Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/LhQQ0wJ5Xue64YwG-8uvpX3uAtY.roa
File:                     LhQQ0wJ5Xue64YwG-8uvpX3uAtY.roa (raw, json)
Hash identifier:          AWlTfbnPKkFm/ra8wRjZpUaXM9a+OzelAXQMei9t3io=
Subject key identifier:   2E:14:10:D3:02:79:5E:E7:BA:E1:8C:06:FB:CB:AF:A5:7D:EE:02:D6
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       1451DCCF
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/LhQQ0wJ5Xue64YwG-8uvpX3uAtY.roa
Signing time:             Fri 18 Mar 2022 18:06:53 +0000
ROA not before:           Fri 18 Mar 2022 18:06:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202960
IP address blocks:        185.147.48.0/24 maxlen: 24
                          91.242.70.0/23 maxlen: 24
                          91.242.75.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 340909263 (0x1451dccf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Mar 18 18:06:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2e1410d302795ee7bae18c06fbcbafa57dee02d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:27:91:5a:b6:9c:9d:5b:56:49:9e:51:a0:4d:
                    9f:96:68:61:89:52:f9:a7:9f:ff:19:b8:7f:82:9f:
                    a9:12:ad:ff:94:ca:c2:f4:d5:2a:62:eb:2b:a7:f0:
                    84:5e:0c:47:1a:2c:d3:5a:3d:35:8d:39:b4:30:ec:
                    ea:2d:3e:82:9d:72:8c:1d:06:a8:21:26:d1:d4:2e:
                    86:1b:f3:c0:53:3e:7c:0d:12:e1:9e:82:31:d8:3b:
                    b1:62:dd:15:b0:13:79:2e:19:4a:14:be:ee:8b:e0:
                    79:f8:0b:d3:c9:88:10:24:a9:c6:42:71:95:73:02:
                    40:f9:32:8c:81:35:f7:91:06:72:61:81:90:e7:04:
                    c9:4d:d5:97:e6:f5:d6:4b:a1:45:89:68:ec:57:2f:
                    94:f0:bd:b7:09:c6:86:1f:b9:39:3e:f7:e7:70:6d:
                    77:8c:53:b1:90:13:ee:65:ef:99:0c:c7:da:fa:bf:
                    2a:8c:40:ac:34:7e:22:4b:f6:33:f7:69:f8:d9:1c:
                    43:57:f1:60:fe:9a:2c:12:f2:7a:8c:11:3f:f3:76:
                    c5:68:e8:07:8b:41:ae:f6:75:7a:29:8f:1d:29:3b:
                    09:3d:ee:ac:fd:44:a7:74:ed:be:bc:cb:b6:86:8e:
                    86:bf:1c:66:4f:c5:3a:ed:f1:11:d4:ec:84:6b:a3:
                    ee:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:14:10:D3:02:79:5E:E7:BA:E1:8C:06:FB:CB:AF:A5:7D:EE:02:D6
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/LhQQ0wJ5Xue64YwG-8uvpX3uAtY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.242.70.0/23
                  91.242.75.0/24
                  185.147.48.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8e:cf:14:0d:97:41:bb:a3:67:ed:07:b5:82:f0:e7:13:fc:f0:
         09:ec:34:6a:18:68:d0:55:63:32:c7:a2:c2:8f:42:ef:02:1d:
         cc:eb:42:26:48:79:86:19:b9:a1:3f:b0:b0:92:4c:0f:13:1f:
         2f:1c:26:75:21:df:c6:d1:e5:05:45:b9:1b:fb:ed:07:01:ea:
         f6:ce:01:f1:54:35:9b:5b:a2:cc:7d:eb:da:89:70:34:f2:ca:
         5f:39:89:d4:0e:97:1e:f6:90:87:a3:c2:c6:92:3f:3a:9e:53:
         67:30:e8:c6:2a:8e:d7:d6:b4:5f:87:89:b0:16:b3:99:26:74:
         89:35:e5:9f:ff:b2:8a:59:1c:ed:5a:7f:31:11:e2:b2:c4:5b:
         e2:d5:fd:53:54:dd:3b:43:0a:19:36:d2:6b:ff:51:fd:3e:06:
         8f:cf:36:e9:44:2d:84:d3:59:68:2d:3b:18:27:7e:64:48:ff:
         77:68:3b:f4:36:d5:f2:c5:01:5f:95:6a:cf:52:4f:af:3a:f1:
         87:7e:f6:c1:d3:f2:9e:56:f8:08:fd:fc:7f:25:30:1e:08:82:
         9d:ad:a7:50:f6:3f:d3:ca:54:5a:19:2b:87:2f:bd:83:4d:08:
         af:86:b1:91:48:3d:71:cb:d1:e6:cf:87:7f:6e:88:60:e0:de:
         b2:30:a8:58
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEFFHczzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDMx
ODE4MDY1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmUxNDEwZDMwMjc5
NWVlN2JhZTE4YzA2ZmJjYmFmYTU3ZGVlMDJkNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJwnkVq2nJ1bVkmeUaBNn5ZoYYlS+aef/xm4f4KfqRKt/5TK
wvTVKmLrK6fwhF4MRxos01o9NY05tDDs6i0+gp1yjB0GqCEm0dQuhhvzwFM+fA0S
4Z6CMdg7sWLdFbATeS4ZShS+7ovgefgL08mIECSpxkJxlXMCQPkyjIE195EGcmGB
kOcEyU3Vl+b11kuhRYlo7FcvlPC9twnGhh+5OT7353Btd4xTsZAT7mXvmQzH2vq/
KoxArDR+Ikv2M/dp+NkcQ1fxYP6aLBLyeowRP/N2xWjoB4tBrvZ1eimPHSk7CT3u
rP1Ep3TtvrzLtoaOhr8cZk/FOu3xEdTshGuj7vECAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQuFBDTAnle57rhjAb7y6+lfe4C1jAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L0xoUVEwd0o1WHVlNjRZd0ctOHV2cFgzdUF0WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAVvyRgMEAFvySwMEALmTMDANBgkq
hkiG9w0BAQsFAAOCAQEAjs8UDZdBu6Nn7Qe1gvDnE/zwCew0ahho0FVjMseiwo9C
7wIdzOtCJkh5hhm5oT+wsJJMDxMfLxwmdSHfxtHlBUW5G/vtBwHq9s4B8VQ1m1ui
zH3r2olwNPLKXzmJ1A6XHvaQh6PCxpI/Op5TZzDoxiqO19a0X4eJsBazmSZ0iTXl
n/+yilkc7Vp/MRHissRb4tX9U1TdO0MKGTbSa/9R/T4Gj8826UQthNNZaC07GCd+
ZEj/d2g79DbV8sUBX5Vqz1JPrzrxh372wdPynlb4CP38fyUwHgiCna2nUPY/08pU
Whkrhy+9g00Ir4axkUg9ccvR5s+Hf26IYODesjCoWA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org