Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/0771e1-39af-4353-947f-01facc747c24/1/lN-OFD8jkFqN-x9XDuK4wtIkBLg.roa
File:                     lN-OFD8jkFqN-x9XDuK4wtIkBLg.roa (raw, json)
Hash identifier:          uzRCKbzCKbkNkJahYevezekrNov02J6xB3qbJBJNLAQ=
Subject key identifier:   94:DF:8E:14:3F:23:90:5A:8D:FB:1F:57:0E:E2:B8:C2:D2:24:04:B8
Certificate issuer:       /CN=2d119754fc14ffe7968a6516bd49bdb25633b887
Certificate serial:       012B98F5
Authority key identifier: 2D:11:97:54:FC:14:FF:E7:96:8A:65:16:BD:49:BD:B2:56:33:B8:87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LRGXVPwU_-eWimUWvUm9slYzuIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/0771e1-39af-4353-947f-01facc747c24/1/lN-OFD8jkFqN-x9XDuK4wtIkBLg.roa
Signing time:             Sat 01 Jan 2022 06:05:13 +0000
ROA not before:           Sat 01 Jan 2022 06:05:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50056
IP address blocks:        94.126.43.0/24 maxlen: 24
                          94.126.47.0/24 maxlen: 24
                          31.28.67.0/24 maxlen: 24
                          31.28.68.0/24 maxlen: 24
                          31.28.80.0/22 maxlen: 22
                          31.28.84.0/23 maxlen: 23
                          31.28.86.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 19634421 (0x12b98f5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d119754fc14ffe7968a6516bd49bdb25633b887
        Validity
            Not Before: Jan  1 06:05:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=94df8e143f23905a8dfb1f570ee2b8c2d22404b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:c7:7f:9a:e2:71:5a:e4:78:85:57:2d:b9:e0:
                    21:e0:21:3d:92:da:42:29:e3:0b:c2:1b:75:a2:4a:
                    06:4d:b5:97:5f:09:71:45:58:2b:44:3f:40:14:7a:
                    56:48:17:aa:1a:6b:16:09:c0:df:0f:44:1e:ae:57:
                    e7:46:e5:4f:ba:0b:d3:de:88:03:d1:89:0a:58:c9:
                    82:fe:db:c6:39:12:98:35:e0:e0:7d:90:76:4b:35:
                    ce:b1:54:bc:df:bc:aa:b1:83:ca:8a:f0:02:2f:fd:
                    3e:83:ae:bd:06:5a:8a:67:e3:8e:f5:d7:23:16:08:
                    1e:ce:75:85:71:1a:23:42:75:74:5f:72:7f:39:05:
                    32:98:34:c7:9d:15:f7:1c:63:7e:ba:98:30:e9:9b:
                    ac:cc:4c:a0:d5:aa:b8:4d:d3:84:80:68:de:c6:28:
                    db:59:e4:0c:c0:86:86:b0:19:9e:75:19:a4:ae:cb:
                    51:a7:57:a0:c4:b1:ea:e9:26:e4:dd:c2:4b:1f:1f:
                    61:e9:d9:c8:86:d4:47:57:16:7f:4d:cc:8a:1d:f4:
                    4b:7d:80:1b:3f:cf:8f:72:a5:2c:71:5f:19:b0:45:
                    67:0a:93:78:25:1e:e0:0b:57:fa:c0:da:7b:f6:39:
                    dd:1f:a7:8a:62:4d:f5:87:e4:43:a5:fd:57:c3:2a:
                    22:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:DF:8E:14:3F:23:90:5A:8D:FB:1F:57:0E:E2:B8:C2:D2:24:04:B8
            X509v3 Authority Key Identifier:
                keyid:2D:11:97:54:FC:14:FF:E7:96:8A:65:16:BD:49:BD:B2:56:33:B8:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRGXVPwU_-eWimUWvUm9slYzuIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/0771e1-39af-4353-947f-01facc747c24/1/lN-OFD8jkFqN-x9XDuK4wtIkBLg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/0771e1-39af-4353-947f-01facc747c24/1/LRGXVPwU_-eWimUWvUm9slYzuIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.28.67.0-31.28.68.255
                  31.28.80.0-31.28.86.255
                  94.126.43.0/24
                  94.126.47.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3d:98:c3:5e:1f:82:cf:1f:c1:f6:f4:07:8f:5b:1b:60:a6:cf:
         24:5d:6f:56:27:b5:7b:0e:0e:9d:6e:72:f5:c3:5b:65:fe:28:
         27:ea:15:2d:0d:0c:ce:dd:0e:b6:26:95:29:cc:b8:1e:ac:d4:
         e7:d8:24:69:7d:0f:46:73:8b:87:4f:64:a2:fd:68:bf:fb:c8:
         4a:f6:d9:81:19:9e:7c:e6:9f:d8:a8:4e:34:6c:06:e3:b9:89:
         9d:ee:e4:99:7f:67:b7:37:dc:0e:64:2c:b5:1e:27:32:74:ff:
         a7:7a:ae:d5:5a:72:9c:ef:31:59:33:21:46:9a:1c:41:5c:53:
         b5:7c:5d:57:0f:1e:2e:fc:6a:08:ae:61:17:97:ff:d3:fc:0c:
         ed:43:b3:13:50:86:17:bd:3e:43:6d:1e:4e:3f:94:b7:bf:f7:
         be:2f:a4:24:25:85:15:5a:40:3f:1d:b4:ad:0d:e4:d5:31:c4:
         d4:26:3a:b4:dc:0e:eb:bb:fd:5e:9b:c5:4c:cd:73:48:63:b2:
         b2:e3:69:c8:34:a2:a7:3c:2e:9b:ce:4a:c5:9d:e3:39:0c:99:
         e6:0f:a8:be:c0:e1:20:66:8c:81:65:46:83:27:8d:a7:82:67:
         46:1b:cb:a1:57:b8:71:5e:f1:69:cd:b3:05:1a:c1:e6:90:b1:
         c1:ea:95:8f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEASuY9TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZDExOTc1NGZjMTRmZmU3OTY4YTY1MTZiZDQ5YmRiMjU2MzNiODg3MB4XDTIyMDEw
MTA2MDUxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTRkZjhlMTQzZjIz
OTA1YThkZmIxZjU3MGVlMmI4YzJkMjI0MDRiODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMDHf5ricVrkeIVXLbngIeAhPZLaQinjC8IbdaJKBk21l18J
cUVYK0Q/QBR6VkgXqhprFgnA3w9EHq5X50blT7oL096IA9GJCljJgv7bxjkSmDXg
4H2Qdks1zrFUvN+8qrGDyorwAi/9PoOuvQZaimfjjvXXIxYIHs51hXEaI0J1dF9y
fzkFMpg0x50V9xxjfrqYMOmbrMxMoNWquE3ThIBo3sYo21nkDMCGhrAZnnUZpK7L
UadXoMSx6ukm5N3CSx8fYenZyIbUR1cWf03Mih30S32AGz/Pj3KlLHFfGbBFZwqT
eCUe4AtX+sDae/Y53R+nimJN9YfkQ6X9V8MqIv0CAwEAAaOCAiswggInMB0GA1Ud
DgQWBBSU344UPyOQWo37H1cO4rjC0iQEuDAfBgNVHSMEGDAWgBQtEZdU/BT/55aK
ZRa9Sb2yVjO4hzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xSR1hWUHdVXy1lV2ltVVd2VW05c2xZenVJYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvMDc3MWUxLTM5YWYtNDM1My05NDdmLTAxZmFjYzc0N2MyNC8x
L2xOLU9GRDhqa0ZxTi14OVhEdUs0d3RJa0JMZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
MDc3MWUxLTM5YWYtNDM1My05NDdmLTAxZmFjYzc0N2MyNC8xL0xSR1hWUHdVXy1l
V2ltVVd2VW05c2xZenVJYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwLgQCAAEwKDAMAwQAHxxDAwQAHxxEMAwDBAQfHFAD
BAAfHFYDBABefisDBABefi8wDQYJKoZIhvcNAQELBQADggEBAD2Yw14fgs8fwfb0
B49bG2CmzyRdb1YntXsODp1ucvXDW2X+KCfqFS0NDM7dDrYmlSnMuB6s1OfYJGl9
D0Zzi4dPZKL9aL/7yEr22YEZnnzmn9ioTjRsBuO5iZ3u5Jl/Z7c33A5kLLUeJzJ0
/6d6rtVacpzvMVkzIUaaHEFcU7V8XVcPHi78agiuYReX/9P8DO1DsxNQhhe9PkNt
Hk4/lLe/974vpCQlhRVaQD8dtK0N5NUxxNQmOrTcDuu7/V6bxUzNc0hjsrLjacg0
oqc8LpvOSsWd4zkMmeYPqL7A4SBmjIFlRoMnjaeCZ0Yby6FXuHFe8WnNswUaweaQ
scHqlY8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:28 2024 by rpki-client on console-ams.rpki-client.org