Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/LJrVqWIAemo6sdeuzhdHWLznhlE.roa
File:                     LJrVqWIAemo6sdeuzhdHWLznhlE.roa (raw, json)
Hash identifier:          Eo+qeEq0kxWTgXLXp3kkdO6b1lW4FdA3L7b6d9usfxc=
Subject key identifier:   2C:9A:D5:A9:62:00:7A:6A:3A:B1:D7:AE:CE:17:47:58:BC:E7:86:51
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       0701DF8B
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/LJrVqWIAemo6sdeuzhdHWLznhlE.roa
Signing time:             Sat 01 Jan 2022 03:54:10 +0000
ROA not before:           Sat 01 Jan 2022 03:54:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        85.209.121.0/24 maxlen: 24
                          45.13.190.0/24 maxlen: 24
                          45.13.191.0/24 maxlen: 24
                          45.151.3.0/24 maxlen: 24
                          5.181.84.0/24 maxlen: 24
                          5.181.85.0/24 maxlen: 24
                          45.144.212.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 117563275 (0x701df8b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Jan  1 03:54:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2c9ad5a962007a6a3ab1d7aece174758bce78651
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:25:64:0d:68:59:f8:8c:ce:14:f1:47:8e:5c:
                    92:00:b3:9d:6c:b6:aa:43:8f:d1:ba:4c:d8:79:46:
                    6d:08:e9:95:5c:03:d3:ee:62:c6:2d:0d:0f:00:d2:
                    20:c5:c1:87:47:03:cb:0e:74:41:ad:bf:be:02:47:
                    65:9c:bc:c3:4d:2a:b5:a0:0b:4e:06:71:c1:16:80:
                    f8:59:9b:e7:38:29:97:13:0c:83:dc:e5:2b:95:d9:
                    dd:47:b5:c0:71:81:4d:b8:c5:13:f9:0a:a0:20:25:
                    28:87:8f:52:bd:ff:b1:9d:9d:cc:e8:c2:d9:c9:3b:
                    62:68:26:54:e2:78:36:7c:7e:20:9f:6a:fa:12:19:
                    5f:0c:61:8c:20:93:ce:81:fc:b2:fb:c1:97:a0:38:
                    6e:0d:e1:c3:4d:fe:c2:a6:56:64:d4:c6:f8:24:6e:
                    f1:72:1b:4e:25:7d:39:4f:f7:ec:d9:cd:64:f4:bc:
                    b7:fa:b0:60:fb:2d:fe:ae:2d:22:c0:6d:6e:6e:13:
                    ef:a6:5b:32:6e:a9:fc:89:3a:bd:eb:b5:c4:33:e0:
                    2d:75:59:de:f4:4f:2a:de:99:db:d8:c5:3e:42:5b:
                    4e:fa:8e:61:eb:78:ec:a7:38:23:10:9f:fe:bc:1d:
                    4c:39:8a:d5:2a:68:8e:46:2f:01:34:6f:8b:dc:77:
                    c0:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:9A:D5:A9:62:00:7A:6A:3A:B1:D7:AE:CE:17:47:58:BC:E7:86:51
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/LJrVqWIAemo6sdeuzhdHWLznhlE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.84.0/23
                  45.13.190.0/23
                  45.144.212.0/24
                  45.151.3.0/24
                  85.209.121.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:1b:50:82:17:d3:80:3a:3f:97:3e:50:18:76:ac:d2:99:66:
         65:d9:db:d3:2e:db:83:70:6b:14:55:f2:34:51:f1:7a:1d:a5:
         54:cd:00:45:04:b1:e4:0a:10:8d:f7:a3:02:fe:2f:65:6b:bb:
         be:7a:ef:6a:35:8c:96:d0:21:23:5a:a1:71:d8:08:f1:c0:97:
         88:24:06:2b:ec:84:b3:67:ec:98:5b:88:b1:eb:be:34:25:a8:
         8a:1f:13:93:4a:03:38:4e:8e:af:7c:0c:28:ff:3d:bb:65:f2:
         56:d4:b9:90:e6:2f:9f:30:d7:f7:b9:94:d5:36:30:1d:71:42:
         30:71:9f:08:5c:44:74:25:39:25:45:22:d6:55:87:d3:2b:e6:
         d2:fa:91:dd:0a:77:bf:47:01:f8:07:30:26:dc:03:73:c6:a7:
         55:51:9d:30:51:02:8c:b4:81:7e:0d:c3:40:de:92:f8:38:f3:
         08:10:d8:3c:0d:fc:9a:bd:b3:89:ed:74:da:e4:f7:53:0a:3c:
         d1:4f:3e:ac:6c:16:5b:a1:5f:79:b6:41:4e:d5:14:77:33:d5:
         6d:d4:a8:5a:65:32:f2:2e:71:49:13:d6:e8:c9:6c:a3:79:35:
         34:85:55:9a:31:73:a6:50:6b:8a:c4:47:59:12:e1:6c:6e:a8:
         2a:aa:b4:9c
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEBwHfizANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDJhNDc4YmIwYjA4ZTY2MWIwYjJmOWZiZTg5MzViYzljMmEyOGExMB4XDTIyMDEw
MTAzNTQxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmM5YWQ1YTk2MjAw
N2E2YTNhYjFkN2FlY2UxNzQ3NThiY2U3ODY1MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALYlZA1oWfiMzhTxR45ckgCznWy2qkOP0bpM2HlGbQjplVwD
0+5ixi0NDwDSIMXBh0cDyw50Qa2/vgJHZZy8w00qtaALTgZxwRaA+Fmb5zgplxMM
g9zlK5XZ3Ue1wHGBTbjFE/kKoCAlKIePUr3/sZ2dzOjC2ck7YmgmVOJ4Nnx+IJ9q
+hIZXwxhjCCTzoH8svvBl6A4bg3hw03+wqZWZNTG+CRu8XIbTiV9OU/37NnNZPS8
t/qwYPst/q4tIsBtbm4T76ZbMm6p/Ik6veu1xDPgLXVZ3vRPKt6Z29jFPkJbTvqO
Yet47Kc4IxCf/rwdTDmK1SpojkYvATRvi9x3wKECAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBQsmtWpYgB6ajqx167OF0dYvOeGUTAfBgNVHSMEGDAWgBSdKkeLsLCOZhsL
L5++iTW8nCoooTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25TcEhpN0N3am1ZYkN5LWZ2b2sxdkp3cUtLRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvNjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8x
L0xKclZxV0lBZW1vNnNkZXV6aGRIV0x6bmhsRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
NjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8xL25TcEhpN0N3am1Z
YkN5LWZ2b2sxdkp3cUtLRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAQW1VAMEAS0NvgMEAC2Q1AMEAC2X
AwMEAFXReTANBgkqhkiG9w0BAQsFAAOCAQEAIBtQghfTgDo/lz5QGHas0plmZdnb
0y7bg3BrFFXyNFHxeh2lVM0ARQSx5AoQjfejAv4vZWu7vnrvajWMltAhI1qhcdgI
8cCXiCQGK+yEs2fsmFuIseu+NCWoih8Tk0oDOE6Or3wMKP89u2XyVtS5kOYvnzDX
97mU1TYwHXFCMHGfCFxEdCU5JUUi1lWH0yvm0vqR3Qp3v0cB+AcwJtwDc8anVVGd
MFECjLSBfg3DQN6S+DjzCBDYPA38mr2zie102uT3Uwo80U8+rGwWW6FfebZBTtUU
dzPVbdSoWmUy8i5xSRPW6Mlso3k1NIVVmjFzplBrisRHWRLhbG6oKqq0nA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org