Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/gK2cZ8wpQrGf1XZtzq7rsUjghvI.roa
File:                     gK2cZ8wpQrGf1XZtzq7rsUjghvI.roa (raw, json)
Hash identifier:          l9ShLWd9PO/FC/3sPMuTjLxVRLqa0ep1YMzErXuBudM=
Subject key identifier:   80:AD:9C:67:CC:29:42:B1:9F:D5:76:6D:CE:AE:EB:B1:48:E0:86:F2
Certificate issuer:       /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial:       1BDB4EB6
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/gK2cZ8wpQrGf1XZtzq7rsUjghvI.roa
Signing time:             Sun 24 Apr 2022 07:05:10 +0000
ROA not before:           Sun 24 Apr 2022 07:05:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        87.248.133.0/24 maxlen: 24
                          87.248.158.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 467357366 (0x1bdb4eb6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
        Validity
            Not Before: Apr 24 07:05:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=80ad9c67cc2942b19fd5766dceaeebb148e086f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:dd:89:1c:85:29:0d:3f:d4:e7:49:82:62:ee:
                    5f:55:c6:6c:cb:12:16:6c:0e:0f:fa:3e:8e:32:4f:
                    14:67:11:99:03:c9:60:eb:48:80:20:a0:91:0d:02:
                    a6:bc:78:e4:95:27:47:bc:84:0c:05:11:1c:31:4e:
                    0f:6d:9d:e4:10:4b:8f:94:fe:35:fb:17:28:4d:c1:
                    66:ff:9d:20:e4:f3:50:9f:bf:5c:cd:4f:54:2f:69:
                    a6:b5:84:bd:61:5c:9f:7b:ea:8d:e0:64:71:98:d4:
                    f8:4c:77:da:16:e5:2a:2d:a5:68:18:91:10:73:a2:
                    2e:fd:46:c4:2d:54:cb:7f:a2:e1:9a:67:9b:0c:46:
                    d0:29:c5:e6:74:22:6c:1c:ec:e1:45:8d:df:44:4f:
                    f1:59:9d:44:99:d0:1a:d2:98:6c:c3:5c:79:5a:4d:
                    40:15:f4:b1:68:0d:78:69:95:f2:4c:d9:27:8f:ee:
                    40:4d:1a:b5:7f:18:a8:2b:f8:09:8a:44:c1:78:33:
                    a5:a2:97:c7:85:dc:2c:9f:47:87:39:e5:b7:18:92:
                    f7:60:db:e7:d9:e9:ff:55:9a:04:66:22:bd:fe:1b:
                    b3:ca:f2:bd:49:db:84:2e:ff:bf:33:36:7a:03:52:
                    4c:b6:33:e8:78:21:30:8f:6e:e1:78:2f:c7:81:30:
                    85:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:AD:9C:67:CC:29:42:B1:9F:D5:76:6D:CE:AE:EB:B1:48:E0:86:F2
            X509v3 Authority Key Identifier:
                keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/gK2cZ8wpQrGf1XZtzq7rsUjghvI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.248.133.0/24
                  87.248.158.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:73:c6:6b:11:20:8d:d3:59:8b:1a:33:84:36:25:58:99:85:
         cb:eb:c8:4b:a7:07:b7:01:4b:28:93:9e:cc:7a:a1:ea:8a:ae:
         e4:76:d0:00:b9:ab:79:23:b0:84:8b:b1:62:92:05:f6:39:f6:
         4b:1c:aa:0c:90:4e:43:bb:15:5b:d3:ac:0f:58:7d:e3:9c:c2:
         77:5a:39:65:9c:41:e4:67:52:20:d5:e7:07:1a:bb:de:c5:25:
         46:e5:8a:6b:9a:fa:df:3b:0b:8f:7c:92:7f:5e:aa:0d:3f:14:
         1c:10:1a:fa:97:c3:b1:21:c7:43:8c:24:56:15:05:50:83:0b:
         a1:22:7e:7a:3b:de:b1:0f:a7:83:f9:78:78:c6:b4:5a:07:5e:
         14:b1:b9:77:7d:4d:23:8b:b8:91:dd:7d:7e:c7:64:e7:0d:eb:
         97:3b:c4:9a:8b:51:b0:3b:3d:cd:e8:3a:e5:a4:56:65:80:58:
         46:5b:a3:a1:fa:24:f4:87:41:47:29:31:6c:74:f9:2c:e5:38:
         96:22:26:6b:83:85:49:b1:13:f6:19:67:dc:f3:2b:57:24:9c:
         05:35:d2:44:be:c8:fe:54:1f:9f:be:a6:88:b2:7a:48:72:fe:
         6f:d5:a2:32:59:30:0b:69:5c:b1:78:f8:2f:0c:df:ed:84:65:
         d7:77:3e:34
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEG9tOtjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
N2Y2MWZjN2MwYWI0MWNlMTU0ZTdiY2IwOGVmOTYyMzUxYTQ2Nzg0MB4XDTIyMDQy
NDA3MDUxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODBhZDljNjdjYzI5
NDJiMTlmZDU3NjZkY2VhZWViYjE0OGUwODZmMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKzdiRyFKQ0/1OdJgmLuX1XGbMsSFmwOD/o+jjJPFGcRmQPJ
YOtIgCCgkQ0Cprx45JUnR7yEDAURHDFOD22d5BBLj5T+NfsXKE3BZv+dIOTzUJ+/
XM1PVC9pprWEvWFcn3vqjeBkcZjU+Ex32hblKi2laBiREHOiLv1GxC1Uy3+i4Zpn
mwxG0CnF5nQibBzs4UWN30RP8VmdRJnQGtKYbMNceVpNQBX0sWgNeGmV8kzZJ4/u
QE0atX8YqCv4CYpEwXgzpaKXx4XcLJ9HhznltxiS92Db59np/1WaBGYivf4bs8ry
vUnbhC7/vzM2egNSTLYz6HghMI9u4Xgvx4EwhZkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSArZxnzClCsZ/Vdm3OruuxSOCG8jAfBgNVHSMEGDAWgBR39h/HwKtBzhVO
e8sI75YjUaRnhDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RfWWZ4OENyUWM0VlRudkxDTy1XSTFHa1o0US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvOTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1NC8x
L2dLMmNaOHdwUXJHZjFYWnR6cTdyc1VqZ2h2SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
OTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1NC8xL2RfWWZ4OENyUWM0
VlRudkxDTy1XSTFHa1o0US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFf4hQMEAFf4njANBgkqhkiG9w0B
AQsFAAOCAQEAmnPGaxEgjdNZixozhDYlWJmFy+vIS6cHtwFLKJOezHqh6oqu5HbQ
ALmreSOwhIuxYpIF9jn2SxyqDJBOQ7sVW9OsD1h945zCd1o5ZZxB5GdSINXnBxq7
3sUlRuWKa5r63zsLj3ySf16qDT8UHBAa+pfDsSHHQ4wkVhUFUIMLoSJ+ejvesQ+n
g/l4eMa0WgdeFLG5d31NI4u4kd19fsdk5w3rlzvEmotRsDs9zeg65aRWZYBYRluj
ofok9IdBRykxbHT5LOU4liIma4OFSbET9hln3PMrVyScBTXSRL7I/lQfn76miLJ6
SHL+b9WiMlkwC2lcsXj4Lwzf7YRl13c+NA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:35 2024 by rpki-client on console-fra.rpki-client.org