Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/LbcVqRyJXX2wgoQXamzE71wtceQ.roa
File:                     LbcVqRyJXX2wgoQXamzE71wtceQ.roa (raw, json)
Hash identifier:          fJ/16CtoYpdKePoKg6fASHK4aZUJQHwmMHuyVNg8d/M=
Subject key identifier:   2D:B7:15:A9:1C:89:5D:7D:B0:82:84:17:6A:6C:C4:EF:5C:2D:71:E4
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       138EDE6B
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/LbcVqRyJXX2wgoQXamzE71wtceQ.roa
Signing time:             Sat 01 Jan 2022 05:56:21 +0000
ROA not before:           Sat 01 Jan 2022 05:56:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204421
IP address blocks:        185.212.10.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 328130155 (0x138ede6b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Jan  1 05:56:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2db715a91c895d7db08284176a6cc4ef5c2d71e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:73:37:57:61:cb:1c:6d:4e:d0:23:0d:bf:82:
                    4e:49:af:14:05:85:61:8c:7f:a9:69:f0:c1:8e:1e:
                    f3:1c:14:a6:fc:33:5a:20:77:84:09:a0:a2:7e:9e:
                    10:ae:06:96:4d:a5:d0:30:a0:57:30:ba:ba:42:bd:
                    3f:a5:d7:84:f2:4c:2a:ec:80:5d:5c:af:fb:84:1b:
                    b5:d7:f0:fc:44:16:34:64:99:f8:ce:95:6a:04:88:
                    88:2d:5c:7d:dc:93:66:3f:6e:17:12:9c:ac:9d:78:
                    2a:5d:10:69:ea:88:77:53:7f:a7:75:9b:c9:03:9d:
                    15:01:87:39:23:7c:14:61:51:c0:09:56:51:0d:a9:
                    09:92:a5:f9:51:3e:ff:a8:4b:ca:ef:6a:36:e8:a2:
                    eb:c7:d2:97:e8:b1:62:c8:50:f5:25:c0:80:69:c8:
                    0b:3e:20:03:62:49:8c:e1:7b:2a:ec:b5:75:30:1a:
                    94:6e:25:b9:5d:25:4b:71:d8:0e:5b:9d:71:b4:b9:
                    33:53:c6:20:a9:92:06:fb:f2:0c:b4:85:8d:24:45:
                    1d:aa:cc:3d:81:b1:ba:bf:65:7f:cc:c4:10:c2:db:
                    cc:cc:75:07:a7:c8:57:7d:58:9b:e1:38:b0:12:28:
                    fa:97:13:4c:bd:bb:bb:17:c4:f4:b8:12:19:53:f3:
                    84:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:B7:15:A9:1C:89:5D:7D:B0:82:84:17:6A:6C:C4:EF:5C:2D:71:E4
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/LbcVqRyJXX2wgoQXamzE71wtceQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.212.10.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:0a:1c:c8:36:01:4e:44:cb:0d:13:2e:cf:71:32:32:87:b5:
         18:50:b1:8a:ed:10:ac:50:99:4f:d4:cf:c7:b9:60:12:48:27:
         05:31:81:d8:4c:f4:f9:5a:24:68:26:ce:2f:1b:39:21:da:9d:
         95:94:e2:65:30:33:51:c1:c9:93:b5:f8:e0:1e:b1:17:62:09:
         4f:3b:96:70:ee:33:c3:5d:44:6e:7d:dd:aa:db:06:5a:1a:83:
         b2:66:aa:3c:24:5b:62:86:fd:58:e3:68:ed:70:33:1e:54:d9:
         c6:b6:23:85:cf:52:20:25:3b:b8:8b:0d:eb:b7:b1:02:54:fd:
         fe:32:2d:d5:2d:74:e7:3f:4f:1a:ce:8f:01:6e:2a:44:1d:a5:
         76:d5:25:7e:27:00:ee:db:b7:75:b8:b8:3e:28:c0:01:f9:74:
         70:0d:12:65:c8:a1:11:f0:08:a2:d2:cb:29:a9:8d:ec:d0:d1:
         65:f2:16:64:a0:3d:0b:51:97:c2:18:3b:22:77:3a:ce:8f:91:
         d3:e6:96:1a:30:b6:23:34:de:cb:bb:ff:5d:3f:6d:46:a6:2b:
         f6:fb:6c:d2:aa:84:8e:9a:2d:c8:ae:51:e3:8d:36:19:e1:bf:
         0c:a5:23:11:d6:65:de:18:68:d4:6e:36:1b:6d:52:8a:ef:00:
         b9:9f:59:15
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEE47eazANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDEw
MTA1NTYyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmRiNzE1YTkxYzg5
NWQ3ZGIwODI4NDE3NmE2Y2M0ZWY1YzJkNzFlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMJzN1dhyxxtTtAjDb+CTkmvFAWFYYx/qWnwwY4e8xwUpvwz
WiB3hAmgon6eEK4Glk2l0DCgVzC6ukK9P6XXhPJMKuyAXVyv+4Qbtdfw/EQWNGSZ
+M6VagSIiC1cfdyTZj9uFxKcrJ14Kl0QaeqId1N/p3WbyQOdFQGHOSN8FGFRwAlW
UQ2pCZKl+VE+/6hLyu9qNuii68fSl+ixYshQ9SXAgGnICz4gA2JJjOF7Kuy1dTAa
lG4luV0lS3HYDludcbS5M1PGIKmSBvvyDLSFjSRFHarMPYGxur9lf8zEEMLbzMx1
B6fIV31Ym+E4sBIo+pcTTL27uxfE9LgSGVPzhEkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQttxWpHIldfbCChBdqbMTvXC1x5DAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L0xiY1ZxUnlKWFgyd2dvUVhhbXpFNzF3dGNlUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnUCjANBgkqhkiG9w0BAQsFAAOC
AQEAIAocyDYBTkTLDRMuz3EyMoe1GFCxiu0QrFCZT9TPx7lgEkgnBTGB2Ez0+Vok
aCbOLxs5IdqdlZTiZTAzUcHJk7X44B6xF2IJTzuWcO4zw11Ebn3dqtsGWhqDsmaq
PCRbYob9WONo7XAzHlTZxrYjhc9SICU7uIsN67exAlT9/jIt1S105z9PGs6PAW4q
RB2ldtUlficA7tu3dbi4PijAAfl0cA0SZcihEfAIotLLKamN7NDRZfIWZKA9C1GX
whg7Inc6zo+R0+aWGjC2IzTey7v/XT9tRqYr9vts0qqEjpotyK5R4402GeG/DKUj
EdZl3hho1G42G21Siu8AuZ9ZFQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org