Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/bc8e10-461e-4ce4-8be9-6239733c6184/1/LmKD8mUkopj3qTNnePdXRmg-NhY.roa
File:                     LmKD8mUkopj3qTNnePdXRmg-NhY.roa (raw, json)
Hash identifier:          OmyBpIEQS9Dvr9A+AbevgN65S7g8aoLtUb7v/IusrtM=
Subject key identifier:   2E:62:83:F2:65:24:A2:98:F7:A9:33:67:78:F7:57:46:68:3E:36:16
Certificate issuer:       /CN=977775ce8804695996ce77c7d3681b9c241b362f
Certificate serial:       197B4213
Authority key identifier: 97:77:75:CE:88:04:69:59:96:CE:77:C7:D3:68:1B:9C:24:1B:36:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l3d1zogEaVmWznfH02gbnCQbNi8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/bc8e10-461e-4ce4-8be9-6239733c6184/1/LmKD8mUkopj3qTNnePdXRmg-NhY.roa
Signing time:             Sat 01 Jan 2022 11:05:00 +0000
ROA not before:           Sat 01 Jan 2022 11:05:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     199829
IP address blocks:        185.45.16.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 427508243 (0x197b4213)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=977775ce8804695996ce77c7d3681b9c241b362f
        Validity
            Not Before: Jan  1 11:05:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2e6283f26524a298f7a9336778f75746683e3616
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:12:25:9b:2c:2c:90:6b:4c:06:71:a5:44:54:
                    73:fd:43:13:17:5f:b5:f2:93:fb:3f:97:94:65:a6:
                    18:e2:83:bc:f9:4d:c7:9e:bb:06:55:94:55:1b:0b:
                    1e:34:7b:23:b5:f2:3f:ab:df:4a:e7:db:7e:48:f7:
                    63:e0:75:60:d7:74:5b:e4:9a:0c:d6:a0:eb:23:7f:
                    9d:6c:35:58:93:18:a4:04:a8:ed:09:ef:79:00:8f:
                    17:cc:10:57:a3:89:65:23:43:79:ac:d8:fb:42:ac:
                    b2:f7:40:e3:d1:37:3b:08:a6:23:d1:fe:38:f3:50:
                    a9:5c:b5:ab:b5:4d:ca:03:fa:4b:8d:5f:fc:06:ff:
                    42:12:39:e0:f9:45:6f:b6:7d:c4:e9:72:2a:8d:9d:
                    ce:c0:51:a6:45:f2:4a:a2:b8:3b:e1:ce:fc:a2:ec:
                    75:93:0f:68:f8:9f:7a:91:a1:c9:97:aa:0f:dd:c9:
                    1d:24:ab:02:b0:9b:47:a4:ff:63:3a:ee:d2:16:da:
                    da:ed:de:07:14:ee:ae:2f:62:46:65:4f:88:85:66:
                    fb:49:6e:37:9c:2a:74:76:51:1b:3f:f0:8b:b6:27:
                    8f:46:35:d6:00:27:60:6c:da:23:82:4e:95:e5:83:
                    85:23:0d:80:3a:89:a3:16:25:08:fa:1e:b0:94:30:
                    1c:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:62:83:F2:65:24:A2:98:F7:A9:33:67:78:F7:57:46:68:3E:36:16
            X509v3 Authority Key Identifier:
                keyid:97:77:75:CE:88:04:69:59:96:CE:77:C7:D3:68:1B:9C:24:1B:36:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l3d1zogEaVmWznfH02gbnCQbNi8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/bc8e10-461e-4ce4-8be9-6239733c6184/1/LmKD8mUkopj3qTNnePdXRmg-NhY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/bc8e10-461e-4ce4-8be9-6239733c6184/1/l3d1zogEaVmWznfH02gbnCQbNi8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.45.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         79:f3:12:75:e9:8a:19:0a:d1:3e:34:bd:ce:fd:4a:df:3c:07:
         f4:91:82:04:39:fa:19:82:0b:60:fa:d5:c8:cd:57:96:0b:56:
         a6:a6:e4:98:ae:d5:74:95:f0:7b:c9:79:9d:f0:86:67:f1:4b:
         0f:02:2a:56:0f:55:79:8e:91:09:30:a0:eb:72:ff:5d:ff:a1:
         a5:34:ff:b4:ea:56:00:d1:cd:0e:69:29:f3:08:db:e7:55:af:
         89:1e:f2:6a:6a:41:76:d8:e8:1d:cd:30:96:0d:a1:78:bd:a5:
         80:9d:fd:f3:a3:f7:aa:f9:8e:84:86:48:54:7c:53:3a:fe:f2:
         2f:a2:86:ea:01:31:93:79:b6:f0:25:ce:63:fb:ea:ca:b5:8c:
         9e:1d:bf:10:21:81:f4:30:e6:c7:96:f2:b7:f8:3c:cf:e8:a9:
         da:d0:b1:16:d6:aa:0b:eb:6d:61:d3:b6:6f:b3:1b:3b:14:6e:
         29:db:d2:d6:81:04:ca:16:09:26:fc:f8:4a:49:83:40:85:01:
         0b:16:7e:b8:e6:f3:d7:4c:67:08:23:22:30:55:cd:ca:78:c0:
         f4:77:a9:a6:97:20:9e:42:71:70:d8:85:51:4d:14:64:e6:aa:
         2a:57:52:0e:e9:db:ee:85:b8:35:c2:7f:ac:42:04:15:60:e2:
         d8:ba:d2:44
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGXtCEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
Nzc3NzVjZTg4MDQ2OTU5OTZjZTc3YzdkMzY4MWI5YzI0MWIzNjJmMB4XDTIyMDEw
MTExMDUwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmU2MjgzZjI2NTI0
YTI5OGY3YTkzMzY3NzhmNzU3NDY2ODNlMzYxNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALwSJZssLJBrTAZxpURUc/1DExdftfKT+z+XlGWmGOKDvPlN
x567BlWUVRsLHjR7I7XyP6vfSufbfkj3Y+B1YNd0W+SaDNag6yN/nWw1WJMYpASo
7QnveQCPF8wQV6OJZSNDeazY+0KssvdA49E3OwimI9H+OPNQqVy1q7VNygP6S41f
/Ab/QhI54PlFb7Z9xOlyKo2dzsBRpkXySqK4O+HO/KLsdZMPaPifepGhyZeqD93J
HSSrArCbR6T/Yzru0hba2u3eBxTuri9iRmVPiIVm+0luN5wqdHZRGz/wi7Ynj0Y1
1gAnYGzaI4JOleWDhSMNgDqJoxYlCPoesJQwHLcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQuYoPyZSSimPepM2d491dGaD42FjAfBgNVHSMEGDAWgBSXd3XOiARpWZbO
d8fTaBucJBs2LzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2wzZDF6b2dFYVZtV3puZkgwMmdibkNRYk5pOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjkvYmM4ZTEwLTQ2MWUtNGNlNC04YmU5LTYyMzk3MzNjNjE4NC8x
L0xtS0Q4bVVrb3BqM3FUTm5lUGRYUm1nLU5oWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjkv
YmM4ZTEwLTQ2MWUtNGNlNC04YmU5LTYyMzk3MzNjNjE4NC8xL2wzZDF6b2dFYVZt
V3puZkgwMmdibkNRYk5pOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArktEDANBgkqhkiG9w0BAQsFAAOC
AQEAefMSdemKGQrRPjS9zv1K3zwH9JGCBDn6GYILYPrVyM1XlgtWpqbkmK7VdJXw
e8l5nfCGZ/FLDwIqVg9VeY6RCTCg63L/Xf+hpTT/tOpWANHNDmkp8wjb51WviR7y
ampBdtjoHc0wlg2heL2lgJ3986P3qvmOhIZIVHxTOv7yL6KG6gExk3m28CXOY/vq
yrWMnh2/ECGB9DDmx5byt/g8z+ip2tCxFtaqC+ttYdO2b7MbOxRuKdvS1oEEyhYJ
Jvz4SkmDQIUBCxZ+uObz10xnCCMiMFXNynjA9HepppcgnkJxcNiFUU0UZOaqKldS
Dunb7oW4NcJ/rEIEFWDi2LrSRA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:22 2024 by rpki-client on console-fra.rpki-client.org