Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/RLSzWnS4k4ufREPKWLq7eAtQR90.roa
File:                     RLSzWnS4k4ufREPKWLq7eAtQR90.roa (raw, json)
Hash identifier:          gFlE+lgU+lf7vuQEfPYZmPiLKGiUvmp22XMYi0GWxS8=
Subject key identifier:   44:B4:B3:5A:74:B8:93:8B:9F:44:43:CA:58:BA:BB:78:0B:50:47:DD
Certificate issuer:       /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial:       01821F57CAEDF381F2A39CBA5A17D460E54B
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/RLSzWnS4k4ufREPKWLq7eAtQR90.roa
Signing time:             Thu 21 Jul 2022 06:00:23 +0000
ROA not before:           Thu 21 Jul 2022 06:00:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211975
IP address blocks:        87.248.157.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:1f:57:ca:ed:f3:81:f2:a3:9c:ba:5a:17:d4:60:e5:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
        Validity
            Not Before: Jul 21 06:00:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=44b4b35a74b8938b9f4443ca58babb780b5047dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:d1:0c:9e:98:99:d1:1d:a2:45:bc:26:98:bf:
                    5d:79:17:a3:8d:67:b5:e8:ae:94:e0:da:8a:56:93:
                    6b:ab:4a:a9:09:71:e1:78:ac:16:ff:cf:fe:79:9d:
                    45:25:89:8e:1d:22:ce:13:18:de:50:b0:a9:68:4c:
                    dd:69:e8:e5:44:20:d3:cc:45:33:f2:7f:82:7d:6f:
                    67:5a:06:76:2c:b4:3c:a0:0c:97:08:e9:f1:c7:6b:
                    84:db:5e:1b:15:e8:36:50:45:6d:eb:51:83:8d:84:
                    f8:47:ab:be:c6:35:c3:6b:53:30:92:d2:64:c2:18:
                    f9:6b:5d:5e:5d:b0:25:9c:bb:6e:c5:f1:de:a4:bf:
                    fe:be:f9:33:d1:53:33:a2:c6:c4:a5:03:40:9b:55:
                    26:0e:7b:a3:f8:12:5d:70:44:b0:0a:a2:df:a0:55:
                    e6:e8:4f:ca:f8:7a:51:ad:ad:78:bc:c7:61:d6:75:
                    8f:61:f1:09:6a:45:55:c2:ab:85:51:e2:ea:87:d2:
                    21:af:63:3b:40:9a:ca:45:de:d2:17:63:cd:3f:71:
                    fd:bc:99:43:4b:b9:95:dd:43:b5:22:30:8d:bc:e5:
                    ea:99:51:fa:8a:c5:ff:c7:3b:c0:7f:89:ea:32:f9:
                    a4:99:09:0c:c0:5b:51:51:f4:ad:ca:ec:d8:e4:57:
                    df:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:B4:B3:5A:74:B8:93:8B:9F:44:43:CA:58:BA:BB:78:0B:50:47:DD
            X509v3 Authority Key Identifier:
                keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/RLSzWnS4k4ufREPKWLq7eAtQR90.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.248.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a7:db:56:7e:9d:bc:a4:23:39:53:bc:3e:1d:02:b9:cf:2d:ad:
         59:ea:eb:c3:72:7e:12:c8:47:39:0a:80:37:59:50:ab:09:76:
         02:28:1f:c2:a2:af:aa:c0:7a:0e:a3:24:63:bc:69:c9:8b:e1:
         64:90:10:d8:28:0e:38:c8:5a:53:95:af:f0:ca:79:39:9b:cc:
         53:2f:e5:cb:14:b8:cc:ca:7d:50:6f:aa:2c:fc:3e:4c:a7:cf:
         03:46:9f:93:58:1c:07:7f:81:eb:04:57:50:2c:3d:72:d7:aa:
         13:49:41:df:58:39:14:38:01:54:6b:8e:09:e3:6e:ed:a6:bd:
         24:1c:22:6b:d7:02:56:ac:b1:bd:e6:4a:71:25:d4:16:97:90:
         d4:e7:af:5d:e9:db:2f:72:93:70:23:48:9c:6f:8a:29:4a:21:
         2c:9c:2e:d9:5f:fc:b2:3d:c3:7f:61:17:de:b2:67:c1:76:54:
         84:23:1b:fe:c4:87:c2:8f:61:40:c7:58:f3:0f:8b:d3:7a:66:
         99:fd:72:be:6e:db:2a:c3:c7:4b:76:4f:96:5e:ba:c6:cf:34:
         ec:6e:03:b5:a7:bb:ba:10:c5:19:89:d2:5f:64:a5:82:eb:b0:
         d9:15:29:f3:6d:5c:e7:97:6f:44:88:c7:8d:24:86:5f:d3:1a:
         4d:35:af:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIfV8rt84Hyo5y6WhfUYOVLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjYxZmM3YzBhYjQxY2UxNTRlN2JjYjA4ZWY5NjIzNTFh
NDY3ODQwHhcNMjIwNzIxMDYwMDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGI0YjM1YTc0Yjg5MzhiOWY0NDQzY2E1OGJhYmI3ODBiNTA0N2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9EMnpiZ0R2iRbwmmL9deRejjWe1
6K6U4NqKVpNrq0qpCXHheKwW/8/+eZ1FJYmOHSLOExjeULCpaEzdaejlRCDTzEUz
8n+CfW9nWgZ2LLQ8oAyXCOnxx2uE214bFeg2UEVt61GDjYT4R6u+xjXDa1MwktJk
whj5a11eXbAlnLtuxfHepL/+vvkz0VMzosbEpQNAm1UmDnuj+BJdcESwCqLfoFXm
6E/K+HpRra14vMdh1nWPYfEJakVVwquFUeLqh9Ihr2M7QJrKRd7SF2PNP3H9vJlD
S7mV3UO1IjCNvOXqmVH6isX/xzvAf4nqMvmkmQkMwFtRUfStyuzY5FffmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFES0s1p0uJOLn0RDyli6u3gLUEfdMB8GA1UdIwQY
MBaAFHf2H8fAq0HOFU57ywjvliNRpGeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjkt
ZWRjOWQwMmZhZjU0LzEvUkxTelduUzRrNHVmUkVQS1dMcTdlQXRRUjkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjktZWRjOWQwMmZhZjU0
LzEvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV/idMA0G
CSqGSIb3DQEBCwUAA4IBAQCn21Z+nbykIzlTvD4dArnPLa1Z6uvDcn4SyEc5CoA3
WVCrCXYCKB/Coq+qwHoOoyRjvGnJi+FkkBDYKA44yFpTla/wynk5m8xTL+XLFLjM
yn1Qb6os/D5Mp88DRp+TWBwHf4HrBFdQLD1y16oTSUHfWDkUOAFUa44J427tpr0k
HCJr1wJWrLG95kpxJdQWl5DU569d6dsvcpNwI0icb4opSiEsnC7ZX/yyPcN/YRfe
smfBdlSEIxv+xIfCj2FAx1jzD4vTemaZ/XK+btsqw8dLdk+WXrrGzzTsbgO1p7u6
EMUZidJfZKWC67DZFSnzbVznl29EiMeNJIZf0xpNNa+Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:35 2024 by rpki-client on console-fra.rpki-client.org