Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/7c2e84-e6cc-4751-887b-bc7a24c2e219/1/1-5lCaf8Hg0TBgEZ1rdTe9d_7I_c.roa
File:                     1-5lCaf8Hg0TBgEZ1rdTe9d_7I_c.roa (raw, json)
Hash identifier:          nx49hF3TqF/Bvp68tKDo8wGMejBtQsKP99m+gHlsBAE=
Subject key identifier:   FB:99:42:69:FF:07:83:44:C1:80:46:75:AD:D4:DE:F5:DF:FB:23:F7
Certificate issuer:       /CN=2ceadee58f864f472eb422b0b95497b85075a12b
Certificate serial:       04B7710D
Authority key identifier: 2C:EA:DE:E5:8F:86:4F:47:2E:B4:22:B0:B9:54:97:B8:50:75:A1:2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LOre5Y-GT0cutCKwuVSXuFB1oSs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/7c2e84-e6cc-4751-887b-bc7a24c2e219/1/1-5lCaf8Hg0TBgEZ1rdTe9d_7I_c.roa
Signing time:             Sat 01 Jan 2022 03:51:12 +0000
ROA not before:           Sat 01 Jan 2022 03:51:12 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200675
IP address blocks:        185.232.76.0/22 maxlen: 22
                          138.124.188.0/22 maxlen: 22
                          185.71.176.0/22 maxlen: 22
                          2a05:3400::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 79130893 (0x4b7710d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ceadee58f864f472eb422b0b95497b85075a12b
        Validity
            Not Before: Jan  1 03:51:12 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fb994269ff078344c1804675add4def5dffb23f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:2c:4c:fc:50:7f:c3:f1:65:82:fd:8c:a9:0c:
                    13:ec:65:9c:5d:c2:cc:e0:37:67:88:09:d0:d2:86:
                    05:fb:54:e3:81:ef:f8:cb:f2:3b:a2:8e:61:37:28:
                    b4:e8:0d:44:8e:e8:dd:49:c8:3d:24:78:46:c1:80:
                    43:1a:33:81:8d:fb:ae:a6:9f:36:d6:94:ed:d6:af:
                    95:b3:d5:2a:91:28:ec:48:dc:c4:c6:8e:dc:c4:b6:
                    c8:51:1f:3e:7e:7a:51:e0:c5:98:2a:b8:61:28:70:
                    c8:2b:fe:74:a0:0a:f6:cb:60:66:c9:9c:60:e4:11:
                    a3:12:c2:48:ed:23:88:73:fc:66:c3:91:dc:87:d3:
                    49:3c:18:d7:65:1c:b1:3d:91:2c:a6:43:16:62:0c:
                    a0:ff:94:c5:63:46:b0:88:5d:df:44:e2:0f:8f:0a:
                    f2:46:65:97:25:a2:e8:4b:96:8a:2f:37:bb:76:af:
                    a5:59:d1:46:35:6a:a2:63:55:38:e0:5e:1c:88:ac:
                    d3:0c:8b:7a:c8:6c:87:f2:75:d7:65:7e:2f:b6:6b:
                    58:67:5f:5e:ee:c2:ca:6a:ba:9f:d3:36:47:ed:77:
                    ec:f7:7a:4b:d1:e9:37:6e:1d:76:38:38:5b:60:c9:
                    a7:70:92:41:87:92:0b:ec:59:21:52:a1:db:4e:4b:
                    63:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:99:42:69:FF:07:83:44:C1:80:46:75:AD:D4:DE:F5:DF:FB:23:F7
            X509v3 Authority Key Identifier:
                keyid:2C:EA:DE:E5:8F:86:4F:47:2E:B4:22:B0:B9:54:97:B8:50:75:A1:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LOre5Y-GT0cutCKwuVSXuFB1oSs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/7c2e84-e6cc-4751-887b-bc7a24c2e219/1/1-5lCaf8Hg0TBgEZ1rdTe9d_7I_c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/7c2e84-e6cc-4751-887b-bc7a24c2e219/1/LOre5Y-GT0cutCKwuVSXuFB1oSs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.124.188.0/22
                  185.71.176.0/22
                  185.232.76.0/22
                IPv6:
                  2a05:3400::/29

    Signature Algorithm: sha256WithRSAEncryption
         87:f5:e0:76:db:b1:4d:6c:57:f5:52:f6:6a:63:09:db:56:e6:
         28:82:bc:83:2f:6c:b7:e1:4e:75:97:d6:a3:cf:dc:96:b6:3c:
         f2:75:05:4a:d5:82:e0:5d:30:a0:20:e2:e4:e9:2d:db:33:87:
         28:ab:b7:ef:43:57:63:40:2f:ee:54:86:0f:27:06:65:98:5d:
         dd:e5:01:12:fb:88:bf:8f:03:15:a6:f5:e2:49:00:ef:90:0a:
         a0:db:d6:fa:b6:db:5c:9e:a4:2f:d9:26:a2:bd:38:c2:ce:47:
         6b:22:13:92:14:c3:5f:80:81:01:63:40:67:13:f3:81:04:54:
         1c:67:aa:a0:a0:d1:4f:68:b1:dd:95:09:9f:43:29:8d:a4:c3:
         fa:49:4d:79:87:3a:2f:87:77:a5:5a:b6:f3:3d:ec:82:b9:9b:
         e5:6e:92:a2:da:b2:15:d6:18:28:20:2a:a0:85:d1:c9:35:d2:
         2c:08:c2:54:37:85:d3:20:18:13:1c:6f:ad:f4:2a:13:ff:11:
         46:ca:26:be:6d:51:39:28:c0:73:44:64:b5:3b:a7:46:c6:e2:
         bf:38:ec:66:46:c3:c2:8e:98:31:42:fb:92:06:7b:6e:a9:8e:
         b8:89:61:71:89:70:48:39:17:15:a5:d8:03:fd:2f:5b:dd:6e:
         54:eb:d6:2a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEBLdxDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
Y2VhZGVlNThmODY0ZjQ3MmViNDIyYjBiOTU0OTdiODUwNzVhMTJiMB4XDTIyMDEw
MTAzNTExMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmI5OTQyNjlmZjA3
ODM0NGMxODA0Njc1YWRkNGRlZjVkZmZiMjNmNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN8sTPxQf8PxZYL9jKkME+xlnF3CzOA3Z4gJ0NKGBftU44Hv
+MvyO6KOYTcotOgNRI7o3UnIPSR4RsGAQxozgY37rqafNtaU7davlbPVKpEo7Ejc
xMaO3MS2yFEfPn56UeDFmCq4YShwyCv+dKAK9stgZsmcYOQRoxLCSO0jiHP8ZsOR
3IfTSTwY12UcsT2RLKZDFmIMoP+UxWNGsIhd30TiD48K8kZllyWi6EuWii83u3av
pVnRRjVqomNVOOBeHIis0wyLeshsh/J112V+L7ZrWGdfXu7Cymq6n9M2R+137Pd6
S9HpN24ddjg4W2DJp3CSQYeSC+xZIVKh205LY8kCAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBT7mUJp/weDRMGARnWt1N713/sj9zAfBgNVHSMEGDAWgBQs6t7lj4ZPRy60
IrC5VJe4UHWhKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xPcmU1WS1HVDBjdXRDS3d1VlNYdUZCMW9Tcy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmYvN2MyZTg0LWU2Y2MtNDc1MS04ODdiLWJjN2EyNGMyZTIxOS8x
LzEtNWxDYWY4SGcwVEJnRVoxcmRUZTlkXzdJX2Mucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJm
LzdjMmU4NC1lNmNjLTQ3NTEtODg3Yi1iYzdhMjRjMmUyMTkvMS9MT3JlNVktR1Qw
Y3V0Q0t3dVZTWHVGQjFvU3MuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
OgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBAKKfLwDBAK5R7ADBAK56EwwDQQC
AAIwBwMFAyoFNAAwDQYJKoZIhvcNAQELBQADggEBAIf14HbbsU1sV/VS9mpjCdtW
5iiCvIMvbLfhTnWX1qPP3Ja2PPJ1BUrVguBdMKAg4uTpLdszhyirt+9DV2NAL+5U
hg8nBmWYXd3lARL7iL+PAxWm9eJJAO+QCqDb1vq221yepC/ZJqK9OMLOR2siE5IU
w1+AgQFjQGcT84EEVBxnqqCg0U9osd2VCZ9DKY2kw/pJTXmHOi+Hd6VatvM97IK5
m+VukqLashXWGCggKqCF0ck10iwIwlQ3hdMgGBMcb630KhP/EUbKJr5tUTkowHNE
ZLU7p0bG4r847GZGw8KOmDFC+5IGe26pjriJYXGJcEg5FxWl2AP9L1vdblTr1io=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:13 2024 by rpki-client on console-fra.rpki-client.org