Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/g5Q4-cFxqsjDFn6QkajRdJJZl8w.roa
File:                     g5Q4-cFxqsjDFn6QkajRdJJZl8w.roa (raw, json)
Hash identifier:          RWb8dYOGpS9AizRca2Ec4aWwIiye+BJ9meZOFxQOIaA=
Subject key identifier:   83:94:38:F9:C1:71:AA:C8:C3:16:7E:90:91:A8:D1:74:92:59:97:CC
Certificate issuer:       /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial:       0183FA15BC390EE4F29850E730117BE91A64
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/g5Q4-cFxqsjDFn6QkajRdJJZl8w.roa
Signing time:             Fri 21 Oct 2022 10:27:51 +0000
ROA not before:           Fri 21 Oct 2022 10:27:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201690
IP address blocks:        87.248.129.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:fa:15:bc:39:0e:e4:f2:98:50:e7:30:11:7b:e9:1a:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
        Validity
            Not Before: Oct 21 10:27:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=839438f9c171aac8c3167e9091a8d174925997cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:9a:36:55:d3:bc:3d:8f:81:cf:fc:bf:77:ea:
                    fd:f2:aa:57:3b:ba:d0:58:0a:f6:62:ac:71:06:98:
                    a7:be:a6:7e:49:91:56:17:c2:85:07:b8:0c:f2:a4:
                    4e:f6:36:a0:9c:fa:a5:3f:fc:f6:b3:56:a5:99:73:
                    da:c9:83:cf:f8:e0:71:fc:a3:41:03:4d:f7:b4:de:
                    e5:1a:86:bb:ae:90:0d:28:82:ce:41:04:e5:c1:7d:
                    34:e0:de:44:fe:f4:19:a1:af:2d:43:64:90:0d:34:
                    6c:36:c1:d6:98:74:81:78:7d:fb:83:c4:c2:d6:09:
                    bb:ba:50:1a:75:58:0e:97:be:3b:c8:7d:ab:b5:ca:
                    63:de:43:b2:ab:35:1d:fe:ce:3e:e7:c4:38:15:4f:
                    d6:f5:28:9f:86:89:95:18:38:25:0e:59:e2:f1:d4:
                    76:42:ac:b6:a4:f6:df:2b:25:c8:93:9c:c4:48:7a:
                    c5:5d:9a:74:ad:f4:7d:fc:be:ac:3e:c4:63:18:25:
                    8a:17:fb:2b:88:c2:14:ef:75:a2:c9:6b:25:9d:5d:
                    d3:24:bc:0d:c5:b1:b6:45:c6:4a:00:ad:55:0b:86:
                    af:6a:bd:fb:8a:29:d6:8a:71:92:25:ac:c6:33:71:
                    0a:13:9a:ce:64:13:e1:53:4b:d8:0d:e6:b2:8b:0d:
                    50:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:94:38:F9:C1:71:AA:C8:C3:16:7E:90:91:A8:D1:74:92:59:97:CC
            X509v3 Authority Key Identifier:
                keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/g5Q4-cFxqsjDFn6QkajRdJJZl8w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.248.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:10:72:d3:1a:7d:58:af:72:01:ee:b6:0e:13:d4:fb:49:38:
         12:f4:b5:4b:08:7e:d7:76:24:b4:e8:b9:18:25:ca:8b:d1:f0:
         cf:0a:5b:b3:d0:0d:e3:27:79:ac:76:cf:bd:c9:a5:e0:8a:3e:
         1c:2a:0c:d0:a9:ba:4d:65:9c:c6:f9:4d:fe:f0:60:93:3e:be:
         53:26:b0:f0:a2:59:f5:2c:7c:e1:2e:0d:34:5e:30:a5:c0:ec:
         6b:db:0e:8e:82:7b:0c:95:ab:85:dd:49:ec:b6:09:36:02:aa:
         ba:f9:1b:8b:26:93:73:67:33:15:21:f7:42:8c:d6:6f:9c:e4:
         2f:c1:81:c8:30:99:d1:1f:0b:df:d1:6a:27:78:18:ac:ea:5f:
         3b:eb:39:31:ba:3e:30:64:a4:64:65:cf:8f:1e:d3:31:a0:0f:
         4d:22:aa:da:a2:49:9e:02:b0:47:b3:23:32:64:f7:fd:2e:fd:
         11:fb:62:fa:e0:b6:69:c1:22:11:b5:57:48:e7:79:70:82:f3:
         04:24:72:6c:5a:ad:a9:57:2e:20:f3:25:0b:d0:64:d8:8e:d8:
         f9:f9:56:9a:5e:d7:5b:0e:1f:8d:78:1a:aa:dd:56:6b:6a:36:
         d7:fb:6a:bf:31:b9:ad:90:77:88:e3:6d:52:d1:c4:ee:2f:dd:
         61:a1:ee:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYP6Fbw5DuTymFDnMBF76RpkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjYxZmM3YzBhYjQxY2UxNTRlN2JjYjA4ZWY5NjIzNTFh
NDY3ODQwHhcNMjIxMDIxMTAyNzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mzk0MzhmOWMxNzFhYWM4YzMxNjdlOTA5MWE4ZDE3NDkyNTk5N2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Zo2VdO8PY+Bz/y/d+r98qpXO7rQ
WAr2YqxxBpinvqZ+SZFWF8KFB7gM8qRO9jagnPqlP/z2s1almXPayYPP+OBx/KNB
A033tN7lGoa7rpANKILOQQTlwX004N5E/vQZoa8tQ2SQDTRsNsHWmHSBeH37g8TC
1gm7ulAadVgOl747yH2rtcpj3kOyqzUd/s4+58Q4FU/W9SifhomVGDglDlni8dR2
Qqy2pPbfKyXIk5zESHrFXZp0rfR9/L6sPsRjGCWKF/sriMIU73WiyWslnV3TJLwN
xbG2RcZKAK1VC4avar37iinWinGSJazGM3EKE5rOZBPhU0vYDeayiw1QvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIOUOPnBcarIwxZ+kJGo0XSSWZfMMB8GA1UdIwQY
MBaAFHf2H8fAq0HOFU57ywjvliNRpGeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjkt
ZWRjOWQwMmZhZjU0LzEvZzVRNC1jRnhxc2pERm42UWthalJkSkpabDh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjktZWRjOWQwMmZhZjU0
LzEvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV/iBMA0G
CSqGSIb3DQEBCwUAA4IBAQA7EHLTGn1Yr3IB7rYOE9T7STgS9LVLCH7XdiS06LkY
JcqL0fDPCluz0A3jJ3msds+9yaXgij4cKgzQqbpNZZzG+U3+8GCTPr5TJrDwoln1
LHzhLg00XjClwOxr2w6OgnsMlauF3Unstgk2Aqq6+RuLJpNzZzMVIfdCjNZvnOQv
wYHIMJnRHwvf0WoneBis6l876zkxuj4wZKRkZc+PHtMxoA9NIqraokmeArBHsyMy
ZPf9Lv0R+2L64LZpwSIRtVdI53lwgvMEJHJsWq2pVy4g8yUL0GTYjtj5+VaaXtdb
Dh+NeBqq3VZrajbX+2q/MbmtkHeI421S0cTuL91hoe71
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:35 2024 by rpki-client on console-fra.rpki-client.org