Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/R-so8zFUNEEUP3SY1ywTWmO-KBM.roa
File:                     R-so8zFUNEEUP3SY1ywTWmO-KBM.roa (raw, json)
Hash identifier:          kAzcS8bs8TtojPfNljwvBuRKNPB9C8iMWry6DZJ3pR4=
Subject key identifier:   47:EB:28:F3:31:54:34:41:14:3F:74:98:D7:2C:13:5A:63:BE:28:13
Certificate issuer:       /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial:       01832BC041EC0A3D064B78FC61BE71A54F28
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/R-so8zFUNEEUP3SY1ywTWmO-KBM.roa
Signing time:             Sun 11 Sep 2022 08:52:43 +0000
ROA not before:           Sun 11 Sep 2022 08:52:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47843
IP address blocks:        87.248.128.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:2b:c0:41:ec:0a:3d:06:4b:78:fc:61:be:71:a5:4f:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
        Validity
            Not Before: Sep 11 08:52:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=47eb28f331543441143f7498d72c135a63be2813
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:5b:44:e7:00:3c:e2:1b:4e:34:bc:45:41:ba:
                    84:7f:1f:33:ac:39:bd:28:d8:86:dc:c4:f4:2c:02:
                    81:97:3a:d2:25:b9:3f:65:2f:a5:89:27:8d:00:37:
                    0f:70:39:e3:f2:b2:c4:e4:17:70:33:fb:49:d6:21:
                    a1:45:e7:b0:6e:04:89:cd:b7:71:00:67:2c:38:ce:
                    5d:a2:88:30:26:70:08:0b:de:66:11:c7:1b:cb:77:
                    17:d0:f1:0a:cf:af:1d:a8:54:79:19:7c:89:83:77:
                    b6:d3:7f:91:c1:ea:aa:3c:14:c6:4a:c0:ec:8b:e2:
                    0f:b9:7d:b5:dd:02:3c:d0:3f:e4:9f:a1:1d:77:b1:
                    c5:46:c7:ed:3a:23:85:eb:5e:0f:39:c7:76:04:06:
                    74:a1:3e:08:fc:ed:33:bc:93:9b:ef:2b:0b:24:db:
                    09:3f:78:13:a3:dd:48:3e:1e:c8:14:ab:dd:82:9c:
                    72:e2:23:37:c4:42:1b:f7:60:8c:8e:7a:c7:52:b4:
                    f8:d8:78:75:fb:7a:5b:1d:bb:6a:61:f3:91:09:aa:
                    cc:bd:ee:5d:3d:27:b1:dc:de:cf:02:e1:5f:e7:00:
                    0b:8e:1b:35:f7:98:81:e0:af:ba:4c:2f:73:cb:c1:
                    6b:48:8e:54:a1:9c:fe:51:e4:1c:17:c1:88:ad:8d:
                    cc:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:EB:28:F3:31:54:34:41:14:3F:74:98:D7:2C:13:5A:63:BE:28:13
            X509v3 Authority Key Identifier:
                keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/R-so8zFUNEEUP3SY1ywTWmO-KBM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.248.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b0:c0:ee:4d:a1:9f:42:f6:05:8a:f1:94:28:c6:32:93:01:5e:
         26:31:38:36:42:b8:e4:43:16:ef:c8:08:d1:90:8f:dd:de:76:
         76:66:6f:6f:d8:59:ba:dc:4b:10:17:c3:01:a1:d1:07:2a:dc:
         ba:bc:1d:9d:77:72:8f:1d:b5:e6:0a:d3:e3:5c:4c:f6:b4:86:
         6a:ee:e5:cf:4d:c8:e3:7f:8d:41:5a:fc:12:4b:b5:33:8d:f8:
         91:ab:58:18:c7:53:24:91:84:56:26:85:ac:0f:f2:01:66:99:
         d4:f5:db:ac:94:34:f8:60:0a:27:37:b5:ae:d4:18:b4:22:be:
         6f:c8:b1:df:0c:e6:50:a8:45:ef:28:e7:f4:79:f1:e0:07:1e:
         96:78:32:f6:66:b5:f1:fd:98:9f:51:38:9a:6c:ef:f5:5a:c1:
         81:7a:f3:8a:a3:03:9b:46:a9:76:b1:9e:a9:35:bd:0f:9c:8e:
         a8:87:0a:f2:85:e4:15:dc:7e:35:93:6a:93:af:e1:f0:f9:9e:
         bd:81:0b:c6:dd:31:09:d4:5b:b4:b3:0a:d6:35:31:25:c7:78:
         49:7d:a2:a1:97:55:cb:ac:40:04:a5:6d:2b:b6:07:ac:0e:88:
         b1:70:8e:f7:8b:ef:d9:e9:5e:bb:01:3f:de:8c:a2:50:0a:e1:
         e3:40:48:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMrwEHsCj0GS3j8Yb5xpU8oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjYxZmM3YzBhYjQxY2UxNTRlN2JjYjA4ZWY5NjIzNTFh
NDY3ODQwHhcNMjIwOTExMDg1MjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2ViMjhmMzMxNTQzNDQxMTQzZjc0OThkNzJjMTM1YTYzYmUyODEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVtE5wA84htONLxFQbqEfx8zrDm9
KNiG3MT0LAKBlzrSJbk/ZS+liSeNADcPcDnj8rLE5BdwM/tJ1iGhReewbgSJzbdx
AGcsOM5doogwJnAIC95mEccby3cX0PEKz68dqFR5GXyJg3e203+RweqqPBTGSsDs
i+IPuX213QI80D/kn6Edd7HFRsftOiOF614POcd2BAZ0oT4I/O0zvJOb7ysLJNsJ
P3gTo91IPh7IFKvdgpxy4iM3xEIb92CMjnrHUrT42Hh1+3pbHbtqYfORCarMve5d
PSex3N7PAuFf5wALjhs195iB4K+6TC9zy8FrSI5UoZz+UeQcF8GIrY3MEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEfrKPMxVDRBFD90mNcsE1pjvigTMB8GA1UdIwQY
MBaAFHf2H8fAq0HOFU57ywjvliNRpGeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjkt
ZWRjOWQwMmZhZjU0LzEvUi1zbzh6RlVORUVVUDNTWTF5d1RXbU8tS0JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjktZWRjOWQwMmZhZjU0
LzEvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV/iAMA0G
CSqGSIb3DQEBCwUAA4IBAQCwwO5NoZ9C9gWK8ZQoxjKTAV4mMTg2QrjkQxbvyAjR
kI/d3nZ2Zm9v2Fm63EsQF8MBodEHKty6vB2dd3KPHbXmCtPjXEz2tIZq7uXPTcjj
f41BWvwSS7UzjfiRq1gYx1MkkYRWJoWsD/IBZpnU9duslDT4YAonN7Wu1Bi0Ir5v
yLHfDOZQqEXvKOf0efHgBx6WeDL2ZrXx/ZifUTiabO/1WsGBevOKowObRql2sZ6p
Nb0PnI6ohwryheQV3H41k2qTr+Hw+Z69gQvG3TEJ1Fu0swrWNTElx3hJfaKhl1XL
rEAEpW0rtgesDoixcI73i+/Z6V67AT/ejKJQCuHjQEgp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:35 2024 by rpki-client on console-fra.rpki-client.org