Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/LK9CFgcXXbi16UQjWBvW31xLzdE.roa
File:                     LK9CFgcXXbi16UQjWBvW31xLzdE.roa (raw, json)
Hash identifier:          Cr44z8Ja7PFJAAB14Vjio3PLi+kHsZnJIZpVvF+czrI=
Subject key identifier:   2C:AF:42:16:07:17:5D:B8:B5:E9:44:23:58:1B:D6:DF:5C:4B:CD:D1
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       139FD211
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/LK9CFgcXXbi16UQjWBvW31xLzdE.roa
Signing time:             Tue 04 Jan 2022 16:54:45 +0000
ROA not before:           Tue 04 Jan 2022 16:54:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206085
IP address blocks:        45.89.44.0/22 maxlen: 22
                          45.95.88.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 329241105 (0x139fd211)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Jan  4 16:54:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2caf421607175db8b5e94423581bd6df5c4bcdd1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:99:44:ee:1f:32:11:a9:d8:14:d3:6e:7b:aa:
                    15:72:39:56:a0:13:9d:2b:50:7c:89:35:43:14:12:
                    6e:af:9a:57:45:70:5c:55:86:a3:00:6d:7f:ff:c4:
                    55:a4:54:7d:3d:03:fb:27:bf:0f:e0:d0:48:63:db:
                    ac:3c:d2:6f:00:a9:7e:06:a1:15:dc:83:e3:c2:3f:
                    9d:14:54:28:03:96:34:4d:8d:4e:50:d8:6d:ea:a0:
                    d6:a5:69:49:b7:7b:1c:96:8d:3b:47:d6:b7:7a:90:
                    e9:23:d1:86:05:89:ac:38:9a:2c:7d:aa:69:13:eb:
                    f9:4c:2e:b6:aa:30:8f:1b:0f:cb:df:23:97:a4:22:
                    70:d0:4b:a3:87:c3:84:ae:ad:2b:2b:55:a1:29:0b:
                    92:2e:c7:96:e2:a0:05:50:dc:19:cc:d7:33:0e:08:
                    c0:0c:20:73:4e:07:1d:f1:8b:81:66:4c:c2:6c:10:
                    4c:23:8f:fc:21:ba:c0:9a:bc:e4:be:7a:6d:80:e4:
                    09:f2:c4:84:69:cb:c9:7c:05:17:aa:cd:b5:0e:78:
                    fc:22:6f:67:fa:e6:b5:6b:76:42:a3:ae:40:4b:06:
                    1e:b9:1f:d8:b3:96:a5:23:4b:01:2f:94:71:b4:2f:
                    73:dd:e9:9b:25:f8:ba:c0:05:90:e2:67:05:53:68:
                    76:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:AF:42:16:07:17:5D:B8:B5:E9:44:23:58:1B:D6:DF:5C:4B:CD:D1
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/LK9CFgcXXbi16UQjWBvW31xLzdE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.89.44.0/22
                  45.95.88.0/22

    Signature Algorithm: sha256WithRSAEncryption
         58:49:ff:63:34:29:9c:77:29:cd:80:c3:69:89:2a:2c:e0:1c:
         af:74:ce:8a:8e:ea:9e:b6:09:4f:ff:88:c7:bb:83:c9:54:d7:
         31:f9:d0:2f:03:ff:b1:ac:e5:2e:ab:04:67:f0:41:6c:f7:2d:
         87:5f:f9:0f:c7:b4:24:60:bc:61:f1:95:78:93:38:06:8d:61:
         08:e9:34:f8:8e:f9:37:03:5b:0d:62:c6:e3:72:f4:25:ee:43:
         f1:cb:87:cc:69:7f:b0:c2:62:14:0d:2a:c0:b8:61:66:2f:4a:
         d3:61:3c:1b:b8:b3:2f:6c:71:0c:f4:40:01:76:54:e4:52:00:
         b8:aa:b1:12:b9:57:cc:92:ea:cd:33:e8:09:31:b8:10:dc:5a:
         30:e4:58:3e:ef:fd:79:0d:3d:cf:cc:eb:3e:59:75:41:75:c5:
         f3:ab:85:b3:f7:04:32:57:04:4c:de:3c:d0:78:b6:72:78:7a:
         0a:19:70:60:44:00:16:5a:73:53:21:d4:66:d6:c9:23:5e:cd:
         eb:8f:00:3c:dc:90:fa:51:d0:6e:bf:62:d0:a3:f5:60:ce:0b:
         14:13:1b:76:ec:11:bb:05:7c:b6:f0:0a:73:55:5c:87:7d:15:
         15:90:c2:16:23:b3:32:6a:76:8a:35:6a:20:cc:59:9c:c5:ff:
         5c:61:74:c7
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEE5/SETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDEw
NDE2NTQ0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmNhZjQyMTYwNzE3
NWRiOGI1ZTk0NDIzNTgxYmQ2ZGY1YzRiY2RkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANeZRO4fMhGp2BTTbnuqFXI5VqATnStQfIk1QxQSbq+aV0Vw
XFWGowBtf//EVaRUfT0D+ye/D+DQSGPbrDzSbwCpfgahFdyD48I/nRRUKAOWNE2N
TlDYbeqg1qVpSbd7HJaNO0fWt3qQ6SPRhgWJrDiaLH2qaRPr+UwutqowjxsPy98j
l6QicNBLo4fDhK6tKytVoSkLki7HluKgBVDcGczXMw4IwAwgc04HHfGLgWZMwmwQ
TCOP/CG6wJq85L56bYDkCfLEhGnLyXwFF6rNtQ54/CJvZ/rmtWt2QqOuQEsGHrkf
2LOWpSNLAS+UcbQvc93pmyX4usAFkOJnBVNodnMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQsr0IWBxdduLXpRCNYG9bfXEvN0TAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L0xLOUNGZ2NYWGJpMTZVUWpXQnZXMzF4THpkRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAi1ZLAMEAi1fWDANBgkqhkiG9w0B
AQsFAAOCAQEAWEn/YzQpnHcpzYDDaYkqLOAcr3TOio7qnrYJT/+Ix7uDyVTXMfnQ
LwP/sazlLqsEZ/BBbPcth1/5D8e0JGC8YfGVeJM4Bo1hCOk0+I75NwNbDWLG43L0
Je5D8cuHzGl/sMJiFA0qwLhhZi9K02E8G7izL2xxDPRAAXZU5FIAuKqxErlXzJLq
zTPoCTG4ENxaMORYPu/9eQ09z8zrPll1QXXF86uFs/cEMlcETN480Hi2cnh6Chlw
YEQAFlpzUyHUZtbJI17N648APNyQ+lHQbr9i0KP1YM4LFBMbduwRuwV8tvAKc1Vc
h30VFZDCFiOzMmp2ijVqIMxZnMX/XGF0xw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org