Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lYnCGHn9f047tfMLCvngjTduRQk.roa
File:                     lYnCGHn9f047tfMLCvngjTduRQk.roa (raw, json)
Hash identifier:          kIHeL20p4ypABrvR12SOUI41Ae4H8fbmBAYe1dG9eUI=
Subject key identifier:   95:89:C2:18:79:FD:7F:4E:3B:B5:F3:0B:0A:F9:E0:8D:37:6E:45:09
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       1F5345A6
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lYnCGHn9f047tfMLCvngjTduRQk.roa
Signing time:             Tue 28 Jun 2022 10:33:02 +0000
ROA not before:           Tue 28 Jun 2022 10:33:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     136923
IP address blocks:        194.169.172.0/24 maxlen: 24
                          193.37.40.0/24 maxlen: 24
                          109.206.240.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 525551014 (0x1f5345a6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jun 28 10:33:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9589c21879fd7f4e3bb5f30b0af9e08d376e4509
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:b2:85:4d:c5:ef:42:c6:d9:c7:26:68:e5:e3:
                    1a:1c:6b:e1:88:02:d3:fa:e9:a4:bc:fe:5a:e9:bf:
                    88:b1:7a:ac:66:01:9f:f1:dd:a1:e4:27:ae:51:c2:
                    ab:fa:6a:de:30:0d:d3:cd:db:e6:3c:b3:57:c8:4c:
                    36:f2:de:1d:13:5a:b9:71:57:c1:14:39:00:fe:5b:
                    5c:e0:eb:7e:38:79:55:45:96:c2:da:d1:86:66:b7:
                    68:90:fb:14:70:8f:6d:46:57:a5:64:9e:79:31:da:
                    89:aa:ff:75:51:d1:d9:d0:ed:a6:f4:b7:10:cf:da:
                    f9:82:4d:f7:24:c4:2c:7e:b0:a4:07:e6:d6:36:ca:
                    6e:e5:cc:d0:b8:7a:d5:d2:09:40:64:01:cf:8e:ac:
                    01:ce:33:48:18:db:8e:58:69:9b:83:b1:c0:65:be:
                    18:c6:56:c8:b8:03:67:67:97:44:78:09:66:32:9c:
                    41:52:c3:8a:4e:9c:b8:65:db:4e:3f:55:dd:41:b1:
                    4d:43:fd:92:48:d3:8c:37:63:8e:ee:1f:ce:c3:a9:
                    b7:25:d9:6b:a0:fe:37:fb:f4:9e:42:6a:15:5d:24:
                    7f:e0:22:9e:38:51:76:44:f2:ca:cc:50:22:50:00:
                    53:06:37:82:cb:f5:f1:da:d2:0e:f6:c6:47:4e:fa:
                    00:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:89:C2:18:79:FD:7F:4E:3B:B5:F3:0B:0A:F9:E0:8D:37:6E:45:09
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lYnCGHn9f047tfMLCvngjTduRQk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.206.240.0/24
                  193.37.40.0/24
                  194.169.172.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:93:5e:63:cb:89:aa:17:cc:5a:76:bc:09:ef:ec:68:75:56:
         f1:3a:2b:46:65:9d:2f:80:64:4d:6d:fa:f2:3c:e3:1b:31:37:
         08:50:61:44:d4:63:97:94:b7:54:fc:00:6f:1c:fa:06:40:0a:
         30:08:51:41:c7:78:a3:01:cb:be:7a:c6:8c:d0:5f:f2:52:25:
         2e:d1:08:95:e8:88:b5:7d:7f:0b:65:31:ab:f2:54:11:fa:b6:
         33:99:da:98:6c:c1:93:a1:a7:3e:c1:65:f7:b3:a2:10:4c:b2:
         ea:21:31:7b:8e:f1:45:20:e4:c8:8e:40:4f:9d:3a:da:bc:da:
         44:8d:65:49:e4:0a:e2:9a:dd:84:b6:89:b8:b3:f3:88:cc:cb:
         ee:1b:b3:06:e4:fa:6d:af:ec:41:8b:81:0f:c2:51:63:48:20:
         8c:05:18:34:39:b5:c2:04:25:86:69:34:0b:a1:07:e7:c9:11:
         0d:b6:5e:70:c0:46:34:0b:d9:42:0f:7c:96:58:81:e5:2d:b8:
         2c:47:2e:23:9b:1b:1f:f6:03:e6:57:77:27:b7:b7:e8:e6:d4:
         e8:bd:d4:a2:9f:31:ba:68:10:a8:54:47:8c:73:5e:95:68:92:
         bc:3f:f5:ad:c1:c0:82:39:e5:f1:21:80:d3:4c:6d:c9:5a:95:
         3d:f8:17:6b
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEH1NFpjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDYy
ODEwMzMwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTU4OWMyMTg3OWZk
N2Y0ZTNiYjVmMzBiMGFmOWUwOGQzNzZlNDUwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIqyhU3F70LG2ccmaOXjGhxr4YgC0/rppLz+Wum/iLF6rGYB
n/HdoeQnrlHCq/pq3jAN083b5jyzV8hMNvLeHRNauXFXwRQ5AP5bXODrfjh5VUWW
wtrRhma3aJD7FHCPbUZXpWSeeTHaiar/dVHR2dDtpvS3EM/a+YJN9yTELH6wpAfm
1jbKbuXM0Lh61dIJQGQBz46sAc4zSBjbjlhpm4OxwGW+GMZWyLgDZ2eXRHgJZjKc
QVLDik6cuGXbTj9V3UGxTUP9kkjTjDdjju4fzsOptyXZa6D+N/v0nkJqFV0kf+Ai
njhRdkTyysxQIlAAUwY3gsv18drSDvbGR076AKECAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSVicIYef1/Tju18wsK+eCNN25FCTAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L2xZbkNHSG45ZjA0N3RmTUxDdm5nalRkdVJRay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAG3O8AMEAMElKAMEAMKprDANBgkq
hkiG9w0BAQsFAAOCAQEAJ5NeY8uJqhfMWna8Ce/saHVW8TorRmWdL4BkTW368jzj
GzE3CFBhRNRjl5S3VPwAbxz6BkAKMAhRQcd4owHLvnrGjNBf8lIlLtEIleiItX1/
C2Uxq/JUEfq2M5namGzBk6GnPsFl97OiEEyy6iExe47xRSDkyI5AT5062rzaRI1l
SeQK4prdhLaJuLPziMzL7huzBuT6ba/sQYuBD8JRY0ggjAUYNDm1wgQlhmk0C6EH
58kRDbZecMBGNAvZQg98lliB5S24LEcuI5sbH/YD5ld3J7e36ObU6L3Uop8xumgQ
qFRHjHNelWiSvD/1rcHAgjnl8SGA00xtyVqVPfgXaw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:42 2024 by rpki-client on console-ams.rpki-client.org