Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/JV3gC_SMN8f7i_40CNCItK6OEiE.roa
File:                     JV3gC_SMN8f7i_40CNCItK6OEiE.roa (raw, json)
Hash identifier:          /tCAkVUZyyU18spFkCmtQKSoQFl+Pxbcr9fQNKdThm8=
Subject key identifier:   25:5D:E0:0B:F4:8C:37:C7:FB:8B:FE:34:08:D0:88:B4:AE:8E:12:21
Certificate issuer:       /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial:       1AC28512
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/JV3gC_SMN8f7i_40CNCItK6OEiE.roa
Signing time:             Sat 01 Jan 2022 14:59:27 +0000
ROA not before:           Sat 01 Jan 2022 14:59:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34078
IP address blocks:        185.180.128.0/22 maxlen: 22
                          87.248.145.0/24 maxlen: 24
                          87.248.144.0/23 maxlen: 24
                          87.248.146.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 448955666 (0x1ac28512)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
        Validity
            Not Before: Jan  1 14:59:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=255de00bf48c37c7fb8bfe3408d088b4ae8e1221
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:62:38:b7:af:93:81:ea:61:88:d2:33:f8:7c:
                    4d:de:d7:6a:17:01:de:89:7f:c9:c0:1e:d5:bb:7b:
                    c8:ac:ad:6c:9b:97:6c:1c:7f:ab:b9:7b:98:a5:5a:
                    89:b6:38:a1:be:b7:a5:36:7e:99:da:d1:7c:7b:d7:
                    98:fc:d8:27:d2:97:79:28:f2:dd:bb:47:39:e0:05:
                    22:5a:be:07:93:cf:a0:86:8b:22:8b:65:51:b0:97:
                    fe:5b:02:f2:8c:c2:3a:f7:98:4a:8b:c8:b9:bb:50:
                    99:35:b1:23:9a:c7:1e:50:5c:69:3a:c5:49:5b:a1:
                    82:45:0d:61:e8:bd:8b:7c:21:60:be:01:9e:69:b6:
                    cd:0f:0f:a7:7a:90:60:3a:8b:45:00:04:f1:63:94:
                    d6:99:0c:d2:3e:80:26:59:84:a8:79:1b:b2:d8:c2:
                    60:c5:4f:4b:a1:99:4c:cf:e3:1e:8c:13:f2:7b:a1:
                    b3:d3:25:2f:3b:82:36:bd:2c:d0:4d:47:f2:90:52:
                    3a:d6:f8:f6:37:c3:26:fc:7a:c6:33:82:a7:8f:0f:
                    4d:89:34:56:f3:22:90:6c:47:7a:76:2f:55:18:fd:
                    0c:2c:aa:be:02:71:b6:91:f7:87:84:d4:81:11:e3:
                    6e:86:28:4c:c4:0f:40:74:8b:74:81:7c:db:03:42:
                    60:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:5D:E0:0B:F4:8C:37:C7:FB:8B:FE:34:08:D0:88:B4:AE:8E:12:21
            X509v3 Authority Key Identifier:
                keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/JV3gC_SMN8f7i_40CNCItK6OEiE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.248.144.0/22
                  185.180.128.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0d:8b:a2:60:86:8d:29:dd:b7:26:83:3a:31:0a:a0:5b:60:a7:
         d8:1a:0c:b4:f4:3e:c0:00:97:0c:1b:2a:7f:14:8b:d9:ca:79:
         22:a9:ad:bd:15:b9:54:1c:c8:a7:87:5d:03:da:e9:f0:a9:8a:
         48:90:37:36:35:01:27:ae:c8:2c:5e:14:d1:f7:95:be:43:af:
         18:51:00:73:a1:14:f1:93:6c:85:a6:e4:c3:9b:0b:b8:9c:d7:
         d0:a3:df:c9:8c:21:22:0d:04:05:09:3b:13:61:33:33:8c:b9:
         9e:d2:7d:7d:32:a7:92:21:3b:cf:fc:ec:a2:b9:8f:45:f2:5d:
         18:41:28:d4:7b:78:9d:aa:8e:33:2d:34:8b:6a:bc:af:28:fb:
         74:82:7d:7b:73:db:47:2b:b6:ff:64:47:9a:84:d5:97:3d:8a:
         d9:86:03:00:c1:bb:32:fd:d3:95:2b:05:3a:d6:5d:71:c5:06:
         75:17:96:2b:55:7a:0d:df:2a:a3:95:07:ab:6e:97:df:3e:5c:
         99:86:29:ad:6d:5a:d1:c1:1c:ea:20:f3:8e:35:08:4c:a2:6a:
         d4:5f:12:31:5a:d3:4c:a0:e9:7e:78:07:5b:3e:e2:22:80:30:
         7e:34:5d:bf:29:a6:b0:9c:68:af:40:7d:a2:39:25:7d:af:d9:
         da:54:7d:ea
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEGsKFEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
N2Y2MWZjN2MwYWI0MWNlMTU0ZTdiY2IwOGVmOTYyMzUxYTQ2Nzg0MB4XDTIyMDEw
MTE0NTkyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjU1ZGUwMGJmNDhj
MzdjN2ZiOGJmZTM0MDhkMDg4YjRhZThlMTIyMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMliOLevk4HqYYjSM/h8Td7XahcB3ol/ycAe1bt7yKytbJuX
bBx/q7l7mKVaibY4ob63pTZ+mdrRfHvXmPzYJ9KXeSjy3btHOeAFIlq+B5PPoIaL
IotlUbCX/lsC8ozCOveYSovIubtQmTWxI5rHHlBcaTrFSVuhgkUNYei9i3whYL4B
nmm2zQ8Pp3qQYDqLRQAE8WOU1pkM0j6AJlmEqHkbstjCYMVPS6GZTM/jHowT8nuh
s9MlLzuCNr0s0E1H8pBSOtb49jfDJvx6xjOCp48PTYk0VvMikGxHenYvVRj9DCyq
vgJxtpH3h4TUgRHjboYoTMQPQHSLdIF82wNCYOMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQlXeAL9Iw3x/uL/jQI0Ii0ro4SITAfBgNVHSMEGDAWgBR39h/HwKtBzhVO
e8sI75YjUaRnhDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RfWWZ4OENyUWM0VlRudkxDTy1XSTFHa1o0US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvOTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1NC8x
L0pWM2dDX1NNTjhmN2lfNDBDTkNJdEs2T0VpRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
OTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1NC8xL2RfWWZ4OENyUWM0
VlRudkxDTy1XSTFHa1o0US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlf4kAMEArm0gDANBgkqhkiG9w0B
AQsFAAOCAQEADYuiYIaNKd23JoM6MQqgW2Cn2BoMtPQ+wACXDBsqfxSL2cp5Iqmt
vRW5VBzIp4ddA9rp8KmKSJA3NjUBJ67ILF4U0feVvkOvGFEAc6EU8ZNshabkw5sL
uJzX0KPfyYwhIg0EBQk7E2EzM4y5ntJ9fTKnkiE7z/zsormPRfJdGEEo1Ht4naqO
My00i2q8ryj7dIJ9e3PbRyu2/2RHmoTVlz2K2YYDAMG7Mv3TlSsFOtZdccUGdReW
K1V6Dd8qo5UHq26X3z5cmYYprW1a0cEc6iDzjjUITKJq1F8SMVrTTKDpfngHWz7i
IoAwfjRdvymmsJxor0B9ojklfa/Z2lR96g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:26 2024 by rpki-client on console-ams.rpki-client.org