Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/1b60e9-b6e0-4890-9de1-13b431342ab8/1/lmtF4o-e9YcQM-NqajWTBWgLLnk.roa
File:                     lmtF4o-e9YcQM-NqajWTBWgLLnk.roa (raw, json)
Hash identifier:          tqQH15jA9+R1QMDp/UIf1nbl8cDLXB+Z4PaocQgFYyY=
Subject key identifier:   96:6B:45:E2:8F:9E:F5:87:10:33:E3:6A:6A:35:93:05:68:0B:2E:79
Certificate issuer:       /CN=96cbcf2e957ca8d942472a7b0044285b26db6b22
Certificate serial:       33046B66
Authority key identifier: 96:CB:CF:2E:95:7C:A8:D9:42:47:2A:7B:00:44:28:5B:26:DB:6B:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lsvPLpV8qNlCRyp7AEQoWybbayI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/1b60e9-b6e0-4890-9de1-13b431342ab8/1/lmtF4o-e9YcQM-NqajWTBWgLLnk.roa
Signing time:             Sat 01 Jan 2022 05:52:08 +0000
ROA not before:           Sat 01 Jan 2022 05:52:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62284
IP address blocks:        91.108.150.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 855927654 (0x33046b66)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96cbcf2e957ca8d942472a7b0044285b26db6b22
        Validity
            Not Before: Jan  1 05:52:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=966b45e28f9ef5871033e36a6a359305680b2e79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:c3:48:f1:e7:f7:69:c1:4e:71:f8:6b:a5:bb:
                    66:20:62:68:34:6d:52:f8:d2:0e:ac:e1:7f:88:ff:
                    a4:f9:66:9b:d6:32:c5:ad:03:b2:d4:44:d7:ca:68:
                    20:d7:2a:fa:1b:a5:c4:19:f6:96:12:c4:59:ab:2a:
                    9a:0d:c8:47:07:c3:6d:2f:4d:06:66:c2:d7:3f:05:
                    e2:0d:16:ab:d2:86:f4:bc:42:fb:e0:b7:a9:ea:73:
                    0c:7d:ba:03:69:28:bd:4c:4f:37:94:d9:13:d2:be:
                    74:8c:15:67:6c:f8:f3:0c:82:f1:18:60:9f:b7:7f:
                    bf:d9:ec:25:70:7a:df:48:08:c1:96:66:d6:ee:ce:
                    d4:15:91:2d:40:80:5b:27:fb:36:34:b7:bf:00:6b:
                    23:8c:64:4b:07:40:1f:97:9d:20:60:28:23:5d:d8:
                    95:3f:af:4a:f9:3b:5f:93:b5:73:b7:c8:dd:5d:b2:
                    14:70:3e:1b:b4:0e:9d:43:d5:76:3d:3f:01:7b:4c:
                    7a:c8:ad:8f:a6:f1:64:33:85:85:44:bc:58:b7:9a:
                    71:d5:ca:c9:9c:80:85:5d:4d:ac:65:15:c2:17:2a:
                    68:f7:c1:c0:d3:67:62:4b:f8:5d:88:c3:fa:0a:d3:
                    f4:09:ac:5b:2f:e0:9a:d2:5a:12:b1:2a:fa:89:83:
                    97:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:6B:45:E2:8F:9E:F5:87:10:33:E3:6A:6A:35:93:05:68:0B:2E:79
            X509v3 Authority Key Identifier:
                keyid:96:CB:CF:2E:95:7C:A8:D9:42:47:2A:7B:00:44:28:5B:26:DB:6B:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lsvPLpV8qNlCRyp7AEQoWybbayI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/1b60e9-b6e0-4890-9de1-13b431342ab8/1/lmtF4o-e9YcQM-NqajWTBWgLLnk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/1b60e9-b6e0-4890-9de1-13b431342ab8/1/lsvPLpV8qNlCRyp7AEQoWybbayI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.108.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:a6:7a:a0:eb:ea:a5:ae:91:81:22:7b:2c:6c:d9:4e:10:22:
         26:d9:b9:17:96:a8:0d:34:3d:b9:80:cf:fa:da:13:e7:df:77:
         eb:80:e3:2a:90:25:00:72:3d:35:09:33:3a:46:0d:6a:22:68:
         6b:7e:cf:7d:eb:d8:5d:ba:8d:42:ed:25:64:e5:26:1d:a1:ea:
         3a:3f:9b:d8:56:cf:51:50:77:e0:3a:41:34:f4:ea:f2:67:bb:
         78:e3:55:a2:45:4e:1b:44:b6:8f:de:ee:c5:44:04:f4:20:87:
         38:36:d2:51:aa:25:24:3b:59:ed:03:32:a9:2c:f6:a9:ac:76:
         92:33:a3:41:c6:88:c3:11:8f:1b:f5:e0:50:87:c5:27:7d:fc:
         f2:85:4e:2a:38:14:f7:3f:ae:23:23:45:69:2b:82:c1:d3:49:
         f8:4c:ec:03:85:84:de:01:b9:96:3b:df:bf:cf:6b:2f:d4:ac:
         bf:07:99:9e:0e:c9:85:3b:26:89:c8:e3:94:f2:5e:ae:b0:31:
         91:e1:ab:90:a1:10:7e:e9:b6:b4:51:e7:32:7d:05:bd:61:d7:
         6a:0a:8f:c7:24:aa:83:b2:56:54:77:02:7e:e3:e3:23:7b:22:
         3f:31:c9:ac:54:59:22:0b:30:62:f7:16:2e:10:54:f0:16:ba:
         3c:21:6a:6a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEMwRrZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NmNiY2YyZTk1N2NhOGQ5NDI0NzJhN2IwMDQ0Mjg1YjI2ZGI2YjIyMB4XDTIyMDEw
MTA1NTIwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTY2YjQ1ZTI4Zjll
ZjU4NzEwMzNlMzZhNmEzNTkzMDU2ODBiMmU3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANnDSPHn92nBTnH4a6W7ZiBiaDRtUvjSDqzhf4j/pPlmm9Yy
xa0DstRE18poINcq+hulxBn2lhLEWasqmg3IRwfDbS9NBmbC1z8F4g0Wq9KG9LxC
++C3qepzDH26A2kovUxPN5TZE9K+dIwVZ2z48wyC8Rhgn7d/v9nsJXB630gIwZZm
1u7O1BWRLUCAWyf7NjS3vwBrI4xkSwdAH5edIGAoI13YlT+vSvk7X5O1c7fI3V2y
FHA+G7QOnUPVdj0/AXtMesitj6bxZDOFhUS8WLeacdXKyZyAhV1NrGUVwhcqaPfB
wNNnYkv4XYjD+grT9AmsWy/gmtJaErEq+omDl2MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSWa0Xij571hxAz42pqNZMFaAsueTAfBgNVHSMEGDAWgBSWy88ulXyo2UJH
KnsARChbJttrIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xzdlBMcFY4cU5sQ1J5cDdBRVFvV3liYmF5SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2QvMWI2MGU5LWI2ZTAtNDg5MC05ZGUxLTEzYjQzMTM0MmFiOC8x
L2xtdEY0by1lOVljUU0tTnFhaldUQldnTExuay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Qv
MWI2MGU5LWI2ZTAtNDg5MC05ZGUxLTEzYjQzMTM0MmFiOC8xL2xzdlBMcFY4cU5s
Q1J5cDdBRVFvV3liYmF5SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFtsljANBgkqhkiG9w0BAQsFAAOC
AQEAQKZ6oOvqpa6RgSJ7LGzZThAiJtm5F5aoDTQ9uYDP+toT599364DjKpAlAHI9
NQkzOkYNaiJoa37PfevYXbqNQu0lZOUmHaHqOj+b2FbPUVB34DpBNPTq8me7eONV
okVOG0S2j97uxUQE9CCHODbSUaolJDtZ7QMyqSz2qax2kjOjQcaIwxGPG/XgUIfF
J3388oVOKjgU9z+uIyNFaSuCwdNJ+EzsA4WE3gG5ljvfv89rL9SsvweZng7JhTsm
icjjlPJerrAxkeGrkKEQfum2tFHnMn0FvWHXagqPxySqg7JWVHcCfuPjI3siPzHJ
rFRZIgswYvcWLhBU8Ba6PCFqag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:22 2024 by rpki-client on console-fra.rpki-client.org