Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/q1pn9NJuKIvbwGlehOiJo4ghu2k.roa
File:                     q1pn9NJuKIvbwGlehOiJo4ghu2k.roa (raw, json)
Hash identifier:          Mz73cCt+1e5CPXM4yDieOZSQRcJm+ssB6eSpjsVIx4U=
Subject key identifier:   AB:5A:67:F4:D2:6E:28:8B:DB:C0:69:5E:84:E8:89:A3:88:21:BB:69
Certificate issuer:       /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial:       1BC138AC
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/q1pn9NJuKIvbwGlehOiJo4ghu2k.roa
Signing time:             Fri 15 Apr 2022 18:08:10 +0000
ROA not before:           Fri 15 Apr 2022 18:08:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     400040
IP address blocks:        87.248.144.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 465647788 (0x1bc138ac)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
        Validity
            Not Before: Apr 15 18:08:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ab5a67f4d26e288bdbc0695e84e889a38821bb69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:32:25:67:6f:8c:5a:03:45:b4:1c:ca:87:5a:
                    14:c6:e8:bb:b7:93:7f:ca:32:c0:39:bf:ac:6d:8e:
                    06:d7:38:d9:b2:cf:42:5e:e8:1b:43:73:5f:2d:4d:
                    b5:a4:4a:10:c3:4d:4b:35:6c:b2:f9:b9:17:17:52:
                    dd:08:c2:f8:18:da:46:b3:83:0b:64:40:5d:b6:27:
                    58:7d:b9:5a:3a:0e:2c:47:97:56:52:d1:bd:76:37:
                    6c:5d:2d:64:f5:94:3c:02:91:cc:e8:c6:2d:30:8f:
                    91:ce:80:9e:37:58:f5:8a:80:7b:4b:b3:63:97:06:
                    c9:b1:21:69:84:d6:13:0a:56:23:0b:96:7e:51:63:
                    68:8e:42:e6:37:42:03:f5:8c:10:e1:da:c1:7f:ba:
                    17:7d:d1:b1:21:23:2d:7d:4c:36:c9:89:cf:1c:9a:
                    b9:7a:be:e9:24:b4:d2:4e:e1:c8:38:09:41:88:0d:
                    96:1b:59:c0:34:6a:87:1f:89:16:7b:40:f9:a3:25:
                    09:c4:04:e1:a5:22:1f:ba:41:f9:98:8a:37:3d:6e:
                    82:aa:3f:64:d5:21:02:76:d0:d9:1d:e9:f9:23:62:
                    c2:77:52:1a:4e:44:58:e7:20:fa:f3:c0:d2:78:be:
                    a9:3c:20:3e:f4:37:1c:1b:88:c2:7a:73:40:79:e8:
                    39:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:5A:67:F4:D2:6E:28:8B:DB:C0:69:5E:84:E8:89:A3:88:21:BB:69
            X509v3 Authority Key Identifier:
                keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/q1pn9NJuKIvbwGlehOiJo4ghu2k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.248.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:e4:1d:65:1c:d9:48:d1:ae:62:67:70:37:e5:38:16:dd:4d:
         34:26:6b:e9:17:99:d0:f8:58:4f:63:35:b1:60:ae:59:13:e0:
         51:26:96:0e:8a:7b:13:ee:ce:1c:da:98:37:52:04:e9:6c:27:
         c9:35:53:8a:0b:54:35:90:04:57:33:ee:cc:ce:d5:b0:7e:01:
         4a:c2:cd:4a:50:30:63:3d:24:bb:4c:cd:f9:fc:99:2b:17:62:
         58:34:c2:25:00:cb:82:e7:48:7c:1e:73:32:60:ef:a0:af:7a:
         6b:50:2a:a2:5b:59:03:52:de:88:2f:b5:63:ef:ea:18:9d:99:
         93:5e:81:fa:da:40:0d:e8:75:c7:ec:55:77:54:7a:ec:93:11:
         33:0f:4b:50:98:35:75:89:35:c7:49:14:92:5c:fd:dc:c5:d8:
         ae:ce:92:33:6e:3a:d2:11:1c:a6:dc:58:49:85:4e:31:5c:ae:
         55:67:c2:e9:9f:38:b2:68:36:b0:9c:b2:21:cc:4c:6d:be:71:
         ce:b6:68:51:e0:77:a4:06:07:07:95:4a:d7:35:b8:f9:57:30:
         76:b3:a9:e0:af:04:91:09:42:0a:bc:52:25:97:fd:7b:ad:9f:
         29:93:24:b0:63:11:54:92:83:98:c4:1e:7e:67:24:45:92:da:
         cb:10:e8:97
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEG8E4rDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
N2Y2MWZjN2MwYWI0MWNlMTU0ZTdiY2IwOGVmOTYyMzUxYTQ2Nzg0MB4XDTIyMDQx
NTE4MDgxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWI1YTY3ZjRkMjZl
Mjg4YmRiYzA2OTVlODRlODg5YTM4ODIxYmI2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK0yJWdvjFoDRbQcyodaFMbou7eTf8oywDm/rG2OBtc42bLP
Ql7oG0NzXy1NtaRKEMNNSzVssvm5FxdS3QjC+BjaRrODC2RAXbYnWH25WjoOLEeX
VlLRvXY3bF0tZPWUPAKRzOjGLTCPkc6AnjdY9YqAe0uzY5cGybEhaYTWEwpWIwuW
flFjaI5C5jdCA/WMEOHawX+6F33RsSEjLX1MNsmJzxyauXq+6SS00k7hyDgJQYgN
lhtZwDRqhx+JFntA+aMlCcQE4aUiH7pB+ZiKNz1ugqo/ZNUhAnbQ2R3p+SNiwndS
Gk5EWOcg+vPA0ni+qTwgPvQ3HBuIwnpzQHnoOdMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSrWmf00m4oi9vAaV6E6ImjiCG7aTAfBgNVHSMEGDAWgBR39h/HwKtBzhVO
e8sI75YjUaRnhDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RfWWZ4OENyUWM0VlRudkxDTy1XSTFHa1o0US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvOTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1NC8x
L3ExcG45Tkp1S0l2YndHbGVoT2lKbzRnaHUyay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
OTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1NC8xL2RfWWZ4OENyUWM0
VlRudkxDTy1XSTFHa1o0US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFf4kDANBgkqhkiG9w0BAQsFAAOC
AQEAEOQdZRzZSNGuYmdwN+U4Ft1NNCZr6ReZ0PhYT2M1sWCuWRPgUSaWDop7E+7O
HNqYN1IE6WwnyTVTigtUNZAEVzPuzM7VsH4BSsLNSlAwYz0ku0zN+fyZKxdiWDTC
JQDLgudIfB5zMmDvoK96a1AqoltZA1LeiC+1Y+/qGJ2Zk16B+tpADeh1x+xVd1R6
7JMRMw9LUJg1dYk1x0kUklz93MXYrs6SM2460hEcptxYSYVOMVyuVWfC6Z84smg2
sJyyIcxMbb5xzrZoUeB3pAYHB5VK1zW4+VcwdrOp4K8EkQlCCrxSJZf9e62fKZMk
sGMRVJKDmMQefmckRZLayxDolw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:35 2024 by rpki-client on console-fra.rpki-client.org