Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/mGP8yYE5yh3fS1IFG038mM2PeWw.roa
File:                     mGP8yYE5yh3fS1IFG038mM2PeWw.roa (raw, json)
Hash identifier:          PLDBt2VgEomm0M6/Jb4Ik7t/S8K6Hzs9yU9j9/81bC0=
Subject key identifier:   98:63:FC:C9:81:39:CA:1D:DF:4B:52:05:1B:4D:FC:98:CD:8F:79:6C
Certificate issuer:       /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial:       1C5FCF61
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/mGP8yYE5yh3fS1IFG038mM2PeWw.roa
Signing time:             Thu 02 Jun 2022 21:28:21 +0000
ROA not before:           Thu 02 Jun 2022 21:28:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35913
IP address blocks:        87.248.143.0/24 maxlen: 24
                          87.248.156.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 476041057 (0x1c5fcf61)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
        Validity
            Not Before: Jun  2 21:28:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9863fcc98139ca1ddf4b52051b4dfc98cd8f796c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:8d:e6:35:ad:1d:e8:73:3e:cb:97:f2:b1:e9:
                    5c:e3:5d:23:e8:22:90:4f:0c:8c:74:1b:73:ba:dc:
                    54:c7:6d:d1:77:82:29:fb:fa:82:14:a2:47:7e:bf:
                    89:6e:57:19:59:78:4b:a2:90:9e:29:9c:6c:09:30:
                    37:85:f5:e7:13:17:0d:03:19:79:fb:67:c4:a3:c6:
                    da:e9:4e:45:7b:94:5f:2f:a0:99:3a:6a:8f:a8:09:
                    48:38:ad:b4:08:65:fd:3d:d6:8e:98:73:19:4c:98:
                    9a:f5:59:3d:f7:46:04:3c:08:94:20:1d:f9:c9:86:
                    27:15:af:e4:ff:e6:31:d0:91:67:59:d9:91:dc:b4:
                    15:d2:b6:bc:e7:81:fe:84:5a:91:07:ba:00:03:b4:
                    7e:f3:4b:74:f7:b9:33:a8:19:2a:22:07:2a:ba:99:
                    29:eb:2e:92:a7:2a:e9:ca:e0:72:ad:f0:60:7a:b8:
                    46:8d:1e:d2:6e:c5:90:ed:62:31:e9:99:aa:fc:6f:
                    a7:03:e4:36:1f:f8:8a:2c:88:dc:28:a7:e2:ac:20:
                    6c:8f:65:b5:06:da:2b:81:ae:54:d1:61:99:ab:4b:
                    9b:b0:40:9e:d6:32:23:be:9b:6a:9a:92:90:d6:09:
                    05:9f:70:cf:5c:a6:5e:83:7c:c9:41:be:cc:c1:f2:
                    28:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:63:FC:C9:81:39:CA:1D:DF:4B:52:05:1B:4D:FC:98:CD:8F:79:6C
            X509v3 Authority Key Identifier:
                keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/mGP8yYE5yh3fS1IFG038mM2PeWw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.248.143.0/24
                  87.248.156.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:76:fa:dc:22:08:a7:0a:86:d5:cc:1a:89:2d:04:84:78:18:
         a1:46:34:48:6f:86:3c:a2:eb:06:eb:02:95:a0:7a:c6:d9:51:
         db:3e:2d:a0:ab:73:f5:83:cf:74:29:2e:14:6a:65:9c:98:1f:
         08:43:8d:e2:90:7f:14:28:4c:33:2c:17:53:da:0e:47:98:0e:
         3e:f0:7d:7f:bb:03:b0:6d:3e:18:33:9b:bf:0d:2d:c0:27:7e:
         dc:25:45:a6:c6:4a:5b:c8:c8:bc:c2:54:cb:7c:f6:30:05:bb:
         50:e4:6e:96:ed:3c:fe:e9:cb:4d:aa:bb:fa:2c:b9:67:4f:5d:
         aa:72:14:54:39:07:40:fb:77:27:f6:40:9c:64:fd:7c:53:d7:
         1c:08:be:f8:b5:30:61:dd:d7:71:8b:a5:d8:f7:b9:90:5c:5f:
         28:4f:4b:20:22:4d:4f:5a:15:84:87:81:a9:f3:4a:4f:87:df:
         51:e0:0b:de:63:6a:d9:ec:27:6b:70:68:7e:8c:4c:ff:ad:76:
         92:72:fd:14:c4:a9:b3:2b:d7:c3:dc:88:e3:c9:34:71:43:0e:
         9e:45:9c:a9:6e:10:c9:c8:bb:ed:05:e3:0b:ee:c9:6b:08:40:
         a9:b3:56:59:26:75:ec:66:94:d0:45:5c:d6:2d:29:4b:ff:4f:
         a5:22:ab:d7
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEHF/PYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
N2Y2MWZjN2MwYWI0MWNlMTU0ZTdiY2IwOGVmOTYyMzUxYTQ2Nzg0MB4XDTIyMDYw
MjIxMjgyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTg2M2ZjYzk4MTM5
Y2ExZGRmNGI1MjA1MWI0ZGZjOThjZDhmNzk2YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJaN5jWtHehzPsuX8rHpXONdI+gikE8MjHQbc7rcVMdt0XeC
Kfv6ghSiR36/iW5XGVl4S6KQnimcbAkwN4X15xMXDQMZeftnxKPG2ulORXuUXy+g
mTpqj6gJSDittAhl/T3WjphzGUyYmvVZPfdGBDwIlCAd+cmGJxWv5P/mMdCRZ1nZ
kdy0FdK2vOeB/oRakQe6AAO0fvNLdPe5M6gZKiIHKrqZKesukqcq6crgcq3wYHq4
Ro0e0m7FkO1iMemZqvxvpwPkNh/4iiyI3Cin4qwgbI9ltQbaK4GuVNFhmatLm7BA
ntYyI76bapqSkNYJBZ9wz1ymXoN8yUG+zMHyKB8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSYY/zJgTnKHd9LUgUbTfyYzY95bDAfBgNVHSMEGDAWgBR39h/HwKtBzhVO
e8sI75YjUaRnhDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RfWWZ4OENyUWM0VlRudkxDTy1XSTFHa1o0US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvOTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1NC8x
L21HUDh5WUU1eWgzZlMxSUZHMDM4bU0yUGVXdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
OTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1NC8xL2RfWWZ4OENyUWM0
VlRudkxDTy1XSTFHa1o0US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFf4jwMEAFf4nDANBgkqhkiG9w0B
AQsFAAOCAQEAJHb63CIIpwqG1cwaiS0EhHgYoUY0SG+GPKLrBusClaB6xtlR2z4t
oKtz9YPPdCkuFGplnJgfCEON4pB/FChMMywXU9oOR5gOPvB9f7sDsG0+GDObvw0t
wCd+3CVFpsZKW8jIvMJUy3z2MAW7UORulu08/unLTaq7+iy5Z09dqnIUVDkHQPt3
J/ZAnGT9fFPXHAi++LUwYd3XcYul2Pe5kFxfKE9LICJNT1oVhIeBqfNKT4ffUeAL
3mNq2ewna3BofoxM/612knL9FMSpsyvXw9yI48k0cUMOnkWcqW4Qyci77QXjC+7J
awhAqbNWWSZ17GaU0EVc1i0pS/9PpSKr1w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:26 2024 by rpki-client on console-ams.rpki-client.org