Signing time:             Tue 10 May 2022 16:33:02 +0000
ROA not before:           Tue 10 May 2022 16:33:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211237
IP address blocks:        87.248.148.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 471583834 (0x1c1bcc5a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
        Validity
            Not Before: May 10 16:33:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=22fdf0187eb1fc6d8b83226aa7332d82240aae71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:d7:2a:cb:85:74:8f:9d:92:64:98:39:55:ce:
                    23:a4:17:99:be:b2:7e:a0:7a:88:f5:01:53:da:22:
                    17:ad:09:44:06:d6:1e:bf:9f:42:bb:00:b6:c0:83:
                    2c:fe:c8:5c:f0:e7:e3:d5:f0:9b:06:b8:fe:8c:c4:
                    60:37:47:fd:74:46:1e:a0:24:0e:29:ea:b7:4b:36:
                    3f:34:25:a9:66:15:0d:7e:29:4c:46:62:a6:69:6c:
                    35:56:f1:dd:2a:13:17:83:9c:bc:25:e7:7c:58:38:
                    33:b6:b6:2c:7f:70:8d:b4:74:65:f6:ac:84:24:20:
                    eb:4d:c9:a5:2d:71:c1:65:4e:34:66:31:c8:c6:76:
                    49:bb:a7:d6:52:87:9f:34:83:e1:f1:60:90:96:74:
                    8b:48:9b:fb:d9:c2:fe:2c:dd:3e:ee:9b:c7:33:3a:
                    bd:c4:c6:72:6c:1d:0e:15:56:05:b4:4e:5e:50:71:
                    e8:cc:09:2f:43:a6:c8:a4:95:15:b5:f1:2c:56:bf:
                    67:d5:ec:59:7b:82:24:7a:e6:a8:d6:43:bd:b0:b2:
                    65:b0:08:e5:f9:58:9a:31:1d:be:0d:bf:b2:64:d3:
                    b5:1d:e7:90:c6:a0:ea:4d:d9:7f:76:13:a3:38:64:
                    fa:bb:67:e5:48:d3:17:d8:93:3e:c6:b4:f0:57:89:
                    19:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:FD:F0:18:7E:B1:FC:6D:8B:83:22:6A:A7:33:2D:82:24:0A:AE:71
            X509v3 Authority Key Identifier:
                keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/Iv3wGH6x_G2LgyJqpzMtgiQKrnE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.248.148.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:62:13:22:c1:07:5c:c7:70:cf:66:14:a2:5d:07:45:0b:11:
         6e:f4:93:48:f9:08:4c:85:0b:26:24:91:c6:a2:bf:f8:2e:e4:
         ee:5a:36:72:4c:89:25:78:a6:c5:da:ad:46:fb:b3:84:65:15:
         f8:1d:d8:73:13:08:12:71:d6:b5:76:6f:5f:ff:2e:9a:3f:4a:
         91:5d:22:c2:f5:0e:ed:42:e1:a2:7d:e1:04:dd:26:ff:19:14:
         6a:d5:cd:e8:6c:14:89:58:85:75:e9:e8:12:dc:30:a8:47:2c:
         f3:bb:5a:06:cc:e5:61:92:7b:bd:aa:8b:24:2d:c0:0b:0c:5c:
         da:53:54:6b:00:89:9a:5d:0c:83:6e:56:ff:f8:bb:73:0e:65:
         b9:5a:29:7c:06:6c:fb:38:4e:33:9f:6f:e9:65:d2:f9:02:bb:
         5e:a7:8e:1b:d8:02:c1:80:61:03:47:3b:85:81:55:90:7c:af:
         9c:be:71:1d:29:65:f4:96:2e:60:7a:c7:4d:e5:98:8b:3e:e8:
         fc:e7:15:89:7f:de:8a:f9:e3:35:8f:d3:97:b0:48:dd:40:6b:
         19:61:75:69:f4:1c:80:9d:89:f6:cb:d9:d2:d4:c2:88:8a:c9:
         f9:f1:71:ae:e1:67:96:58:ac:61:ce:8f:7d:dd:4b:0d:01:f4:
         1a:10:06:db
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEHBvMWjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
N2Y2MWZjN2MwYWI0MWNlMTU0ZTdiY2IwOGVmOTYyMzUxYTQ2Nzg0MB4XDTIyMDUx
MDE2MzMwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjJmZGYwMTg3ZWIx
ZmM2ZDhiODMyMjZhYTczMzJkODIyNDBhYWU3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMnXKsuFdI+dkmSYOVXOI6QXmb6yfqB6iPUBU9oiF60JRAbW
Hr+fQrsAtsCDLP7IXPDn49Xwmwa4/ozEYDdH/XRGHqAkDinqt0s2PzQlqWYVDX4p
TEZipmlsNVbx3SoTF4OcvCXnfFg4M7a2LH9wjbR0ZfashCQg603JpS1xwWVONGYx
yMZ2Sbun1lKHnzSD4fFgkJZ0i0ib+9nC/izdPu6bxzM6vcTGcmwdDhVWBbROXlBx
6MwJL0OmyKSVFbXxLFa/Z9XsWXuCJHrmqNZDvbCyZbAI5flYmjEdvg2/smTTtR3n
kMag6k3Zf3YTozhk+rtn5UjTF9iTPsa08FeJGZsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQi/fAYfrH8bYuDImqnMy2CJAqucTAfBgNVHSMEGDAWgBR39h/HwKtBzhVO
e8sI75YjUaRnhDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RfWWZ4OENyUWM0VlRudkxDTy1XSTFHa1o0US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvOTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1NC8x
L0l2M3dHSDZ4X0cyTGd5SnFwek10Z2lRS3JuRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
OTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1NC8xL2RfWWZ4OENyUWM0
VlRudkxDTy1XSTFHa1o0US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFf4lDANBgkqhkiG9w0BAQsFAAOC
AQEAmWITIsEHXMdwz2YUol0HRQsRbvSTSPkITIULJiSRxqK/+C7k7lo2ckyJJXim
xdqtRvuzhGUV+B3YcxMIEnHWtXZvX/8umj9KkV0iwvUO7ULhon3hBN0m/xkUatXN
6GwUiViFdenoEtwwqEcs87taBszlYZJ7vaqLJC3ACwxc2lNUawCJml0Mg25W//i7
cw5luVopfAZs+zhOM59v6WXS+QK7XqeOG9gCwYBhA0c7hYFVkHyvnL5xHSll9JYu
YHrHTeWYiz7o/OcViX/eivnjNY/Tl7BI3UBrGWF1afQcgJ2J9svZ0tTCiIrJ+fFx
ruFnllisYc6Pfd1LDQH0GhAG2w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:35 2024 by rpki-client on console-fra.rpki-client.org