Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/530625-4e46-4563-ae2c-cd49264eaf0b/1/JbMOqZlrCR5tvDvXk7CJFZPKN3g.roa
File:                     JbMOqZlrCR5tvDvXk7CJFZPKN3g.roa (raw, json)
Hash identifier:          i0/cO4CwBWYA+ntw95PlKLKRhv1zuju+jJDylfopHBY=
Subject key identifier:   25:B3:0E:A9:99:6B:09:1E:6D:BC:3B:D7:93:B0:89:15:93:CA:37:78
Certificate issuer:       /CN=a333114cbfc6bf668371c5687ee98a442fd8ea36
Certificate serial:       33D36261
Authority key identifier: A3:33:11:4C:BF:C6:BF:66:83:71:C5:68:7E:E9:8A:44:2F:D8:EA:36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ozMRTL_Gv2aDccVofumKRC_Y6jY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/530625-4e46-4563-ae2c-cd49264eaf0b/1/JbMOqZlrCR5tvDvXk7CJFZPKN3g.roa
Signing time:             Tue 28 Jun 2022 12:54:02 +0000
ROA not before:           Tue 28 Jun 2022 12:54:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35228
IP address blocks:        87.194.116.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 869491297 (0x33d36261)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a333114cbfc6bf668371c5687ee98a442fd8ea36
        Validity
            Not Before: Jun 28 12:54:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=25b30ea9996b091e6dbc3bd793b0891593ca3778
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:a9:15:53:08:b7:c1:8e:2b:8a:a2:3e:d5:92:
                    a8:ad:08:e1:8f:42:dc:ba:9a:5d:dd:d9:b7:e4:ad:
                    14:07:64:dd:02:a8:73:35:11:be:82:19:5a:4c:be:
                    ea:a5:d3:6c:03:34:39:62:bd:17:66:ce:28:a2:7c:
                    bc:7d:a7:89:34:35:7a:32:bb:81:ba:e0:41:55:f5:
                    be:f0:67:e2:c5:d2:81:a3:57:1f:80:44:50:e6:fa:
                    3e:2b:17:d2:89:75:58:b6:9d:ce:5f:e0:0d:9f:41:
                    ab:80:b8:42:dd:9b:ce:39:eb:fa:ad:cf:c8:59:97:
                    5c:49:57:3e:4c:8e:f8:1a:ca:dd:e0:a1:ee:53:d1:
                    ca:e1:69:2a:99:06:95:44:36:bc:ac:89:e3:cf:46:
                    fb:74:8d:14:0f:b8:c7:5c:62:38:c2:46:5b:34:f2:
                    55:cd:73:99:e9:d1:1a:fb:36:72:4e:54:a2:07:f9:
                    4d:f9:ec:36:a1:d2:43:4a:86:5d:47:5b:07:a1:35:
                    92:46:13:27:cb:c0:1c:59:95:f4:4d:c9:0b:d0:c7:
                    a7:25:9c:6e:b1:29:04:ad:31:90:12:6d:c3:4d:40:
                    d4:52:8e:ab:75:4b:eb:34:a5:c2:8e:42:a3:5f:0f:
                    b6:3f:68:2a:45:65:d5:35:a9:ee:4b:e8:f0:6e:1c:
                    f0:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:B3:0E:A9:99:6B:09:1E:6D:BC:3B:D7:93:B0:89:15:93:CA:37:78
            X509v3 Authority Key Identifier:
                keyid:A3:33:11:4C:BF:C6:BF:66:83:71:C5:68:7E:E9:8A:44:2F:D8:EA:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ozMRTL_Gv2aDccVofumKRC_Y6jY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/530625-4e46-4563-ae2c-cd49264eaf0b/1/JbMOqZlrCR5tvDvXk7CJFZPKN3g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/530625-4e46-4563-ae2c-cd49264eaf0b/1/ozMRTL_Gv2aDccVofumKRC_Y6jY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.194.116.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ba:66:6b:24:79:82:b6:e7:88:31:3e:dc:97:6c:cc:35:55:f9:
         8a:ff:33:dc:9b:d3:87:4a:a6:a4:5a:4a:bb:46:ca:90:4d:ed:
         47:c7:8a:f6:4e:42:27:47:e7:7a:9e:9c:97:29:74:9d:b5:45:
         d3:10:73:7d:d8:19:6c:c0:ed:82:40:8d:e2:f3:bd:65:77:c7:
         ba:b7:7d:ec:72:89:c0:28:96:0b:e5:97:89:15:1c:43:39:2e:
         48:ef:83:c0:d6:05:fa:75:e2:fc:ac:91:14:7e:6f:6d:1d:7f:
         98:73:3e:b3:73:5d:74:bc:74:38:41:4a:bb:1d:24:a5:cc:14:
         ec:92:6d:cc:b8:ac:4a:f4:ef:d7:c9:17:e2:47:9c:34:ba:d6:
         14:63:2d:45:25:5e:45:fa:aa:d7:58:2d:2c:0d:a9:2b:9e:7a:
         91:83:c0:c7:ee:84:71:b2:cc:eb:35:25:5a:eb:c9:11:a4:f9:
         f4:7d:88:c3:31:f3:6c:50:72:c9:af:a7:16:73:ac:42:24:84:
         8d:70:3d:a5:28:12:58:c7:a2:c7:3f:8c:02:72:5a:d8:9a:71:
         2c:b9:14:a0:c5:d3:07:aa:d4:e4:68:c4:09:f2:f0:aa:66:78:
         47:c9:91:71:97:cf:ae:68:5c:6e:99:c2:4c:4c:3d:29:82:05:
         a0:3b:f3:b3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEM9NiYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MzMzMTE0Y2JmYzZiZjY2ODM3MWM1Njg3ZWU5OGE0NDJmZDhlYTM2MB4XDTIyMDYy
ODEyNTQwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjViMzBlYTk5OTZi
MDkxZTZkYmMzYmQ3OTNiMDg5MTU5M2NhMzc3ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIapFVMIt8GOK4qiPtWSqK0I4Y9C3LqaXd3Zt+StFAdk3QKo
czURvoIZWky+6qXTbAM0OWK9F2bOKKJ8vH2niTQ1ejK7gbrgQVX1vvBn4sXSgaNX
H4BEUOb6PisX0ol1WLadzl/gDZ9Bq4C4Qt2bzjnr+q3PyFmXXElXPkyO+BrK3eCh
7lPRyuFpKpkGlUQ2vKyJ489G+3SNFA+4x1xiOMJGWzTyVc1zmenRGvs2ck5Uogf5
TfnsNqHSQ0qGXUdbB6E1kkYTJ8vAHFmV9E3JC9DHpyWcbrEpBK0xkBJtw01A1FKO
q3VL6zSlwo5Co18Ptj9oKkVl1TWp7kvo8G4c8N8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQlsw6pmWsJHm28O9eTsIkVk8o3eDAfBgNVHSMEGDAWgBSjMxFMv8a/ZoNx
xWh+6YpEL9jqNjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L296TVJUTF9HdjJhRGNjVm9mdW1LUkNfWTZqWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmQvNTMwNjI1LTRlNDYtNDU2My1hZTJjLWNkNDkyNjRlYWYwYi8x
L0piTU9xWmxyQ1I1dHZEdlhrN0NKRlpQS04zZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmQv
NTMwNjI1LTRlNDYtNDU2My1hZTJjLWNkNDkyNjRlYWYwYi8xL296TVJUTF9HdjJh
RGNjVm9mdW1LUkNfWTZqWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFfCdDANBgkqhkiG9w0BAQsFAAOC
AQEAumZrJHmCtueIMT7cl2zMNVX5iv8z3JvTh0qmpFpKu0bKkE3tR8eK9k5CJ0fn
ep6clyl0nbVF0xBzfdgZbMDtgkCN4vO9ZXfHurd97HKJwCiWC+WXiRUcQzkuSO+D
wNYF+nXi/KyRFH5vbR1/mHM+s3NddLx0OEFKux0kpcwU7JJtzLisSvTv18kX4kec
NLrWFGMtRSVeRfqq11gtLA2pK556kYPAx+6EcbLM6zUlWuvJEaT59H2IwzHzbFBy
ya+nFnOsQiSEjXA9pSgSWMeixz+MAnJa2JpxLLkUoMXTB6rU5GjECfLwqmZ4R8mR
cZfPrmhcbpnCTEw9KYIFoDvzsw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:05 2024 by rpki-client on console-fra.rpki-client.org