Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/ee43a0-edf5-447d-b473-b2a13a3a9b8a/1/LHgq94muAzykOShPe-nihfyShMs.roa
File:                     LHgq94muAzykOShPe-nihfyShMs.roa (raw, json)
Hash identifier:          Lgvu19U0rAWBYrctUyp5h7KvzLeK3GaGQTVA/Y2bszY=
Subject key identifier:   2C:78:2A:F7:89:AE:03:3C:A4:39:28:4F:7B:E9:E2:85:FC:92:84:CB
Certificate issuer:       /CN=24b708b6527abbd2de2b9b373496abc1d748b6e7
Certificate serial:       03CF5479
Authority key identifier: 24:B7:08:B6:52:7A:BB:D2:DE:2B:9B:37:34:96:AB:C1:D7:48:B6:E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JLcItlJ6u9LeK5s3NJarwddItuc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/ee43a0-edf5-447d-b473-b2a13a3a9b8a/1/LHgq94muAzykOShPe-nihfyShMs.roa
Signing time:             Sat 01 Jan 2022 16:01:08 +0000
ROA not before:           Sat 01 Jan 2022 16:01:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200470
IP address blocks:        185.104.100.0/23 maxlen: 23
                          185.104.102.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 63919225 (0x3cf5479)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24b708b6527abbd2de2b9b373496abc1d748b6e7
        Validity
            Not Before: Jan  1 16:01:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2c782af789ae033ca439284f7be9e285fc9284cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:83:f3:cd:ca:84:1b:ca:89:b7:42:cf:cc:23:
                    a1:60:74:05:69:b0:c5:f5:e6:0d:2d:ba:28:25:ee:
                    87:d6:28:88:21:bf:93:b7:d0:81:b7:8d:cf:5c:f6:
                    8c:d5:d3:fa:e5:16:6c:ea:3b:b1:63:26:52:fb:f3:
                    9b:bc:61:40:32:f2:81:19:e7:b5:2c:14:05:3c:65:
                    26:2b:3b:7b:7c:07:12:5f:2e:ac:ca:03:16:0f:15:
                    fa:50:f9:d2:66:8c:f1:ec:7c:a7:4e:17:d3:13:45:
                    03:ab:1d:9b:9d:d4:11:15:06:7b:6b:f5:25:68:25:
                    37:39:1d:0a:35:78:13:44:eb:42:47:d9:af:ef:f4:
                    05:31:33:b1:0f:30:a7:b3:a8:86:69:cd:17:3f:a5:
                    91:82:bd:6e:35:f2:15:06:cf:e5:c5:23:a6:53:17:
                    63:f7:52:d8:a9:b0:71:70:10:cf:2e:a6:15:0e:12:
                    f6:3d:fd:0e:bb:22:df:8c:c2:55:c1:97:09:21:51:
                    f6:04:b2:7a:d7:5d:74:69:de:a6:e8:24:cf:fc:c5:
                    fa:19:cb:86:cb:ce:a2:02:18:94:ec:7c:e6:96:ff:
                    50:8e:52:0d:53:17:6a:8a:1c:7c:10:4b:e9:3e:4e:
                    52:86:0b:e4:07:c7:5f:c5:7a:23:c6:2b:0c:f3:08:
                    37:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:78:2A:F7:89:AE:03:3C:A4:39:28:4F:7B:E9:E2:85:FC:92:84:CB
            X509v3 Authority Key Identifier:
                keyid:24:B7:08:B6:52:7A:BB:D2:DE:2B:9B:37:34:96:AB:C1:D7:48:B6:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JLcItlJ6u9LeK5s3NJarwddItuc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/ee43a0-edf5-447d-b473-b2a13a3a9b8a/1/LHgq94muAzykOShPe-nihfyShMs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/ee43a0-edf5-447d-b473-b2a13a3a9b8a/1/JLcItlJ6u9LeK5s3NJarwddItuc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.104.100.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3c:ed:c6:29:f4:f0:d6:ba:2e:69:02:5d:0c:a8:c4:d7:11:9b:
         79:97:81:a8:1e:2a:2f:ca:03:17:7c:96:a6:d2:74:bd:5f:ff:
         fd:ab:8d:a7:49:35:d9:fe:d8:5e:94:fd:d1:01:c1:e0:c1:fd:
         89:88:97:76:c1:96:f6:b2:b2:18:8e:b8:86:89:62:4c:17:db:
         be:e0:cd:21:83:a0:95:7c:df:0b:97:dc:60:2c:b0:8a:bf:3b:
         97:e8:22:7d:3f:9e:6a:e6:11:a9:10:72:09:31:a0:53:8c:f9:
         4c:ff:d2:fa:9f:b6:21:21:09:6f:8d:33:ef:e0:f5:02:00:fd:
         48:0e:43:31:94:40:0e:89:41:12:6d:bb:cb:fd:15:0a:d1:3d:
         7f:89:64:6b:b6:d1:25:17:f6:94:c6:29:bc:24:dc:c5:0f:cb:
         64:92:38:cf:ad:25:af:eb:39:b6:99:a9:55:09:d8:fb:56:6d:
         73:93:62:91:24:8f:ec:6a:00:08:d5:e5:10:1a:88:39:0f:58:
         04:84:ab:5b:bf:d2:da:03:81:1b:bc:dd:fb:3b:a0:b9:12:48:
         46:49:58:4e:2a:a1:6d:11:7f:ec:39:81:89:ce:d6:b8:fb:07:
         8d:f2:43:c9:c5:85:71:5e:6f:00:84:86:72:63:65:9c:f8:1d:
         58:fd:79:a0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA89UeTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NGI3MDhiNjUyN2FiYmQyZGUyYjliMzczNDk2YWJjMWQ3NDhiNmU3MB4XDTIyMDEw
MTE2MDEwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmM3ODJhZjc4OWFl
MDMzY2E0MzkyODRmN2JlOWUyODVmYzkyODRjYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMWD883KhBvKibdCz8wjoWB0BWmwxfXmDS26KCXuh9YoiCG/
k7fQgbeNz1z2jNXT+uUWbOo7sWMmUvvzm7xhQDLygRnntSwUBTxlJis7e3wHEl8u
rMoDFg8V+lD50maM8ex8p04X0xNFA6sdm53UERUGe2v1JWglNzkdCjV4E0TrQkfZ
r+/0BTEzsQ8wp7OohmnNFz+lkYK9bjXyFQbP5cUjplMXY/dS2KmwcXAQzy6mFQ4S
9j39Drsi34zCVcGXCSFR9gSyetdddGnepugkz/zF+hnLhsvOogIYlOx85pb/UI5S
DVMXaoocfBBL6T5OUoYL5AfHX8V6I8YrDPMIN08CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQseCr3ia4DPKQ5KE976eKF/JKEyzAfBgNVHSMEGDAWgBQktwi2Unq70t4r
mzc0lqvB10i25zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pMY0l0bEo2dTlMZUs1czNOSmFyd2RkSXR1Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWIvZWU0M2EwLWVkZjUtNDQ3ZC1iNDczLWIyYTEzYTNhOWI4YS8x
L0xIZ3E5NG11QXp5a09TaFBlLW5paGZ5U2hNcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIv
ZWU0M2EwLWVkZjUtNDQ3ZC1iNDczLWIyYTEzYTNhOWI4YS8xL0pMY0l0bEo2dTlM
ZUs1czNOSmFyd2RkSXR1Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArloZDANBgkqhkiG9w0BAQsFAAOC
AQEAPO3GKfTw1rouaQJdDKjE1xGbeZeBqB4qL8oDF3yWptJ0vV///auNp0k12f7Y
XpT90QHB4MH9iYiXdsGW9rKyGI64holiTBfbvuDNIYOglXzfC5fcYCywir87l+gi
fT+eauYRqRByCTGgU4z5TP/S+p+2ISEJb40z7+D1AgD9SA5DMZRADolBEm27y/0V
CtE9f4lka7bRJRf2lMYpvCTcxQ/LZJI4z60lr+s5tpmpVQnY+1Ztc5NikSSP7GoA
CNXlEBqIOQ9YBISrW7/S2gOBG7zd+zuguRJIRklYTiqhbRF/7DmBic7WuPsHjfJD
ycWFcV5vAISGcmNlnPgdWP15oA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:11 2024 by rpki-client on console-fra.rpki-client.org