Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/248133-8670-4167-a195-6e2f588c0c7e/1/lM8vCfUr6QqqNcUqXPAvxVYPH1g.roa
File:                     lM8vCfUr6QqqNcUqXPAvxVYPH1g.roa (raw, json)
Hash identifier:          sV5wEtDLe8z3O9Z6gbr7z0qt5Nkn5+h7nNOSXvtuLMw=
Subject key identifier:   94:CF:2F:09:F5:2B:E9:0A:AA:35:C5:2A:5C:F0:2F:C5:56:0F:1F:58
Certificate issuer:       /CN=e47efc9cc3d9c4bd29a2bbc15551f82f25cf11ba
Certificate serial:       033C30
Authority key identifier: E4:7E:FC:9C:C3:D9:C4:BD:29:A2:BB:C1:55:51:F8:2F:25:CF:11:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5H78nMPZxL0porvBVVH4LyXPEbo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/248133-8670-4167-a195-6e2f588c0c7e/1/lM8vCfUr6QqqNcUqXPAvxVYPH1g.roa
Signing time:             Wed 16 Feb 2022 15:16:45 +0000
ROA not before:           Wed 16 Feb 2022 15:16:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     31543
IP address blocks:        185.236.188.0/22 maxlen: 24
                          2a0d:c900::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 212016 (0x33c30)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e47efc9cc3d9c4bd29a2bbc15551f82f25cf11ba
        Validity
            Not Before: Feb 16 15:16:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=94cf2f09f52be90aaa35c52a5cf02fc5560f1f58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:1c:7c:f0:ff:7c:22:f6:d6:25:48:7f:9d:4a:
                    33:f8:cc:a0:a7:7d:39:68:aa:e2:ea:ce:d6:5a:95:
                    df:63:81:54:7f:29:56:28:6e:0e:aa:c3:f2:7d:c0:
                    e5:99:bd:28:3a:93:27:7e:4f:8e:e0:d3:6a:c3:cd:
                    31:dc:9a:66:bb:fc:84:e8:1e:8e:0d:47:30:81:f3:
                    9f:f3:a3:0b:72:07:bd:94:ec:49:22:08:a3:0b:f2:
                    de:cf:42:5a:4e:a0:a9:f6:8b:f2:ca:45:a2:a6:00:
                    ae:b3:a3:d8:21:2b:4b:74:10:d5:85:9e:2e:c0:1e:
                    b6:28:7e:69:8e:9b:57:35:f5:9c:d1:43:02:57:12:
                    34:52:b4:05:8a:dc:52:cd:c4:a0:69:7c:86:96:2e:
                    b9:16:2d:d2:cb:4f:40:52:f6:ce:90:3b:d6:91:47:
                    9e:10:59:91:b0:ca:7f:52:53:63:8c:53:09:d0:77:
                    89:bf:db:6f:14:d4:c2:04:1c:97:55:16:44:a6:93:
                    6e:e9:d4:a7:db:a9:9a:b1:a1:64:87:de:fd:f0:60:
                    93:1a:27:48:22:e2:74:2e:74:f0:2c:27:8e:12:0d:
                    27:f9:cd:ef:8c:08:54:d8:bb:63:de:c5:23:9d:95:
                    67:ce:79:65:86:b5:7d:07:85:e3:c0:03:28:0b:1e:
                    69:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:CF:2F:09:F5:2B:E9:0A:AA:35:C5:2A:5C:F0:2F:C5:56:0F:1F:58
            X509v3 Authority Key Identifier:
                keyid:E4:7E:FC:9C:C3:D9:C4:BD:29:A2:BB:C1:55:51:F8:2F:25:CF:11:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5H78nMPZxL0porvBVVH4LyXPEbo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/248133-8670-4167-a195-6e2f588c0c7e/1/lM8vCfUr6QqqNcUqXPAvxVYPH1g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/248133-8670-4167-a195-6e2f588c0c7e/1/5H78nMPZxL0porvBVVH4LyXPEbo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.236.188.0/22
                IPv6:
                  2a0d:c900::/29

    Signature Algorithm: sha256WithRSAEncryption
         9d:85:4f:f5:87:4a:ba:cd:d9:b3:e9:9e:50:1e:c5:5f:d3:8f:
         09:8f:22:cd:b7:b5:7c:54:bb:0c:f6:8a:03:3b:2b:1c:8a:b4:
         a6:74:c2:ed:c3:17:fe:cf:6b:97:39:39:62:43:99:74:9f:16:
         45:b7:63:ec:0c:06:2f:91:b0:fd:07:45:a6:f4:8f:cf:c5:c2:
         ce:e3:d0:09:50:ad:35:b9:7e:81:8a:f0:6c:7c:50:52:27:7e:
         81:bc:5f:de:c2:f8:e8:fc:e9:82:11:9c:fd:6a:f2:6a:b2:b3:
         b2:b2:b9:35:23:9d:77:55:f2:07:2c:06:97:7a:3d:cf:e8:66:
         3b:12:18:56:4d:e4:76:35:ec:06:a7:ba:da:30:b1:02:c0:aa:
         b2:cd:81:42:19:ad:ec:58:e9:1e:0c:b1:f1:79:a7:f9:a7:89:
         98:78:ff:8e:8c:40:33:2f:f0:eb:9d:d4:f4:d9:7e:a3:2d:13:
         df:ad:56:4c:2b:a1:21:e5:56:b2:df:9c:79:cb:0c:46:77:f1:
         fc:93:c7:29:0d:e1:e6:ba:c9:2a:0a:23:b7:c0:64:45:7e:3e:
         56:e7:29:dc:1a:d6:f4:98:1f:ce:94:8c:26:3e:2a:94:80:62:
         69:90:85:72:66:cc:05:c5:66:c4:9b:f7:10:61:ad:16:06:f1:
         c2:15:ac:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDAzwwMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGU0
N2VmYzljYzNkOWM0YmQyOWEyYmJjMTU1NTFmODJmMjVjZjExYmEwHhcNMjIwMjE2
MTUxNjQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5NGNmMmYwOWY1MmJl
OTBhYWEzNWM1MmE1Y2YwMmZjNTU2MGYxZjU4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApRx88P98IvbWJUh/nUoz+Mygp305aKri6s7WWpXfY4FUfylW
KG4OqsPyfcDlmb0oOpMnfk+O4NNqw80x3Jpmu/yE6B6ODUcwgfOf86MLcge9lOxJ
IgijC/Lez0JaTqCp9ovyykWipgCus6PYIStLdBDVhZ4uwB62KH5pjptXNfWc0UMC
VxI0UrQFitxSzcSgaXyGli65Fi3Sy09AUvbOkDvWkUeeEFmRsMp/UlNjjFMJ0HeJ
v9tvFNTCBByXVRZEppNu6dSn26masaFkh9798GCTGidIIuJ0LnTwLCeOEg0n+c3v
jAhU2Ltj3sUjnZVnznllhrV9B4XjwAMoCx5pLQIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFJTPLwn1K+kKqjXFKlzwL8VWDx9YMB8GA1UdIwQYMBaAFOR+/JzD2cS9KaK7
wVVR+C8lzxG6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
NUg3OG5NUFp4TDBwb3J2QlZWSDRMeVhQRWJvLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80YS8yNDgxMzMtODY3MC00MTY3LWExOTUtNmUyZjU4OGMwYzdlLzEv
bE04dkNmVXI2UXFxTmNVcVhQQXZ4VllQSDFnLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8y
NDgxMzMtODY3MC00MTY3LWExOTUtNmUyZjU4OGMwYzdlLzEvNUg3OG5NUFp4TDBw
b3J2QlZWSDRMeVhQRWJvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuey8MA0EAgACMAcDBQMqDckAMA0G
CSqGSIb3DQEBCwUAA4IBAQCdhU/1h0q6zdmz6Z5QHsVf048JjyLNt7V8VLsM9ooD
OyscirSmdMLtwxf+z2uXOTliQ5l0nxZFt2PsDAYvkbD9B0Wm9I/PxcLO49AJUK01
uX6BivBsfFBSJ36BvF/ewvjo/OmCEZz9avJqsrOysrk1I513VfIHLAaXej3P6GY7
EhhWTeR2NewGp7raMLECwKqyzYFCGa3sWOkeDLHxeaf5p4mYeP+OjEAzL/DrndT0
2X6jLRPfrVZMK6Eh5Vay35x5ywxGd/H8k8cpDeHmuskqCiO3wGRFfj5W5yncGtb0
mB/OlIwmPiqUgGJpkIVyZswFxWbEm/cQYa0WBvHCFax0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:10 2024 by rpki-client on console-fra.rpki-client.org