Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/479d06-9e84-4f76-8ae0-131d2916488c/1/mLemuimEKyhxhAwLdqRF8xFhqVU.roa
File:                     mLemuimEKyhxhAwLdqRF8xFhqVU.roa (raw, json)
Hash identifier:          jmcxsh8D6bUCfwQNZXmzIj8ntBcVWCq0vC3lsffjuGI=
Subject key identifier:   98:B7:A6:BA:29:84:2B:28:71:84:0C:0B:76:A4:45:F3:11:61:A9:55
Certificate issuer:       /CN=54e5d6917dc2dabfb5caf907c3e745149502c90e
Certificate serial:       0502E5F1
Authority key identifier: 54:E5:D6:91:7D:C2:DA:BF:B5:CA:F9:07:C3:E7:45:14:95:02:C9:0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VOXWkX3C2r-1yvkHw-dFFJUCyQ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/479d06-9e84-4f76-8ae0-131d2916488c/1/mLemuimEKyhxhAwLdqRF8xFhqVU.roa
Signing time:             Sat 01 Jan 2022 15:02:07 +0000
ROA not before:           Sat 01 Jan 2022 15:02:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3356
IP address blocks:        185.248.248.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 84076017 (0x502e5f1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54e5d6917dc2dabfb5caf907c3e745149502c90e
        Validity
            Not Before: Jan  1 15:02:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=98b7a6ba29842b2871840c0b76a445f31161a955
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:f6:a7:5b:75:98:07:69:20:b3:e3:61:bf:ce:
                    8c:0c:33:1a:89:b7:09:b7:09:e4:99:bf:5f:09:9d:
                    e2:c6:6a:99:b0:3b:23:c6:2e:50:48:d9:d6:7b:94:
                    ef:db:41:75:b2:c1:0c:5e:60:9e:e1:0c:b0:b5:7a:
                    76:cf:d4:bc:d5:23:4f:b8:e3:f9:b4:6b:21:b5:a1:
                    2f:f6:1e:23:27:21:de:8a:6e:e5:dd:b9:e9:96:06:
                    8e:18:04:33:c5:af:8d:de:c7:13:7f:19:40:99:5c:
                    92:be:07:4a:7d:32:1e:4e:58:bb:18:93:2b:93:63:
                    ce:7d:68:9a:31:9c:6e:aa:ce:c3:4c:7a:15:48:e5:
                    06:9f:dc:d4:c2:ca:f6:78:b6:d1:a2:1c:56:43:e7:
                    8c:57:09:95:84:a8:c5:6e:aa:f3:2e:c1:5e:7e:43:
                    31:e5:63:a3:75:1a:fc:30:34:4f:06:14:46:7c:83:
                    fd:79:cc:97:53:7e:2e:19:5a:d1:46:95:9e:f4:b6:
                    c7:12:9f:84:96:44:39:c0:7d:d0:88:df:46:7d:cd:
                    c7:a7:a3:b3:a4:75:ec:fb:82:80:35:74:8e:14:8d:
                    09:e8:c5:fd:22:40:9b:5f:3b:42:95:f5:87:de:4a:
                    22:4d:67:22:20:8c:e7:78:bd:09:40:d0:81:99:6a:
                    00:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:B7:A6:BA:29:84:2B:28:71:84:0C:0B:76:A4:45:F3:11:61:A9:55
            X509v3 Authority Key Identifier:
                keyid:54:E5:D6:91:7D:C2:DA:BF:B5:CA:F9:07:C3:E7:45:14:95:02:C9:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VOXWkX3C2r-1yvkHw-dFFJUCyQ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/479d06-9e84-4f76-8ae0-131d2916488c/1/mLemuimEKyhxhAwLdqRF8xFhqVU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/479d06-9e84-4f76-8ae0-131d2916488c/1/VOXWkX3C2r-1yvkHw-dFFJUCyQ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.248.248.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ce:9f:4e:d7:c5:c3:42:d2:b9:c7:d8:22:ff:c5:9d:45:8c:07:
         b1:1f:ae:0f:9d:e1:b8:24:ad:a2:3a:5d:29:b4:e4:3f:45:87:
         55:75:15:a6:10:19:79:07:6f:27:e5:11:09:e4:c7:0e:58:1a:
         7e:46:cf:56:1c:8a:0d:34:04:75:af:5b:8f:12:28:79:e0:f8:
         dd:e5:fc:65:5f:ec:9b:34:cb:2e:f5:04:fd:bc:ec:f2:4a:1f:
         bb:87:78:52:1d:94:25:1d:2e:9c:30:1c:db:31:fb:37:09:d4:
         13:8c:2e:19:57:6d:3d:a4:9d:ba:42:7f:c8:98:bf:8d:eb:98:
         46:6a:f9:52:15:a4:06:1e:8c:92:75:e4:95:88:1c:f0:72:57:
         f2:2c:80:0c:57:4c:f3:03:c3:2f:37:7e:73:40:76:9b:80:db:
         b5:56:72:ca:35:f9:04:d0:b7:b6:d8:c3:8c:4b:fd:92:86:f0:
         b0:52:c2:0d:9d:19:9c:4a:c9:00:b7:68:6e:b9:74:4a:0d:b7:
         43:db:98:72:65:0f:d6:24:ba:2e:d6:db:c6:c5:cd:dd:b5:73:
         c8:33:db:ed:73:ea:1f:1e:8a:6a:46:72:aa:a5:3b:71:cd:f1:
         e2:33:82:9d:4c:28:b8:9d:02:b0:db:07:1d:c5:5e:1a:fa:47:
         34:30:0a:6e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBQLl8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NGU1ZDY5MTdkYzJkYWJmYjVjYWY5MDdjM2U3NDUxNDk1MDJjOTBlMB4XDTIyMDEw
MTE1MDIwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOThiN2E2YmEyOTg0
MmIyODcxODQwYzBiNzZhNDQ1ZjMxMTYxYTk1NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN/2p1t1mAdpILPjYb/OjAwzGom3CbcJ5Jm/Xwmd4sZqmbA7
I8YuUEjZ1nuU79tBdbLBDF5gnuEMsLV6ds/UvNUjT7jj+bRrIbWhL/YeIych3opu
5d256ZYGjhgEM8Wvjd7HE38ZQJlckr4HSn0yHk5YuxiTK5Njzn1omjGcbqrOw0x6
FUjlBp/c1MLK9ni20aIcVkPnjFcJlYSoxW6q8y7BXn5DMeVjo3Ua/DA0TwYURnyD
/XnMl1N+Lhla0UaVnvS2xxKfhJZEOcB90IjfRn3Nx6ejs6R17PuCgDV0jhSNCejF
/SJAm187QpX1h95KIk1nIiCM53i9CUDQgZlqAP8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSYt6a6KYQrKHGEDAt2pEXzEWGpVTAfBgNVHSMEGDAWgBRU5daRfcLav7XK
+QfD50UUlQLJDjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZPWFdrWDNDMnItMXl2a0h3LWRGRkpVQ3lRNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvNDc5ZDA2LTllODQtNGY3Ni04YWUwLTEzMWQyOTE2NDg4Yy8x
L21MZW11aW1FS3loeGhBd0xkcVJGOHhGaHFWVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
NDc5ZDA2LTllODQtNGY3Ni04YWUwLTEzMWQyOTE2NDg4Yy8xL1ZPWFdrWDNDMnIt
MXl2a0h3LWRGRkpVQ3lRNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbn4+DANBgkqhkiG9w0BAQsFAAOC
AQEAzp9O18XDQtK5x9gi/8WdRYwHsR+uD53huCStojpdKbTkP0WHVXUVphAZeQdv
J+URCeTHDlgafkbPVhyKDTQEda9bjxIoeeD43eX8ZV/smzTLLvUE/bzs8kofu4d4
Uh2UJR0unDAc2zH7NwnUE4wuGVdtPaSdukJ/yJi/jeuYRmr5UhWkBh6MknXklYgc
8HJX8iyADFdM8wPDLzd+c0B2m4DbtVZyyjX5BNC3ttjDjEv9kobwsFLCDZ0ZnErJ
ALdobrl0Sg23Q9uYcmUP1iS6LtbbxsXN3bVzyDPb7XPqHx6KakZyqqU7cc3x4jOC
nUwouJ0CsNsHHcVeGvpHNDAKbg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:00 2024 by rpki-client on console-fra.rpki-client.org