Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/UbX6PCxPtY4Mkdwb_ws742zgWmg.roa
File:                     UbX6PCxPtY4Mkdwb_ws742zgWmg.roa (raw, json)
Hash identifier:          9FRLloEIZhdJ7QwSv+GmalxvMfHsLV07i3rInDD0ZQg=
Subject key identifier:   51:B5:FA:3C:2C:4F:B5:8E:0C:91:DC:1B:FF:0B:3B:E3:6C:E0:5A:68
Certificate issuer:       /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial:       018431DF044AE70E6AD4AD89DAC91CB7A573
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/UbX6PCxPtY4Mkdwb_ws742zgWmg.roa
Signing time:             Tue 01 Nov 2022 06:26:50 +0000
ROA not before:           Tue 01 Nov 2022 06:26:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211975
IP address blocks:        87.248.151.0/24 maxlen: 24
                          87.248.157.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:31:df:04:4a:e7:0e:6a:d4:ad:89:da:c9:1c:b7:a5:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
        Validity
            Not Before: Nov  1 06:26:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=51b5fa3c2c4fb58e0c91dc1bff0b3be36ce05a68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:56:0e:f3:14:a4:7f:21:66:5d:0b:0c:b6:ed:
                    b6:88:55:96:78:5c:da:33:b9:d5:78:ff:ac:28:0e:
                    0d:db:34:7d:6c:1f:b8:18:21:c4:ef:e3:ea:3c:1f:
                    64:8d:45:84:6f:15:ce:9a:90:1d:14:7a:a5:9a:8e:
                    9a:44:aa:44:6d:10:0f:e7:c1:d3:9d:7f:1a:3a:66:
                    ff:18:d1:48:36:7f:58:c1:5a:41:c1:f7:43:fe:b6:
                    38:d4:6c:59:f1:29:10:e3:6d:f3:25:75:05:2d:e8:
                    8d:0c:62:c2:59:ab:4d:f2:85:20:64:df:81:37:89:
                    20:dd:74:ef:a5:80:de:4a:35:95:1e:49:16:28:18:
                    b4:49:f5:1f:35:20:d6:92:3c:b1:f3:47:3c:5a:aa:
                    ee:01:aa:28:dd:4e:c7:fc:50:b8:31:3c:3b:ee:c1:
                    8b:02:52:c9:bd:f8:95:14:cb:be:1c:bb:d1:a6:c3:
                    81:b8:49:eb:c6:d0:1b:06:84:4c:ef:f6:7e:c8:62:
                    40:c1:a7:28:cc:82:a2:4a:f0:2b:08:18:1a:bb:4c:
                    51:33:0f:f9:40:7b:9d:90:32:99:c9:52:59:13:30:
                    fe:59:fc:de:8b:fe:3b:f6:4c:5a:1a:36:79:02:01:
                    d1:d6:30:1e:ca:9d:3a:00:ae:73:d9:06:56:b4:ba:
                    77:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:B5:FA:3C:2C:4F:B5:8E:0C:91:DC:1B:FF:0B:3B:E3:6C:E0:5A:68
            X509v3 Authority Key Identifier:
                keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/UbX6PCxPtY4Mkdwb_ws742zgWmg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.248.151.0/24
                  87.248.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:fa:ac:71:44:42:54:93:80:7f:73:06:85:53:df:78:8e:c9:
         c4:af:78:8e:60:08:50:11:ae:0d:0d:a6:9c:14:3b:0b:68:8b:
         f5:81:a6:b9:f7:34:96:1a:41:4e:39:9a:69:c5:50:f4:9b:cc:
         2f:7d:9e:aa:29:47:26:d1:18:09:3d:18:43:d8:a2:61:b2:0a:
         94:8c:93:5d:4f:ba:67:8d:32:55:07:40:9d:ad:75:e4:be:5b:
         ff:06:dd:21:f6:36:27:65:a8:52:95:14:ed:88:c1:06:0f:ea:
         03:bd:22:67:ae:27:e9:8f:e5:d7:4a:13:92:e9:ce:72:cb:fa:
         e9:6f:80:d1:d2:3d:2a:d7:9e:62:38:d4:8c:17:8a:53:b7:1e:
         46:6d:b2:86:f7:78:72:cb:38:f4:d2:fa:81:79:0a:1d:cd:38:
         c6:ed:a8:e9:51:5b:12:43:7e:3b:3a:f9:7e:f9:37:55:47:19:
         77:78:3c:59:d6:a4:a8:79:fc:98:4d:01:95:7b:9c:fd:e6:58:
         8e:4d:39:b9:6b:1f:00:05:35:7a:5e:cf:8b:69:33:78:c2:31:
         39:d1:6e:13:f9:c6:33:97:95:3d:7c:dc:75:db:ac:23:6c:3d:
         35:99:e1:63:c3:2d:1f:00:1d:c4:5d:c0:df:c8:70:a4:ad:77:
         b1:e8:67:a1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQx3wRK5w5q1K2J2skct6VzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjYxZmM3YzBhYjQxY2UxNTRlN2JjYjA4ZWY5NjIzNTFh
NDY3ODQwHhcNMjIxMTAxMDYyNjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWI1ZmEzYzJjNGZiNThlMGM5MWRjMWJmZjBiM2JlMzZjZTA1YTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVYO8xSkfyFmXQsMtu22iFWWeFza
M7nVeP+sKA4N2zR9bB+4GCHE7+PqPB9kjUWEbxXOmpAdFHqlmo6aRKpEbRAP58HT
nX8aOmb/GNFINn9YwVpBwfdD/rY41GxZ8SkQ423zJXUFLeiNDGLCWatN8oUgZN+B
N4kg3XTvpYDeSjWVHkkWKBi0SfUfNSDWkjyx80c8WqruAaoo3U7H/FC4MTw77sGL
AlLJvfiVFMu+HLvRpsOBuEnrxtAbBoRM7/Z+yGJAwacozIKiSvArCBgau0xRMw/5
QHudkDKZyVJZEzD+Wfzei/479kxaGjZ5AgHR1jAeyp06AK5z2QZWtLp3kQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFG1+jwsT7WODJHcG/8LO+Ns4FpoMB8GA1UdIwQY
MBaAFHf2H8fAq0HOFU57ywjvliNRpGeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjkt
ZWRjOWQwMmZhZjU0LzEvVWJYNlBDeFB0WTRNa2R3Yl93czc0MnpnV21nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjktZWRjOWQwMmZhZjU0
LzEvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV/iXAwQA
V/idMA0GCSqGSIb3DQEBCwUAA4IBAQB6+qxxREJUk4B/cwaFU994jsnEr3iOYAhQ
Ea4NDaacFDsLaIv1gaa59zSWGkFOOZppxVD0m8wvfZ6qKUcm0RgJPRhD2KJhsgqU
jJNdT7pnjTJVB0CdrXXkvlv/Bt0h9jYnZahSlRTtiMEGD+oDvSJnrifpj+XXShOS
6c5yy/rpb4DR0j0q155iONSMF4pTtx5GbbKG93hyyzj00vqBeQodzTjG7ajpUVsS
Q347Ovl++TdVRxl3eDxZ1qSoefyYTQGVe5z95liOTTm5ax8ABTV6Xs+LaTN4wjE5
0W4T+cYzl5U9fNx126wjbD01meFjwy0fAB3EXcDfyHCkrXex6Geh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:35 2024 by rpki-client on console-fra.rpki-client.org