Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/FJ1HkjTW9e6IyghN3JdDWcLGRMU.roa
File:                     FJ1HkjTW9e6IyghN3JdDWcLGRMU.roa (raw, json)
Hash identifier:          rQvxF6LfjWm8b/iwMPS07wHe01AfvT6wpyHhkYU0oKo=
Subject key identifier:   14:9D:47:92:34:D6:F5:EE:88:CA:08:4D:DC:97:43:59:C2:C6:44:C5
Certificate issuer:       /CN=97cca0952db8aa9fe5e5703c6f189a06a57f4bb1
Certificate serial:       0924F49A
Authority key identifier: 97:CC:A0:95:2D:B8:AA:9F:E5:E5:70:3C:6F:18:9A:06:A5:7F:4B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l8yglS24qp_l5XA8bxiaBqV_S7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/FJ1HkjTW9e6IyghN3JdDWcLGRMU.roa
Signing time:             Sat 01 Jan 2022 03:54:27 +0000
ROA not before:           Sat 01 Jan 2022 03:54:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49025
IP address blocks:        185.111.108.0/22 maxlen: 22
                          95.173.200.0/21 maxlen: 21
                          95.173.204.0/22 maxlen: 22
                          95.173.208.0/21 maxlen: 21
                          95.173.216.0/21 maxlen: 21
                          185.2.40.0/22 maxlen: 22
                          2a02:a48:f000::/36 maxlen: 36

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 153416858 (0x924f49a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97cca0952db8aa9fe5e5703c6f189a06a57f4bb1
        Validity
            Not Before: Jan  1 03:54:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=149d479234d6f5ee88ca084ddc974359c2c644c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:9c:a5:5c:52:df:af:76:9d:db:81:27:9a:d0:
                    f1:ba:71:dc:92:9e:bc:ac:88:06:67:c5:67:d8:9c:
                    b9:52:43:72:8c:b6:66:20:4a:f1:60:57:5a:40:3c:
                    08:7f:b5:23:0b:34:d1:43:60:9b:02:73:d1:d3:98:
                    e8:20:e9:ac:27:59:ef:74:8d:97:e7:97:0d:d8:5a:
                    1d:45:99:a8:b0:dd:9a:4f:8c:4f:8f:b3:6b:56:b0:
                    91:33:39:cb:19:34:91:f1:3e:7f:75:a1:9b:f0:df:
                    b5:60:f2:63:67:24:ae:2e:d9:cf:82:35:a9:89:3c:
                    e6:f7:3c:11:de:d6:8d:ca:e6:d1:7e:cb:c4:e3:59:
                    49:74:8d:6f:33:14:4e:95:82:14:1a:c2:05:8b:0a:
                    75:e4:7c:0c:f3:cf:f9:61:a2:1a:97:15:a7:3d:d4:
                    8f:40:7d:f0:60:56:d4:dc:42:8d:a6:3b:10:dd:57:
                    bb:b7:9e:c9:bf:c1:0c:52:21:62:dc:59:c8:a7:8c:
                    56:61:95:6c:f6:3c:d1:22:36:b3:cd:61:20:75:c1:
                    c7:53:36:60:51:d5:35:cc:3d:6f:51:a4:6e:83:75:
                    c0:41:e8:10:86:63:0b:8c:64:84:9a:d5:db:7c:46:
                    df:17:af:8b:0f:54:1e:a1:7d:56:a1:60:b0:0f:a2:
                    ca:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:9D:47:92:34:D6:F5:EE:88:CA:08:4D:DC:97:43:59:C2:C6:44:C5
            X509v3 Authority Key Identifier:
                keyid:97:CC:A0:95:2D:B8:AA:9F:E5:E5:70:3C:6F:18:9A:06:A5:7F:4B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l8yglS24qp_l5XA8bxiaBqV_S7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/FJ1HkjTW9e6IyghN3JdDWcLGRMU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/l8yglS24qp_l5XA8bxiaBqV_S7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.173.200.0-95.173.223.255
                  185.2.40.0/22
                  185.111.108.0/22
                IPv6:
                  2a02:a48:f000::/36

    Signature Algorithm: sha256WithRSAEncryption
         83:b1:c3:59:4a:65:cc:b3:de:f1:81:69:90:4e:9c:73:42:67:
         96:1f:d1:88:a3:be:a2:78:de:12:dd:0f:61:34:df:fc:c4:19:
         cd:5b:e8:29:93:be:e7:c9:c9:ee:73:dd:f0:32:db:33:56:72:
         44:63:34:c0:1b:f8:5d:4a:43:99:93:d8:7a:b9:9d:4a:a6:25:
         3f:e8:76:95:05:e7:00:25:86:ba:30:f1:f5:f2:6d:16:e7:92:
         df:71:73:a7:7d:ec:7a:2d:d9:1f:8c:d8:41:85:d2:fd:e9:34:
         e7:f6:d6:81:ad:1a:fc:bc:5f:91:f5:de:95:87:ec:b5:2e:3a:
         36:fc:b8:bd:d6:10:05:33:30:78:ae:1b:a0:9d:a3:81:4e:4a:
         b9:d7:6b:6a:0b:14:db:7d:3a:24:8d:e9:c9:cf:3c:3e:46:1a:
         9d:29:6b:17:04:9a:3d:c1:28:91:4a:01:fd:6e:50:39:92:ca:
         a4:b4:fd:5b:fb:0b:d3:d5:cc:af:d4:9e:4d:bf:a3:c6:ea:66:
         57:55:a7:6e:61:63:7f:a3:32:c1:a5:57:7e:1a:c0:4e:e7:b8:
         a1:c2:2c:d6:3d:2c:f9:6e:34:e9:3f:a0:e2:64:a6:cb:8b:8b:
         c0:04:ea:7a:b9:98:07:b5:f7:13:33:4c:0f:c6:0e:f5:28:49:
         a9:7d:07:cd
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIECST0mjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
N2NjYTA5NTJkYjhhYTlmZTVlNTcwM2M2ZjE4OWEwNmE1N2Y0YmIxMB4XDTIyMDEw
MTAzNTQyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTQ5ZDQ3OTIzNGQ2
ZjVlZTg4Y2EwODRkZGM5NzQzNTljMmM2NDRjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALecpVxS3692nduBJ5rQ8bpx3JKevKyIBmfFZ9icuVJDcoy2
ZiBK8WBXWkA8CH+1Iws00UNgmwJz0dOY6CDprCdZ73SNl+eXDdhaHUWZqLDdmk+M
T4+za1awkTM5yxk0kfE+f3Whm/DftWDyY2ckri7Zz4I1qYk85vc8Ed7Wjcrm0X7L
xONZSXSNbzMUTpWCFBrCBYsKdeR8DPPP+WGiGpcVpz3Uj0B98GBW1NxCjaY7EN1X
u7eeyb/BDFIhYtxZyKeMVmGVbPY80SI2s81hIHXBx1M2YFHVNcw9b1GkboN1wEHo
EIZjC4xkhJrV23xG3xeviw9UHqF9VqFgsA+iyp0CAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBQUnUeSNNb17ojKCE3cl0NZwsZExTAfBgNVHSMEGDAWgBSXzKCVLbiqn+Xl
cDxvGJoGpX9LsTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2w4eWdsUzI0cXBfbDVYQThieGlhQnFWX1M3RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvOWEwZWIyLWU5OTQtNDcxOS1hMTY2LTVkNmRkMGJhNTJjZi8x
L0ZKMUhralRXOWU2SXlnaE4zSmREV2NMR1JNVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
OWEwZWIyLWU5OTQtNDcxOS1hMTY2LTVkNmRkMGJhNTJjZi8xL2w4eWdsUzI0cXBf
bDVYQThieGlhQnFWX1M3RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwIAQCAAEwGjAMAwQDX63IAwQFX63AAwQCuQIoAwQC
uW9sMA4EAgACMAgDBgQqAgpI8DANBgkqhkiG9w0BAQsFAAOCAQEAg7HDWUplzLPe
8YFpkE6cc0Jnlh/RiKO+onjeEt0PYTTf/MQZzVvoKZO+58nJ7nPd8DLbM1ZyRGM0
wBv4XUpDmZPYermdSqYlP+h2lQXnACWGujDx9fJtFueS33Fzp33sei3ZH4zYQYXS
/ek05/bWga0a/LxfkfXelYfstS46Nvy4vdYQBTMweK4boJ2jgU5KuddragsU2306
JI3pyc88PkYanSlrFwSaPcEokUoB/W5QOZLKpLT9W/sL09XMr9SeTb+jxupmV1Wn
bmFjf6MywaVXfhrATue4ocIs1j0s+W406T+g4mSmy4uLwATqermYB7X3EzNMD8YO
9ShJqX0HzQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:34 2024 by rpki-client on console-ams.rpki-client.org