Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/b1e3e1-8b7d-4e22-870c-58f574495bb8/1/LZqBhHckRNbcTEk-bcJQT0s7AF4.roa
File:                     LZqBhHckRNbcTEk-bcJQT0s7AF4.roa (raw, json)
Hash identifier:          BBPntxbBU1izkIyUvoQSB5TfdSskPhLdlF1eAJ9HgVA=
Subject key identifier:   2D:9A:81:84:77:24:44:D6:DC:4C:49:3E:6D:C2:50:4F:4B:3B:00:5E
Certificate issuer:       /CN=a90200a0000df5d845b9db284d0a2dbee676c5a8
Certificate serial:       A0E1B9
Authority key identifier: A9:02:00:A0:00:0D:F5:D8:45:B9:DB:28:4D:0A:2D:BE:E6:76:C5:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qQIAoAAN9dhFudsoTQotvuZ2xag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/b1e3e1-8b7d-4e22-870c-58f574495bb8/1/LZqBhHckRNbcTEk-bcJQT0s7AF4.roa
Signing time:             Sat 01 Jan 2022 03:00:47 +0000
ROA not before:           Sat 01 Jan 2022 03:00:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     40676
IP address blocks:        91.222.64.0/24 maxlen: 24
                          91.222.65.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10543545 (0xa0e1b9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a90200a0000df5d845b9db284d0a2dbee676c5a8
        Validity
            Not Before: Jan  1 03:00:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2d9a8184772444d6dc4c493e6dc2504f4b3b005e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:1d:9d:3e:7b:ae:cb:f4:4f:6c:ea:b6:ff:85:
                    cf:48:d0:86:2d:07:a9:67:b4:fa:ef:c1:2b:53:af:
                    2e:a3:20:8a:9d:24:4f:f1:2a:15:8a:b6:15:e8:88:
                    01:8c:3e:0c:9a:fc:0c:02:6f:56:55:79:a7:a7:e0:
                    98:ae:16:9c:ce:86:07:ba:c9:72:c2:76:71:46:d8:
                    c0:63:1d:5c:72:44:5f:5f:b9:b8:a8:58:2e:91:76:
                    9b:3c:5d:87:4d:59:79:96:7f:3a:81:ae:19:a2:c8:
                    ce:01:59:ae:d8:c2:30:80:78:2b:63:92:48:f5:c4:
                    de:ee:95:79:b8:91:5c:97:8a:6d:5f:55:16:c5:d0:
                    97:d9:4b:df:3a:b5:36:22:de:3d:1a:eb:df:9f:d1:
                    d3:16:a6:3f:7c:0b:08:6e:f6:3d:9b:98:da:15:20:
                    26:10:c3:a6:56:e2:68:4b:ce:fb:48:49:8c:49:c4:
                    eb:e4:cb:51:29:13:08:b1:7c:0f:7b:a6:e3:69:e8:
                    9e:76:f9:8a:60:f0:97:1f:ed:5f:af:7b:31:e6:f4:
                    6b:51:9c:5c:fd:b0:9a:0e:32:ce:1f:5a:86:15:fe:
                    41:94:1e:77:eb:af:f3:70:c4:1b:a0:e2:65:19:49:
                    79:c2:11:82:ad:c9:f7:6d:68:88:66:52:91:ca:7d:
                    26:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:9A:81:84:77:24:44:D6:DC:4C:49:3E:6D:C2:50:4F:4B:3B:00:5E
            X509v3 Authority Key Identifier:
                keyid:A9:02:00:A0:00:0D:F5:D8:45:B9:DB:28:4D:0A:2D:BE:E6:76:C5:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qQIAoAAN9dhFudsoTQotvuZ2xag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/b1e3e1-8b7d-4e22-870c-58f574495bb8/1/LZqBhHckRNbcTEk-bcJQT0s7AF4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/b1e3e1-8b7d-4e22-870c-58f574495bb8/1/qQIAoAAN9dhFudsoTQotvuZ2xag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.222.64.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1e:cf:ed:2c:eb:0e:d7:b1:df:28:11:00:56:19:b8:6e:84:22:
         99:b4:89:8a:8e:1b:a3:4b:72:87:34:61:4e:e9:bd:61:de:e0:
         b1:c5:22:67:f1:33:90:e2:0a:e5:b6:e4:2f:9d:d7:c7:5f:90:
         b8:8c:56:19:9e:f0:5c:79:10:2b:28:b4:69:bd:86:c8:21:eb:
         bd:2c:11:40:5c:0d:21:62:2d:61:74:c5:9f:01:75:30:dd:13:
         08:5f:33:6d:18:e5:5d:30:fa:e3:a9:7c:42:68:bd:53:5d:51:
         0a:9a:01:75:1e:5e:cd:c2:73:5f:85:08:76:06:48:71:37:5b:
         0b:32:f8:db:73:f7:e4:ce:0a:c4:e0:a5:fb:fe:a4:19:7f:23:
         03:2b:db:e9:d2:84:90:1a:00:be:35:e3:3a:b8:14:8b:84:03:
         5d:6e:2d:9c:bc:74:dd:a0:53:4f:28:b3:dd:44:47:d6:28:d5:
         e0:d8:59:d1:fb:4d:77:4b:30:ed:9a:83:3c:d8:e5:27:1b:28:
         56:b1:28:37:2d:a7:40:c5:55:c4:f3:9a:38:95:c9:0d:17:11:
         56:59:6f:9f:7e:a8:f3:af:90:a8:ef:e5:55:61:16:4b:73:0f:
         4d:dc:df:9e:b4:9f:53:a1:6f:4d:d4:26:da:71:6e:21:0d:8b:
         2b:89:48:29
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAKDhuTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
OTAyMDBhMDAwMGRmNWQ4NDViOWRiMjg0ZDBhMmRiZWU2NzZjNWE4MB4XDTIyMDEw
MTAzMDA0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmQ5YTgxODQ3NzI0
NDRkNmRjNGM0OTNlNmRjMjUwNGY0YjNiMDA1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ0dnT57rsv0T2zqtv+Fz0jQhi0HqWe0+u/BK1OvLqMgip0k
T/EqFYq2FeiIAYw+DJr8DAJvVlV5p6fgmK4WnM6GB7rJcsJ2cUbYwGMdXHJEX1+5
uKhYLpF2mzxdh01ZeZZ/OoGuGaLIzgFZrtjCMIB4K2OSSPXE3u6VebiRXJeKbV9V
FsXQl9lL3zq1NiLePRrr35/R0xamP3wLCG72PZuY2hUgJhDDplbiaEvO+0hJjEnE
6+TLUSkTCLF8D3um42nonnb5imDwlx/tX697Meb0a1GcXP2wmg4yzh9ahhX+QZQe
d+uv83DEG6DiZRlJecIRgq3J921oiGZSkcp9JuMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQtmoGEdyRE1txMST5twlBPSzsAXjAfBgNVHSMEGDAWgBSpAgCgAA312EW5
2yhNCi2+5nbFqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FRSUFvQUFOOWRoRnVkc29UUW90dnVaMnhhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjIvYjFlM2UxLThiN2QtNGUyMi04NzBjLTU4ZjU3NDQ5NWJiOC8x
L0xacUJoSGNrUk5iY1RFay1iY0pRVDBzN0FGNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIv
YjFlM2UxLThiN2QtNGUyMi04NzBjLTU4ZjU3NDQ5NWJiOC8xL3FRSUFvQUFOOWRo
RnVkc29UUW90dnVaMnhhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVveQDANBgkqhkiG9w0BAQsFAAOC
AQEAHs/tLOsO17HfKBEAVhm4boQimbSJio4bo0tyhzRhTum9Yd7gscUiZ/EzkOIK
5bbkL53Xx1+QuIxWGZ7wXHkQKyi0ab2GyCHrvSwRQFwNIWItYXTFnwF1MN0TCF8z
bRjlXTD646l8Qmi9U11RCpoBdR5ezcJzX4UIdgZIcTdbCzL423P35M4KxOCl+/6k
GX8jAyvb6dKEkBoAvjXjOrgUi4QDXW4tnLx03aBTTyiz3URH1ijV4NhZ0ftNd0sw
7ZqDPNjlJxsoVrEoNy2nQMVVxPOaOJXJDRcRVllvn36o86+QqO/lVWEWS3MPTdzf
nrSfU6FvTdQm2nFuIQ2LK4lIKQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:20 2024 by rpki-client on console-fra.rpki-client.org