Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/LyLa3fYiLDbN4RxNUhaicXNsfx8.roa
File:                     LyLa3fYiLDbN4RxNUhaicXNsfx8.roa (raw, json)
Hash identifier:          u/1Q9Kx1Cho4SbTUuPli4tvcE3OQn3D+RiLafmPEjE0=
Subject key identifier:   2F:22:DA:DD:F6:22:2C:36:CD:E1:1C:4D:52:16:A2:71:73:6C:7F:1F
Certificate issuer:       /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial:       0D23BB73
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/LyLa3fYiLDbN4RxNUhaicXNsfx8.roa
Signing time:             Wed 15 Jun 2022 13:59:44 +0000
ROA not before:           Wed 15 Jun 2022 13:59:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     6762
IP address blocks:        89.43.40.0/24 maxlen: 24
                          85.204.125.0/24 maxlen: 24
                          85.204.127.0/24 maxlen: 24
                          93.114.99.0/24 maxlen: 24
                          93.113.158.0/24 maxlen: 24
                          89.43.73.0/24 maxlen: 24
                          89.33.163.0/24 maxlen: 24
                          89.39.252.0/24 maxlen: 24
                          89.37.136.0/24 maxlen: 24
                          188.240.14.0/24 maxlen: 24
                          93.114.55.0/24 maxlen: 24
                          188.215.72.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 220445555 (0xd23bb73)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
        Validity
            Not Before: Jun 15 13:59:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2f22daddf6222c36cde11c4d5216a271736c7f1f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:3e:0b:56:14:62:38:57:bd:53:79:4e:4c:a4:
                    5a:5f:01:3e:41:5f:51:88:4b:7d:19:f7:f6:45:01:
                    fe:01:cf:b6:39:56:26:7a:7c:c1:e7:47:ed:17:14:
                    5b:66:73:df:b8:a3:fa:5c:81:8d:54:c0:a5:8e:4a:
                    2d:4e:dc:41:ea:c4:c4:f7:72:fa:83:15:ce:73:e3:
                    6d:89:b6:f6:df:40:d4:cb:f8:6b:5b:55:5e:01:78:
                    cf:f0:b5:e2:ca:c7:3c:93:b9:81:2e:ff:9a:2b:d8:
                    88:b3:50:57:42:99:36:2b:e6:ac:fe:9a:34:8e:08:
                    cf:e4:6a:67:cf:d8:5b:b4:f2:99:05:15:10:f4:2d:
                    d2:45:1f:ee:0e:72:e5:49:e0:18:a9:a3:b3:23:f0:
                    f8:25:93:a4:39:91:82:b0:ca:4e:ce:4b:6f:e6:c1:
                    8a:5a:ee:fa:a9:e8:38:d8:1b:95:9f:a5:96:19:86:
                    2c:97:4a:71:13:7d:b8:20:41:ce:1a:6e:fe:ff:ab:
                    65:c2:75:11:ea:8d:9d:6b:02:85:1d:19:8e:87:06:
                    8a:66:95:ae:40:11:e3:43:2f:06:7b:d2:fd:70:46:
                    e7:c1:f1:9e:2f:85:2b:7f:fe:54:10:16:fd:4f:b4:
                    e0:39:1f:44:10:11:2c:d2:b5:5c:2c:3f:25:26:03:
                    d4:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:22:DA:DD:F6:22:2C:36:CD:E1:1C:4D:52:16:A2:71:73:6C:7F:1F
            X509v3 Authority Key Identifier:
                keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/LyLa3fYiLDbN4RxNUhaicXNsfx8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.204.125.0/24
                  85.204.127.0/24
                  89.33.163.0/24
                  89.37.136.0/24
                  89.39.252.0/24
                  89.43.40.0/24
                  89.43.73.0/24
                  93.113.158.0/24
                  93.114.55.0/24
                  93.114.99.0/24
                  188.215.72.0/24
                  188.240.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:3c:0f:44:63:47:4c:86:82:37:0c:a0:6c:1b:9a:eb:8c:e2:
         f1:46:51:32:83:b5:b3:ca:96:6d:8d:a9:ae:de:a1:63:07:6f:
         ad:ed:b0:88:6c:e5:8d:03:91:67:0a:76:a1:ec:64:c4:11:4d:
         21:7e:ea:ed:64:42:83:e3:d1:c9:dc:c6:c4:b1:16:c4:51:0a:
         66:f0:d1:ce:cb:fc:06:e0:e4:94:b9:7f:ee:c0:bf:f2:c9:39:
         00:7a:31:5f:c4:5f:08:af:80:bb:ab:72:1e:6a:b4:fa:a9:da:
         5c:d4:74:91:54:62:d5:69:fb:1c:a3:08:58:14:88:3a:bd:22:
         23:e5:c6:9f:82:67:2e:e4:5b:e7:bd:a7:53:44:73:d0:75:e5:
         72:c3:46:a0:70:ac:36:8f:6b:21:0f:6f:f2:3a:bb:37:95:b1:
         d0:c4:46:f0:81:b8:6c:58:4b:47:72:a8:c5:5c:5d:3a:5f:3e:
         97:db:42:26:46:28:02:3d:7a:c8:b4:a7:60:a6:c0:2b:95:79:
         cf:65:58:61:37:97:d9:48:4d:2e:27:26:11:57:50:8a:87:f0:
         ff:2e:cd:1b:9a:94:e1:26:8a:ff:06:eb:8c:66:ab:5e:82:0a:
         87:d8:3a:90:a6:cf:f1:bd:2b:d4:c1:be:b2:df:e4:e9:57:df:
         5f:92:28:12
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIEDSO7czANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTU4OTUyZDM5MzkzNWYwZDNiY2U4MTRmZDkxNzhkMDQ2OTNhZWI5MB4XDTIyMDYx
NTEzNTk0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmYyMmRhZGRmNjIy
MmMzNmNkZTExYzRkNTIxNmEyNzE3MzZjN2YxZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKo+C1YUYjhXvVN5TkykWl8BPkFfUYhLfRn39kUB/gHPtjlW
Jnp8wedH7RcUW2Zz37ij+lyBjVTApY5KLU7cQerExPdy+oMVznPjbYm29t9A1Mv4
a1tVXgF4z/C14srHPJO5gS7/mivYiLNQV0KZNivmrP6aNI4Iz+RqZ8/YW7TymQUV
EPQt0kUf7g5y5UngGKmjsyPw+CWTpDmRgrDKTs5Lb+bBilru+qnoONgblZ+llhmG
LJdKcRN9uCBBzhpu/v+rZcJ1EeqNnWsChR0ZjocGimaVrkAR40MvBnvS/XBG58Hx
ni+FK3/+VBAW/U+04DkfRBARLNK1XCw/JSYD1A0CAwEAAaOCAkswggJHMB0GA1Ud
DgQWBBQvItrd9iIsNs3hHE1SFqJxc2x/HzAfBgNVHSMEGDAWgBT+WJUtOTk18NO8
6BT9kXjQRpOuuTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19saVZMVGs1TmZEVHZPZ1VfWkY0MEVhVHJyay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvYjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8x
L0x5TGEzZllpTERiTjRSeE5VaGFpY1hOc2Z4OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
YjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8xL19saVZMVGs1TmZE
VHZPZ1VfWkY0MEVhVHJyay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBh
BggrBgEFBQcBBwEB/wRSMFAwTgQCAAEwSAMEAFXMfQMEAFXMfwMEAFkhowMEAFkl
iAMEAFkn/AMEAFkrKAMEAFkrSQMEAF1xngMEAF1yNwMEAF1yYwMEALzXSAMEALzw
DjANBgkqhkiG9w0BAQsFAAOCAQEAcjwPRGNHTIaCNwygbBua64zi8UZRMoO1s8qW
bY2prt6hYwdvre2wiGzljQORZwp2oexkxBFNIX7q7WRCg+PRydzGxLEWxFEKZvDR
zsv8BuDklLl/7sC/8sk5AHoxX8RfCK+Au6tyHmq0+qnaXNR0kVRi1Wn7HKMIWBSI
Or0iI+XGn4JnLuRb572nU0Rz0HXlcsNGoHCsNo9rIQ9v8jq7N5Wx0MRG8IG4bFhL
R3KoxVxdOl8+l9tCJkYoAj16yLSnYKbAK5V5z2VYYTeX2UhNLicmEVdQiofw/y7N
G5qU4SaK/wbrjGarXoIKh9g6kKbP8b0r1MG+st/k6VffX5IoEg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:29 2024 by rpki-client on console-fra.rpki-client.org