Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/oRBWGxA1mmQn6CB-DhozN3VC964.roa
File:                     oRBWGxA1mmQn6CB-DhozN3VC964.roa (raw, json)
Hash identifier:          vciH8t/O6Ttzohs+qux59k9ywMHwEkLL6J6ENB9MLrE=
Subject key identifier:   A1:10:56:1B:10:35:9A:64:27:E8:20:7E:0E:1A:33:37:75:42:F7:AE
Certificate issuer:       /CN=23b1943087ce69623e76b2145b3479ac204ba1c9
Certificate serial:       0544866D
Authority key identifier: 23:B1:94:30:87:CE:69:62:3E:76:B2:14:5B:34:79:AC:20:4B:A1:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I7GUMIfOaWI-drIUWzR5rCBLock.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/oRBWGxA1mmQn6CB-DhozN3VC964.roa
Signing time:             Sat 01 Jan 2022 04:01:59 +0000
ROA not before:           Sat 01 Jan 2022 04:01:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        87.236.67.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 88376941 (0x544866d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23b1943087ce69623e76b2145b3479ac204ba1c9
        Validity
            Not Before: Jan  1 04:01:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a110561b10359a6427e8207e0e1a33377542f7ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:c3:10:d5:49:45:af:b7:56:e5:93:24:33:be:
                    c0:9f:06:25:ce:a3:dc:8a:15:4e:6d:73:d2:4c:aa:
                    4e:22:fd:71:b4:ac:24:1e:2d:08:56:c3:b1:59:f6:
                    0e:95:9a:0b:8c:cd:0c:26:b5:ea:bf:cc:ab:c4:aa:
                    21:7d:b9:e0:fc:28:f9:a0:c8:5d:d9:90:09:57:05:
                    fc:2c:b3:0f:90:11:d7:bb:02:ab:d0:2b:f2:2f:0b:
                    1e:b7:a5:68:e5:08:56:07:48:08:64:b9:3e:c2:47:
                    c6:87:cc:47:67:05:96:a0:b7:1b:ee:ce:fa:69:65:
                    7f:45:ab:7c:b1:44:54:d3:9e:5a:dc:e0:28:c7:c9:
                    0f:4c:bc:e5:dc:35:0c:ba:7c:47:1d:72:c4:70:6f:
                    c8:c4:e6:5a:32:80:b4:fa:fc:8a:38:b4:6d:fd:46:
                    bd:3e:4b:fd:f9:2f:41:db:0d:a7:f0:5f:d6:e3:74:
                    f4:21:2f:e0:ac:23:0f:99:ed:bc:c6:df:83:18:ed:
                    35:58:62:53:42:ce:d6:2f:62:f0:9c:c7:df:c9:a7:
                    d9:92:95:1d:71:a2:c0:50:2b:46:e5:53:fd:90:28:
                    de:4e:8d:e8:88:1a:4b:4a:9b:06:f4:a6:82:0b:db:
                    14:70:88:00:a3:89:df:c7:65:05:2d:46:05:41:d6:
                    8a:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:10:56:1B:10:35:9A:64:27:E8:20:7E:0E:1A:33:37:75:42:F7:AE
            X509v3 Authority Key Identifier:
                keyid:23:B1:94:30:87:CE:69:62:3E:76:B2:14:5B:34:79:AC:20:4B:A1:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I7GUMIfOaWI-drIUWzR5rCBLock.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/oRBWGxA1mmQn6CB-DhozN3VC964.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/I7GUMIfOaWI-drIUWzR5rCBLock.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.236.67.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c3:be:39:5a:84:73:12:2b:a9:35:f9:47:01:58:1e:83:cc:74:
         86:ec:af:bf:a7:db:31:54:85:e1:40:44:c6:2f:c8:a2:10:8d:
         d8:3c:fe:e9:57:89:85:65:25:d4:cf:a1:66:43:ee:19:d0:c6:
         42:9b:09:5f:6e:b3:d9:f5:a5:c9:1f:8f:26:78:20:33:12:97:
         0a:49:3f:4e:55:df:59:d6:dc:5e:9a:12:d7:a1:e4:ef:ef:5f:
         d9:83:61:d8:98:0e:5a:29:91:68:18:97:c7:20:7f:59:60:64:
         c0:3e:37:cc:e5:33:6d:31:78:ec:02:56:12:8a:db:97:39:ba:
         d6:77:20:3e:10:8b:8d:58:13:13:1a:80:7b:34:15:b1:39:90:
         f9:6b:bb:08:8b:9f:7a:0d:95:8f:f0:f3:5e:e6:07:5b:6f:b9:
         13:02:68:91:98:05:b3:5d:ba:d2:b1:e9:93:3e:db:05:ac:b4:
         7c:55:4b:1f:f7:ea:90:78:c0:d3:5b:e0:f4:e0:9f:fb:87:57:
         0f:f4:eb:16:64:3b:f8:03:12:8e:8e:ea:e0:cb:99:51:cb:55:
         db:a3:7c:e3:9b:ce:fe:fb:be:1f:43:cd:35:5a:f3:59:8c:e5:
         0c:77:f0:c7:cc:ba:46:34:a7:67:05:8d:16:24:10:e8:db:89:
         18:73:33:c3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBUSGbTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
M2IxOTQzMDg3Y2U2OTYyM2U3NmIyMTQ1YjM0NzlhYzIwNGJhMWM5MB4XDTIyMDEw
MTA0MDE1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTExMDU2MWIxMDM1
OWE2NDI3ZTgyMDdlMGUxYTMzMzc3NTQyZjdhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANHDENVJRa+3VuWTJDO+wJ8GJc6j3IoVTm1z0kyqTiL9cbSs
JB4tCFbDsVn2DpWaC4zNDCa16r/Mq8SqIX254Pwo+aDIXdmQCVcF/CyzD5AR17sC
q9Ar8i8LHrelaOUIVgdICGS5PsJHxofMR2cFlqC3G+7O+mllf0WrfLFEVNOeWtzg
KMfJD0y85dw1DLp8Rx1yxHBvyMTmWjKAtPr8iji0bf1GvT5L/fkvQdsNp/Bf1uN0
9CEv4KwjD5ntvMbfgxjtNVhiU0LO1i9i8JzH38mn2ZKVHXGiwFArRuVT/ZAo3k6N
6IgaS0qbBvSmggvbFHCIAKOJ38dlBS1GBUHWiuECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBShEFYbEDWaZCfoIH4OGjM3dUL3rjAfBgNVHSMEGDAWgBQjsZQwh85pYj52
shRbNHmsIEuhyTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0k3R1VNSWZPYVdJLWRySVVXelI1ckNCTG9jay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvNzNmMWM5LTgyYjAtNGVkZS1iODk5LWY3NDJmMzk1YWFmOS8x
L29SQldHeEExbW1RbjZDQi1EaG96TjNWQzk2NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQv
NzNmMWM5LTgyYjAtNGVkZS1iODk5LWY3NDJmMzk1YWFmOS8xL0k3R1VNSWZPYVdJ
LWRySVVXelI1ckNCTG9jay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFfsQzANBgkqhkiG9w0BAQsFAAOC
AQEAw745WoRzEiupNflHAVgeg8x0huyvv6fbMVSF4UBExi/IohCN2Dz+6VeJhWUl
1M+hZkPuGdDGQpsJX26z2fWlyR+PJnggMxKXCkk/TlXfWdbcXpoS16Hk7+9f2YNh
2JgOWimRaBiXxyB/WWBkwD43zOUzbTF47AJWEorblzm61ncgPhCLjVgTExqAezQV
sTmQ+Wu7CIufeg2Vj/DzXuYHW2+5EwJokZgFs1260rHpkz7bBay0fFVLH/fqkHjA
01vg9OCf+4dXD/TrFmQ7+AMSjo7q4MuZUctV26N845vO/vu+H0PNNVrzWYzlDHfw
x8y6RjSnZwWNFiQQ6NuJGHMzww==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:23 2024 by rpki-client on console-fra.rpki-client.org