Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/678964-d802-48f9-96f1-e3bfa72d7ef8/1/mUFWPLbjWKBEDnzsU9qr9ogCN4E.roa
File:                     mUFWPLbjWKBEDnzsU9qr9ogCN4E.roa (raw, json)
Hash identifier:          jmPCRYYsf3vxOUydg1Tiylj2Mw7Yuyns7oxUImc7z3U=
Subject key identifier:   99:41:56:3C:B6:E3:58:A0:44:0E:7C:EC:53:DA:AB:F6:88:02:37:81
Certificate issuer:       /CN=dedb20030901ff2df4ebd1f49e4891cb28fe0730
Certificate serial:       07C80DB6
Authority key identifier: DE:DB:20:03:09:01:FF:2D:F4:EB:D1:F4:9E:48:91:CB:28:FE:07:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3tsgAwkB_y3069H0nkiRyyj-BzA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/678964-d802-48f9-96f1-e3bfa72d7ef8/1/mUFWPLbjWKBEDnzsU9qr9ogCN4E.roa
Signing time:             Sat 01 Jan 2022 05:06:37 +0000
ROA not before:           Sat 01 Jan 2022 05:06:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60847
IP address blocks:        185.92.12.0/24 maxlen: 24
                          91.244.227.0/24 maxlen: 24
                          185.92.15.0/24 maxlen: 24
                          185.92.14.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 130551222 (0x7c80db6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dedb20030901ff2df4ebd1f49e4891cb28fe0730
        Validity
            Not Before: Jan  1 05:06:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9941563cb6e358a0440e7cec53daabf688023781
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:e9:51:2a:fe:1d:af:1b:d2:55:ca:11:c4:e9:
                    34:0f:b5:fb:fc:51:58:12:64:d5:04:3e:69:e0:66:
                    07:5f:8a:63:6f:b0:cf:83:32:a5:95:40:15:6a:33:
                    2e:4e:d5:70:05:17:79:32:07:b6:7c:e4:ae:3c:e9:
                    ac:71:af:30:4a:0a:fc:c9:dc:b2:79:c2:a0:fc:93:
                    ca:81:3a:d2:72:20:08:45:1a:d4:74:b8:e7:93:39:
                    9b:59:b9:df:22:f1:4d:a8:0e:93:3f:39:04:2a:24:
                    b4:f3:e5:d5:39:48:5a:ee:93:c9:35:36:06:9d:57:
                    35:4e:1f:2c:8d:be:39:76:87:ca:06:8e:3c:df:1b:
                    02:82:e2:23:a7:00:6f:49:69:b2:b1:4d:0a:cb:c0:
                    b3:33:60:36:08:2d:6e:1d:d8:9e:bd:8c:c1:42:4e:
                    a2:cb:65:79:40:72:da:ec:15:5a:af:d7:96:fe:02:
                    96:3b:e9:ee:3a:90:c1:e6:19:ac:90:aa:a4:2d:73:
                    97:a5:d0:e6:b6:fc:d0:4a:b4:75:6f:c9:a0:98:d4:
                    44:2b:5b:a3:85:de:82:ed:da:80:e9:2e:cb:08:59:
                    dd:4c:ae:ae:81:34:f6:a9:e5:60:50:a2:26:7e:85:
                    8a:48:98:d1:ba:39:c2:4d:c3:74:d2:4a:51:85:f6:
                    b5:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:41:56:3C:B6:E3:58:A0:44:0E:7C:EC:53:DA:AB:F6:88:02:37:81
            X509v3 Authority Key Identifier:
                keyid:DE:DB:20:03:09:01:FF:2D:F4:EB:D1:F4:9E:48:91:CB:28:FE:07:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3tsgAwkB_y3069H0nkiRyyj-BzA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/678964-d802-48f9-96f1-e3bfa72d7ef8/1/mUFWPLbjWKBEDnzsU9qr9ogCN4E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/678964-d802-48f9-96f1-e3bfa72d7ef8/1/3tsgAwkB_y3069H0nkiRyyj-BzA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.244.227.0/24
                  185.92.12.0/24
                  185.92.14.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ba:db:b1:24:50:0b:ae:92:eb:af:a5:27:9b:0b:a3:c5:ca:73:
         c7:09:43:87:aa:b1:2b:cc:39:8e:a7:f2:9a:14:86:d6:47:ce:
         85:69:4b:8c:be:ad:c9:ca:78:7e:da:c9:b6:2e:82:94:39:3e:
         e0:a9:22:85:b8:5e:08:be:96:d1:78:82:59:ca:ce:dc:40:83:
         4e:d0:03:96:bc:85:a7:2f:68:02:97:f3:3e:19:ab:0e:ea:97:
         ca:ce:94:a8:53:b1:0d:a4:02:ec:16:59:86:f7:e0:11:bb:d8:
         c4:07:b7:8f:14:7c:73:90:d5:f8:fe:09:fb:90:ef:e0:4c:75:
         46:d9:bc:ef:9f:06:7e:1a:cc:d5:2b:11:12:cc:66:64:48:ad:
         3b:88:70:3a:ee:9f:87:8d:52:16:bf:36:1f:c6:2b:3f:32:d3:
         39:3b:5c:13:c9:19:d3:dd:0d:3f:f9:40:79:70:78:d1:03:68:
         c0:d1:fc:e6:88:1a:01:55:31:a7:e9:10:f1:ca:d9:8b:fe:8d:
         30:34:e4:0b:07:50:31:a0:93:4a:98:49:91:5f:76:84:46:f4:
         28:89:83:99:4f:87:00:0f:54:fb:53:cc:83:ae:9c:62:12:c1:
         09:d4:99:8b:46:db:3c:50:aa:c3:3e:ad:67:6e:40:6e:ee:cc:
         a7:8f:c9:cf
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEB8gNtjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZWRiMjAwMzA5MDFmZjJkZjRlYmQxZjQ5ZTQ4OTFjYjI4ZmUwNzMwMB4XDTIyMDEw
MTA1MDYzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTk0MTU2M2NiNmUz
NThhMDQ0MGU3Y2VjNTNkYWFiZjY4ODAyMzc4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMXpUSr+Ha8b0lXKEcTpNA+1+/xRWBJk1QQ+aeBmB1+KY2+w
z4MypZVAFWozLk7VcAUXeTIHtnzkrjzprHGvMEoK/MncsnnCoPyTyoE60nIgCEUa
1HS455M5m1m53yLxTagOkz85BCoktPPl1TlIWu6TyTU2Bp1XNU4fLI2+OXaHygaO
PN8bAoLiI6cAb0lpsrFNCsvAszNgNggtbh3Ynr2MwUJOostleUBy2uwVWq/Xlv4C
ljvp7jqQweYZrJCqpC1zl6XQ5rb80Eq0dW/JoJjURCtbo4Xegu3agOkuywhZ3Uyu
roE09qnlYFCiJn6FikiY0bo5wk3DdNJKUYX2tS0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSZQVY8tuNYoEQOfOxT2qv2iAI3gTAfBgNVHSMEGDAWgBTe2yADCQH/LfTr
0fSeSJHLKP4HMDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzN0c2dBd2tCX3kzMDY5SDBua2lSeXlqLUJ6QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2YvNjc4OTY0LWQ4MDItNDhmOS05NmYxLWUzYmZhNzJkN2VmOC8x
L21VRldQTGJqV0tCRURuenNVOXFyOW9nQ040RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Yv
Njc4OTY0LWQ4MDItNDhmOS05NmYxLWUzYmZhNzJkN2VmOC8xLzN0c2dBd2tCX3kz
MDY5SDBua2lSeXlqLUJ6QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFv04wMEALlcDAMEAblcDjANBgkq
hkiG9w0BAQsFAAOCAQEAutuxJFALrpLrr6UnmwujxcpzxwlDh6qxK8w5jqfymhSG
1kfOhWlLjL6tycp4ftrJti6ClDk+4KkihbheCL6W0XiCWcrO3ECDTtADlryFpy9o
ApfzPhmrDuqXys6UqFOxDaQC7BZZhvfgEbvYxAe3jxR8c5DV+P4J+5Dv4Ex1Rtm8
758GfhrM1SsREsxmZEitO4hwOu6fh41SFr82H8YrPzLTOTtcE8kZ090NP/lAeXB4
0QNowNH85ogaAVUxp+kQ8crZi/6NMDTkCwdQMaCTSphJkV92hEb0KImDmU+HAA9U
+1PMg66cYhLBCdSZi0bbPFCqwz6tZ25Abu7Mp4/Jzw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:07 2024 by rpki-client on console-ams.rpki-client.org