Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/FCKBeLFvOqQBql5Jtr7GsofrEIw.roa
File:                     FCKBeLFvOqQBql5Jtr7GsofrEIw.roa (raw, json)
Hash identifier:          3j+YSUpp+MEnVyPbEz8GHqqqMTnRkv+l+XdF6Q3KbW4=
Subject key identifier:   14:22:81:78:B1:6F:3A:A4:01:AA:5E:49:B6:BE:C6:B2:87:EB:10:8C
Certificate issuer:       /CN=56afcd8fb40aae1d243c2a8ce2541a69987eed13
Certificate serial:       011DE26B
Authority key identifier: 56:AF:CD:8F:B4:0A:AE:1D:24:3C:2A:8C:E2:54:1A:69:98:7E:ED:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/FCKBeLFvOqQBql5Jtr7GsofrEIw.roa
Signing time:             Sat 01 Jan 2022 00:58:52 +0000
ROA not before:           Sat 01 Jan 2022 00:58:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210674
IP address blocks:        2a11:e487:ff01::/48 maxlen: 48
                          2a11:e487:ff00::/48 maxlen: 48
                          2a11:e487:ff00::/40 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18735723 (0x11de26b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56afcd8fb40aae1d243c2a8ce2541a69987eed13
        Validity
            Not Before: Jan  1 00:58:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=14228178b16f3aa401aa5e49b6bec6b287eb108c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:ef:0c:cd:9a:e2:35:26:8d:33:04:f2:d8:f4:
                    ae:01:3b:50:d2:bd:73:8b:89:e5:42:1f:f4:c1:4c:
                    d7:81:3f:1a:4a:57:ae:bb:0c:be:4c:f9:16:55:37:
                    f1:02:64:33:55:92:e0:66:47:7d:2c:f0:9d:5d:08:
                    26:dd:41:1a:4d:05:13:77:1f:54:2c:99:f0:7e:b9:
                    5c:92:dc:f8:ce:74:48:0f:b3:cc:1e:5f:f8:a9:b9:
                    c5:c1:98:1f:f1:34:ad:e4:d4:f3:91:fa:8b:ff:63:
                    fc:9d:1a:ca:52:d4:d8:de:1c:15:07:30:e5:5a:5e:
                    b8:9f:47:6c:e5:45:cf:d8:1c:09:54:c0:c0:30:e5:
                    98:5d:fb:f4:dd:92:c6:b2:0e:f1:34:85:21:c1:c7:
                    6f:10:33:4f:0d:c2:9b:c1:cb:ba:83:9d:71:25:2d:
                    e6:4a:74:eb:05:89:7a:74:8b:52:60:6e:46:7d:3d:
                    8f:36:69:60:33:45:14:2e:92:e3:02:31:5d:56:5f:
                    d2:0f:bb:ea:3c:2d:2e:32:de:8f:02:9f:64:c6:60:
                    41:14:5e:2b:da:be:4e:a8:25:42:cc:a5:53:6f:6d:
                    09:06:bf:94:3c:eb:94:81:bc:8e:78:bb:f6:83:ad:
                    be:50:d4:c9:07:da:e4:aa:84:0b:20:e0:18:2b:61:
                    a0:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:22:81:78:B1:6F:3A:A4:01:AA:5E:49:B6:BE:C6:B2:87:EB:10:8C
            X509v3 Authority Key Identifier:
                keyid:56:AF:CD:8F:B4:0A:AE:1D:24:3C:2A:8C:E2:54:1A:69:98:7E:ED:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/FCKBeLFvOqQBql5Jtr7GsofrEIw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:e487:ff00::/40

    Signature Algorithm: sha256WithRSAEncryption
         7b:84:70:db:9e:19:22:6e:19:ab:a3:43:ed:6c:b5:42:58:d5:
         00:ed:52:f3:93:a6:3f:3d:94:a1:5d:da:5f:76:92:c6:b1:a9:
         b1:4f:09:68:a4:3c:98:8a:b5:e0:d3:a9:ee:de:a0:0c:e7:59:
         7a:e0:b8:1e:f0:1b:e3:34:8e:1e:10:1e:ed:9f:d0:db:30:38:
         99:6c:b5:2c:da:85:6b:08:06:aa:d8:cb:49:34:34:fa:ad:5c:
         e5:7f:91:e3:7c:0c:a7:d3:db:84:47:6f:9b:b1:5e:6f:7e:85:
         21:14:e4:a3:d4:53:cb:72:81:63:b2:8a:e3:56:a7:7f:f7:4d:
         10:d4:07:76:47:34:67:b0:b2:11:fd:78:98:3b:a9:b6:30:a4:
         1e:60:e2:13:4e:31:7a:43:ef:f3:55:03:34:24:1d:a9:5f:09:
         54:ef:4b:3b:b2:3d:f9:10:7d:d8:31:b6:93:d8:a4:c1:c7:b1:
         6e:fc:ed:71:fa:9f:87:21:24:0a:9e:2b:7b:22:e1:ed:8f:c2:
         3e:14:7e:fb:bd:29:b7:b5:e9:96:c6:f4:4e:f9:ba:6a:c3:27:
         67:ce:c5:ec:bd:96:78:59:da:0b:cc:39:19:ce:66:69:8d:0d:
         78:02:1e:e3:ee:2d:d4:b5:73:96:55:13:50:e2:4d:0c:b0:7c:
         67:3d:69:dd
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEAR3iazANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NmFmY2Q4ZmI0MGFhZTFkMjQzYzJhOGNlMjU0MWE2OTk4N2VlZDEzMB4XDTIyMDEw
MTAwNTg1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTQyMjgxNzhiMTZm
M2FhNDAxYWE1ZTQ5YjZiZWM2YjI4N2ViMTA4YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLvDM2a4jUmjTME8tj0rgE7UNK9c4uJ5UIf9MFM14E/GkpX
rrsMvkz5FlU38QJkM1WS4GZHfSzwnV0IJt1BGk0FE3cfVCyZ8H65XJLc+M50SA+z
zB5f+Km5xcGYH/E0reTU85H6i/9j/J0aylLU2N4cFQcw5VpeuJ9HbOVFz9gcCVTA
wDDlmF379N2SxrIO8TSFIcHHbxAzTw3Cm8HLuoOdcSUt5kp06wWJenSLUmBuRn09
jzZpYDNFFC6S4wIxXVZf0g+76jwtLjLejwKfZMZgQRReK9q+TqglQsylU29tCQa/
lDzrlIG8jni79oOtvlDUyQfa5KqECyDgGCthoCUCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQUIoF4sW86pAGqXkm2vsayh+sQjDAfBgNVHSMEGDAWgBRWr82PtAquHSQ8
KoziVBppmH7tEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZxX05qN1FLcmgwa1BDcU00bFFhYVpoLTdSTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvNGMyNjM3LTNiYmItNGE1My1hMjE2LTIzN2JlNzczMDA3YS8x
L0ZDS0JlTEZ2T3FRQnFsNUp0cjdHc29mckVJdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
NGMyNjM3LTNiYmItNGE1My1hMjE2LTIzN2JlNzczMDA3YS8xL1ZxX05qN1FLcmgw
a1BDcU00bFFhYVpoLTdSTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoR5If/MA0GCSqGSIb3DQEBCwUA
A4IBAQB7hHDbnhkibhmro0PtbLVCWNUA7VLzk6Y/PZShXdpfdpLGsamxTwlopDyY
irXg06nu3qAM51l64Lge8BvjNI4eEB7tn9DbMDiZbLUs2oVrCAaq2MtJNDT6rVzl
f5HjfAyn09uER2+bsV5vfoUhFOSj1FPLcoFjsorjVqd/900Q1Ad2RzRnsLIR/XiY
O6m2MKQeYOITTjF6Q+/zVQM0JB2pXwlU70s7sj35EH3YMbaT2KTBx7Fu/O1x+p+H
ISQKnit7IuHtj8I+FH77vSm3temWxvRO+bpqwydnzsXsvZZ4WdoLzDkZzmZpjQ14
Ah7j7i3UtXOWVRNQ4k0MsHxnPWnd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:52 2024 by rpki-client on console-fra.rpki-client.org