Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/5mp0BLquiT_sgl15T1lCIcTsNyM.roa
File:                     5mp0BLquiT_sgl15T1lCIcTsNyM.roa (raw, json)
Hash identifier:          FI1tCWq9QHS5Ful8prpbGxac0ofINGUb8jJMl63P9Rk=
Subject key identifier:   E6:6A:74:04:BA:AE:89:3F:EC:82:5D:79:4F:59:42:21:C4:EC:37:23
Certificate issuer:       /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial:       13D265
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/5mp0BLquiT_sgl15T1lCIcTsNyM.roa
Signing time:             Sat 01 Jan 2022 21:58:11 +0000
ROA not before:           Sat 01 Jan 2022 21:58:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     140812
IP address blocks:        195.95.204.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1299045 (0x13d265)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
        Validity
            Not Before: Jan  1 21:58:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e66a7404baae893fec825d794f594221c4ec3723
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:27:ab:09:16:15:e7:12:2c:08:48:15:6a:89:
                    0e:f2:73:e4:20:b1:96:f2:45:3a:25:07:e2:38:a9:
                    99:19:24:d2:8b:12:42:08:39:0b:67:2d:2d:bd:15:
                    33:5a:dc:7c:45:8a:8d:85:f3:04:d9:ef:c2:66:34:
                    be:12:c3:c7:24:3c:09:92:ce:6f:3c:75:43:d6:b3:
                    e2:bf:ef:03:53:41:de:4f:66:e0:33:ff:5d:e7:11:
                    61:e5:a4:80:73:d5:61:86:6f:e3:46:26:35:46:cb:
                    2d:90:8a:bf:11:6f:a2:a6:1c:5d:45:77:07:1b:08:
                    40:e6:c3:1a:c1:26:61:4d:30:f6:85:0e:f6:49:0e:
                    cd:6b:96:03:c2:26:f9:d1:b1:b6:a3:16:6d:35:25:
                    13:dc:00:34:eb:56:2a:f3:9b:57:58:a8:11:a7:a2:
                    8c:4f:bf:13:40:1d:b4:fe:e1:66:d7:86:71:05:96:
                    ab:f9:23:37:11:bc:e5:2f:10:3c:56:50:31:2a:24:
                    a9:32:9f:5a:8b:47:3f:fb:67:2c:9f:6d:e2:0d:38:
                    53:85:ab:2b:a7:cd:53:72:a4:88:f9:c7:3f:80:4f:
                    3c:d6:07:d7:66:ea:ca:fe:1a:cd:c3:94:a0:07:a0:
                    85:2f:07:11:66:27:89:60:27:a6:cf:eb:dd:67:0d:
                    15:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:6A:74:04:BA:AE:89:3F:EC:82:5D:79:4F:59:42:21:C4:EC:37:23
            X509v3 Authority Key Identifier:
                keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/5mp0BLquiT_sgl15T1lCIcTsNyM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.95.204.0/23

    Signature Algorithm: sha256WithRSAEncryption
         69:68:fa:6a:4c:00:0f:ae:10:68:7b:80:7a:ef:0e:25:dc:c5:
         68:09:88:f3:e3:61:68:98:74:36:a4:a8:20:02:31:15:f1:ec:
         80:7f:97:71:a1:8e:0b:40:36:0c:2d:7c:3b:17:11:5b:7b:eb:
         20:53:09:d8:07:12:7b:a8:4f:58:dc:14:fe:09:c4:0e:2c:95:
         97:a7:0a:ab:40:e3:b0:5b:5b:e4:c4:8b:f6:90:af:0c:c0:a0:
         24:9c:5c:db:f8:f9:84:16:c3:9b:00:4d:45:7a:1a:ef:2e:af:
         f8:af:bd:86:68:41:e6:86:cb:2c:5d:35:74:d6:69:9d:81:b9:
         d8:5f:4f:e3:54:8d:ee:90:eb:51:69:8d:8f:36:89:61:74:79:
         85:bb:ff:71:69:d9:b5:44:fd:fc:4a:ce:e6:eb:ac:0f:6b:f1:
         37:39:a4:25:c9:a0:13:ef:39:b2:26:39:9f:0e:5e:ce:db:79:
         51:3a:15:80:2a:9e:08:98:76:5d:31:26:90:85:a2:3f:31:22:
         0e:05:ab:a0:07:1c:d2:b8:18:01:62:a9:89:73:fd:62:a5:bc:
         d6:a9:8a:2d:e6:2d:f5:36:9e:78:5f:76:9b:7f:63:66:41:ac:
         cb:2b:91:97:50:f0:df:57:c7:97:58:c6:f1:11:93:9c:f8:4d:
         09:d2:e7:54
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDE9JlMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDJl
ODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRkNmNlNTEwHhcNMjIwMTAx
MjE1ODExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhlNjZhNzQwNGJhYWU4
OTNmZWM4MjVkNzk0ZjU5NDIyMWM0ZWMzNzIzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwSerCRYV5xIsCEgVaokO8nPkILGW8kU6JQfiOKmZGSTSixJC
CDkLZy0tvRUzWtx8RYqNhfME2e/CZjS+EsPHJDwJks5vPHVD1rPiv+8DU0HeT2bg
M/9d5xFh5aSAc9Vhhm/jRiY1RsstkIq/EW+iphxdRXcHGwhA5sMawSZhTTD2hQ72
SQ7Na5YDwib50bG2oxZtNSUT3AA061Yq85tXWKgRp6KMT78TQB20/uFm14ZxBZar
+SM3EbzlLxA8VlAxKiSpMp9ai0c/+2csn23iDThThasrp81TcqSI+cc/gE881gfX
ZurK/hrNw5SgB6CFLwcRZieJYCemz+vdZw0VAwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFOZqdAS6rok/7IJdeU9ZQiHE7DcjMB8GA1UdIwQYMBaAFC6Clj/xqnCrENHT
Poax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
TG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYwLzEv
NW1wMEJMcXVpVF9zZ2wxNVQxbENJY1RzTnlNLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85
NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYwLzEvTG9LV1BfR3FjS3NR
MGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw1/MMA0GCSqGSIb3DQEBCwUAA4IB
AQBpaPpqTAAPrhBoe4B67w4l3MVoCYjz42FomHQ2pKggAjEV8eyAf5dxoY4LQDYM
LXw7FxFbe+sgUwnYBxJ7qE9Y3BT+CcQOLJWXpwqrQOOwW1vkxIv2kK8MwKAknFzb
+PmEFsObAE1FehrvLq/4r72GaEHmhsssXTV01mmdgbnYX0/jVI3ukOtRaY2PNolh
dHmFu/9xadm1RP38Ss7m66wPa/E3OaQlyaAT7zmyJjmfDl7O23lROhWAKp4ImHZd
MSaQhaI/MSIOBaugBxzSuBgBYqmJc/1ipbzWqYot5i31Np54X3abf2NmQazLK5GX
UPDfV8eXWMbxEZOc+E0J0udU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:05 2024 by rpki-client on console-fra.rpki-client.org