Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/LGxUC_k0TW1HC_6X7m7rl8kARY0.roa
File:                     LGxUC_k0TW1HC_6X7m7rl8kARY0.roa (raw, json)
Hash identifier:          TdgziC7Yl+zidasS/k1xKMtN6ET7LSaErQOTiQVrDJo=
Subject key identifier:   2C:6C:54:0B:F9:34:4D:6D:47:0B:FE:97:EE:6E:EB:97:C9:00:45:8D
Certificate issuer:       /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial:       018379797ECA7A5A8975CB5929A64BDCFA4F
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/LGxUC_k0TW1HC_6X7m7rl8kARY0.roa
Signing time:             Mon 26 Sep 2022 11:05:48 +0000
ROA not before:           Mon 26 Sep 2022 11:05:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201150
IP address blocks:        185.177.232.0/22 maxlen: 22
                          5.202.96.0/22 maxlen: 22
                          5.202.132.0/22 maxlen: 22
                          185.180.52.0/22 maxlen: 22
                          5.202.29.0/24 maxlen: 24
                          5.202.58.0/23 maxlen: 23
                          5.202.60.0/22 maxlen: 22
                          5.202.64.0/23 maxlen: 23
                          185.169.20.0/22 maxlen: 22
                          185.169.36.0/22 maxlen: 22
                          5.202.0.0/19 maxlen: 19
                          185.103.128.0/22 maxlen: 22
                          5.202.16.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:79:79:7e:ca:7a:5a:89:75:cb:59:29:a6:4b:dc:fa:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
        Validity
            Not Before: Sep 26 11:05:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2c6c540bf9344d6d470bfe97ee6eeb97c900458d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:f8:97:61:3b:b3:01:ad:b4:6e:b6:d6:8d:86:
                    62:4f:9b:5b:d5:d7:92:8d:16:4b:2d:1f:89:0e:9a:
                    99:d3:31:f5:c7:df:8c:02:d8:63:1a:07:c8:a9:41:
                    d5:e4:e6:b5:37:71:c9:41:b4:e8:3f:4f:c7:3e:86:
                    40:b5:17:69:e8:61:5a:1b:c7:84:82:d8:20:4e:bb:
                    b0:6f:8f:ff:bd:a2:7c:91:7a:66:da:32:8e:30:b0:
                    b9:65:d5:f8:98:9c:4d:bb:b9:f0:92:17:c4:5a:a6:
                    ac:dd:7d:ce:e7:75:c6:1f:61:4a:fd:d4:b8:70:35:
                    5a:e3:71:7b:2e:cb:fa:1f:37:dc:f2:33:1e:0e:a0:
                    17:69:ee:4c:c1:ef:24:b3:c3:9a:31:57:85:21:87:
                    18:9d:e5:76:5a:95:05:1c:3f:2f:3e:a1:cb:57:3d:
                    56:61:af:13:dc:2f:51:a8:11:dd:ba:7f:5b:4f:8b:
                    72:42:7f:b8:e3:ce:3a:76:6f:d8:5b:dc:19:79:5f:
                    b3:7f:d7:4d:9a:d9:c3:eb:4b:7f:ac:21:69:70:7c:
                    cf:1c:0a:aa:ba:60:3c:7d:87:c8:bb:78:82:be:91:
                    e9:46:91:bb:e1:67:b1:af:2f:33:a7:d7:55:60:b1:
                    00:bc:04:ae:72:31:58:99:ae:d4:08:9c:50:0b:c0:
                    f9:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:6C:54:0B:F9:34:4D:6D:47:0B:FE:97:EE:6E:EB:97:C9:00:45:8D
            X509v3 Authority Key Identifier:
                keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/LGxUC_k0TW1HC_6X7m7rl8kARY0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.202.0.0/19
                  5.202.58.0-5.202.65.255
                  5.202.96.0/22
                  5.202.132.0/22
                  185.103.128.0/22
                  185.169.20.0/22
                  185.169.36.0/22
                  185.177.232.0/22
                  185.180.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7a:50:42:1a:eb:03:ab:c1:de:39:b9:fa:ee:91:5f:da:b3:ff:
         25:63:95:09:fa:29:52:94:93:4c:8c:af:b1:70:29:52:84:19:
         98:00:e9:1a:64:65:68:37:41:d4:92:56:4a:93:2c:dc:8c:61:
         ac:f0:c1:13:6a:9c:68:79:6b:f1:01:47:fc:0b:28:e1:1c:5b:
         33:40:40:fe:2e:84:c1:e3:86:0f:e8:52:9b:cb:a0:09:cc:b9:
         f0:3a:f2:cd:18:52:75:d5:83:01:84:48:b0:cf:78:1c:b0:53:
         b8:55:55:d7:7c:3d:b9:c9:5e:20:16:52:2a:c4:55:80:57:82:
         0a:fe:d4:4e:f5:87:7d:17:6f:c8:1a:68:e4:7b:0f:c1:bc:e2:
         af:eb:a7:2e:98:3d:6b:87:6b:2a:55:ab:c6:90:6c:d8:ed:cd:
         58:3c:a0:cc:bd:4c:3c:02:e8:ce:37:44:ef:1a:cb:b3:6b:14:
         07:7d:8d:30:b5:db:a6:d1:89:03:6f:5a:8a:ec:d2:14:e5:33:
         95:00:e3:31:b8:41:7a:99:86:43:c1:11:c3:c7:3a:7f:13:b1:
         de:31:5c:6e:2a:d7:77:c9:78:71:83:bb:aa:7b:85:99:c4:1e:
         be:89:be:2b:11:d8:97:3a:67:ad:b0:4c:40:cc:2d:24:01:2d:
         d8:63:e4:58
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYN5eX7KelqJdctZKaZL3PpPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjIwOTI2MTEwNTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzZjNTQwYmY5MzQ0ZDZkNDcwYmZlOTdlZTZlZWI5N2M5MDA0NThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/iXYTuzAa20brbWjYZiT5tb1deS
jRZLLR+JDpqZ0zH1x9+MAthjGgfIqUHV5Oa1N3HJQbToP0/HPoZAtRdp6GFaG8eE
gtggTruwb4//vaJ8kXpm2jKOMLC5ZdX4mJxNu7nwkhfEWqas3X3O53XGH2FK/dS4
cDVa43F7Lsv6Hzfc8jMeDqAXae5Mwe8ks8OaMVeFIYcYneV2WpUFHD8vPqHLVz1W
Ya8T3C9RqBHdun9bT4tyQn+44846dm/YW9wZeV+zf9dNmtnD60t/rCFpcHzPHAqq
umA8fYfIu3iCvpHpRpG74Wexry8zp9dVYLEAvASucjFYma7UCJxQC8D5gwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFCxsVAv5NE1tRwv+l+5u65fJAEWNMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvTEd4VUNfazBUVzFIQ182WDdtN3JsOGtBUlkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQFBcoAMAwD
BAEFyjoDBAEFykADBAIFymADBAIFyoQDBAK5Z4ADBAK5qRQDBAK5qSQDBAK5segD
BAK5tDQwDQYJKoZIhvcNAQELBQADggEBAHpQQhrrA6vB3jm5+u6RX9qz/yVjlQn6
KVKUk0yMr7FwKVKEGZgA6RpkZWg3QdSSVkqTLNyMYazwwRNqnGh5a/EBR/wLKOEc
WzNAQP4uhMHjhg/oUpvLoAnMufA68s0YUnXVgwGESLDPeBywU7hVVdd8PbnJXiAW
UirEVYBXggr+1E71h30Xb8gaaOR7D8G84q/rpy6YPWuHaypVq8aQbNjtzVg8oMy9
TDwC6M43RO8ay7NrFAd9jTC126bRiQNvWors0hTlM5UA4zG4QXqZhkPBEcPHOn8T
sd4xXG4q13fJeHGDu6p7hZnEHr6JvisR2Jc6Z62wTEDMLSQBLdhj5Fg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:10 2024 by rpki-client on console-fra.rpki-client.org