Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/lPsbBeYJuCeOYu8yCLmK_JEE6OE.roa
File:                     lPsbBeYJuCeOYu8yCLmK_JEE6OE.roa (raw, json)
Hash identifier:          /qQQQ3ETsaIQ6ehBsnJoQSTuvGnGpCM2pBCDP32QOVg=
Subject key identifier:   94:FB:1B:05:E6:09:B8:27:8E:62:EF:32:08:B9:8A:FC:91:04:E8:E1
Certificate issuer:       /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial:       01836474EEB2AC2447D3CFF4648A7DB62B44
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/lPsbBeYJuCeOYu8yCLmK_JEE6OE.roa
Signing time:             Thu 22 Sep 2022 09:08:48 +0000
ROA not before:           Thu 22 Sep 2022 09:08:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43260
IP address blocks:        213.21.231.0/24 maxlen: 24
                          213.21.229.0/24 maxlen: 24
                          213.21.232.0/24 maxlen: 24
                          213.21.244.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:64:74:ee:b2:ac:24:47:d3:cf:f4:64:8a:7d:b6:2b:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
        Validity
            Not Before: Sep 22 09:08:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=94fb1b05e609b8278e62ef3208b98afc9104e8e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:8e:d5:68:bf:1e:92:b7:2d:b9:74:4f:f4:8d:
                    b9:b7:74:28:88:62:2e:4a:75:71:90:17:54:78:c6:
                    af:73:01:cc:44:23:1b:ca:8a:29:e2:96:d3:0b:68:
                    04:16:13:20:af:0b:e6:1b:f5:7c:62:94:5e:13:4c:
                    32:18:b0:37:a2:6b:42:2f:b8:ec:3c:cd:90:56:79:
                    08:a7:3b:74:74:cc:5d:f9:21:a6:7c:f5:56:3d:5d:
                    ae:e8:a5:8b:1c:4d:83:fb:33:f7:12:d3:d7:fc:1a:
                    33:84:9c:26:a9:22:71:b8:a0:15:b0:ed:87:5c:42:
                    5d:84:5e:d7:10:80:22:0c:6d:12:b6:89:03:be:c7:
                    e3:33:a1:8e:01:28:11:a8:ba:e4:5a:d2:5e:d0:c5:
                    2f:e7:8a:11:09:77:f3:e5:9c:b4:2a:16:63:4d:c9:
                    38:74:13:7f:39:9e:c1:db:99:e2:89:0c:ef:2b:8a:
                    a5:48:93:7c:22:37:e7:b5:1b:73:fc:53:87:55:9e:
                    62:aa:a9:de:f2:22:02:7b:25:05:7c:d0:35:bf:45:
                    76:50:c6:bd:cd:41:58:72:bb:6a:16:d5:49:86:b3:
                    32:be:b9:d0:a7:f7:d7:2c:de:64:9d:f9:e2:38:34:
                    6a:1d:e9:50:a2:1a:09:53:f3:78:23:03:aa:3d:7e:
                    d8:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:FB:1B:05:E6:09:B8:27:8E:62:EF:32:08:B9:8A:FC:91:04:E8:E1
            X509v3 Authority Key Identifier:
                keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/lPsbBeYJuCeOYu8yCLmK_JEE6OE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.21.229.0/24
                  213.21.231.0-213.21.232.255
                  213.21.244.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:36:73:fc:6b:9d:b1:3c:88:5d:f9:43:59:29:a2:69:76:ff:
         91:e8:f9:a0:ea:8b:2f:92:b6:33:3f:c0:ff:5a:1c:80:f9:37:
         c2:36:d9:db:95:73:73:c2:bd:9f:02:44:0b:e0:4e:8c:b4:69:
         17:35:4a:9f:f4:00:eb:28:08:05:d0:3d:4f:75:a8:f5:4f:5e:
         b0:02:43:7b:3f:9f:8d:fa:be:2e:8d:a3:a2:d1:1b:a8:f5:5a:
         fd:40:65:f6:cb:12:6f:e3:52:96:32:57:45:0f:f6:1c:17:58:
         6a:bf:ea:56:4b:db:95:fa:5c:ca:ba:99:57:d7:c0:5f:b2:2d:
         9b:87:56:75:31:7b:bf:c6:09:c4:99:c8:89:18:02:cb:b7:e6:
         49:76:7e:fc:ce:b5:b7:9b:73:6d:99:2d:8a:96:5e:e2:0f:72:
         b9:89:23:9d:d0:8e:e6:8c:d9:13:53:98:96:cf:0a:a6:38:8c:
         20:b2:56:19:2d:4e:fa:01:a1:b2:d6:95:fd:20:5d:bc:a5:b1:
         4b:af:20:b9:98:00:19:f9:d9:3e:5c:42:b1:3d:27:21:03:03:
         72:19:b9:78:36:af:92:9a:46:59:7c:0a:14:6d:53:69:d7:2b:
         f4:e7:b7:d2:4c:c3:03:7a:53:86:8e:31:2a:28:57:da:d4:a5:
         d4:b5:3b:c0
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYNkdO6yrCRH08/0ZIp9titEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjIwOTIyMDkwODQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGZiMWIwNWU2MDliODI3OGU2MmVmMzIwOGI5OGFmYzkxMDRlOGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoI7VaL8ekrctuXRP9I25t3QoiGIu
SnVxkBdUeMavcwHMRCMbyoop4pbTC2gEFhMgrwvmG/V8YpReE0wyGLA3omtCL7js
PM2QVnkIpzt0dMxd+SGmfPVWPV2u6KWLHE2D+zP3EtPX/BozhJwmqSJxuKAVsO2H
XEJdhF7XEIAiDG0StokDvsfjM6GOASgRqLrkWtJe0MUv54oRCXfz5Zy0KhZjTck4
dBN/OZ7B25niiQzvK4qlSJN8IjfntRtz/FOHVZ5iqqne8iICeyUFfNA1v0V2UMa9
zUFYcrtqFtVJhrMyvrnQp/fXLN5knfniODRqHelQohoJU/N4IwOqPX7YfQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJT7GwXmCbgnjmLvMgi5ivyRBOjhMB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvbFBzYkJlWUp1Q2VPWXU4eUNMbUtfSkVFNk9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQA1RXlMAwD
BADVFecDBADVFegDBADVFfQwDQYJKoZIhvcNAQELBQADggEBAHU2c/xrnbE8iF35
Q1kpoml2/5Ho+aDqiy+StjM/wP9aHID5N8I22duVc3PCvZ8CRAvgToy0aRc1Sp/0
AOsoCAXQPU91qPVPXrACQ3s/n436vi6No6LRG6j1Wv1AZfbLEm/jUpYyV0UP9hwX
WGq/6lZL25X6XMq6mVfXwF+yLZuHVnUxe7/GCcSZyIkYAsu35kl2fvzOtbebc22Z
LYqWXuIPcrmJI53QjuaM2RNTmJbPCqY4jCCyVhktTvoBobLWlf0gXbylsUuvILmY
ABn52T5cQrE9JyEDA3IZuXg2r5KaRll8ChRtU2nXK/Tnt9JMwwN6U4aOMSooV9rU
pdS1O8A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:49 2024 by rpki-client on console-fra.rpki-client.org