Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/lM-ZIHILhSAv4dYovCvonrizspE.roa
File:                     lM-ZIHILhSAv4dYovCvonrizspE.roa (raw, json)
Hash identifier:          yVa1UDqM3T5byL70Zv1V/nzEa9N+svyJFv19UpRQX50=
Subject key identifier:   94:CF:99:20:72:0B:85:20:2F:E1:D6:28:BC:2B:E8:9E:B8:B3:B2:91
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       1A107CF9
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/lM-ZIHILhSAv4dYovCvonrizspE.roa
Signing time:             Mon 10 Jan 2022 10:29:32 +0000
ROA not before:           Mon 10 Jan 2022 10:29:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211588
IP address blocks:        45.83.205.0/24 maxlen: 24
                          2a07:e345::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 437288185 (0x1a107cf9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Jan 10 10:29:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=94cf9920720b85202fe1d628bc2be89eb8b3b291
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:08:e6:d7:97:be:cb:61:32:10:53:ca:5b:71:
                    d9:9c:7b:0d:2d:4c:00:1e:08:e6:c2:25:f8:c8:50:
                    9b:3e:fd:47:c8:5b:26:6d:4a:d1:12:96:87:4e:9e:
                    35:49:d3:47:a5:d5:1c:bf:02:93:1b:99:f9:9b:1e:
                    7e:6c:9a:17:85:f8:fc:d3:31:28:e7:87:44:e5:8e:
                    50:ef:cd:46:de:7b:86:e4:1e:f6:87:81:b2:c5:6e:
                    b2:db:63:ec:cc:71:2a:1e:9c:dd:bd:d3:8a:92:79:
                    b7:0a:e4:1b:e8:8e:94:b8:d3:88:fd:85:03:60:2d:
                    a3:9c:b8:2c:14:5b:75:ce:be:a1:86:77:42:56:e1:
                    2f:d3:67:75:cb:21:93:06:5b:c5:54:70:89:ee:06:
                    81:bf:4c:6b:0f:d4:5e:9f:3b:77:5e:6e:6e:1f:54:
                    7f:ff:95:03:e8:91:28:16:c0:fd:f7:e7:96:0e:2e:
                    e6:f6:81:a4:4c:89:8c:1e:3b:48:e1:3d:e1:7c:f2:
                    0b:83:4f:34:da:b6:f1:72:f6:ce:cf:84:cf:6f:e8:
                    73:33:20:f5:35:17:f0:8c:75:1a:09:88:07:1d:4a:
                    4c:87:fd:e3:e4:34:0b:37:5b:cd:67:85:1e:20:c7:
                    bb:7e:6d:df:54:d9:41:ce:4d:9f:5d:05:06:95:e2:
                    ad:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:CF:99:20:72:0B:85:20:2F:E1:D6:28:BC:2B:E8:9E:B8:B3:B2:91
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/lM-ZIHILhSAv4dYovCvonrizspE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.83.205.0/24
                IPv6:
                  2a07:e345::/32

    Signature Algorithm: sha256WithRSAEncryption
         40:61:3c:4d:38:50:78:ef:e8:ff:48:10:c8:01:00:f7:5a:f5:
         67:43:5a:da:03:17:c0:62:32:69:95:a9:d2:c3:97:e8:73:74:
         4a:ed:ff:c9:e8:36:f7:ba:23:a8:3f:3f:f3:c0:9f:cb:63:96:
         93:10:4d:ee:a6:39:cc:0c:0c:d0:38:76:98:91:a8:ac:4b:9c:
         aa:60:90:fc:6e:58:a1:63:3b:2d:76:51:27:15:0f:f1:f8:3b:
         f4:30:cf:9c:f2:e0:96:48:88:de:31:4e:be:46:90:79:8f:3a:
         cf:90:da:31:5c:a0:8d:eb:3e:e5:47:89:46:52:b6:7c:90:b9:
         28:05:19:ef:ab:da:09:1f:06:a3:9a:16:be:ec:e4:ba:c3:6e:
         5f:27:09:20:9e:1a:e0:44:76:28:50:e7:5d:0f:cf:cf:1e:39:
         bb:01:98:31:8e:68:1d:aa:8a:44:94:b0:1d:65:bf:14:1a:41:
         af:aa:48:b5:f8:96:5f:e2:21:9e:72:45:d3:62:44:95:e8:54:
         f1:3d:a2:f8:af:ac:7d:f5:d2:29:00:af:d1:05:ca:7d:84:64:
         76:63:3f:f5:95:6d:ef:f4:25:c5:8d:f9:2d:4e:33:0a:a0:e9:
         13:c8:56:4b:56:56:df:b2:d4:72:46:4d:9b:51:0e:df:d6:c6:
         46:ee:e9:2c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEGhB8+TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MTU1MDA5YzNkZTQyMWNjNGU2N2I5YTlhZTQyM2JiMzVkZTBiOTI2MB4XDTIyMDEx
MDEwMjkzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTRjZjk5MjA3MjBi
ODUyMDJmZTFkNjI4YmMyYmU4OWViOGIzYjI5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJkI5teXvsthMhBTyltx2Zx7DS1MAB4I5sIl+MhQmz79R8hb
Jm1K0RKWh06eNUnTR6XVHL8CkxuZ+ZsefmyaF4X4/NMxKOeHROWOUO/NRt57huQe
9oeBssVusttj7MxxKh6c3b3TipJ5twrkG+iOlLjTiP2FA2Ato5y4LBRbdc6+oYZ3
QlbhL9NndcshkwZbxVRwie4Ggb9Maw/UXp87d15ubh9Uf/+VA+iRKBbA/ffnlg4u
5vaBpEyJjB47SOE94XzyC4NPNNq28XL2zs+Ez2/oczMg9TUX8Ix1GgmIBx1KTIf9
4+Q0CzdbzWeFHiDHu35t31TZQc5Nn10FBpXirTECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSUz5kgcguFIC/h1ii8K+ieuLOykTAfBgNVHSMEGDAWgBSxVQCcPeQhzE5n
uamuQjuzXeC5JjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NWVUFuRDNrSWN4T1o3bXBya0k3czEzZ3VTWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8x
L2xNLVpJSElMaFNBdjRkWW92Q3ZvbnJpenNwRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
ZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8xL3NWVUFuRDNrSWN4
T1o3bXBya0k3czEzZ3VTWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAC1TzTANBAIAAjAHAwUAKgfjRTAN
BgkqhkiG9w0BAQsFAAOCAQEAQGE8TThQeO/o/0gQyAEA91r1Z0Na2gMXwGIyaZWp
0sOX6HN0Su3/yeg297ojqD8/88Cfy2OWkxBN7qY5zAwM0Dh2mJGorEucqmCQ/G5Y
oWM7LXZRJxUP8fg79DDPnPLglkiI3jFOvkaQeY86z5DaMVygjes+5UeJRlK2fJC5
KAUZ76vaCR8Go5oWvuzkusNuXycJIJ4a4ER2KFDnXQ/Pzx45uwGYMY5oHaqKRJSw
HWW/FBpBr6pItfiWX+IhnnJF02JElehU8T2i+K+sffXSKQCv0QXKfYRkdmM/9ZVt
7/QlxY35LU4zCqDpE8hWS1ZW37LUckZNm1EO39bGRu7pLA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org