Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/sOOeAnZzb9Da-UwYa158P4sZ6CI.roa
File:                     sOOeAnZzb9Da-UwYa158P4sZ6CI.roa (raw, json)
Hash identifier:          paCvzq9omVDujmzhV062QDn4TPkxNc1ChVGv0cJu3LQ=
Subject key identifier:   B0:E3:9E:02:76:73:6F:D0:DA:F9:4C:18:6B:5E:7C:3F:8B:19:E8:22
Certificate issuer:       /CN=23b1943087ce69623e76b2145b3479ac204ba1c9
Certificate serial:       05460172
Authority key identifier: 23:B1:94:30:87:CE:69:62:3E:76:B2:14:5B:34:79:AC:20:4B:A1:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I7GUMIfOaWI-drIUWzR5rCBLock.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/sOOeAnZzb9Da-UwYa158P4sZ6CI.roa
Signing time:             Sat 01 Jan 2022 04:01:59 +0000
ROA not before:           Sat 01 Jan 2022 04:01:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     18702
IP address blocks:        87.236.67.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 88473970 (0x5460172)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23b1943087ce69623e76b2145b3479ac204ba1c9
        Validity
            Not Before: Jan  1 04:01:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b0e39e0276736fd0daf94c186b5e7c3f8b19e822
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:98:57:35:3f:3b:05:82:c7:7d:d2:73:9e:0d:
                    2e:e4:96:1d:61:0f:d1:5e:85:3c:73:7c:08:16:56:
                    c4:d5:69:ad:74:ab:5f:fc:87:19:0b:6c:b5:c8:0b:
                    14:63:85:9b:79:c3:f6:bf:3e:f3:bb:9e:b7:25:c6:
                    be:0f:16:eb:0a:e3:0e:41:4e:2c:79:29:9c:05:2d:
                    81:c2:5c:55:6e:f3:73:40:d6:56:38:6f:72:d8:d6:
                    c8:c4:a0:ba:f2:7e:5c:3b:96:8a:46:ff:7e:9d:06:
                    0a:7d:78:5a:a0:d7:3a:20:43:db:92:f6:b0:2e:2d:
                    1b:a5:94:57:60:d1:5b:17:cb:df:2a:cc:27:02:54:
                    5d:44:f8:63:b0:38:af:00:60:7c:af:a6:ad:4d:7c:
                    34:19:ae:f5:24:d0:c0:bd:a0:ea:26:33:ab:f3:f7:
                    93:da:74:2a:ec:15:b6:d5:3a:33:05:6b:27:74:95:
                    b2:2e:c6:77:ba:f8:2a:cb:84:12:70:6a:0c:4e:8c:
                    00:04:81:46:e9:3b:c8:48:a9:71:0e:28:7c:85:ee:
                    64:4b:7e:a4:27:59:c0:83:9c:72:71:c2:87:65:5f:
                    77:83:7b:51:c4:6b:b2:a3:a2:0a:a1:96:a8:da:1e:
                    d7:a5:5c:31:1d:31:05:1b:a5:bc:ce:76:b8:f5:0e:
                    6d:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:E3:9E:02:76:73:6F:D0:DA:F9:4C:18:6B:5E:7C:3F:8B:19:E8:22
            X509v3 Authority Key Identifier:
                keyid:23:B1:94:30:87:CE:69:62:3E:76:B2:14:5B:34:79:AC:20:4B:A1:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I7GUMIfOaWI-drIUWzR5rCBLock.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/sOOeAnZzb9Da-UwYa158P4sZ6CI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/I7GUMIfOaWI-drIUWzR5rCBLock.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.236.67.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:c0:38:27:46:53:e6:08:f3:d2:da:1d:5c:6a:bc:69:8e:e0:
         bd:8e:db:a6:95:24:4b:57:f4:78:d7:44:c8:1d:3b:bf:c3:43:
         27:23:d5:4b:a0:8a:c3:b6:d3:1d:ed:81:7a:bd:c0:ad:d5:56:
         38:2b:d7:d4:30:da:70:d3:34:e3:d2:f7:7b:a7:b6:1c:a7:2a:
         f4:88:c1:39:96:45:82:da:8d:32:9e:35:89:0e:c6:06:a4:de:
         75:c9:b0:c2:f8:de:62:9e:a3:92:e3:50:53:a3:2d:33:34:ba:
         80:dd:16:31:2b:73:6b:dd:58:bb:a5:70:57:18:6f:10:2d:2c:
         93:64:b0:47:7a:47:15:be:5d:bb:0d:19:26:b7:b4:a0:9b:cb:
         f9:fb:dc:0b:62:35:69:04:f4:8a:c4:aa:de:b7:f8:d4:dd:c9:
         69:c0:51:f1:53:6b:9f:07:ad:7e:45:7b:f1:77:e2:0c:0b:54:
         0e:58:4c:21:3d:f8:ad:26:d8:33:0d:af:d1:9b:bb:8e:ec:f9:
         36:b2:7e:db:da:99:94:3d:91:78:1d:d9:83:30:9c:de:1c:5f:
         0f:ec:0f:9c:96:5e:dd:ba:b7:0a:93:fd:1c:9c:d3:90:74:44:
         db:42:d8:b8:d3:66:5c:0e:2f:62:1c:21:14:c2:47:b4:f8:fd:
         4d:02:14:0b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBUYBcjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
M2IxOTQzMDg3Y2U2OTYyM2U3NmIyMTQ1YjM0NzlhYzIwNGJhMWM5MB4XDTIyMDEw
MTA0MDE1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjBlMzllMDI3Njcz
NmZkMGRhZjk0YzE4NmI1ZTdjM2Y4YjE5ZTgyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALuYVzU/OwWCx33Sc54NLuSWHWEP0V6FPHN8CBZWxNVprXSr
X/yHGQtstcgLFGOFm3nD9r8+87uetyXGvg8W6wrjDkFOLHkpnAUtgcJcVW7zc0DW
VjhvctjWyMSguvJ+XDuWikb/fp0GCn14WqDXOiBD25L2sC4tG6WUV2DRWxfL3yrM
JwJUXUT4Y7A4rwBgfK+mrU18NBmu9STQwL2g6iYzq/P3k9p0KuwVttU6MwVrJ3SV
si7Gd7r4KsuEEnBqDE6MAASBRuk7yEipcQ4ofIXuZEt+pCdZwIOccnHCh2Vfd4N7
UcRrsqOiCqGWqNoe16VcMR0xBRulvM52uPUObdMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSw454CdnNv0Nr5TBhrXnw/ixnoIjAfBgNVHSMEGDAWgBQjsZQwh85pYj52
shRbNHmsIEuhyTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0k3R1VNSWZPYVdJLWRySVVXelI1ckNCTG9jay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvNzNmMWM5LTgyYjAtNGVkZS1iODk5LWY3NDJmMzk1YWFmOS8x
L3NPT2VBblp6YjlEYS1Vd1lhMTU4UDRzWjZDSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQv
NzNmMWM5LTgyYjAtNGVkZS1iODk5LWY3NDJmMzk1YWFmOS8xL0k3R1VNSWZPYVdJ
LWRySVVXelI1ckNCTG9jay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFfsQzANBgkqhkiG9w0BAQsFAAOC
AQEAJ8A4J0ZT5gjz0todXGq8aY7gvY7bppUkS1f0eNdEyB07v8NDJyPVS6CKw7bT
He2Ber3ArdVWOCvX1DDacNM049L3e6e2HKcq9IjBOZZFgtqNMp41iQ7GBqTedcmw
wvjeYp6jkuNQU6MtMzS6gN0WMStza91Yu6VwVxhvEC0sk2SwR3pHFb5duw0ZJre0
oJvL+fvcC2I1aQT0isSq3rf41N3JacBR8VNrnwetfkV78XfiDAtUDlhMIT34rSbY
Mw2v0Zu7juz5NrJ+29qZlD2ReB3ZgzCc3hxfD+wPnJZe3bq3CpP9HJzTkHRE20LY
uNNmXA4vYhwhFMJHtPj9TQIUCw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:23 2024 by rpki-client on console-fra.rpki-client.org