Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4b6cc9-09d3-4678-b0a7-950c180596d0/1/lc_imw28hz3a7y5YYEV-HrXfsRU.roa
File:                     lc_imw28hz3a7y5YYEV-HrXfsRU.roa (raw, json)
Hash identifier:          jPWHpeN/x47D0s3c0KSf3fYSxtQlCSXpo5i3l0xV1es=
Subject key identifier:   95:CF:E2:9B:0D:BC:87:3D:DA:EF:2E:58:60:45:7E:1E:B5:DF:B1:15
Certificate issuer:       /CN=ab882cd6d196ae1f96872acae78321be7a92b8eb
Certificate serial:       34BB05D5
Authority key identifier: AB:88:2C:D6:D1:96:AE:1F:96:87:2A:CA:E7:83:21:BE:7A:92:B8:EB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q4gs1tGWrh-WhyrK54MhvnqSuOs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/4b6cc9-09d3-4678-b0a7-950c180596d0/1/lc_imw28hz3a7y5YYEV-HrXfsRU.roa
Signing time:             Sat 01 Jan 2022 09:01:03 +0000
ROA not before:           Sat 01 Jan 2022 09:01:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     6697
IP address blocks:        178.120.0.0/13 maxlen: 24
                          86.57.128.0/17 maxlen: 24
                          93.84.0.0/15 maxlen: 24
                          37.212.0.0/14 maxlen: 23
                          37.45.0.0/16 maxlen: 21
                          194.158.192.0/19 maxlen: 24
                          37.44.64.0/18 maxlen: 21
                          82.209.192.0/18 maxlen: 24
                          185.152.136.0/22 maxlen: 24
                          2a02:2208::/29 maxlen: 44
                          2001:7f8:5a::/48 maxlen: 48
                          2a02:2208::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 884671957 (0x34bb05d5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab882cd6d196ae1f96872acae78321be7a92b8eb
        Validity
            Not Before: Jan  1 09:01:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=95cfe29b0dbc873ddaef2e5860457e1eb5dfb115
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:9c:ef:7d:f5:bc:da:15:a7:6d:b1:ca:69:6f:
                    d6:8b:37:21:c3:fa:63:4e:38:95:69:ae:18:89:b6:
                    0f:5d:6b:62:7b:63:6d:4e:94:ac:3d:8c:9d:eb:a0:
                    74:8b:8e:d3:ea:db:a4:7b:ef:4c:c3:96:3b:09:cc:
                    54:14:98:b8:fe:fe:66:3b:9d:da:3c:74:15:e9:4b:
                    37:f0:4f:dd:0d:26:4c:81:6a:f6:98:39:10:d6:db:
                    2e:86:fe:ae:9a:46:d5:98:f2:54:88:b6:aa:7f:c2:
                    25:dd:a4:4c:36:84:0d:c6:32:dc:9b:29:34:28:13:
                    00:96:a6:a5:d3:70:39:ec:0e:d6:a9:3e:bf:6f:76:
                    c7:96:ef:ec:ac:8f:66:c2:ff:37:16:59:04:27:56:
                    f5:24:5a:27:42:ec:48:02:12:8d:b2:01:4f:7e:cd:
                    ad:4a:0a:4e:83:2d:95:dd:e6:33:74:d4:3e:f7:27:
                    47:68:c5:9c:4b:d2:ac:80:b2:18:4d:58:65:24:06:
                    87:e3:02:19:00:2e:7c:da:3a:94:5e:fa:01:69:a9:
                    0f:b1:ce:16:16:78:74:1b:5e:e4:55:e1:34:61:18:
                    17:b4:1b:a1:9b:87:da:7e:9b:9c:9e:a6:a1:13:fc:
                    e0:66:67:4f:7a:34:f0:3e:ba:61:e8:72:10:62:ff:
                    36:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:CF:E2:9B:0D:BC:87:3D:DA:EF:2E:58:60:45:7E:1E:B5:DF:B1:15
            X509v3 Authority Key Identifier:
                keyid:AB:88:2C:D6:D1:96:AE:1F:96:87:2A:CA:E7:83:21:BE:7A:92:B8:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q4gs1tGWrh-WhyrK54MhvnqSuOs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4b6cc9-09d3-4678-b0a7-950c180596d0/1/lc_imw28hz3a7y5YYEV-HrXfsRU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4b6cc9-09d3-4678-b0a7-950c180596d0/1/q4gs1tGWrh-WhyrK54MhvnqSuOs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.44.64.0/18
                  37.45.0.0/16
                  37.212.0.0/14
                  82.209.192.0/18
                  86.57.128.0/17
                  93.84.0.0/15
                  178.120.0.0/13
                  185.152.136.0/22
                  194.158.192.0/19
                IPv6:
                  2001:7f8:5a::/48
                  2a02:2208::/29

    Signature Algorithm: sha256WithRSAEncryption
         0b:93:97:d0:69:8c:d0:3e:93:31:01:bf:af:c3:f6:3e:ed:e3:
         9f:00:87:00:2c:56:c2:a7:b5:ee:8f:e6:62:0c:a0:f2:f6:73:
         62:31:d1:b4:66:4b:74:2b:36:ff:b7:b9:0f:6a:08:d6:80:16:
         f7:ca:e3:1f:b6:a4:28:1f:f8:39:c8:24:41:3a:68:c9:c4:01:
         3d:f6:24:ea:27:4d:f3:d3:cc:2b:76:c5:28:96:a4:e3:b3:b0:
         8a:17:64:6e:30:2e:fd:f3:e2:02:1f:e4:60:25:6e:ff:6d:55:
         10:ec:70:f2:24:67:5a:e6:4c:60:6b:0b:49:df:c8:44:b2:8e:
         4e:95:50:53:25:6c:a9:41:02:4d:37:fd:10:34:40:c9:6d:f5:
         69:28:95:c8:e0:ed:5d:dd:f5:e6:2f:ea:16:9e:61:f2:73:b7:
         12:11:bd:5e:45:88:f1:a6:c9:73:e2:b0:84:82:52:b4:c4:79:
         74:25:01:70:f0:cb:56:75:6b:9f:0e:db:50:84:92:e0:37:19:
         27:72:4b:dc:f0:43:9e:13:a0:c9:c4:6f:39:03:bb:01:fe:b3:
         a5:89:1c:3e:c7:2d:34:10:3b:f2:ef:83:b4:40:d5:17:a4:f5:
         36:95:12:0b:96:d1:fe:0b:e4:40:d1:0d:9c:3e:ce:7f:39:4d:
         95:8d:7a:25
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIENLsF1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
Yjg4MmNkNmQxOTZhZTFmOTY4NzJhY2FlNzgzMjFiZTdhOTJiOGViMB4XDTIyMDEw
MTA5MDEwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTVjZmUyOWIwZGJj
ODczZGRhZWYyZTU4NjA0NTdlMWViNWRmYjExNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALyc7331vNoVp22xymlv1os3IcP6Y044lWmuGIm2D11rYntj
bU6UrD2MneugdIuO0+rbpHvvTMOWOwnMVBSYuP7+Zjud2jx0FelLN/BP3Q0mTIFq
9pg5ENbbLob+rppG1ZjyVIi2qn/CJd2kTDaEDcYy3JspNCgTAJampdNwOewO1qk+
v292x5bv7KyPZsL/NxZZBCdW9SRaJ0LsSAISjbIBT37NrUoKToMtld3mM3TUPvcn
R2jFnEvSrICyGE1YZSQGh+MCGQAufNo6lF76AWmpD7HOFhZ4dBte5FXhNGEYF7Qb
oZuH2n6bnJ6moRP84GZnT3o08D66YehyEGL/NnUCAwEAAaOCAk0wggJJMB0GA1Ud
DgQWBBSVz+KbDbyHPdrvLlhgRX4etd+xFTAfBgNVHSMEGDAWgBSriCzW0ZauH5aH
KsrngyG+epK46zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3E0Z3MxdEdXcmgtV2h5cks1NE1odm5xU3VPcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNGI2Y2M5LTA5ZDMtNDY3OC1iMGE3LTk1MGMxODA1OTZkMC8x
L2xjX2ltdzI4aHozYTd5NVlZRVYtSHJYZnNSVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NGI2Y2M5LTA5ZDMtNDY3OC1iMGE3LTk1MGMxODA1OTZkMC8xL3E0Z3MxdEdXcmgt
V2h5cks1NE1odm5xU3VPcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBj
BggrBgEFBQcBBwEB/wRUMFIwOAQCAAEwMgMEBiUsQAMDACUtAwMCJdQDBAZS0cAD
BAdWOYADAwFdVAMDA7J4AwQCuZiIAwQFwp7AMBYEAgACMBADBwAgAQf4AFoDBQMq
AiIIMA0GCSqGSIb3DQEBCwUAA4IBAQALk5fQaYzQPpMxAb+vw/Y+7eOfAIcALFbC
p7Xuj+ZiDKDy9nNiMdG0Zkt0Kzb/t7kPagjWgBb3yuMftqQoH/g5yCRBOmjJxAE9
9iTqJ03z08wrdsUolqTjs7CKF2RuMC798+ICH+RgJW7/bVUQ7HDyJGda5kxgawtJ
38hEso5OlVBTJWypQQJNN/0QNEDJbfVpKJXI4O1d3fXmL+oWnmHyc7cSEb1eRYjx
pslz4rCEglK0xHl0JQFw8MtWdWufDttQhJLgNxknckvc8EOeE6DJxG85A7sB/rOl
iRw+xy00EDvy74O0QNUXpPU2lRILltH+C+RA0Q2cPs5/OU2VjXol
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:13 2024 by rpki-client on console-fra.rpki-client.org