Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/d929ab-4896-43e2-a876-01bed8782c7f/1/LZawgQ5Fb4sKS0pi0XX5jDac8ck.roa
File:                     LZawgQ5Fb4sKS0pi0XX5jDac8ck.roa (raw, json)
Hash identifier:          1rH6sYG46+GrDn0TCCrVJjVGOKz7oNeZ4roY67KE8TQ=
Subject key identifier:   2D:96:B0:81:0E:45:6F:8B:0A:4B:4A:62:D1:75:F9:8C:36:9C:F1:C9
Certificate issuer:       /CN=1dfc2b36514163d389ee8fe18f8e2343fa4ddc99
Certificate serial:       091892B2
Authority key identifier: 1D:FC:2B:36:51:41:63:D3:89:EE:8F:E1:8F:8E:23:43:FA:4D:DC:99
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HfwrNlFBY9OJ7o_hj44jQ_pN3Jk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/d929ab-4896-43e2-a876-01bed8782c7f/1/LZawgQ5Fb4sKS0pi0XX5jDac8ck.roa
Signing time:             Sat 01 Jan 2022 10:59:51 +0000
ROA not before:           Sat 01 Jan 2022 10:59:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206894
IP address blocks:        185.172.216.0/22 maxlen: 22
                          2a0b:2700::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 152605362 (0x91892b2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dfc2b36514163d389ee8fe18f8e2343fa4ddc99
        Validity
            Not Before: Jan  1 10:59:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2d96b0810e456f8b0a4b4a62d175f98c369cf1c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:af:64:39:21:be:72:75:ac:2b:06:cc:0c:64:
                    71:fc:ac:54:7b:ec:65:31:a2:f5:3c:bf:73:1b:95:
                    d2:e2:30:6e:13:3e:cb:72:f2:86:f1:fc:db:99:56:
                    80:e4:d2:c6:18:5b:6d:e4:06:d8:f0:e9:a2:33:e8:
                    d7:de:a7:54:ed:7d:e8:be:56:4d:9d:fd:37:62:25:
                    2a:f4:35:69:99:d3:c3:e0:75:13:14:c4:92:99:f3:
                    29:72:e0:15:2f:94:9e:da:b4:f2:d4:5e:8f:51:cd:
                    3b:a5:fb:f6:18:d9:3f:c2:16:9d:f0:cb:3c:e7:92:
                    3b:65:77:fd:51:8f:04:ec:e1:6e:a5:91:d9:84:54:
                    27:2d:52:96:d8:a9:08:db:29:ec:0a:b4:a5:4f:4e:
                    2f:de:83:bf:c6:d8:aa:53:62:71:c3:4a:9f:e6:6f:
                    ee:df:b9:36:83:52:48:40:65:f7:b8:fd:7e:74:ff:
                    56:42:ed:c7:72:c2:52:39:70:29:10:9e:7e:bb:2a:
                    96:f6:9d:39:d1:22:24:3f:89:9f:0c:e1:4a:da:60:
                    9e:b2:c4:90:7e:d2:1c:7c:a9:71:10:2d:81:ba:b1:
                    d0:1c:07:7e:6f:3b:05:02:a8:72:d4:01:a8:d5:95:
                    8b:c9:fb:85:d3:d7:77:2e:e8:66:2a:a0:cb:33:9e:
                    7d:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:96:B0:81:0E:45:6F:8B:0A:4B:4A:62:D1:75:F9:8C:36:9C:F1:C9
            X509v3 Authority Key Identifier:
                keyid:1D:FC:2B:36:51:41:63:D3:89:EE:8F:E1:8F:8E:23:43:FA:4D:DC:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HfwrNlFBY9OJ7o_hj44jQ_pN3Jk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/d929ab-4896-43e2-a876-01bed8782c7f/1/LZawgQ5Fb4sKS0pi0XX5jDac8ck.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/d929ab-4896-43e2-a876-01bed8782c7f/1/HfwrNlFBY9OJ7o_hj44jQ_pN3Jk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.172.216.0/22
                IPv6:
                  2a0b:2700::/29

    Signature Algorithm: sha256WithRSAEncryption
         7f:24:e6:06:1f:39:ad:54:7b:ba:7d:0e:0e:1b:95:5c:16:ae:
         c7:cc:99:fd:20:83:a3:74:ef:35:57:04:9f:15:73:6f:4c:1a:
         f1:98:4f:a1:c8:4c:77:54:57:16:c3:0b:48:ec:d7:fe:86:c0:
         08:a5:2d:e0:1c:a0:56:ec:26:19:5c:42:ee:7a:7d:5d:c6:fc:
         96:49:27:05:ed:8f:08:9d:ca:1c:d4:65:f3:ea:9a:c8:37:00:
         da:cd:dd:9e:59:90:a2:29:f6:ab:38:25:40:d1:c6:c6:25:a4:
         42:5e:5b:33:c1:67:44:1a:e9:b5:8c:2c:98:e8:9c:f7:22:80:
         4b:89:b1:60:74:d4:42:97:cb:bb:de:e1:5a:f3:07:5b:6f:2d:
         47:ed:78:0b:f7:a1:c7:52:40:b3:8a:82:f6:de:31:90:48:c8:
         df:e8:74:a5:8a:31:26:f7:c3:2a:76:85:4d:f2:10:70:75:26:
         f9:8f:1e:ee:9d:f5:9b:a5:08:97:a2:54:ab:99:f9:cf:e8:5d:
         14:ce:ec:d2:6f:78:25:44:cb:bf:81:6b:01:a8:1c:c7:81:19:
         a9:6d:34:99:a4:77:8d:0e:a1:4a:d2:3f:82:f7:b5:2c:02:a1:
         17:a6:88:d4:06:3f:2d:7c:7f:c8:b0:6b:ad:6c:46:ae:a2:ba:
         e8:e5:65:5f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECRiSsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZGZjMmIzNjUxNDE2M2QzODllZThmZTE4ZjhlMjM0M2ZhNGRkYzk5MB4XDTIyMDEw
MTEwNTk1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmQ5NmIwODEwZTQ1
NmY4YjBhNGI0YTYyZDE3NWY5OGMzNjljZjFjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJKvZDkhvnJ1rCsGzAxkcfysVHvsZTGi9Ty/cxuV0uIwbhM+
y3LyhvH825lWgOTSxhhbbeQG2PDpojPo196nVO196L5WTZ39N2IlKvQ1aZnTw+B1
ExTEkpnzKXLgFS+Untq08tRej1HNO6X79hjZP8IWnfDLPOeSO2V3/VGPBOzhbqWR
2YRUJy1SltipCNsp7Aq0pU9OL96Dv8bYqlNiccNKn+Zv7t+5NoNSSEBl97j9fnT/
VkLtx3LCUjlwKRCefrsqlvadOdEiJD+JnwzhStpgnrLEkH7SHHypcRAtgbqx0BwH
fm87BQKoctQBqNWVi8n7hdPXdy7oZiqgyzOefXMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQtlrCBDkVviwpLSmLRdfmMNpzxyTAfBgNVHSMEGDAWgBQd/Cs2UUFj04nu
j+GPjiND+k3cmTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hmd3JObEZCWTlPSjdvX2hqNDRqUV9wTjNKay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTkvZDkyOWFiLTQ4OTYtNDNlMi1hODc2LTAxYmVkODc4MmM3Zi8x
L0xaYXdnUTVGYjRzS1MwcGkwWFg1akRhYzhjay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkv
ZDkyOWFiLTQ4OTYtNDNlMi1hODc2LTAxYmVkODc4MmM3Zi8xL0hmd3JObEZCWTlP
SjdvX2hqNDRqUV9wTjNKay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArms2DANBAIAAjAHAwUDKgsnADAN
BgkqhkiG9w0BAQsFAAOCAQEAfyTmBh85rVR7un0ODhuVXBaux8yZ/SCDo3TvNVcE
nxVzb0wa8ZhPochMd1RXFsMLSOzX/obACKUt4BygVuwmGVxC7np9Xcb8lkknBe2P
CJ3KHNRl8+qayDcA2s3dnlmQoin2qzglQNHGxiWkQl5bM8FnRBrptYwsmOic9yKA
S4mxYHTUQpfLu97hWvMHW28tR+14C/ehx1JAs4qC9t4xkEjI3+h0pYoxJvfDKnaF
TfIQcHUm+Y8e7p31m6UIl6JUq5n5z+hdFM7s0m94JUTLv4FrAagcx4EZqW00maR3
jQ6hStI/gve1LAKhF6aI1AY/LXx/yLBrrWxGrqK66OVlXw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:24 2024 by rpki-client on console-fra.rpki-client.org