Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/acf2a2-4d52-40cd-a5f8-59591389e242/1/FKfH07rUkxogjvd6b1tc1Fh3aAg.roa
File:                     FKfH07rUkxogjvd6b1tc1Fh3aAg.roa (raw, json)
Hash identifier:          O8kPcEHqU1d/5b0WaJgNC/SNlevLjDtwUIZYD3uAffQ=
Subject key identifier:   14:A7:C7:D3:BA:D4:93:1A:20:8E:F7:7A:6F:5B:5C:D4:58:77:68:08
Certificate issuer:       /CN=9da4e95d2f4cc34a7376b73c0f039b3e158f5152
Certificate serial:       05269141
Authority key identifier: 9D:A4:E9:5D:2F:4C:C3:4A:73:76:B7:3C:0F:03:9B:3E:15:8F:51:52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/naTpXS9Mw0pzdrc8DwObPhWPUVI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/acf2a2-4d52-40cd-a5f8-59591389e242/1/FKfH07rUkxogjvd6b1tc1Fh3aAg.roa
Signing time:             Sat 01 Jan 2022 10:58:35 +0000
ROA not before:           Sat 01 Jan 2022 10:58:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39356
IP address blocks:        185.215.44.0/24 maxlen: 24
                          185.215.47.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 86413633 (0x5269141)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9da4e95d2f4cc34a7376b73c0f039b3e158f5152
        Validity
            Not Before: Jan  1 10:58:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=14a7c7d3bad4931a208ef77a6f5b5cd458776808
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:de:7e:90:36:1f:e2:2a:b3:ba:75:90:ad:96:
                    f2:f5:4f:29:81:f0:1e:8f:47:11:ed:b0:39:ab:db:
                    70:a8:f8:6f:d7:1f:30:53:ea:3b:b7:e1:5c:ae:b9:
                    42:3d:da:18:e5:5c:4d:2f:16:aa:2c:35:03:53:b9:
                    21:14:21:b8:6a:c9:8c:d2:7c:34:66:35:d4:c7:1a:
                    6f:a9:34:54:75:de:e3:b6:f7:c7:3e:f7:bc:36:f5:
                    b6:f0:6e:c3:6a:09:27:39:be:7d:7f:7f:8e:1a:f5:
                    ed:74:b7:6a:38:47:ac:0e:e6:9c:57:4b:c4:9c:5d:
                    dd:c6:54:05:95:e3:1e:fc:e9:57:9e:97:44:45:2f:
                    01:36:ca:7f:5d:df:56:8a:6e:b0:47:0f:29:aa:e6:
                    85:f2:a2:f8:dc:4c:11:c8:fe:e5:32:f4:eb:49:75:
                    5f:d3:a2:e5:b8:15:93:36:09:34:e5:9a:3f:8b:ba:
                    71:b7:66:5f:e5:ee:b9:86:18:f3:0e:89:1a:fb:28:
                    35:18:8f:73:94:41:c4:50:3d:c9:6b:70:df:9d:60:
                    9b:8e:66:6d:1f:9b:e2:52:58:54:a0:be:95:30:4e:
                    32:96:4d:6e:e3:05:81:7f:2f:a0:ea:63:a4:17:19:
                    b3:ea:e6:09:e7:69:0a:41:99:93:69:e7:f0:fa:8f:
                    ef:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:A7:C7:D3:BA:D4:93:1A:20:8E:F7:7A:6F:5B:5C:D4:58:77:68:08
            X509v3 Authority Key Identifier:
                keyid:9D:A4:E9:5D:2F:4C:C3:4A:73:76:B7:3C:0F:03:9B:3E:15:8F:51:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/naTpXS9Mw0pzdrc8DwObPhWPUVI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/acf2a2-4d52-40cd-a5f8-59591389e242/1/FKfH07rUkxogjvd6b1tc1Fh3aAg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/acf2a2-4d52-40cd-a5f8-59591389e242/1/naTpXS9Mw0pzdrc8DwObPhWPUVI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.215.44.0/24
                  185.215.47.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:98:b4:63:a8:ad:63:66:f2:2d:96:44:b4:c4:5d:e2:2b:1c:
         5b:b3:20:e8:f6:8c:7c:0f:46:d0:6a:61:f2:96:6c:90:da:55:
         6f:c0:cc:c4:85:f8:90:26:4a:5b:79:eb:2e:e5:0a:b5:0b:bd:
         cc:96:90:86:2b:1e:87:a9:e1:f6:0d:cb:c1:ac:fc:ea:02:52:
         18:38:29:e9:84:e5:4e:cf:aa:99:b5:fd:69:97:1d:71:fd:02:
         bf:4d:38:df:d6:14:32:30:c4:d0:56:10:b5:0c:e6:ce:4a:b5:
         08:50:a5:7e:69:e3:78:a3:2b:c4:b0:5f:cf:eb:7d:df:58:50:
         cc:af:20:73:6a:5c:ed:28:44:50:17:15:e0:e1:32:43:d4:25:
         a3:07:76:71:db:b1:4e:d6:98:b1:51:88:f7:a4:ce:32:d7:bc:
         48:50:40:a3:bf:8b:69:0e:bc:ce:4b:0e:24:a1:9f:34:71:6b:
         60:ee:30:27:b3:be:3d:a9:f8:4c:97:7e:e5:b3:ee:7b:a2:0c:
         42:10:47:12:b1:4f:a7:8a:92:0b:de:73:91:ee:a9:e2:cf:3c:
         71:7a:df:23:f8:6d:78:ce:85:a5:62:9a:ad:a4:81:0b:8a:42:
         f3:d4:83:91:c1:f6:f6:95:9b:9f:c0:dc:17:59:4d:cd:27:e7:
         00:f6:08:6e
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBSaRQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZGE0ZTk1ZDJmNGNjMzRhNzM3NmI3M2MwZjAzOWIzZTE1OGY1MTUyMB4XDTIyMDEw
MTEwNTgzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTRhN2M3ZDNiYWQ0
OTMxYTIwOGVmNzdhNmY1YjVjZDQ1ODc3NjgwODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN3efpA2H+Iqs7p1kK2W8vVPKYHwHo9HEe2wOavbcKj4b9cf
MFPqO7fhXK65Qj3aGOVcTS8Wqiw1A1O5IRQhuGrJjNJ8NGY11Mcab6k0VHXe47b3
xz73vDb1tvBuw2oJJzm+fX9/jhr17XS3ajhHrA7mnFdLxJxd3cZUBZXjHvzpV56X
REUvATbKf13fVopusEcPKarmhfKi+NxMEcj+5TL060l1X9Oi5bgVkzYJNOWaP4u6
cbdmX+XuuYYY8w6JGvsoNRiPc5RBxFA9yWtw351gm45mbR+b4lJYVKC+lTBOMpZN
buMFgX8voOpjpBcZs+rmCedpCkGZk2nn8PqP7zUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQUp8fTutSTGiCO93pvW1zUWHdoCDAfBgNVHSMEGDAWgBSdpOldL0zDSnN2
tzwPA5s+FY9RUjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25hVHBYUzlNdzBwemRyYzhEd09iUGhXUFVWSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjAvYWNmMmEyLTRkNTItNDBjZC1hNWY4LTU5NTkxMzg5ZTI0Mi8x
L0ZLZkgwN3JVa3hvZ2p2ZDZiMXRjMUZoM2FBZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAv
YWNmMmEyLTRkNTItNDBjZC1hNWY4LTU5NTkxMzg5ZTI0Mi8xL25hVHBYUzlNdzBw
emRyYzhEd09iUGhXUFVWSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALnXLAMEALnXLzANBgkqhkiG9w0B
AQsFAAOCAQEAWZi0Y6itY2byLZZEtMRd4iscW7Mg6PaMfA9G0Gph8pZskNpVb8DM
xIX4kCZKW3nrLuUKtQu9zJaQhiseh6nh9g3Lwaz86gJSGDgp6YTlTs+qmbX9aZcd
cf0Cv00439YUMjDE0FYQtQzmzkq1CFClfmnjeKMrxLBfz+t931hQzK8gc2pc7ShE
UBcV4OEyQ9Qlowd2cduxTtaYsVGI96TOMte8SFBAo7+LaQ68zksOJKGfNHFrYO4w
J7O+Pan4TJd+5bPue6IMQhBHErFPp4qSC95zke6p4s88cXrfI/hteM6FpWKaraSB
C4pC89SDkcH29pWbn8DcF1lNzSfnAPYIbg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:06 2024 by rpki-client on console-fra.rpki-client.org