Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/mMbcvNJLJsBAchglxNDgEzY6QWU.roa
File:                     mMbcvNJLJsBAchglxNDgEzY6QWU.roa (raw, json)
Hash identifier:          u7fhD+2OguVsJrP0SxUsfcqif1yeut5cU4s9mMEmVOA=
Subject key identifier:   98:C6:DC:BC:D2:4B:26:C0:40:72:18:25:C4:D0:E0:13:36:3A:41:65
Certificate issuer:       /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial:       1AC28BDD
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/mMbcvNJLJsBAchglxNDgEzY6QWU.roa
Signing time:             Sat 01 Jan 2022 14:59:28 +0000
ROA not before:           Sat 01 Jan 2022 14:59:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44400
IP address blocks:        87.248.142.0/24 maxlen: 24
                          87.248.141.0/24 maxlen: 24
                          87.248.140.0/23 maxlen: 23
                          87.248.140.0/24 maxlen: 24
                          87.248.159.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 448957405 (0x1ac28bdd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
        Validity
            Not Before: Jan  1 14:59:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=98c6dcbcd24b26c040721825c4d0e013363a4165
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:e1:be:9e:82:d7:bf:9e:1b:e4:a8:ef:39:aa:
                    34:95:01:60:98:22:98:c7:ea:9e:83:e9:73:0b:e6:
                    24:6e:36:25:83:7b:62:d1:7e:46:37:a8:11:25:7c:
                    69:b5:25:60:34:ea:54:9d:a4:70:e4:2a:eb:ec:d1:
                    24:45:37:6b:18:db:4f:6a:af:2a:0f:df:7a:5b:66:
                    75:d3:dd:be:4c:1d:fa:1b:46:5a:69:05:fa:97:91:
                    e9:74:f0:eb:30:1d:03:e7:eb:b3:43:69:1f:f1:a9:
                    78:e9:e5:76:14:aa:3e:96:4c:c7:4e:88:ae:85:d9:
                    5f:0b:28:20:8e:ea:7e:f6:f2:10:3e:6d:25:e1:b3:
                    1d:ac:f7:d0:ef:57:45:cb:1d:cb:b8:96:4c:d7:25:
                    9a:a4:da:9c:1b:30:0b:b6:a7:9c:c3:1d:7b:03:ab:
                    67:7a:0c:3f:28:5c:95:e8:30:e0:ee:33:23:76:5f:
                    74:b5:2f:54:07:30:42:c9:00:6a:af:6c:78:22:94:
                    66:4f:06:be:39:d5:8d:60:34:bb:e7:70:31:84:8c:
                    17:03:73:17:a2:c1:89:dc:70:66:8a:74:1b:d3:86:
                    3b:e4:6f:fa:c5:ab:b6:df:f9:ab:5a:f4:51:87:9a:
                    85:52:9a:f3:7a:d1:a0:1f:ea:84:a9:e8:f0:cb:3a:
                    0b:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:C6:DC:BC:D2:4B:26:C0:40:72:18:25:C4:D0:E0:13:36:3A:41:65
            X509v3 Authority Key Identifier:
                keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/mMbcvNJLJsBAchglxNDgEzY6QWU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.248.140.0-87.248.142.255
                  87.248.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:52:af:cc:57:0c:77:f3:81:65:a0:04:d9:92:5a:7a:79:f2:
         da:1c:08:c7:d3:1c:c5:29:59:fd:e1:ec:b9:a7:63:60:79:4c:
         6a:88:e0:26:b5:c2:86:7b:87:51:2c:b6:7b:01:2e:f1:88:f1:
         20:1e:ee:4c:e9:2c:aa:3f:07:1e:1d:7f:62:8d:0b:5d:63:f6:
         58:c4:8e:96:63:6b:e2:ac:e5:7b:2b:24:18:a4:e3:89:9f:91:
         4a:70:45:6d:ab:85:8e:57:6e:57:da:03:fa:fc:ea:8a:96:1f:
         41:e3:f5:13:df:99:9f:cc:7f:1b:41:3a:c2:3c:c5:d0:ea:bd:
         5b:c0:39:c1:08:03:bc:4c:5e:f0:aa:1e:ec:fc:82:5e:9f:e6:
         99:cf:75:c7:30:c7:03:fb:48:ff:89:d8:c8:40:45:a9:08:4f:
         38:17:13:32:7a:47:5e:b2:b8:14:c2:57:33:16:0f:a8:3e:6c:
         cc:f8:5f:33:38:d0:82:16:47:94:a7:7f:4e:0b:80:63:d1:07:
         49:dd:95:c0:9f:45:7a:d4:0d:c8:1f:32:7b:b3:62:a6:bb:a7:
         41:4b:11:2c:e6:5b:8b:02:a5:1e:b9:2c:8b:b7:50:29:5b:95:
         28:fb:36:6b:8c:0c:2a:02:04:b3:25:f8:e7:e3:c9:83:f2:fc:
         24:fe:11:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEGsKL3TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
N2Y2MWZjN2MwYWI0MWNlMTU0ZTdiY2IwOGVmOTYyMzUxYTQ2Nzg0MB4XDTIyMDEw
MTE0NTkyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOThjNmRjYmNkMjRi
MjZjMDQwNzIxODI1YzRkMGUwMTMzNjNhNDE2NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK3hvp6C17+eG+So7zmqNJUBYJgimMfqnoPpcwvmJG42JYN7
YtF+RjeoESV8abUlYDTqVJ2kcOQq6+zRJEU3axjbT2qvKg/feltmddPdvkwd+htG
WmkF+peR6XTw6zAdA+frs0NpH/GpeOnldhSqPpZMx06IroXZXwsoII7qfvbyED5t
JeGzHaz30O9XRcsdy7iWTNclmqTanBswC7annMMdewOrZ3oMPyhclegw4O4zI3Zf
dLUvVAcwQskAaq9seCKUZk8GvjnVjWA0u+dwMYSMFwNzF6LBidxwZop0G9OGO+Rv
+sWrtt/5q1r0UYeahVKa83rRoB/qhKno8Ms6C10CAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBSYxty80ksmwEByGCXE0OATNjpBZTAfBgNVHSMEGDAWgBR39h/HwKtBzhVO
e8sI75YjUaRnhDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RfWWZ4OENyUWM0VlRudkxDTy1XSTFHa1o0US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvOTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1NC8x
L21NYmN2TkpMSnNCQWNoZ2x4TkRnRXpZNlFXVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
OTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1NC8xL2RfWWZ4OENyUWM0
VlRudkxDTy1XSTFHa1o0US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQCV/iMAwQAV/iOAwQAV/ifMA0G
CSqGSIb3DQEBCwUAA4IBAQAUUq/MVwx384FloATZklp6efLaHAjH0xzFKVn94ey5
p2NgeUxqiOAmtcKGe4dRLLZ7AS7xiPEgHu5M6SyqPwceHX9ijQtdY/ZYxI6WY2vi
rOV7KyQYpOOJn5FKcEVtq4WOV25X2gP6/OqKlh9B4/UT35mfzH8bQTrCPMXQ6r1b
wDnBCAO8TF7wqh7s/IJen+aZz3XHMMcD+0j/idjIQEWpCE84FxMyekdesrgUwlcz
Fg+oPmzM+F8zONCCFkeUp39OC4Bj0QdJ3ZXAn0V61A3IHzJ7s2Kmu6dBSxEs5luL
AqUeuSyLt1ApW5Uo+zZrjAwqAgSzJfjn48mD8vwk/hGT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:35 2024 by rpki-client on console-fra.rpki-client.org