Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/b74aa2-25e0-4ad5-8cc3-69061ef2c499/1/lGIBKgKMuEFG-KFAvfa1B_fwkTI.roa
File:                     lGIBKgKMuEFG-KFAvfa1B_fwkTI.roa (raw, json)
Hash identifier:          KVyFLrsV6k9xFy8PU8Hct+okTX5UBGfAhomgVetIpDw=
Subject key identifier:   94:62:01:2A:02:8C:B8:41:46:F8:A1:40:BD:F6:B5:07:F7:F0:91:32
Certificate issuer:       /CN=b8d23b1e6c07e62af2d2e7eb6de0893b09119abb
Certificate serial:       05C63081
Authority key identifier: B8:D2:3B:1E:6C:07:E6:2A:F2:D2:E7:EB:6D:E0:89:3B:09:11:9A:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uNI7HmwH5iry0ufrbeCJOwkRmrs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/b74aa2-25e0-4ad5-8cc3-69061ef2c499/1/lGIBKgKMuEFG-KFAvfa1B_fwkTI.roa
Signing time:             Sat 01 Jan 2022 07:54:20 +0000
ROA not before:           Sat 01 Jan 2022 07:54:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204141
IP address blocks:        185.140.0.0/22 maxlen: 22
                          82.211.192.0/19 maxlen: 19
                          2a03:19c0::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 96874625 (0x5c63081)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b8d23b1e6c07e62af2d2e7eb6de0893b09119abb
        Validity
            Not Before: Jan  1 07:54:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9462012a028cb84146f8a140bdf6b507f7f09132
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:91:54:7f:47:6b:03:89:48:f1:e8:35:b0:b7:
                    42:6a:3d:49:8d:66:66:4d:99:da:41:56:3b:10:88:
                    66:10:79:cd:67:6c:b5:05:db:32:6e:5a:7d:fb:ed:
                    0a:ec:ec:30:fe:de:bc:db:3a:a5:4b:ca:98:7f:ab:
                    dc:8f:d4:60:0b:53:22:b4:30:69:e7:9e:6d:ea:e3:
                    0a:b9:2b:cf:4f:6c:0c:c3:36:be:4b:33:e7:6f:7e:
                    87:3b:4e:a7:64:38:30:78:db:4b:5b:07:2c:7c:bc:
                    58:9c:81:64:9e:0e:54:48:cb:af:0f:49:06:bc:49:
                    60:d3:4a:f8:5a:ea:27:02:5a:ab:60:53:bc:42:2b:
                    27:49:ce:7b:31:c7:78:bc:29:41:29:c3:de:90:38:
                    0b:a0:b9:a5:70:08:e4:d6:30:b4:97:e4:fe:ae:f7:
                    75:74:d8:67:47:ef:4a:85:e0:32:12:6e:fd:52:c2:
                    a6:f9:f4:73:ea:3f:e1:99:8d:dc:2f:8d:42:88:92:
                    ea:ae:96:8a:60:74:46:35:ff:80:d0:79:9d:b4:75:
                    f9:94:96:8c:98:f3:28:dc:81:6b:0b:1c:f3:0d:af:
                    e1:a1:da:d8:53:99:96:e0:b4:e4:fc:29:c9:8c:03:
                    af:fe:6c:99:86:de:f3:3e:e3:f3:1b:11:ce:07:71:
                    11:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:62:01:2A:02:8C:B8:41:46:F8:A1:40:BD:F6:B5:07:F7:F0:91:32
            X509v3 Authority Key Identifier:
                keyid:B8:D2:3B:1E:6C:07:E6:2A:F2:D2:E7:EB:6D:E0:89:3B:09:11:9A:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uNI7HmwH5iry0ufrbeCJOwkRmrs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/b74aa2-25e0-4ad5-8cc3-69061ef2c499/1/lGIBKgKMuEFG-KFAvfa1B_fwkTI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/b74aa2-25e0-4ad5-8cc3-69061ef2c499/1/uNI7HmwH5iry0ufrbeCJOwkRmrs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.211.192.0/19
                  185.140.0.0/22
                IPv6:
                  2a03:19c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         bf:ca:98:b9:ce:35:7b:82:c1:53:db:76:d9:17:92:b1:91:1b:
         cc:4c:9d:0b:9b:8c:ed:d3:67:c0:28:e9:25:d9:8f:e8:03:76:
         41:ff:68:ff:b7:4e:06:af:fb:25:cc:b3:61:76:40:a9:35:51:
         25:f6:80:85:d5:93:19:73:f4:84:3f:4a:8a:73:2c:ec:8a:f2:
         e4:34:a9:3a:0c:45:57:ff:45:d6:f2:09:85:a6:d0:f5:8b:20:
         42:70:c2:d5:a8:09:aa:9e:96:a7:87:22:47:c5:43:f6:b7:2d:
         7d:4b:04:42:12:2d:78:2a:26:04:c0:ff:73:7d:18:0d:d0:b9:
         f4:ab:57:23:9c:4a:6c:f4:78:04:3c:51:e0:bd:8d:fe:34:9c:
         d0:a3:3e:65:78:61:74:c9:7c:87:db:4e:a8:d3:7a:5b:84:b4:
         72:aa:39:d7:18:48:18:b8:ca:f1:f1:24:2c:c6:70:e2:c8:e2:
         c8:3f:2e:fd:bb:f5:de:38:0c:32:7e:25:06:0e:90:0f:ea:b2:
         6b:c3:7a:fd:03:2f:f8:db:18:86:3d:54:74:96:ce:dd:5e:13:
         2e:3d:d3:f9:b0:37:a6:8e:d2:93:d4:a9:2b:f0:56:d3:86:ac:
         97:ec:22:b9:d8:01:75:43:1f:2f:b9:31:a4:f0:e2:c8:bd:05:
         5d:ae:5a:4a
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBcYwgTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OGQyM2IxZTZjMDdlNjJhZjJkMmU3ZWI2ZGUwODkzYjA5MTE5YWJiMB4XDTIyMDEw
MTA3NTQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTQ2MjAxMmEwMjhj
Yjg0MTQ2ZjhhMTQwYmRmNmI1MDdmN2YwOTEzMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANKRVH9HawOJSPHoNbC3Qmo9SY1mZk2Z2kFWOxCIZhB5zWds
tQXbMm5affvtCuzsMP7evNs6pUvKmH+r3I/UYAtTIrQwaeeeberjCrkrz09sDMM2
vksz529+hztOp2Q4MHjbS1sHLHy8WJyBZJ4OVEjLrw9JBrxJYNNK+FrqJwJaq2BT
vEIrJ0nOezHHeLwpQSnD3pA4C6C5pXAI5NYwtJfk/q73dXTYZ0fvSoXgMhJu/VLC
pvn0c+o/4ZmN3C+NQoiS6q6WimB0RjX/gNB5nbR1+ZSWjJjzKNyBawsc8w2v4aHa
2FOZluC05PwpyYwDr/5smYbe8z7j8xsRzgdxEb0CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSUYgEqAoy4QUb4oUC99rUH9/CRMjAfBgNVHSMEGDAWgBS40jsebAfmKvLS
5+tt4Ik7CRGauzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VOSTdIbXdINWlyeTB1ZnJiZUNKT3drUm1ycy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2YvYjc0YWEyLTI1ZTAtNGFkNS04Y2MzLTY5MDYxZWYyYzQ5OS8x
L2xHSUJLZ0tNdUVGRy1LRkF2ZmExQl9md2tUSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Yv
Yjc0YWEyLTI1ZTAtNGFkNS04Y2MzLTY5MDYxZWYyYzQ5OS8xL3VOSTdIbXdINWly
eTB1ZnJiZUNKT3drUm1ycy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBVLTwAMEArmMADANBAIAAjAHAwUA
KgMZwDANBgkqhkiG9w0BAQsFAAOCAQEAv8qYuc41e4LBU9t22ReSsZEbzEydC5uM
7dNnwCjpJdmP6AN2Qf9o/7dOBq/7JcyzYXZAqTVRJfaAhdWTGXP0hD9KinMs7Iry
5DSpOgxFV/9F1vIJhabQ9YsgQnDC1agJqp6Wp4ciR8VD9rctfUsEQhIteComBMD/
c30YDdC59KtXI5xKbPR4BDxR4L2N/jSc0KM+ZXhhdMl8h9tOqNN6W4S0cqo51xhI
GLjK8fEkLMZw4sjiyD8u/bv13jgMMn4lBg6QD+qya8N6/QMv+NsYhj1UdJbO3V4T
Lj3T+bA3po7Sk9SpK/BW04asl+wiudgBdUMfL7kxpPDiyL0FXa5aSg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:32 2024 by rpki-client on console-fra.rpki-client.org