Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/4ce933-488f-46b9-ac2c-7c93cae227bd/1/LQIK2YmqeoBiqg_MOG8XHRg7GgI.roa
File:                     LQIK2YmqeoBiqg_MOG8XHRg7GgI.roa (raw, json)
Hash identifier:          Mc3WRm2jwr82Ijl1KqwfSfij+drcT6rO4meKADOEHi4=
Subject key identifier:   2D:02:0A:D9:89:AA:7A:80:62:AA:0F:CC:38:6F:17:1D:18:3B:1A:02
Certificate issuer:       /CN=9717bafb7018dc43bdae53b23a23e16567e1f21c
Certificate serial:       02B169F9
Authority key identifier: 97:17:BA:FB:70:18:DC:43:BD:AE:53:B2:3A:23:E1:65:67:E1:F2:1C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lxe6-3AY3EO9rlOyOiPhZWfh8hw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/4ce933-488f-46b9-ac2c-7c93cae227bd/1/LQIK2YmqeoBiqg_MOG8XHRg7GgI.roa
Signing time:             Sat 01 Jan 2022 06:56:58 +0000
ROA not before:           Sat 01 Jan 2022 06:56:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     56835
IP address blocks:        91.227.180.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 45181433 (0x2b169f9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9717bafb7018dc43bdae53b23a23e16567e1f21c
        Validity
            Not Before: Jan  1 06:56:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2d020ad989aa7a8062aa0fcc386f171d183b1a02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:8a:8b:b5:cc:a6:10:93:30:61:93:7a:b7:84:
                    66:20:1e:4a:a8:ae:e6:df:f9:8e:db:67:8f:b6:b6:
                    1e:46:9d:96:99:cd:a6:d0:63:58:df:33:c4:a4:49:
                    00:9e:2c:12:b6:2e:9f:1b:7d:e4:be:4e:b5:b1:e7:
                    4e:eb:44:95:a1:53:5d:19:c6:d9:38:a4:f2:91:70:
                    dc:fb:35:15:ce:f4:94:00:f1:7c:bf:eb:8a:61:b2:
                    f8:d8:16:04:3f:72:36:60:ee:83:48:1f:71:2f:d3:
                    d5:61:db:0a:ab:a3:71:a6:09:09:a6:34:65:ae:fc:
                    28:7c:6f:70:aa:58:0d:79:bd:fe:84:da:d5:e1:e2:
                    c6:7a:2c:ca:2d:dd:1d:d7:43:c5:4d:dd:ac:0d:f6:
                    07:06:09:09:3b:6a:b9:fe:5a:06:fd:6d:66:26:2a:
                    b6:ee:92:86:75:c3:5b:15:63:1f:d3:53:06:ce:79:
                    e5:f7:c1:cc:87:25:de:eb:1a:e9:a5:03:a7:b6:b1:
                    01:4f:ae:ab:ef:bd:08:f1:2f:dc:9b:52:08:a8:37:
                    c5:b7:b2:1b:b3:82:92:0d:0f:fb:01:65:85:27:a7:
                    f6:2b:ec:65:e5:9c:bc:9e:4b:45:58:bb:3e:af:bb:
                    73:78:c3:c7:7a:90:a7:8e:22:13:f8:78:06:21:e9:
                    8f:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:02:0A:D9:89:AA:7A:80:62:AA:0F:CC:38:6F:17:1D:18:3B:1A:02
            X509v3 Authority Key Identifier:
                keyid:97:17:BA:FB:70:18:DC:43:BD:AE:53:B2:3A:23:E1:65:67:E1:F2:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lxe6-3AY3EO9rlOyOiPhZWfh8hw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/4ce933-488f-46b9-ac2c-7c93cae227bd/1/LQIK2YmqeoBiqg_MOG8XHRg7GgI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/4ce933-488f-46b9-ac2c-7c93cae227bd/1/lxe6-3AY3EO9rlOyOiPhZWfh8hw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.227.180.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c0:2a:34:ff:8a:45:e5:15:51:d3:c5:4b:0c:77:41:6d:e1:3a:
         c7:d1:a9:d2:ad:ac:ce:fe:43:2b:ca:b1:7a:69:22:ba:7c:2a:
         a4:0f:b4:d9:17:c4:c8:0d:ef:6b:4d:b8:2c:e0:64:70:99:3c:
         d9:6a:fd:5b:4e:e6:3a:56:17:fc:31:fb:0c:80:91:b7:85:e4:
         59:f7:08:ad:28:95:84:21:f2:a3:33:76:5a:73:c9:eb:67:46:
         b6:9f:84:a2:d7:a1:5b:05:a1:5f:d3:df:5c:62:20:4f:52:0f:
         38:1a:42:78:4b:09:3a:f0:df:4e:35:6c:4c:c6:2c:6d:da:26:
         bc:1b:ab:ff:7a:38:bc:4d:80:0d:eb:a9:3f:d6:f2:b6:d9:ef:
         0c:d6:1b:76:75:f3:57:9b:49:00:22:fe:8e:c6:a1:cd:c6:5a:
         82:e0:a3:b1:cd:3e:44:9a:6b:df:6c:c2:2a:64:e5:75:e1:4b:
         a7:d4:6e:71:18:3c:69:31:22:fc:a7:95:c9:0c:86:86:35:25:
         c3:76:29:54:46:4e:04:68:6b:f5:85:5d:90:14:f1:3f:c8:57:
         ef:c7:62:5d:10:3b:3f:a8:2a:81:72:85:9c:78:c9:79:89:6d:
         98:51:bf:f4:d5:01:7e:e5:12:ba:63:f9:59:fb:9f:66:a3:8d:
         b8:e1:29:66
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEArFp+TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NzE3YmFmYjcwMThkYzQzYmRhZTUzYjIzYTIzZTE2NTY3ZTFmMjFjMB4XDTIyMDEw
MTA2NTY1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmQwMjBhZDk4OWFh
N2E4MDYyYWEwZmNjMzg2ZjE3MWQxODNiMWEwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMiKi7XMphCTMGGTereEZiAeSqiu5t/5jttnj7a2HkadlpnN
ptBjWN8zxKRJAJ4sErYunxt95L5OtbHnTutElaFTXRnG2Tik8pFw3Ps1Fc70lADx
fL/rimGy+NgWBD9yNmDug0gfcS/T1WHbCqujcaYJCaY0Za78KHxvcKpYDXm9/oTa
1eHixnosyi3dHddDxU3drA32BwYJCTtquf5aBv1tZiYqtu6ShnXDWxVjH9NTBs55
5ffBzIcl3usa6aUDp7axAU+uq++9CPEv3JtSCKg3xbeyG7OCkg0P+wFlhSen9ivs
ZeWcvJ5LRVi7Pq+7c3jDx3qQp44iE/h4BiHpj1ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQtAgrZiap6gGKqD8w4bxcdGDsaAjAfBgNVHSMEGDAWgBSXF7r7cBjcQ72u
U7I6I+FlZ+HyHDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2x4ZTYtM0FZM0VPOXJsT3lPaVBoWldmaDhody5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWYvNGNlOTMzLTQ4OGYtNDZiOS1hYzJjLTdjOTNjYWUyMjdiZC8x
L0xRSUsyWW1xZW9CaXFnX01PRzhYSFJnN0dnSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWYv
NGNlOTMzLTQ4OGYtNDZiOS1hYzJjLTdjOTNjYWUyMjdiZC8xL2x4ZTYtM0FZM0VP
OXJsT3lPaVBoWldmaDhody5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlvjtDANBgkqhkiG9w0BAQsFAAOC
AQEAwCo0/4pF5RVR08VLDHdBbeE6x9Gp0q2szv5DK8qxemkiunwqpA+02RfEyA3v
a024LOBkcJk82Wr9W07mOlYX/DH7DICRt4XkWfcIrSiVhCHyozN2WnPJ62dGtp+E
otehWwWhX9PfXGIgT1IPOBpCeEsJOvDfTjVsTMYsbdomvBur/3o4vE2ADeupP9by
ttnvDNYbdnXzV5tJACL+jsahzcZaguCjsc0+RJpr32zCKmTldeFLp9RucRg8aTEi
/KeVyQyGhjUlw3YpVEZOBGhr9YVdkBTxP8hX78diXRA7P6gqgXKFnHjJeYltmFG/
9NUBfuUSumP5WfufZqONuOEpZg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:27 2024 by rpki-client on console-ams.rpki-client.org