Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/uWBg1oQjA_MJrx-NDFN69nnLzTM.roa
File:                     uWBg1oQjA_MJrx-NDFN69nnLzTM.roa (raw, json)
Hash identifier:          Zz4SqIJJXr3XnJYXbiNjk4AJJvNLWoNTCPzw0G+kCMM=
Subject key identifier:   B9:60:60:D6:84:23:03:F3:09:AF:1F:8D:0C:53:7A:F6:79:CB:CD:33
Certificate issuer:       /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial:       0182DFB4444407FB36BD78F23EAC1B0A6DAE
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/uWBg1oQjA_MJrx-NDFN69nnLzTM.roa
Signing time:             Sat 27 Aug 2022 14:28:29 +0000
ROA not before:           Sat 27 Aug 2022 14:28:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     398343
IP address blocks:        87.254.29.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:df:b4:44:44:07:fb:36:bd:78:f2:3e:ac:1b:0a:6d:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
        Validity
            Not Before: Aug 27 14:28:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b96060d6842303f309af1f8d0c537af679cbcd33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:db:e9:1d:c0:6f:7c:8f:4a:d6:ed:4b:c5:64:
                    bb:90:e2:ca:50:5b:77:b1:31:94:de:9c:06:c7:95:
                    21:71:16:db:9f:b6:db:a2:3a:c8:ea:bc:c1:25:33:
                    37:51:b0:ea:6e:18:68:82:3f:17:3c:86:77:27:b2:
                    4b:83:67:0c:f5:fa:2f:d7:15:6b:3b:79:33:c2:d0:
                    47:72:c8:da:03:77:a0:81:17:c3:24:0f:53:f5:20:
                    37:0f:96:b0:98:fb:43:25:9d:c4:8f:f0:60:3d:75:
                    09:a7:41:f7:74:6c:b6:11:4d:f1:2b:07:0d:ff:bc:
                    20:4e:04:9a:93:e2:38:dc:db:50:fa:be:86:44:6e:
                    9a:f5:e1:c1:4d:51:08:d4:9b:be:18:a3:f5:a3:f6:
                    a2:6f:29:e4:48:64:ae:d7:6e:26:53:63:8b:98:8f:
                    b4:06:25:bd:ad:fe:e4:49:d6:c6:72:29:be:ec:9a:
                    0a:76:ba:b0:1b:28:54:74:ca:ba:06:19:b8:54:f0:
                    d9:ac:be:24:c7:69:f4:84:13:74:4c:b8:b8:69:33:
                    c2:aa:44:03:4d:1e:5a:75:89:be:3f:4f:14:eb:7b:
                    6d:1a:af:6b:cb:15:1c:4c:82:90:e2:1f:72:bc:fe:
                    f3:c6:23:d5:d2:5f:b8:3d:18:c3:b9:cd:43:48:48:
                    00:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:60:60:D6:84:23:03:F3:09:AF:1F:8D:0C:53:7A:F6:79:CB:CD:33
            X509v3 Authority Key Identifier:
                keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/uWBg1oQjA_MJrx-NDFN69nnLzTM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.254.29.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a8:be:f7:0a:ca:dc:e2:0c:84:ee:77:9f:b6:92:85:92:c7:11:
         17:ff:fc:3d:06:c0:c6:c1:3a:7a:da:e3:8b:d8:99:af:7f:d7:
         f6:75:85:73:48:f0:a2:37:e4:30:2d:da:0d:23:49:69:f6:65:
         ab:32:15:ac:ea:7e:ae:ef:c5:c9:76:8f:06:03:ba:d3:2c:bd:
         17:4c:42:55:9d:13:1a:ad:70:e9:02:d7:93:aa:e6:ea:f8:3f:
         5b:e0:c4:69:ee:9a:8c:e3:3d:c5:93:17:80:b2:48:dc:de:a8:
         c9:10:2c:a9:e0:a8:2f:da:fd:f4:f8:bf:e2:81:1a:f4:21:fc:
         5d:6e:89:02:32:f9:e0:dc:18:71:7e:c1:a3:9d:d2:d8:f9:69:
         3a:75:70:b3:ba:bc:1f:a8:d4:88:3c:d0:70:4e:20:6b:cc:80:
         c0:dc:7e:08:93:80:4c:1a:ed:ba:05:c8:44:bb:b4:76:cd:d8:
         90:e8:85:ca:45:f8:d3:82:7b:94:14:a5:60:2c:ac:5c:ec:d9:
         85:2e:c1:8a:a4:26:c2:ac:9b:2b:fd:84:f7:97:18:9e:2c:d6:
         9c:10:f1:47:6d:bd:8f:3b:d3:13:76:31:74:d3:82:e0:e8:58:
         8f:39:94:d4:9d:fe:dc:b5:17:eb:21:36:d4:42:e0:3d:e8:69:
         e4:d1:12:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLftEREB/s2vXjyPqwbCm2uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjIwODI3MTQyODI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTYwNjBkNjg0MjMwM2YzMDlhZjFmOGQwYzUzN2FmNjc5Y2JjZDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNvpHcBvfI9K1u1LxWS7kOLKUFt3
sTGU3pwGx5UhcRbbn7bbojrI6rzBJTM3UbDqbhhogj8XPIZ3J7JLg2cM9fov1xVr
O3kzwtBHcsjaA3eggRfDJA9T9SA3D5awmPtDJZ3Ej/BgPXUJp0H3dGy2EU3xKwcN
/7wgTgSak+I43NtQ+r6GRG6a9eHBTVEI1Ju+GKP1o/aibynkSGSu124mU2OLmI+0
BiW9rf7kSdbGcim+7JoKdrqwGyhUdMq6Bhm4VPDZrL4kx2n0hBN0TLi4aTPCqkQD
TR5adYm+P08U63ttGq9ryxUcTIKQ4h9yvP7zxiPV0l+4PRjDuc1DSEgAbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLlgYNaEIwPzCa8fjQxTevZ5y80zMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvdVdCZzFvUWpBX01KcngtTkRGTjY5bm5MelRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV/4dMA0G
CSqGSIb3DQEBCwUAA4IBAQCovvcKytziDITud5+2koWSxxEX//w9BsDGwTp62uOL
2Jmvf9f2dYVzSPCiN+QwLdoNI0lp9mWrMhWs6n6u78XJdo8GA7rTLL0XTEJVnRMa
rXDpAteTqubq+D9b4MRp7pqM4z3FkxeAskjc3qjJECyp4Kgv2v30+L/igRr0Ifxd
bokCMvng3BhxfsGjndLY+Wk6dXCzurwfqNSIPNBwTiBrzIDA3H4Ik4BMGu26BchE
u7R2zdiQ6IXKRfjTgnuUFKVgLKxc7NmFLsGKpCbCrJsr/YT3lxieLNacEPFHbb2P
O9MTdjF004Lg6FiPOZTUnf7ctRfrITbUQuA96Gnk0RKP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:04 2024 by rpki-client on console-fra.rpki-client.org