Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/lWoXJcVInt5wV3oXYEYZ5oNbj7E.roa
File:                     lWoXJcVInt5wV3oXYEYZ5oNbj7E.roa (raw, json)
Hash identifier:          wljM81PHNcxMAiVl7gc110CRxdxqGOS+XoNiyZV/OBk=
Subject key identifier:   95:6A:17:25:C5:48:9E:DE:70:57:7A:17:60:46:19:E6:83:5B:8F:B1
Certificate issuer:       /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial:       01821F57C9E068818EF5AE1D66C7799FFBFE
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/lWoXJcVInt5wV3oXYEYZ5oNbj7E.roa
Signing time:             Thu 21 Jul 2022 06:00:23 +0000
ROA not before:           Thu 21 Jul 2022 06:00:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     30823
IP address blocks:        87.248.133.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:1f:57:c9:e0:68:81:8e:f5:ae:1d:66:c7:79:9f:fb:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
        Validity
            Not Before: Jul 21 06:00:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=956a1725c5489ede70577a17604619e6835b8fb1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:d9:0a:b8:67:33:f3:1e:4a:1e:56:57:2a:14:
                    07:b7:26:61:46:c4:98:20:db:3f:09:af:01:48:c8:
                    b6:84:d2:ec:2f:0c:a1:17:49:55:97:ff:0d:30:a3:
                    a6:2c:48:b8:3f:3b:c5:9a:a4:3b:ea:4d:bc:d5:0e:
                    b9:49:15:fa:8c:46:59:89:47:be:f0:4f:cc:d2:31:
                    52:f1:98:9b:86:89:b0:37:fe:a4:50:08:7d:eb:cb:
                    44:ed:07:e9:e4:7b:3b:f2:18:51:6e:0b:7e:0d:92:
                    df:eb:85:cf:72:53:bf:64:35:7b:b5:0c:92:15:94:
                    36:ba:02:ad:eb:88:09:fd:20:3e:0c:fb:76:fb:fc:
                    33:cd:b9:c5:a0:fa:0c:19:ff:70:81:69:9d:a0:64:
                    f2:fc:3f:1f:14:9f:cc:91:18:b0:2c:ea:5d:58:b0:
                    5b:34:76:56:ec:23:59:70:4f:13:61:9c:d0:1a:d8:
                    b5:77:9c:28:fe:43:58:53:c8:13:99:19:d0:ae:40:
                    1d:ef:bb:79:69:ab:e4:48:b1:9e:fa:b6:47:31:99:
                    37:74:19:d3:68:35:58:cc:f8:50:77:1b:7f:c1:8c:
                    b2:0c:d7:35:86:0e:75:31:89:5d:e8:61:01:77:56:
                    14:b8:e3:ef:7f:de:f0:99:23:1d:33:a3:34:5f:2f:
                    05:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:6A:17:25:C5:48:9E:DE:70:57:7A:17:60:46:19:E6:83:5B:8F:B1
            X509v3 Authority Key Identifier:
                keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/lWoXJcVInt5wV3oXYEYZ5oNbj7E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.248.133.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a6:6d:57:61:a0:f8:99:5a:75:35:27:65:1c:7f:8e:5a:9e:25:
         e0:44:57:72:3c:dd:58:d1:0e:5a:00:12:04:7f:f3:cb:7d:91:
         9a:b5:1a:fd:44:04:7f:9e:bf:87:b0:1e:be:6b:a7:16:02:9e:
         e4:74:f2:3b:02:ed:69:d3:50:0c:00:d9:62:1b:e0:74:e9:8c:
         20:4b:da:22:62:62:bc:31:be:39:03:23:b2:a4:42:e4:28:e8:
         5f:fc:59:d7:96:a3:28:f7:57:9b:ae:04:04:9b:6d:9e:31:e2:
         8f:b6:7c:9c:1f:f4:5c:29:db:af:cb:21:fa:00:d6:89:48:06:
         52:53:1c:a2:b0:96:3e:3b:e3:bb:6d:a7:2d:44:5f:44:e6:0e:
         6c:93:e3:f8:bd:76:0b:9b:e9:29:09:66:80:49:22:2c:d0:f9:
         a9:a3:b5:47:ff:1a:19:e3:67:23:0b:45:cd:91:7f:9e:60:9a:
         d9:b9:50:96:b0:f6:cb:7f:de:f3:8e:58:dc:f3:0f:e1:3b:cd:
         83:b5:a1:9d:ea:8c:49:12:e5:53:21:de:fa:b1:18:34:1f:7c:
         26:00:7e:21:ca:0c:c3:13:f7:02:71:90:f9:4c:05:09:1d:f4:
         6b:c0:8e:ab:5f:cd:9d:cc:c7:d6:3f:79:5d:f6:e2:df:ce:5c:
         9e:38:01:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIfV8ngaIGO9a4dZsd5n/v+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjYxZmM3YzBhYjQxY2UxNTRlN2JjYjA4ZWY5NjIzNTFh
NDY3ODQwHhcNMjIwNzIxMDYwMDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTZhMTcyNWM1NDg5ZWRlNzA1NzdhMTc2MDQ2MTllNjgzNWI4ZmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9kKuGcz8x5KHlZXKhQHtyZhRsSY
INs/Ca8BSMi2hNLsLwyhF0lVl/8NMKOmLEi4PzvFmqQ76k281Q65SRX6jEZZiUe+
8E/M0jFS8ZibhomwN/6kUAh968tE7Qfp5Hs78hhRbgt+DZLf64XPclO/ZDV7tQyS
FZQ2ugKt64gJ/SA+DPt2+/wzzbnFoPoMGf9wgWmdoGTy/D8fFJ/MkRiwLOpdWLBb
NHZW7CNZcE8TYZzQGti1d5wo/kNYU8gTmRnQrkAd77t5aavkSLGe+rZHMZk3dBnT
aDVYzPhQdxt/wYyyDNc1hg51MYld6GEBd1YUuOPvf97wmSMdM6M0Xy8F7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJVqFyXFSJ7ecFd6F2BGGeaDW4+xMB8GA1UdIwQY
MBaAFHf2H8fAq0HOFU57ywjvliNRpGeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjkt
ZWRjOWQwMmZhZjU0LzEvbFdvWEpjVkludDV3VjNvWFlFWVo1b05iajdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjktZWRjOWQwMmZhZjU0
LzEvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV/iFMA0G
CSqGSIb3DQEBCwUAA4IBAQCmbVdhoPiZWnU1J2Ucf45aniXgRFdyPN1Y0Q5aABIE
f/PLfZGatRr9RAR/nr+HsB6+a6cWAp7kdPI7Au1p01AMANliG+B06YwgS9oiYmK8
Mb45AyOypELkKOhf/FnXlqMo91ebrgQEm22eMeKPtnycH/RcKduvyyH6ANaJSAZS
UxyisJY+O+O7bactRF9E5g5sk+P4vXYLm+kpCWaASSIs0Pmpo7VH/xoZ42cjC0XN
kX+eYJrZuVCWsPbLf97zjljc8w/hO82DtaGd6oxJEuVTId76sRg0H3wmAH4hygzD
E/cCcZD5TAUJHfRrwI6rX82dzMfWP3ld9uLfzlyeOAFw
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:26 2024 by rpki-client on console-ams.rpki-client.org