Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/mCWqPLFvbBvkDM4HnHpkwa5CT_o.roa
File:                     mCWqPLFvbBvkDM4HnHpkwa5CT_o.roa (raw, json)
Hash identifier:          VgLG86CWlcCQ2p99+X6cbBM3XFdLiDAd7VdhtSfhXSc=
Subject key identifier:   98:25:AA:3C:B1:6F:6C:1B:E4:0C:CE:07:9C:7A:64:C1:AE:42:4F:FA
Certificate issuer:       /CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Certificate serial:       06BF98F7
Authority key identifier: 87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/mCWqPLFvbBvkDM4HnHpkwa5CT_o.roa
Signing time:             Sat 01 Jan 2022 12:57:37 +0000
ROA not before:           Sat 01 Jan 2022 12:57:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     24589
IP address blocks:        193.0.239.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 113219831 (0x6bf98f7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
        Validity
            Not Before: Jan  1 12:57:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9825aa3cb16f6c1be40cce079c7a64c1ae424ffa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:fb:34:66:3d:37:1e:03:65:db:b4:f4:e1:54:
                    a4:ab:60:73:7f:29:5a:97:78:fe:f1:dd:d5:41:c9:
                    ba:44:4a:29:e6:e2:f3:dc:ef:24:d9:7f:86:14:ea:
                    60:e7:96:42:d0:20:86:8a:59:70:ac:1f:28:05:5e:
                    c8:d0:c4:df:64:be:04:b4:9e:ee:76:42:21:af:71:
                    19:6a:3e:3b:de:7c:2e:7b:64:89:df:d4:3d:1a:a5:
                    d7:19:bd:a6:a3:91:73:c5:6a:39:05:25:64:79:ee:
                    cc:1b:a3:10:f7:eb:68:b5:cf:f6:69:95:91:e2:fb:
                    2f:46:2c:f9:44:df:aa:ab:51:55:fd:03:0d:03:0a:
                    bc:29:69:41:d1:ec:d4:3e:02:22:11:6c:79:7b:d8:
                    8b:02:68:af:4d:ce:83:ce:24:e1:94:2a:bd:ee:bc:
                    1d:02:54:af:dd:67:f2:18:09:2e:18:5b:71:ae:44:
                    4c:f9:20:1c:a6:67:f0:2e:01:5f:c9:e0:53:39:2e:
                    e9:00:49:f8:0b:9b:2c:d3:2e:cf:e0:66:c2:6f:45:
                    fb:f2:bd:35:fd:5b:6e:2c:4d:0b:03:cb:4a:f5:eb:
                    f1:07:ed:c9:72:f9:62:c3:f0:89:22:af:23:c3:f4:
                    df:59:fc:d3:53:65:c4:29:8f:49:5a:79:24:8e:77:
                    98:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:25:AA:3C:B1:6F:6C:1B:E4:0C:CE:07:9C:7A:64:C1:AE:42:4F:FA
            X509v3 Authority Key Identifier:
                keyid:87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/mCWqPLFvbBvkDM4HnHpkwa5CT_o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:38:45:6e:f2:a2:75:c5:be:56:e2:24:5e:ee:03:c5:d6:97:
         46:86:28:26:3f:d9:b8:fa:be:fb:82:bf:35:cb:13:e3:5e:b6:
         45:1b:41:93:e1:6f:d2:22:5a:5f:55:28:98:77:e3:79:38:98:
         db:2c:59:d5:7a:16:41:00:d4:b3:d9:cb:4c:16:9e:58:12:50:
         7d:d7:b6:c0:cd:3e:09:26:bb:a1:34:ad:d4:0b:25:3a:b5:30:
         8f:43:5a:72:e7:04:b4:a4:0a:95:4a:5b:f1:85:56:4f:c9:d9:
         55:aa:9b:47:48:a2:3e:40:4c:de:15:6d:1d:5c:73:45:74:08:
         85:7d:bd:7c:4b:9a:ff:eb:65:17:28:15:c1:f9:4d:ac:7c:01:
         6c:77:48:ce:6d:eb:78:3d:26:4e:11:ee:6a:a9:75:50:29:30:
         0f:f1:98:0c:79:c0:41:22:3a:44:37:c8:43:23:43:87:61:1b:
         e3:93:c2:67:c8:93:90:57:f3:c7:67:53:dd:b9:57:de:23:54:
         fe:ee:d7:dd:db:8a:23:9f:13:1f:77:d7:69:15:cd:bf:b9:3f:
         eb:2f:98:5b:c0:72:9b:08:de:6c:19:2b:40:40:45:5c:6f:63:
         d4:b0:8d:5b:fc:9e:39:c8:74:0f:70:75:3b:df:49:7b:fe:e0:
         a4:f6:cd:ea
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBr+Y9zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Nzc4YWQ4MTY4ZTA5Y2Y5MmQ0ZTA0OTgyNTdmOGU5Y2VhYmYwNjkyMB4XDTIyMDEw
MTEyNTczN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTgyNWFhM2NiMTZm
NmMxYmU0MGNjZTA3OWM3YTY0YzFhZTQyNGZmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIr7NGY9Nx4DZdu09OFUpKtgc38pWpd4/vHd1UHJukRKKebi
89zvJNl/hhTqYOeWQtAghopZcKwfKAVeyNDE32S+BLSe7nZCIa9xGWo+O958Lntk
id/UPRql1xm9pqORc8VqOQUlZHnuzBujEPfraLXP9mmVkeL7L0Ys+UTfqqtRVf0D
DQMKvClpQdHs1D4CIhFseXvYiwJor03Og84k4ZQqve68HQJUr91n8hgJLhhbca5E
TPkgHKZn8C4BX8ngUzku6QBJ+AubLNMuz+Bmwm9F+/K9Nf1bbixNCwPLSvXr8Qft
yXL5YsPwiSKvI8P031n801NlxCmPSVp5JI53mLECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSYJao8sW9sG+QMzgecemTBrkJP+jAfBgNVHSMEGDAWgBSHeK2BaOCc+S1O
BJglf46c6r8GkjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2gzaXRnV2pnblBrdFRnU1lKWC1Pbk9xX0JwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGIvZjA3ZjhkLTlkZjAtNDljNi1iMmYwLWFhOWQ2OTE4MTFlNy8x
L21DV3FQTEZ2YkJ2a0RNNEhuSHBrd2E1Q1Rfby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIv
ZjA3ZjhkLTlkZjAtNDljNi1iMmYwLWFhOWQ2OTE4MTFlNy8xL2gzaXRnV2pnblBr
dFRnU1lKWC1Pbk9xX0JwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEA7zANBgkqhkiG9w0BAQsFAAOC
AQEAozhFbvKidcW+VuIkXu4DxdaXRoYoJj/ZuPq++4K/NcsT4162RRtBk+Fv0iJa
X1UomHfjeTiY2yxZ1XoWQQDUs9nLTBaeWBJQfde2wM0+CSa7oTSt1AslOrUwj0Na
cucEtKQKlUpb8YVWT8nZVaqbR0iiPkBM3hVtHVxzRXQIhX29fEua/+tlFygVwflN
rHwBbHdIzm3reD0mThHuaql1UCkwD/GYDHnAQSI6RDfIQyNDh2Eb45PCZ8iTkFfz
x2dT3blX3iNU/u7X3duKI58TH3fXaRXNv7k/6y+YW8BymwjebBkrQEBFXG9j1LCN
W/yeOch0D3B1O99Je/7gpPbN6g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:33 2024 by rpki-client on console-fra.rpki-client.org