Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/1b0998-ab81-4cce-8c46-f212666725b4/1/7TqNLg8KPXWrEdMglc_MSt5tV8w.roa
File:                     7TqNLg8KPXWrEdMglc_MSt5tV8w.roa (raw, json)
Hash identifier:          MsWi/4bAupaP51Vuz+UO8NyYS/Xg/570Z6Qm+6VQAw4=
Subject key identifier:   ED:3A:8D:2E:0F:0A:3D:75:AB:11:D3:20:95:CF:CC:4A:DE:6D:57:CC
Certificate issuer:       /CN=bb4a0af156332d3c7ecb585faee3a90d9bf2a096
Certificate serial:       046B57C2
Authority key identifier: BB:4A:0A:F1:56:33:2D:3C:7E:CB:58:5F:AE:E3:A9:0D:9B:F2:A0:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u0oK8VYzLTx-y1hfruOpDZvyoJY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/1b0998-ab81-4cce-8c46-f212666725b4/1/7TqNLg8KPXWrEdMglc_MSt5tV8w.roa
Signing time:             Mon 14 Mar 2022 17:41:29 +0000
ROA not before:           Mon 14 Mar 2022 17:41:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202513
IP address blocks:        87.239.54.0/24 maxlen: 24
                          87.239.52.0/22 maxlen: 24
                          87.239.52.0/23 maxlen: 24
                          185.147.16.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 74143682 (0x46b57c2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb4a0af156332d3c7ecb585faee3a90d9bf2a096
        Validity
            Not Before: Mar 14 17:41:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ed3a8d2e0f0a3d75ab11d32095cfcc4ade6d57cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:1f:ed:1c:2f:18:de:1d:0a:55:e5:d1:e2:1d:
                    dd:b4:72:f2:a5:2a:f6:c6:41:e0:18:0e:4c:f6:44:
                    0c:40:07:ec:c9:dc:93:09:75:88:df:9d:bf:f5:e7:
                    c7:cd:0a:93:bc:76:a0:04:bd:39:62:23:d5:da:81:
                    13:bd:d4:d8:0d:73:8d:43:a0:02:43:0b:d9:d4:24:
                    86:b3:78:53:e4:71:d5:62:1d:df:0a:51:b6:95:19:
                    fb:87:99:91:0d:8d:e7:e1:2c:7f:46:a1:ac:80:fd:
                    e9:0a:1a:12:c3:af:a4:e3:ad:36:55:27:e6:8c:68:
                    83:f1:45:df:00:bd:1b:29:60:43:3d:73:e7:37:31:
                    87:0a:79:e7:80:b0:1e:f7:54:3f:c2:34:38:a9:c2:
                    47:85:67:b4:6d:e0:13:2f:ca:e6:64:64:a1:a0:ef:
                    ab:3c:8b:e2:af:da:b8:6e:41:77:50:14:3b:1d:4f:
                    22:69:b0:bd:2a:8a:26:c3:8c:1d:c8:06:b8:94:96:
                    c0:1c:0a:25:4b:66:53:c9:18:b9:5d:fd:50:72:2a:
                    41:3f:49:12:59:c3:79:fb:7b:3a:91:44:a4:74:be:
                    43:da:90:a4:36:dd:ae:c5:3d:54:9f:6b:76:f7:df:
                    ef:20:39:a6:58:c7:0a:b5:7f:f3:ae:d7:7f:f1:d8:
                    38:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:3A:8D:2E:0F:0A:3D:75:AB:11:D3:20:95:CF:CC:4A:DE:6D:57:CC
            X509v3 Authority Key Identifier:
                keyid:BB:4A:0A:F1:56:33:2D:3C:7E:CB:58:5F:AE:E3:A9:0D:9B:F2:A0:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0oK8VYzLTx-y1hfruOpDZvyoJY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/1b0998-ab81-4cce-8c46-f212666725b4/1/7TqNLg8KPXWrEdMglc_MSt5tV8w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/1b0998-ab81-4cce-8c46-f212666725b4/1/u0oK8VYzLTx-y1hfruOpDZvyoJY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.239.52.0/22
                  185.147.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         14:4b:72:5d:87:ba:ff:64:22:ce:d5:5c:db:71:94:ff:47:96:
         ea:56:59:c2:48:92:63:1b:4c:00:ba:dd:69:c4:3f:7b:7b:1c:
         43:e8:58:bd:af:cd:80:c9:77:4e:81:37:ca:27:b6:0f:17:4e:
         1e:09:2a:ba:8f:40:26:c3:de:eb:c3:2a:9f:5b:e5:6f:cc:b2:
         06:8b:90:95:80:fd:ce:65:dc:05:e8:38:01:15:e7:4a:27:5a:
         87:a4:1d:e4:b8:e8:80:96:d3:09:a7:7a:10:84:ed:66:3d:b8:
         54:3d:5e:ab:01:f6:bf:73:92:fe:a5:2f:38:cb:e4:66:52:47:
         6a:6b:48:4c:34:62:4e:91:4c:e8:29:a2:7e:9f:3c:d4:55:4d:
         f1:6c:2e:2c:20:3e:39:04:e2:04:2d:5e:22:38:cd:10:99:f5:
         17:4d:20:c5:d1:eb:ca:b5:09:c2:2b:5a:94:4e:ee:4b:72:31:
         a3:59:1b:d6:e5:93:d6:28:d4:21:f3:b6:20:d0:14:28:41:99:
         67:46:ec:69:b0:28:4e:66:a6:2e:c5:6e:f1:94:aa:b4:89:86:
         f8:09:3a:c4:78:dd:26:bb:da:f9:26:1a:f9:6f:40:cd:24:b6:
         45:a2:a7:83:f3:b0:ea:eb:33:9e:9f:80:b3:91:bf:c3:90:aa:
         c9:62:73:62
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBGtXwjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YjRhMGFmMTU2MzMyZDNjN2VjYjU4NWZhZWUzYTkwZDliZjJhMDk2MB4XDTIyMDMx
NDE3NDEyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWQzYThkMmUwZjBh
M2Q3NWFiMTFkMzIwOTVjZmNjNGFkZTZkNTdjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKwf7RwvGN4dClXl0eId3bRy8qUq9sZB4BgOTPZEDEAH7Mnc
kwl1iN+dv/Xnx80Kk7x2oAS9OWIj1dqBE73U2A1zjUOgAkML2dQkhrN4U+Rx1WId
3wpRtpUZ+4eZkQ2N5+Esf0ahrID96QoaEsOvpOOtNlUn5oxog/FF3wC9GylgQz1z
5zcxhwp554CwHvdUP8I0OKnCR4VntG3gEy/K5mRkoaDvqzyL4q/auG5Bd1AUOx1P
ImmwvSqKJsOMHcgGuJSWwBwKJUtmU8kYuV39UHIqQT9JElnDeft7OpFEpHS+Q9qQ
pDbdrsU9VJ9rdvff7yA5pljHCrV/867Xf/HYODECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTtOo0uDwo9dasR0yCVz8xK3m1XzDAfBgNVHSMEGDAWgBS7SgrxVjMtPH7L
WF+u46kNm/KgljAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Uwb0s4Vll6TFR4LXkxaGZydU9wRFp2eW9KWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvMWIwOTk4LWFiODEtNGNjZS04YzQ2LWYyMTI2NjY3MjViNC8x
LzdUcU5MZzhLUFhXckVkTWdsY19NU3Q1dFY4dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
MWIwOTk4LWFiODEtNGNjZS04YzQ2LWYyMTI2NjY3MjViNC8xL3Uwb0s4Vll6TFR4
LXkxaGZydU9wRFp2eW9KWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlfvNAMEArmTEDANBgkqhkiG9w0B
AQsFAAOCAQEAFEtyXYe6/2QiztVc23GU/0eW6lZZwkiSYxtMALrdacQ/e3scQ+hY
va/NgMl3ToE3yie2DxdOHgkquo9AJsPe68Mqn1vlb8yyBouQlYD9zmXcBeg4ARXn
Sidah6Qd5LjogJbTCad6EITtZj24VD1eqwH2v3OS/qUvOMvkZlJHamtITDRiTpFM
6Cmifp881FVN8WwuLCA+OQTiBC1eIjjNEJn1F00gxdHryrUJwitalE7uS3Ixo1kb
1uWT1ijUIfO2INAUKEGZZ0bsabAoTmamLsVu8ZSqtImG+Ak6xHjdJrva+SYa+W9A
zSS2RaKng/Ow6usznp+As5G/w5CqyWJzYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:35 2024 by rpki-client on console-fra.rpki-client.org