Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/4b63ea-e4f0-44b0-bd2e-9e19d08cb71f/1/Mup53CAulg-wM2Uw40WbnwBJUlQ.roa
File:                     Mup53CAulg-wM2Uw40WbnwBJUlQ.roa (raw, json)
Hash identifier:          rLaWd/GW2Pi3QHHClHJafZ7voZP2oxretBeeqQlZugs=
Subject key identifier:   32:EA:79:DC:20:2E:96:0F:B0:33:65:30:E3:45:9B:9F:00:49:52:54
Certificate issuer:       /CN=bd02616554632356450bc4bb4b6dacfc79df3025
Certificate serial:       018268DFF991DED94ADEF0C1EBE7A78904C8
Authority key identifier: BD:02:61:65:54:63:23:56:45:0B:C4:BB:4B:6D:AC:FC:79:DF:30:25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vQJhZVRjI1ZFC8S7S22s_HnfMCU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/4b63ea-e4f0-44b0-bd2e-9e19d08cb71f/1/Mup53CAulg-wM2Uw40WbnwBJUlQ.roa
Signing time:             Thu 04 Aug 2022 12:41:25 +0000
ROA not before:           Thu 04 Aug 2022 12:41:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209282
IP address blocks:        5.61.211.0/24 maxlen: 24
                          77.87.184.0/24 maxlen: 24
                          2a12:90c0:a0::/48 maxlen: 48
                          2a12:90c0:b0::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:68:df:f9:91:de:d9:4a:de:f0:c1:eb:e7:a7:89:04:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bd02616554632356450bc4bb4b6dacfc79df3025
        Validity
            Not Before: Aug  4 12:41:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=32ea79dc202e960fb0336530e3459b9f00495254
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:36:da:6b:db:d5:96:b7:b1:9d:4a:fa:cf:2a:
                    9e:e2:31:cf:8c:dd:f4:87:c0:5f:45:f4:f9:a7:b3:
                    f1:e1:c8:f0:3a:79:20:a9:56:92:24:79:6b:92:a5:
                    df:c0:cf:6a:77:0e:d3:cf:2c:ac:02:b0:85:d6:d4:
                    5f:9e:fa:97:25:f6:a5:b0:9d:e5:97:3f:ae:13:f6:
                    cb:e8:b4:8f:a6:da:72:73:64:8f:1c:d7:1a:b9:5f:
                    60:a2:06:bb:2b:2b:b8:76:ea:35:0e:89:23:9c:3d:
                    ae:10:30:8f:e0:b8:60:02:da:d7:6a:48:60:64:9c:
                    fa:e6:72:db:6a:5c:63:5e:65:48:55:24:48:3f:6b:
                    6f:5b:eb:ca:a5:c9:ed:51:7e:48:12:c4:8a:50:90:
                    a4:96:a7:41:22:db:f2:67:f7:74:67:42:26:66:d3:
                    6f:11:d9:23:f1:47:c5:7b:e4:e1:7a:52:08:bf:78:
                    a8:e6:dc:26:54:6f:11:6c:61:b7:4e:ca:55:c0:3a:
                    b7:5e:06:e1:4e:dd:9c:43:69:db:bd:b1:82:c3:3d:
                    c1:0d:fd:b2:66:4b:32:52:49:2e:62:bd:23:5d:e6:
                    c8:43:0f:db:8b:1a:e0:67:b4:42:59:e4:4d:bb:8c:
                    67:7d:6b:3d:3d:b4:94:23:0d:31:0c:e7:9c:00:30:
                    2d:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:EA:79:DC:20:2E:96:0F:B0:33:65:30:E3:45:9B:9F:00:49:52:54
            X509v3 Authority Key Identifier:
                keyid:BD:02:61:65:54:63:23:56:45:0B:C4:BB:4B:6D:AC:FC:79:DF:30:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vQJhZVRjI1ZFC8S7S22s_HnfMCU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/4b63ea-e4f0-44b0-bd2e-9e19d08cb71f/1/Mup53CAulg-wM2Uw40WbnwBJUlQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/4b63ea-e4f0-44b0-bd2e-9e19d08cb71f/1/vQJhZVRjI1ZFC8S7S22s_HnfMCU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.61.211.0/24
                  77.87.184.0/24
                IPv6:
                  2a12:90c0:a0::/48
                  2a12:90c0:b0::/48

    Signature Algorithm: sha256WithRSAEncryption
         27:69:a0:76:5b:23:22:4a:4c:1a:e7:41:74:bd:ee:fa:44:27:
         ec:a1:63:5b:52:34:64:4a:09:17:65:4d:d3:8e:08:d4:1a:7b:
         c7:c2:08:4f:07:dc:8e:de:14:af:66:05:5c:e2:ba:56:c4:fd:
         53:6a:dc:a9:5f:ca:8a:64:0a:d5:a7:ec:47:f4:e3:60:52:e8:
         55:d5:1f:78:f6:5f:6c:06:34:40:d0:b5:70:89:60:3b:02:fd:
         24:b2:2d:4a:da:05:13:b1:30:c9:96:97:98:1a:a2:4c:20:51:
         f8:ef:2d:31:c4:da:64:1f:89:29:0d:35:4a:50:68:66:9a:d3:
         ab:b9:b4:ff:55:a5:cb:9a:85:4e:1c:65:ed:9c:82:f7:8c:95:
         94:bc:9a:4a:02:65:29:ee:66:88:3c:dc:94:9a:07:b7:75:cd:
         75:7f:3b:2b:78:90:ff:ed:e0:f7:13:3e:e2:b9:51:06:d4:b1:
         50:12:e3:b5:84:3f:d3:2b:8e:da:c6:0a:02:29:b2:4b:22:69:
         bc:fe:fb:47:77:ac:b8:d9:1a:f7:87:df:ff:99:83:40:ff:07:
         ca:0c:44:1e:17:a3:17:18:7b:5a:e3:f7:14:1d:df:ce:28:35:
         e1:13:35:83:d1:e1:07:b2:36:09:fb:f7:07:8d:95:cb:81:f2:
         a5:4f:69:6e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYJo3/mR3tlK3vDB6+eniQTIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMDI2MTY1NTQ2MzIzNTY0NTBiYzRiYjRiNmRhY2ZjNzlk
ZjMwMjUwHhcNMjIwODA0MTI0MTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmVhNzlkYzIwMmU5NjBmYjAzMzY1MzBlMzQ1OWI5ZjAwNDk1MjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Dbaa9vVlrexnUr6zyqe4jHPjN30
h8BfRfT5p7Px4cjwOnkgqVaSJHlrkqXfwM9qdw7TzyysArCF1tRfnvqXJfalsJ3l
lz+uE/bL6LSPptpyc2SPHNcauV9goga7Kyu4duo1DokjnD2uEDCP4LhgAtrXakhg
ZJz65nLbalxjXmVIVSRIP2tvW+vKpcntUX5IEsSKUJCklqdBItvyZ/d0Z0ImZtNv
Edkj8UfFe+ThelIIv3io5twmVG8RbGG3TspVwDq3XgbhTt2cQ2nbvbGCwz3BDf2y
ZksyUkkuYr0jXebIQw/bixrgZ7RCWeRNu4xnfWs9PbSUIw0xDOecADAtTQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDLqedwgLpYPsDNlMONFm58ASVJUMB8GA1UdIwQY
MBaAFL0CYWVUYyNWRQvEu0ttrPx53zAlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlFKaFpWUmpJMVpGQzhTN1MyMnNfSG5mTUNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My80YjYzZWEtZTRmMC00NGIwLWJkMmUt
OWUxOWQwOGNiNzFmLzEvTXVwNTNDQXVsZy13TTJVdzQwV2Jud0JKVWxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My80YjYzZWEtZTRmMC00NGIwLWJkMmUtOWUxOWQwOGNiNzFm
LzEvdlFKaFpWUmpJMVpGQzhTN1MyMnNfSG5mTUNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQABT3TAwQA
TVe4MBgEAgACMBIDBwAqEpDAAKADBwAqEpDAALAwDQYJKoZIhvcNAQELBQADggEB
ACdpoHZbIyJKTBrnQXS97vpEJ+yhY1tSNGRKCRdlTdOOCNQae8fCCE8H3I7eFK9m
BVziulbE/VNq3KlfyopkCtWn7Ef042BS6FXVH3j2X2wGNEDQtXCJYDsC/SSyLUra
BROxMMmWl5gaokwgUfjvLTHE2mQfiSkNNUpQaGaa06u5tP9VpcuahU4cZe2cgveM
lZS8mkoCZSnuZog83JSaB7d1zXV/Oyt4kP/t4PcTPuK5UQbUsVAS47WEP9MrjtrG
CgIpsksiabz++0d3rLjZGveH3/+Zg0D/B8oMRB4XoxcYe1rj9xQd384oNeETNYPR
4QeyNgn79weNlcuB8qVPaW4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:39 2024 by rpki-client on console-fra.rpki-client.org