Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/0bab1f-92d6-42f0-b952-442c080ae541/1/LuRMORngXl6MBbDg9MEbY9LvjvI.roa
File:                     LuRMORngXl6MBbDg9MEbY9LvjvI.roa (raw, json)
Hash identifier:          dPsSbqE7v/UOou7/xJdDSsNT1LNo/gWTS0G/qcswt/Y=
Subject key identifier:   2E:E4:4C:39:19:E0:5E:5E:8C:05:B0:E0:F4:C1:1B:63:D2:EF:8E:F2
Certificate issuer:       /CN=36261c261756fa03ac57d1bfc4db856ef808975a
Certificate serial:       04EE99D0
Authority key identifier: 36:26:1C:26:17:56:FA:03:AC:57:D1:BF:C4:DB:85:6E:F8:08:97:5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NiYcJhdW-gOsV9G_xNuFbvgIl1o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/0bab1f-92d6-42f0-b952-442c080ae541/1/LuRMORngXl6MBbDg9MEbY9LvjvI.roa
Signing time:             Tue 08 Feb 2022 14:52:37 +0000
ROA not before:           Tue 08 Feb 2022 14:52:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        185.35.76.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 82745808 (0x4ee99d0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36261c261756fa03ac57d1bfc4db856ef808975a
        Validity
            Not Before: Feb  8 14:52:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2ee44c3919e05e5e8c05b0e0f4c11b63d2ef8ef2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:41:93:1d:9d:7d:7d:fc:a9:50:fb:94:ce:23:
                    f7:ac:be:e5:b8:30:87:d5:4b:c4:74:eb:f7:de:60:
                    9b:1d:4b:db:d2:28:56:21:47:76:32:2a:21:80:7b:
                    d9:e6:fc:eb:dd:7d:46:0d:cc:f6:e5:0a:ea:98:eb:
                    f7:24:ca:55:05:f0:3f:07:ad:d4:0f:47:4b:67:bf:
                    ed:58:4f:a3:c7:cb:4f:bc:b6:ee:53:52:9b:ba:b6:
                    cb:cf:85:33:3e:6c:b7:6f:03:05:c3:41:83:95:90:
                    63:06:83:fa:15:44:79:db:8b:9e:07:e6:07:34:3e:
                    8f:c4:78:9b:5e:13:2f:21:83:48:46:ea:9b:f0:bf:
                    f8:bc:91:19:a5:1c:f8:d1:56:c6:f5:e4:28:7f:ff:
                    87:a8:5f:74:8d:a8:e2:66:3e:35:ec:f1:21:af:29:
                    20:92:14:62:b2:5c:b6:fe:a7:84:6e:15:1d:b6:94:
                    d6:b2:75:c7:44:c1:0d:e4:1b:a7:27:00:5e:67:7d:
                    d2:37:bf:73:52:bc:0a:69:3d:62:87:0d:23:36:9a:
                    f3:15:5f:45:fc:3f:37:34:78:8e:93:e8:6a:fc:52:
                    a9:6b:ca:81:8f:f6:ee:ad:cd:22:ff:7c:28:95:d2:
                    7d:2f:a7:7d:33:27:83:69:c1:6d:06:1c:1c:c0:5e:
                    3f:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:E4:4C:39:19:E0:5E:5E:8C:05:B0:E0:F4:C1:1B:63:D2:EF:8E:F2
            X509v3 Authority Key Identifier:
                keyid:36:26:1C:26:17:56:FA:03:AC:57:D1:BF:C4:DB:85:6E:F8:08:97:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NiYcJhdW-gOsV9G_xNuFbvgIl1o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/0bab1f-92d6-42f0-b952-442c080ae541/1/LuRMORngXl6MBbDg9MEbY9LvjvI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/0bab1f-92d6-42f0-b952-442c080ae541/1/NiYcJhdW-gOsV9G_xNuFbvgIl1o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.35.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b2:2c:38:a5:77:a9:9a:8b:81:5b:cf:5a:7f:58:2a:dd:f1:7e:
         26:9f:0b:46:d8:d8:4c:95:75:7a:0c:b8:b9:e5:8b:7d:88:c2:
         74:0e:af:fc:3e:4f:a3:ec:04:f5:bc:f7:bb:16:52:3c:49:ec:
         4e:b4:7b:8f:43:87:df:68:c9:57:d1:e9:64:f3:51:7b:1e:20:
         e4:95:62:e6:f1:20:be:75:f1:9e:75:3c:cc:e5:41:7a:47:16:
         a9:c2:34:de:b8:9f:43:b5:32:3d:71:fb:f6:05:2b:ab:f4:33:
         f8:26:b0:0c:30:c5:82:0e:11:97:5a:78:03:8a:d7:5c:23:22:
         8c:44:23:f3:e1:e1:d4:3f:bc:44:e7:ec:d5:d3:f7:18:7b:39:
         eb:a1:ef:93:12:0d:d9:e5:bf:4e:a2:1c:51:bc:2e:84:31:e8:
         7e:91:9e:3a:cd:3c:86:70:58:02:f9:ea:fa:63:0d:5e:c4:dd:
         5b:d2:cd:63:0d:d1:8a:87:bc:71:75:9c:65:fc:1a:1d:78:f7:
         a2:08:2e:6c:61:dc:78:ad:e8:3c:10:76:64:7a:b8:f7:72:f4:
         fd:a1:a3:e1:58:1f:73:ee:db:4b:b6:f5:ad:12:7a:7d:d4:65:
         28:79:fb:04:d1:a8:2d:33:b9:e2:77:e5:f7:1a:3e:c9:cc:e3:
         d8:d0:35:5d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBO6Z0DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NjI2MWMyNjE3NTZmYTAzYWM1N2QxYmZjNGRiODU2ZWY4MDg5NzVhMB4XDTIyMDIw
ODE0NTIzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmVlNDRjMzkxOWUw
NWU1ZThjMDViMGUwZjRjMTFiNjNkMmVmOGVmMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK5Bkx2dfX38qVD7lM4j96y+5bgwh9VLxHTr995gmx1L29Io
ViFHdjIqIYB72eb86919Rg3M9uUK6pjr9yTKVQXwPwet1A9HS2e/7VhPo8fLT7y2
7lNSm7q2y8+FMz5st28DBcNBg5WQYwaD+hVEeduLngfmBzQ+j8R4m14TLyGDSEbq
m/C/+LyRGaUc+NFWxvXkKH//h6hfdI2o4mY+NezxIa8pIJIUYrJctv6nhG4VHbaU
1rJ1x0TBDeQbpycAXmd90je/c1K8Cmk9YocNIzaa8xVfRfw/NzR4jpPoavxSqWvK
gY/27q3NIv98KJXSfS+nfTMng2nBbQYcHMBePyECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQu5Ew5GeBeXowFsOD0wRtj0u+O8jAfBgNVHSMEGDAWgBQ2JhwmF1b6A6xX
0b/E24Vu+AiXWjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05pWWNKaGRXLWdPc1Y5R194TnVGYnZnSWwxby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvMGJhYjFmLTkyZDYtNDJmMC1iOTUyLTQ0MmMwODBhZTU0MS8x
L0x1Uk1PUm5nWGw2TUJiRGc5TUViWTlMdmp2SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
MGJhYjFmLTkyZDYtNDJmMC1iOTUyLTQ0MmMwODBhZTU0MS8xL05pWWNKaGRXLWdP
c1Y5R194TnVGYnZnSWwxby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkjTDANBgkqhkiG9w0BAQsFAAOC
AQEAsiw4pXepmouBW89af1gq3fF+Jp8LRtjYTJV1egy4ueWLfYjCdA6v/D5Po+wE
9bz3uxZSPEnsTrR7j0OH32jJV9HpZPNRex4g5JVi5vEgvnXxnnU8zOVBekcWqcI0
3rifQ7UyPXH79gUrq/Qz+CawDDDFgg4Rl1p4A4rXXCMijEQj8+Hh1D+8ROfs1dP3
GHs566HvkxIN2eW/TqIcUbwuhDHofpGeOs08hnBYAvnq+mMNXsTdW9LNYw3Rioe8
cXWcZfwaHXj3oggubGHceK3oPBB2ZHq493L0/aGj4Vgfc+7bS7b1rRJ6fdRlKHn7
BNGoLTO54nfl9xo+yczj2NA1XQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:45 2024 by rpki-client on console-ams.rpki-client.org