Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/lsxgolBvMw_lK3yut7CVcKkm_uk.roa
File:                     lsxgolBvMw_lK3yut7CVcKkm_uk.roa (raw, json)
Hash identifier:          sI1RsD1DkdblEtw1jrLzW/a9r42PIeam64y+B+sJA2E=
Subject key identifier:   96:CC:60:A2:50:6F:33:0F:E5:2B:7C:AE:B7:B0:95:70:A9:26:FE:E9
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       0185588674289990CAF9244677E8CA37ADB2
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/lsxgolBvMw_lK3yut7CVcKkm_uk.roa
Signing time:             Wed 28 Dec 2022 11:38:04 +0000
ROA not before:           Wed 28 Dec 2022 11:38:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51765
IP address blocks:        185.204.1.0/24 maxlen: 24
                          185.103.110.0/24 maxlen: 24
                          185.112.82.0/24 maxlen: 24
                          185.212.149.0/24 maxlen: 24
                          185.117.118.0/24 maxlen: 24
                          185.217.196.0/23 maxlen: 23
                          82.115.220.0/24 maxlen: 24
                          185.221.163.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:58:86:74:28:99:90:ca:f9:24:46:77:e8:ca:37:ad:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Dec 28 11:38:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=96cc60a2506f330fe52b7caeb7b09570a926fee9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:22:59:b0:3e:48:23:c0:28:a8:ea:a5:37:99:
                    01:99:56:99:dd:2f:52:1d:e0:c7:ae:f3:92:af:0e:
                    53:e8:66:fa:5c:ba:5c:46:1c:47:4a:6c:4f:ba:ca:
                    5e:fa:b6:4b:1d:9b:cc:60:c1:dd:2e:f5:cc:7a:2b:
                    87:45:99:40:14:d2:dc:4c:b6:4e:96:c4:a5:58:97:
                    7d:27:7c:91:3f:3d:b3:8f:71:3c:56:cc:20:8c:9b:
                    f0:49:47:66:61:f6:aa:77:16:f3:54:d6:63:17:43:
                    8e:16:ec:8c:f9:bf:20:01:fa:4f:a3:92:d6:b3:10:
                    96:1e:6b:a7:28:bc:6d:e3:22:e5:c1:50:0a:23:bc:
                    03:88:26:a9:e8:7f:5d:ed:36:33:b8:1f:d8:35:4c:
                    3e:0d:14:e6:74:d1:b1:05:e7:82:97:d5:29:4b:1e:
                    37:50:68:a7:50:ea:2d:e9:e7:ed:76:0f:b1:cb:e4:
                    49:a9:4b:b3:c3:50:c0:c5:a0:dd:48:cc:a8:f8:3a:
                    1d:82:09:c9:c9:3f:5f:fb:76:55:ca:0f:d6:4c:a5:
                    53:f5:48:e3:c8:5a:57:65:73:a9:40:8c:02:e6:7c:
                    88:e8:63:12:91:05:30:1e:00:a3:a8:e6:1c:1e:51:
                    9e:f0:6a:2f:54:9f:97:2b:72:77:58:8a:c3:a3:59:
                    d4:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:CC:60:A2:50:6F:33:0F:E5:2B:7C:AE:B7:B0:95:70:A9:26:FE:E9
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/lsxgolBvMw_lK3yut7CVcKkm_uk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.115.220.0/24
                  185.103.110.0/24
                  185.112.82.0/24
                  185.117.118.0/24
                  185.204.1.0/24
                  185.212.149.0/24
                  185.217.196.0/23
                  185.221.163.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:22:21:27:52:67:55:b5:10:71:a6:f6:51:79:41:b7:cd:82:
         8e:3e:38:32:28:b3:e9:6f:df:31:73:4a:cf:b0:61:f1:fe:c9:
         35:9c:13:a8:6f:e3:b4:2c:c0:a7:af:1a:e4:7b:c4:25:15:17:
         8e:86:9c:c8:ed:dd:d7:f9:f4:22:ca:cb:65:9b:c5:c7:aa:8c:
         62:e3:ad:58:b6:29:82:56:ec:0d:0c:7c:0b:66:44:bc:33:ed:
         71:88:1e:c6:9a:77:f0:ec:36:4d:e0:8f:b3:21:2c:e5:a2:95:
         22:72:46:e7:09:0d:7d:ed:a4:e7:21:d2:5e:82:ee:df:69:03:
         15:a9:6c:9a:c1:76:cc:53:57:ba:91:e1:e6:0d:32:c6:02:b1:
         03:38:4b:d6:29:08:e1:ff:98:36:11:a0:c3:61:ac:7d:92:52:
         63:b0:e2:10:6a:61:01:b4:a7:43:a9:47:b5:83:c7:6f:3c:41:
         93:cc:69:b6:45:65:28:19:d2:cd:15:88:e1:29:fb:ca:03:59:
         c4:fd:3e:7e:98:48:8b:d1:6c:16:7f:f4:ee:cf:e4:82:25:2f:
         1c:60:1c:c5:11:56:e2:df:ce:1f:1a:6c:05:17:af:5a:3a:69:
         85:d9:1f:e2:fb:85:36:13:6b:15:27:3b:7d:86:a6:b0:e6:55:
         e6:53:db:0b
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVYhnQomZDK+SRGd+jKN62yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIxMjI4MTEzODA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmNjNjBhMjUwNmYzMzBmZTUyYjdjYWViN2IwOTU3MGE5MjZmZWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSJZsD5II8AoqOqlN5kBmVaZ3S9S
HeDHrvOSrw5T6Gb6XLpcRhxHSmxPuspe+rZLHZvMYMHdLvXMeiuHRZlAFNLcTLZO
lsSlWJd9J3yRPz2zj3E8VswgjJvwSUdmYfaqdxbzVNZjF0OOFuyM+b8gAfpPo5LW
sxCWHmunKLxt4yLlwVAKI7wDiCap6H9d7TYzuB/YNUw+DRTmdNGxBeeCl9UpSx43
UGinUOot6eftdg+xy+RJqUuzw1DAxaDdSMyo+DodggnJyT9f+3ZVyg/WTKVT9Ujj
yFpXZXOpQIwC5nyI6GMSkQUwHgCjqOYcHlGe8GovVJ+XK3J3WIrDo1nUTQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJbMYKJQbzMP5St8rrewlXCpJv7pMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvbHN4Z29sQnZNd19sSzN5dXQ3Q1ZjS2ttX3VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAUnPcAwQA
uWduAwQAuXBSAwQAuXV2AwQAucwBAwQAudSVAwQBudnEAwQAud2jMA0GCSqGSIb3
DQEBCwUAA4IBAQAeIiEnUmdVtRBxpvZReUG3zYKOPjgyKLPpb98xc0rPsGHx/sk1
nBOob+O0LMCnrxrke8QlFReOhpzI7d3X+fQiystlm8XHqoxi461YtimCVuwNDHwL
ZkS8M+1xiB7Gmnfw7DZN4I+zISzlopUickbnCQ197aTnIdJegu7faQMVqWyawXbM
U1e6keHmDTLGArEDOEvWKQjh/5g2EaDDYax9klJjsOIQamEBtKdDqUe1g8dvPEGT
zGm2RWUoGdLNFYjhKfvKA1nE/T5+mEiL0WwWf/Tuz+SCJS8cYBzFEVbi384fGmwF
F69aOmmF2R/i+4U2E2sVJzt9hqaw5lXmU9sL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org