Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/LP8LIwKsTdi8uBn1U6BryfMlTtw.roa
File:                     LP8LIwKsTdi8uBn1U6BryfMlTtw.roa (raw, json)
Hash identifier:          EnL8jzjcc4gt2Ce/1QlE1A59kTc8DGzgF8a8LumEz1I=
Subject key identifier:   2C:FF:0B:23:02:AC:4D:D8:BC:B8:19:F5:53:A0:6B:C9:F3:25:4E:DC
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       0550FE9B
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/LP8LIwKsTdi8uBn1U6BryfMlTtw.roa
Signing time:             Tue 21 Jun 2022 11:17:49 +0000
ROA not before:           Tue 21 Jun 2022 11:17:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209242
IP address blocks:        185.174.138.0/24 maxlen: 24
                          5.252.118.0/24 maxlen: 24
                          45.8.211.0/24 maxlen: 24
                          185.109.21.0/24 maxlen: 24
                          45.133.246.0/24 maxlen: 24
                          45.133.247.0/24 maxlen: 24
                          185.221.160.0/24 maxlen: 24
                          45.142.120.0/24 maxlen: 24
                          194.53.55.0/24 maxlen: 24
                          194.53.53.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 89194139 (0x550fe9b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Jun 21 11:17:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2cff0b2302ac4dd8bcb819f553a06bc9f3254edc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:6d:55:11:af:2f:57:0d:93:73:e5:1a:44:b8:
                    fd:64:46:bc:37:3c:36:d6:ab:15:14:09:2e:cc:3d:
                    13:44:e0:df:b7:05:73:62:c4:e1:da:b0:d5:54:d5:
                    f6:bf:30:41:61:a0:02:2e:1b:2c:cf:e6:71:59:12:
                    a9:36:cd:0e:8c:4d:af:60:12:90:e3:f7:1b:a8:40:
                    cf:19:20:2f:61:7e:e9:76:be:75:70:fb:a7:c4:a4:
                    44:0f:06:1c:61:d0:28:5b:fe:1c:c7:64:4b:77:23:
                    76:dc:47:4b:be:be:92:43:18:28:1d:97:97:5a:fd:
                    5a:31:50:89:3d:e3:42:9d:e6:df:b9:a5:c2:89:56:
                    fa:c7:a8:57:68:f8:c3:80:81:0e:44:28:13:d3:4c:
                    ed:e9:cc:c6:38:ef:47:50:4a:20:ba:8b:2b:60:eb:
                    50:84:af:45:9b:ff:a7:3e:15:2f:ee:ea:1b:83:bd:
                    87:02:b3:1a:f1:44:9a:7d:12:6f:5f:e0:bb:19:f6:
                    3d:da:c4:27:c0:cf:a4:2d:ef:e2:4d:ba:04:b5:34:
                    4e:09:a2:a7:77:33:7e:4c:04:b7:13:14:cc:13:41:
                    73:de:36:98:f5:55:df:31:4a:de:27:44:b6:da:db:
                    0e:b9:a9:92:61:23:78:c2:a5:0d:b2:ad:ee:f9:84:
                    ae:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:FF:0B:23:02:AC:4D:D8:BC:B8:19:F5:53:A0:6B:C9:F3:25:4E:DC
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/LP8LIwKsTdi8uBn1U6BryfMlTtw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.252.118.0/24
                  45.8.211.0/24
                  45.133.246.0/23
                  45.142.120.0/24
                  185.109.21.0/24
                  185.174.138.0/24
                  185.221.160.0/24
                  194.53.53.0/24
                  194.53.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:87:3d:cb:0a:63:ad:70:27:e8:c1:a6:ec:2a:12:5b:eb:0a:
         28:61:02:cf:bc:fc:33:e5:4b:5b:8a:7c:7e:a6:c0:3a:5c:93:
         18:2f:d7:f1:a1:ca:11:e7:4f:f8:b8:af:5b:c7:30:a6:9d:b7:
         c6:d5:f4:bf:1a:90:70:41:ed:1d:c6:e7:38:5b:2d:67:c8:61:
         af:8a:ec:08:fc:97:ae:52:fa:78:81:bb:65:27:23:f9:86:b8:
         a1:9d:dd:81:94:45:b8:62:7e:52:16:b9:df:6f:02:96:5c:e7:
         ce:83:99:d4:46:ed:10:3e:8e:3b:b9:68:f5:43:71:69:b4:78:
         d4:85:1b:ab:b3:0d:9f:f5:d6:56:7a:95:8e:9b:61:4d:b0:c3:
         d1:c9:1c:d6:02:62:a4:d6:b7:be:96:81:33:0e:c4:b6:7f:b0:
         fe:67:d5:81:73:95:1d:a7:3b:bb:d5:a6:2e:9a:95:17:cd:92:
         40:b5:02:fa:cb:67:39:0e:fb:dd:8d:32:e2:df:a2:98:54:f0:
         df:41:8a:e2:be:1e:20:d1:5a:b6:ae:40:27:de:c6:f3:15:f0:
         65:6c:54:a0:6c:2c:59:86:66:a6:18:5e:6c:af:69:de:9d:42:
         a1:47:43:ae:b7:60:6a:02:63:22:a4:13:0b:c3:67:b9:30:a7:
         d3:a3:f3:fa
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEBVD+mzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDYy
MTExMTc0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmNmZjBiMjMwMmFj
NGRkOGJjYjgxOWY1NTNhMDZiYzlmMzI1NGVkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJZtVRGvL1cNk3PlGkS4/WRGvDc8NtarFRQJLsw9E0Tg37cF
c2LE4dqw1VTV9r8wQWGgAi4bLM/mcVkSqTbNDoxNr2ASkOP3G6hAzxkgL2F+6Xa+
dXD7p8SkRA8GHGHQKFv+HMdkS3cjdtxHS76+kkMYKB2Xl1r9WjFQiT3jQp3m37ml
wolW+seoV2j4w4CBDkQoE9NM7enMxjjvR1BKILqLK2DrUISvRZv/pz4VL+7qG4O9
hwKzGvFEmn0Sb1/guxn2PdrEJ8DPpC3v4k26BLU0Tgmip3czfkwEtxMUzBNBc942
mPVV3zFK3idEttrbDrmpkmEjeMKlDbKt7vmErnkCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBQs/wsjAqxN2Ly4GfVToGvJ8yVO3DAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L0xQOExJd0tzVGRpOHVCbjFVNkJyeWZNbFR0dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAAX8dgMEAC0I0wMEAS2F9gMEAC2O
eAMEALltFQMEALmuigMEALndoAMEAMI1NQMEAMI1NzANBgkqhkiG9w0BAQsFAAOC
AQEALoc9ywpjrXAn6MGm7CoSW+sKKGECz7z8M+VLW4p8fqbAOlyTGC/X8aHKEedP
+LivW8cwpp23xtX0vxqQcEHtHcbnOFstZ8hhr4rsCPyXrlL6eIG7ZScj+Ya4oZ3d
gZRFuGJ+Uha5328CllznzoOZ1EbtED6OO7lo9UNxabR41IUbq7MNn/XWVnqVjpth
TbDD0ckc1gJipNa3vpaBMw7Etn+w/mfVgXOVHac7u9WmLpqVF82SQLUC+stnOQ77
3Y0y4t+imFTw30GK4r4eINFatq5AJ97G8xXwZWxUoGwsWYZmphhebK9p3p1CoUdD
rrdgagJjIqQTC8NnuTCn06Pz+g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org