Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/lVlNMw7FgqCXWA10MeS7eXN0aVo.roa
File:                     lVlNMw7FgqCXWA10MeS7eXN0aVo.roa (raw, json)
Hash identifier:          +g7++UvwrhyaAr8c0mxAcRNYOBa7wBWhyrZYfkNhdeU=
Subject key identifier:   95:59:4D:33:0E:C5:82:A0:97:58:0D:74:31:E4:BB:79:73:74:69:5A
Certificate issuer:       /CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Certificate serial:       01F14437
Authority key identifier: F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/lVlNMw7FgqCXWA10MeS7eXN0aVo.roa
Signing time:             Sat 01 Jan 2022 15:06:15 +0000
ROA not before:           Sat 01 Jan 2022 15:06:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     18779
IP address blocks:        176.111.223.0/24 maxlen: 24
                          147.189.130.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 32588855 (0x1f14437)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f93ac6cd2240249bba60171f086e9101cc87ca24
        Validity
            Not Before: Jan  1 15:06:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=95594d330ec582a097580d7431e4bb797374695a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:60:22:5a:21:84:9a:8d:1d:6a:6f:e5:98:79:
                    28:53:a5:fc:1b:08:93:04:a4:bd:9e:21:a7:4f:83:
                    65:b0:87:d9:79:cd:49:86:25:94:a8:58:65:4b:9c:
                    cc:07:8d:e8:31:37:c2:f5:0a:37:c9:a3:26:8e:46:
                    59:ba:19:a4:37:4d:c3:1f:2a:71:86:d3:d5:9a:62:
                    e3:25:41:73:60:45:06:38:a7:f1:77:1f:34:10:c1:
                    f8:ae:87:df:17:54:6f:c3:76:a2:29:0d:1b:c3:17:
                    93:6c:3d:99:16:0b:94:94:19:d1:ca:29:5e:81:5b:
                    db:bd:23:67:f0:af:bf:64:9f:f9:80:55:7f:13:2f:
                    37:13:b2:aa:7d:d3:85:a5:4a:01:29:49:95:20:3e:
                    ce:b4:d6:6f:6e:0a:a7:db:ad:c6:7b:00:79:8d:83:
                    70:45:2d:37:7c:b0:fe:9e:a9:a4:c9:74:59:95:06:
                    8c:6d:74:d5:9c:ff:90:24:02:08:b2:f0:fa:bd:02:
                    3a:6a:2d:eb:2b:b9:0a:16:fa:8f:39:97:6e:a2:c1:
                    50:48:06:43:16:cd:3e:3b:d3:31:cc:87:88:9e:1f:
                    55:e0:57:99:0e:65:f6:4d:61:c6:10:4a:28:c1:1c:
                    90:e9:56:f0:21:61:ff:37:99:d6:e5:66:e1:ae:7d:
                    2a:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:59:4D:33:0E:C5:82:A0:97:58:0D:74:31:E4:BB:79:73:74:69:5A
            X509v3 Authority Key Identifier:
                keyid:F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/lVlNMw7FgqCXWA10MeS7eXN0aVo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.189.130.0/24
                  176.111.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:bb:e7:5d:84:01:22:74:d7:7a:68:28:27:4b:2d:75:5d:37:
         ce:73:72:64:ae:e3:a9:6b:de:12:8f:e8:97:b7:66:ca:f0:88:
         7f:d5:37:fa:81:b0:07:08:0f:a1:c5:4f:f8:41:c8:dd:6c:e4:
         1a:10:41:1d:ca:a6:ab:c4:3e:ba:26:05:6d:c5:6b:4a:b9:7f:
         fc:70:26:39:e4:2d:1a:cb:ba:38:55:bf:f7:34:13:86:2b:bf:
         0b:68:7f:31:82:cb:65:cc:3e:b6:86:20:1e:c2:d3:96:9c:14:
         01:11:95:2f:d2:63:2c:7b:4e:da:2f:22:24:e0:81:d9:c6:d1:
         0a:3a:aa:92:f6:8b:e9:93:38:d4:0d:5e:8d:73:e3:c1:5f:56:
         82:7a:4f:97:fe:83:13:53:d2:58:da:64:85:6a:7f:eb:51:27:
         30:e2:72:37:5a:34:3a:72:b6:db:4c:eb:80:6b:c3:7c:b7:4b:
         3f:b6:c4:19:0a:35:46:0b:45:a1:84:d0:1e:dd:70:50:3e:45:
         14:7d:33:16:97:20:64:e8:bc:32:f5:30:b2:61:b0:d3:08:3f:
         78:43:33:5e:7f:f3:0c:ba:6b:83:d4:eb:12:9a:79:a8:90:c4:
         fd:2a:16:4c:ac:92:5f:02:30:03:f5:22:69:af:75:2f:ea:c9:
         cf:3f:df:41
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAfFENzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OTNhYzZjZDIyNDAyNDliYmE2MDE3MWYwODZlOTEwMWNjODdjYTI0MB4XDTIyMDEw
MTE1MDYxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTU1OTRkMzMwZWM1
ODJhMDk3NTgwZDc0MzFlNGJiNzk3Mzc0Njk1YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ9gIlohhJqNHWpv5Zh5KFOl/BsIkwSkvZ4hp0+DZbCH2XnN
SYYllKhYZUuczAeN6DE3wvUKN8mjJo5GWboZpDdNwx8qcYbT1Zpi4yVBc2BFBjin
8XcfNBDB+K6H3xdUb8N2oikNG8MXk2w9mRYLlJQZ0copXoFb270jZ/Cvv2Sf+YBV
fxMvNxOyqn3ThaVKASlJlSA+zrTWb24Kp9utxnsAeY2DcEUtN3yw/p6ppMl0WZUG
jG101Zz/kCQCCLLw+r0COmot6yu5Chb6jzmXbqLBUEgGQxbNPjvTMcyHiJ4fVeBX
mQ5l9k1hxhBKKMEckOlW8CFh/zeZ1uVm4a59KqsCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBSVWU0zDsWCoJdYDXQx5Lt5c3RpWjAfBgNVHSMEGDAWgBT5OsbNIkAkm7pg
Fx8IbpEBzIfKJDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtVHJHelNKQUpKdTZZQmNmQ0c2UkFjeUh5aVEuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzk4L2IwMzIxMy01ZTgwLTQ5MzEtODFjZS1mNzUyZDgxNjA1ZmIv
MS9sVmxOTXc3RmdxQ1hXQTEwTWVTN2VYTjBhVm8ucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk4
L2IwMzIxMy01ZTgwLTQ5MzEtODFjZS1mNzUyZDgxNjA1ZmIvMS8xLVRyR3pTSkFK
SnU2WUJjZkNHNlJBY3lIeWlRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAk72CAwQAsG/fMA0GCSqGSIb3
DQEBCwUAA4IBAQAwu+ddhAEidNd6aCgnSy11XTfOc3JkruOpa94Sj+iXt2bK8Ih/
1Tf6gbAHCA+hxU/4QcjdbOQaEEEdyqarxD66JgVtxWtKuX/8cCY55C0ay7o4Vb/3
NBOGK78LaH8xgstlzD62hiAewtOWnBQBEZUv0mMse07aLyIk4IHZxtEKOqqS9ovp
kzjUDV6Nc+PBX1aCek+X/oMTU9JY2mSFan/rUScw4nI3WjQ6crbbTOuAa8N8t0s/
tsQZCjVGC0WhhNAe3XBQPkUUfTMWlyBk6Lwy9TCyYbDTCD94QzNef/MMumuD1OsS
mnmokMT9KhZMrJJfAjAD9SJpr3Uv6snPP99B
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:12 2024 by rpki-client on console-fra.rpki-client.org