Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/lusvWY219dKr7hJLQjgA7mM2KDk.roa
File:                     lusvWY219dKr7hJLQjgA7mM2KDk.roa (raw, json)
Hash identifier:          25BkszFXH1N2bO87WUTeEL7aHZqCeWByDy3pyc7JORQ=
Subject key identifier:   96:EB:2F:59:8D:B5:F5:D2:AB:EE:12:4B:42:38:00:EE:63:36:28:39
Certificate issuer:       /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial:       180453C1
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/lusvWY219dKr7hJLQjgA7mM2KDk.roa
Signing time:             Tue 19 Apr 2022 13:13:58 +0000
ROA not before:           Tue 19 Apr 2022 13:13:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210226
IP address blocks:        128.0.65.0/24 maxlen: 24
                          37.230.128.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 402936769 (0x180453c1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
        Validity
            Not Before: Apr 19 13:13:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=96eb2f598db5f5d2abee124b423800ee63362839
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:e1:12:bd:88:bc:1f:63:0e:2e:c9:eb:38:35:
                    b2:ec:4e:ee:63:6a:d8:ab:42:af:02:94:33:d3:06:
                    25:fe:6f:af:f0:84:b1:7c:86:f1:6b:18:96:57:b0:
                    8b:ac:3a:12:2a:a3:67:f6:ac:1a:80:bd:52:fd:f8:
                    da:61:61:39:e2:2c:20:57:41:7b:1d:1d:24:c0:0e:
                    d1:ce:7e:03:51:00:89:8b:76:96:00:52:ba:c6:1b:
                    a0:80:91:ec:29:60:14:78:ec:fb:6e:7c:f0:59:be:
                    67:e0:8e:e3:23:fd:37:81:3d:01:97:4a:0e:70:85:
                    7c:67:10:35:a6:db:cf:cd:6a:c1:c6:b8:6a:ec:38:
                    7b:77:51:32:68:ed:25:8e:40:e0:86:a5:e4:3f:b9:
                    88:20:ef:69:8d:b1:38:35:ee:9f:63:59:16:ce:e5:
                    09:3d:30:88:ab:a9:77:0c:cc:3f:56:72:e3:3f:21:
                    c1:12:4b:22:43:94:ff:da:90:7b:19:f1:f7:75:88:
                    96:c2:9a:bf:0c:37:47:27:d8:17:d2:64:35:e6:dd:
                    c4:73:61:ec:99:82:d0:49:8c:8b:03:fc:a7:4e:e3:
                    c6:8c:4c:b3:96:99:cf:94:e0:02:74:d0:54:f1:4f:
                    a9:99:09:94:15:e7:59:6e:73:2e:e2:28:16:75:89:
                    3a:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:EB:2F:59:8D:B5:F5:D2:AB:EE:12:4B:42:38:00:EE:63:36:28:39
            X509v3 Authority Key Identifier:
                keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/lusvWY219dKr7hJLQjgA7mM2KDk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.230.128.0/23
                  128.0.65.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:d3:40:98:26:b3:07:75:a5:99:97:30:94:89:5e:7b:3f:28:
         8a:04:2f:d1:05:50:3f:90:0e:9d:b4:17:be:54:02:7d:e3:f6:
         9b:12:ea:ba:be:8e:91:27:98:46:48:8d:e6:4c:70:29:b5:7e:
         8a:43:43:25:d7:f5:35:f4:1b:88:c0:c1:ed:f6:f2:a8:36:fa:
         b7:3f:b0:e8:51:bc:ac:b8:f0:2e:53:07:08:2f:c9:3e:ee:dc:
         80:ad:8c:1b:1d:76:6a:f4:71:be:39:57:4b:05:2d:29:65:c1:
         79:78:4e:85:95:ae:c2:37:46:fd:da:e1:12:e3:b9:c8:1e:35:
         10:e1:c5:19:0b:f7:ed:5b:3c:72:05:f4:ee:aa:f7:d3:80:60:
         d5:0e:51:c7:f0:d1:79:45:39:4f:f5:7f:ae:73:ae:d5:da:34:
         60:5f:13:f7:23:b3:af:d1:5d:4c:da:2a:2d:c7:8d:2d:7b:91:
         b6:55:67:5d:40:ef:c4:f0:ff:95:26:98:6a:7d:2d:49:28:1c:
         ac:9f:0a:22:ca:43:46:b1:39:b6:2a:13:27:2d:d5:4d:63:13:
         90:4b:6e:01:14:77:35:4c:28:57:4c:36:20:da:c1:5a:ba:79:
         41:1b:54:75:c2:6d:bc:5c:0f:aa:c7:03:2d:20:44:09:51:63:
         b2:11:fc:b0
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEGARTwTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ODg1ZTg4NGMyZmM3YTc1ZDEyZGQxZGVhNDljZTIzNDljNDcwNjdlMB4XDTIyMDQx
OTEzMTM1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTZlYjJmNTk4ZGI1
ZjVkMmFiZWUxMjRiNDIzODAwZWU2MzM2MjgzOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPhEr2IvB9jDi7J6zg1suxO7mNq2KtCrwKUM9MGJf5vr/CE
sXyG8WsYllewi6w6EiqjZ/asGoC9Uv342mFhOeIsIFdBex0dJMAO0c5+A1EAiYt2
lgBSusYboICR7ClgFHjs+2588Fm+Z+CO4yP9N4E9AZdKDnCFfGcQNabbz81qwca4
auw4e3dRMmjtJY5A4Ial5D+5iCDvaY2xODXun2NZFs7lCT0wiKupdwzMP1Zy4z8h
wRJLIkOU/9qQexnx93WIlsKavww3RyfYF9JkNebdxHNh7JmC0EmMiwP8p07jxoxM
s5aZz5TgAnTQVPFPqZkJlBXnWW5zLuIoFnWJOqMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSW6y9ZjbX10qvuEktCOADuYzYoOTAfBgNVHSMEGDAWgBRYheiEwvx6ddEt
0d6knOI0nEcGfjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dJWG9oTUw4ZW5YUkxkSGVwSnppTkp4SEJuNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvNmMwYmY3LTVmMTMtNDRhMi05OTg5LThjOTU4MWQ5NmQ4Zi8x
L2x1c3ZXWTIxOWRLcjdoSkxRamdBN21NMktEay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
NmMwYmY3LTVmMTMtNDRhMi05OTg5LThjOTU4MWQ5NmQ4Zi8xL1dJWG9oTUw4ZW5Y
UkxkSGVwSnppTkp4SEJuNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEASXmgAMEAIAAQTANBgkqhkiG9w0B
AQsFAAOCAQEAGtNAmCazB3WlmZcwlIleez8oigQv0QVQP5AOnbQXvlQCfeP2mxLq
ur6OkSeYRkiN5kxwKbV+ikNDJdf1NfQbiMDB7fbyqDb6tz+w6FG8rLjwLlMHCC/J
Pu7cgK2MGx12avRxvjlXSwUtKWXBeXhOhZWuwjdG/drhEuO5yB41EOHFGQv37Vs8
cgX07qr304Bg1Q5Rx/DReUU5T/V/rnOu1do0YF8T9yOzr9FdTNoqLceNLXuRtlVn
XUDvxPD/lSaYan0tSSgcrJ8KIspDRrE5tioTJy3VTWMTkEtuARR3NUwoV0w2INrB
Wrp5QRtUdcJtvFwPqscDLSBECVFjshH8sA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:33 2024 by rpki-client on console-ams.rpki-client.org