Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/tqjpaucNjJRx46azVFOJdhRX1hI.roa
File:                     tqjpaucNjJRx46azVFOJdhRX1hI.roa (raw, json)
Hash identifier:          Ho+NVtyK4nmYJrt7SZMe7lmbiKfgpvov7r3xTTRcNi0=
Subject key identifier:   B6:A8:E9:6A:E7:0D:8C:94:71:E3:A6:B3:54:53:89:76:14:57:D6:12
Certificate issuer:       /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial:       018462D95C5DC9960318FFDBADD705DEA136
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/tqjpaucNjJRx46azVFOJdhRX1hI.roa
Signing time:             Thu 10 Nov 2022 18:42:02 +0000
ROA not before:           Thu 10 Nov 2022 18:42:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211415
IP address blocks:        87.248.138.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:62:d9:5c:5d:c9:96:03:18:ff:db:ad:d7:05:de:a1:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
        Validity
            Not Before: Nov 10 18:42:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b6a8e96ae70d8c9471e3a6b3545389761457d612
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:ca:bc:96:67:a0:c1:d0:af:55:09:2b:53:4f:
                    66:d5:12:e3:32:30:b2:ae:6a:1b:b0:d9:e6:c0:42:
                    11:ee:33:9e:ef:97:75:9c:b9:e0:58:ba:84:42:a5:
                    5e:66:94:e5:4f:58:4a:c8:24:35:bd:70:64:a8:b4:
                    e3:1f:94:35:d7:04:37:48:f6:a3:d6:ef:89:8d:d2:
                    1a:8a:b5:b4:af:7e:ce:43:25:56:b1:e7:33:6a:2a:
                    58:ca:5e:38:97:bb:a2:17:8b:55:7d:6e:1e:9d:67:
                    70:e5:6d:85:cb:61:84:3d:ba:ea:21:51:ba:d5:4a:
                    d1:a0:e2:a7:b1:8f:64:76:6c:67:27:b8:2d:8c:f5:
                    5e:c4:cc:ad:51:dc:93:99:f3:43:3c:f4:ab:e7:b7:
                    1c:13:e5:4f:ed:8c:02:d2:c4:d1:8e:3d:06:fb:bc:
                    32:5c:58:00:38:f7:9a:ab:ee:3d:db:07:44:b5:78:
                    79:47:11:4f:2d:e5:e4:c8:31:96:8c:0a:86:8a:a6:
                    37:07:3e:e5:1e:7b:43:50:d5:88:a9:57:fd:f2:49:
                    47:db:e4:00:71:8f:32:57:51:4a:de:4c:da:55:20:
                    d1:83:77:5c:12:08:ce:68:fb:c2:75:0f:dd:1c:91:
                    82:c7:59:b8:71:58:42:2a:9e:18:1c:5d:3f:5b:5d:
                    f2:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:A8:E9:6A:E7:0D:8C:94:71:E3:A6:B3:54:53:89:76:14:57:D6:12
            X509v3 Authority Key Identifier:
                keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/tqjpaucNjJRx46azVFOJdhRX1hI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.248.138.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:76:bd:ee:25:e0:d1:1b:1e:c0:e5:07:f8:34:bd:db:49:b3:
         83:9e:99:8c:a6:d4:9d:3a:33:65:4c:41:44:a4:09:ee:59:89:
         48:36:23:8c:eb:65:c8:d7:7d:68:4d:a7:df:fc:76:35:05:ab:
         a0:e3:0a:e4:a7:52:8e:64:d5:e2:d2:03:e0:0d:a3:c5:b5:73:
         14:7e:d4:55:b2:35:ee:96:58:1b:8b:b3:53:d0:9f:21:f4:bf:
         f6:c8:2f:d1:fa:ef:6c:99:37:44:0e:f1:13:50:cc:7a:f7:88:
         57:fa:f2:48:b8:6a:00:22:a5:62:62:e7:c2:77:cd:90:ba:85:
         5c:6c:0c:eb:23:31:e4:5b:25:4c:bd:7e:1d:c9:de:36:f6:d1:
         67:cf:c7:de:be:93:22:bc:cb:e5:3b:bd:51:9d:82:7e:d6:02:
         39:36:f5:1b:10:d6:52:9d:0d:55:21:02:79:ba:44:3a:ca:90:
         26:bf:eb:09:35:55:3a:a3:14:76:9d:3b:23:d4:c8:f9:24:17:
         16:11:84:ce:73:f0:ed:b5:3b:22:c6:6e:d6:9f:c2:3f:a6:39:
         00:9c:85:86:8f:7b:c0:74:c3:2a:3f:95:5c:57:0b:28:b5:12:
         a6:b3:a0:a0:80:cb:6b:48:94:9e:c5:c6:21:6b:43:a5:b6:43:
         2b:b1:32:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRi2VxdyZYDGP/brdcF3qE2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjYxZmM3YzBhYjQxY2UxNTRlN2JjYjA4ZWY5NjIzNTFh
NDY3ODQwHhcNMjIxMTEwMTg0MjAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmE4ZTk2YWU3MGQ4Yzk0NzFlM2E2YjM1NDUzODk3NjE0NTdkNjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8q8lmegwdCvVQkrU09m1RLjMjCy
rmobsNnmwEIR7jOe75d1nLngWLqEQqVeZpTlT1hKyCQ1vXBkqLTjH5Q11wQ3SPaj
1u+JjdIairW0r37OQyVWseczaipYyl44l7uiF4tVfW4enWdw5W2Fy2GEPbrqIVG6
1UrRoOKnsY9kdmxnJ7gtjPVexMytUdyTmfNDPPSr57ccE+VP7YwC0sTRjj0G+7wy
XFgAOPeaq+492wdEtXh5RxFPLeXkyDGWjAqGiqY3Bz7lHntDUNWIqVf98klH2+QA
cY8yV1FK3kzaVSDRg3dcEgjOaPvCdQ/dHJGCx1m4cVhCKp4YHF0/W13y6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLao6WrnDYyUceOms1RTiXYUV9YSMB8GA1UdIwQY
MBaAFHf2H8fAq0HOFU57ywjvliNRpGeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjkt
ZWRjOWQwMmZhZjU0LzEvdHFqcGF1Y05qSlJ4NDZhelZGT0pkaFJYMWhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjktZWRjOWQwMmZhZjU0
LzEvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV/iKMA0G
CSqGSIb3DQEBCwUAA4IBAQBQdr3uJeDRGx7A5Qf4NL3bSbODnpmMptSdOjNlTEFE
pAnuWYlINiOM62XI131oTaff/HY1Baug4wrkp1KOZNXi0gPgDaPFtXMUftRVsjXu
llgbi7NT0J8h9L/2yC/R+u9smTdEDvETUMx694hX+vJIuGoAIqViYufCd82QuoVc
bAzrIzHkWyVMvX4dyd429tFnz8fevpMivMvlO71RnYJ+1gI5NvUbENZSnQ1VIQJ5
ukQ6ypAmv+sJNVU6oxR2nTsj1Mj5JBcWEYTOc/DttTsixm7Wn8I/pjkAnIWGj3vA
dMMqP5VcVwsotRKms6CggMtrSJSexcYha0OltkMrsTJp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:35 2024 by rpki-client on console-fra.rpki-client.org