Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/Lwm_QbePytS0i8UH5IAzg0ofpi4.roa
File:                     Lwm_QbePytS0i8UH5IAzg0ofpi4.roa (raw, json)
Hash identifier:          cH61v280n7vmMZMctLz7akvH25D/C7wyE8egQrwUQ2w=
Subject key identifier:   2F:09:BF:41:B7:8F:CA:D4:B4:8B:C5:07:E4:80:33:83:4A:1F:A6:2E
Certificate issuer:       /CN=6832c32d2259013991260d530d9120031aaefcd0
Certificate serial:       018364B8AEBA6D329C4F71F2D8E4ADD9EE27
Authority key identifier: 68:32:C3:2D:22:59:01:39:91:26:0D:53:0D:91:20:03:1A:AE:FC:D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/Lwm_QbePytS0i8UH5IAzg0ofpi4.roa
Signing time:             Thu 22 Sep 2022 10:22:48 +0000
ROA not before:           Thu 22 Sep 2022 10:22:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     33915
IP address blocks:        145.46.255.0/24 maxlen: 24
                          145.46.192.0/18 maxlen: 18
                          145.46.128.0/18 maxlen: 18

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:64:b8:ae:ba:6d:32:9c:4f:71:f2:d8:e4:ad:d9:ee:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6832c32d2259013991260d530d9120031aaefcd0
        Validity
            Not Before: Sep 22 10:22:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2f09bf41b78fcad4b48bc507e48033834a1fa62e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:8f:fe:92:ab:db:65:b1:52:36:52:d8:6a:ae:
                    05:a7:65:f5:1b:e6:61:c6:41:a0:44:a7:8e:fb:f4:
                    0a:bb:9d:98:05:19:79:e1:bc:21:18:24:55:2c:09:
                    a2:78:5c:92:11:74:7a:58:c2:91:80:af:02:f2:08:
                    f8:a8:d3:c0:de:fe:27:c3:7f:a1:a3:ee:d0:91:ac:
                    e0:eb:0b:b4:03:81:37:d5:67:58:82:50:7b:28:8f:
                    19:25:a6:5c:d2:d0:5b:1d:36:a8:bb:23:f2:7a:92:
                    58:73:f9:4e:f9:fb:1b:35:ca:19:14:ed:b5:b5:cf:
                    59:ee:ba:b9:df:92:97:11:cf:22:ea:65:e2:f7:9b:
                    43:fd:12:59:e7:08:cf:ff:36:0c:0a:5b:d4:f4:07:
                    5a:54:3d:50:84:7a:31:d7:5f:6e:39:32:a8:26:e0:
                    71:0d:01:80:9c:27:2f:9e:82:d5:eb:a8:42:ec:8e:
                    c9:dd:fe:45:34:5a:9e:ca:6b:59:22:f4:7e:59:64:
                    9c:bb:9d:08:7d:33:ad:f8:d7:43:ca:d8:fc:a7:cc:
                    ac:84:48:69:97:ad:cf:56:d9:9f:60:29:ab:14:51:
                    9f:a4:aa:8a:e0:49:d8:d2:0c:7a:e4:89:e1:ee:ff:
                    17:f9:84:24:d6:0e:e8:b0:f2:30:bb:99:a2:fc:8e:
                    de:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:09:BF:41:B7:8F:CA:D4:B4:8B:C5:07:E4:80:33:83:4A:1F:A6:2E
            X509v3 Authority Key Identifier:
                keyid:68:32:C3:2D:22:59:01:39:91:26:0D:53:0D:91:20:03:1A:AE:FC:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/Lwm_QbePytS0i8UH5IAzg0ofpi4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/aDLDLSJZATmRJg1TDZEgAxqu_NA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  145.46.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         34:a1:0f:74:5d:e8:4f:79:eb:05:02:2b:02:3f:36:56:b0:de:
         c7:06:6c:69:20:43:aa:6e:65:67:06:7b:e5:6c:e0:ea:09:17:
         b4:a7:e0:8e:ba:01:99:be:0c:3a:34:30:4b:0c:88:d4:aa:b5:
         07:c9:f2:11:1f:cc:f1:8b:ce:6a:9e:21:f6:9a:24:4c:99:ca:
         6a:f3:1e:79:7d:6d:fe:76:b1:14:d4:d1:be:9a:58:c7:b7:05:
         3f:e0:d2:36:8e:6e:a8:10:58:25:f9:1d:71:9b:86:b1:c5:8d:
         90:cc:13:c3:bd:27:a3:24:e7:90:a6:d9:03:49:53:b4:be:8c:
         de:1c:61:38:86:8c:48:3e:2c:04:16:90:95:a2:34:e9:2d:a1:
         6e:9e:14:bc:32:ff:df:83:b1:b7:36:ba:d5:cf:c7:23:0b:4d:
         7d:9d:ca:65:4a:9b:6b:ed:aa:8e:fe:23:7a:cd:bd:b9:8f:32:
         e4:bb:e9:f2:46:14:4d:b4:0d:9c:3a:dd:1f:08:aa:35:28:b3:
         63:95:66:d5:fa:e8:f1:f3:ae:db:94:e4:43:77:6c:04:06:ab:
         1c:aa:86:34:e9:2d:6d:8e:7c:8d:9a:7d:e0:f0:70:28:e8:99:
         8c:ea:3f:11:83:e4:bf:01:9c:18:57:0b:2f:6e:d7:6e:f0:76:
         19:85:00:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNkuK66bTKcT3Hy2OSt2e4nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzJjMzJkMjI1OTAxMzk5MTI2MGQ1MzBkOTEyMDAzMWFh
ZWZjZDAwHhcNMjIwOTIyMTAyMjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjA5YmY0MWI3OGZjYWQ0YjQ4YmM1MDdlNDgwMzM4MzRhMWZhNjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmI/+kqvbZbFSNlLYaq4Fp2X1G+Zh
xkGgRKeO+/QKu52YBRl54bwhGCRVLAmieFySEXR6WMKRgK8C8gj4qNPA3v4nw3+h
o+7Qkazg6wu0A4E31WdYglB7KI8ZJaZc0tBbHTaouyPyepJYc/lO+fsbNcoZFO21
tc9Z7rq535KXEc8i6mXi95tD/RJZ5wjP/zYMClvU9AdaVD1QhHox119uOTKoJuBx
DQGAnCcvnoLV66hC7I7J3f5FNFqeymtZIvR+WWScu50IfTOt+NdDytj8p8yshEhp
l63PVtmfYCmrFFGfpKqK4EnY0gx65Inh7v8X+YQk1g7osPIwu5mi/I7eOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC8Jv0G3j8rUtIvFB+SAM4NKH6YuMB8GA1UdIwQY
MBaAFGgywy0iWQE5kSYNUw2RIAMarvzQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURMRExTSlpBVG1SSmcxVERaRWdBeHF1X05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85NGI2NmUtM2UwZC00MzMyLWFiNGYt
NzcwZjhlYWIyYWU3LzEvTHdtX1FiZVB5dFMwaThVSDVJQXpnMG9mcGk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85NGI2NmUtM2UwZC00MzMyLWFiNGYtNzcwZjhlYWIyYWU3
LzEvYURMRExTSlpBVG1SSmcxVERaRWdBeHF1X05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHkS6AMA0G
CSqGSIb3DQEBCwUAA4IBAQA0oQ90XehPeesFAisCPzZWsN7HBmxpIEOqbmVnBnvl
bODqCRe0p+COugGZvgw6NDBLDIjUqrUHyfIRH8zxi85qniH2miRMmcpq8x55fW3+
drEU1NG+mljHtwU/4NI2jm6oEFgl+R1xm4axxY2QzBPDvSejJOeQptkDSVO0voze
HGE4hoxIPiwEFpCVojTpLaFunhS8Mv/fg7G3NrrVz8cjC019ncplSptr7aqO/iN6
zb25jzLku+nyRhRNtA2cOt0fCKo1KLNjlWbV+ujx867blORDd2wEBqscqoY06S1t
jnyNmn3g8HAo6JmM6j8Rg+S/AZwYVwsvbtdu8HYZhQCC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:20 2024 by rpki-client on console-ams.rpki-client.org