Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/FKQUoXUPX_90W3UaM-7E7MHF788.roa
File:                     FKQUoXUPX_90W3UaM-7E7MHF788.roa (raw, json)
Hash identifier:          IHyR0fMX3jvdpd6vHT1/k7aCeJMaYhpevAUlarlneKc=
Subject key identifier:   14:A4:14:A1:75:0F:5F:FF:74:5B:75:1A:33:EE:C4:EC:C1:C5:EF:CF
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       137AD880
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/FKQUoXUPX_90W3UaM-7E7MHF788.roa
Signing time:             Sat 01 Jan 2022 05:56:11 +0000
ROA not before:           Sat 01 Jan 2022 05:56:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15836
IP address blocks:        185.195.4.0/23 maxlen: 23
                          185.195.6.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 326817920 (0x137ad880)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Jan  1 05:56:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=14a414a1750f5fff745b751a33eec4ecc1c5efcf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:a4:4c:27:35:25:ad:d7:f6:d2:04:d5:2d:d7:
                    ef:ac:53:d0:37:60:d5:e6:ef:15:fa:e7:8c:59:18:
                    10:af:3b:21:7a:32:91:e0:95:56:ba:52:a7:11:fe:
                    cd:13:e0:bf:c1:c8:16:8d:79:5b:c3:75:10:48:06:
                    19:70:17:6a:aa:36:19:ef:37:6e:37:3f:12:60:e5:
                    da:86:c0:67:e7:7b:6d:7b:4e:08:4b:fb:fd:e6:e8:
                    08:71:90:0e:4a:0e:c2:1b:fa:69:6d:b2:38:c0:aa:
                    61:77:42:e6:29:3e:18:47:52:c6:c5:51:9f:c7:fd:
                    97:6d:60:fd:57:68:84:d1:74:d3:2a:bd:bc:c0:00:
                    b1:27:5a:72:62:81:0f:0c:18:61:99:d7:d6:c5:81:
                    ef:91:65:ba:e5:aa:cf:9a:86:3c:27:9e:96:31:d6:
                    53:8a:a9:e7:6c:81:c6:1a:5c:ff:ca:ae:ca:24:a5:
                    f4:02:e9:ab:2a:3d:f1:8a:64:89:9a:29:b1:be:64:
                    b1:97:5c:57:7d:d0:68:c2:2d:49:01:66:85:45:89:
                    e9:f4:96:8a:8a:82:75:29:c3:30:41:00:e7:15:95:
                    30:11:08:a7:c8:ce:d5:30:f8:d7:92:fd:9f:d9:ed:
                    14:09:80:69:20:ec:7d:08:99:a0:40:23:1f:e3:44:
                    25:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:A4:14:A1:75:0F:5F:FF:74:5B:75:1A:33:EE:C4:EC:C1:C5:EF:CF
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/FKQUoXUPX_90W3UaM-7E7MHF788.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.195.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         80:57:94:de:a8:99:5e:94:90:ac:cc:99:2f:98:2b:e8:8b:f2:
         b7:03:90:8d:4e:51:a2:71:a4:13:d3:4d:2d:ec:83:16:16:3b:
         44:cb:13:b7:71:13:d4:92:66:1f:f9:e2:50:b0:66:97:81:55:
         db:90:f8:6b:d9:af:87:62:f2:32:32:a6:eb:f9:42:cb:51:af:
         1e:5f:d1:d1:bf:9b:c2:9c:aa:2e:1f:75:02:4e:01:04:5d:90:
         4f:2a:4e:df:31:ad:e4:9f:d8:5c:d7:a0:3c:f7:13:d5:a0:b3:
         5a:fa:89:a8:a5:b0:12:05:37:37:47:08:2a:9c:49:e1:f5:56:
         0d:a2:32:d2:37:6c:7c:b2:71:78:9b:68:0a:1b:6e:9e:8a:af:
         ec:4b:01:57:29:8a:c7:e9:69:b0:12:a1:3b:be:4d:85:b5:42:
         89:cf:52:a8:67:31:66:69:b0:8a:ff:e3:94:e5:b3:18:d3:91:
         3a:f8:63:c0:79:a8:95:7e:5e:8b:b2:c9:51:38:7c:20:cf:d7:
         a6:e4:7f:aa:76:ba:9c:0e:5f:e7:3d:d9:cf:fc:ef:a2:45:79:
         c8:3e:8a:21:ec:f7:34:51:96:78:b4:85:22:a0:78:be:29:37:
         4f:6e:31:27:fb:14:0d:4b:cc:2e:b3:0e:87:99:86:58:d5:cf:
         0b:56:57:34
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEE3rYgDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDEw
MTA1NTYxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTRhNDE0YTE3NTBm
NWZmZjc0NWI3NTFhMzNlZWM0ZWNjMWM1ZWZjZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOWkTCc1Ja3X9tIE1S3X76xT0Ddg1ebvFfrnjFkYEK87IXoy
keCVVrpSpxH+zRPgv8HIFo15W8N1EEgGGXAXaqo2Ge83bjc/EmDl2obAZ+d7bXtO
CEv7/eboCHGQDkoOwhv6aW2yOMCqYXdC5ik+GEdSxsVRn8f9l21g/VdohNF00yq9
vMAAsSdacmKBDwwYYZnX1sWB75FluuWqz5qGPCeeljHWU4qp52yBxhpc/8quyiSl
9ALpqyo98YpkiZopsb5ksZdcV33QaMItSQFmhUWJ6fSWioqCdSnDMEEA5xWVMBEI
p8jO1TD415L9n9ntFAmAaSDsfQiZoEAjH+NEJZcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQUpBShdQ9f/3RbdRoz7sTswcXvzzAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L0ZLUVVvWFVQWF85MFczVWFNLTdFN01IRjc4OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnDBDANBgkqhkiG9w0BAQsFAAOC
AQEAgFeU3qiZXpSQrMyZL5gr6IvytwOQjU5RonGkE9NNLeyDFhY7RMsTt3ET1JJm
H/niULBml4FV25D4a9mvh2LyMjKm6/lCy1GvHl/R0b+bwpyqLh91Ak4BBF2QTypO
3zGt5J/YXNegPPcT1aCzWvqJqKWwEgU3N0cIKpxJ4fVWDaIy0jdsfLJxeJtoChtu
noqv7EsBVymKx+lpsBKhO75NhbVCic9SqGcxZmmwiv/jlOWzGNOROvhjwHmolX5e
i7LJUTh8IM/XpuR/qna6nA5f5z3Zz/zvokV5yD6KIez3NFGWeLSFIqB4vik3T24x
J/sUDUvMLrMOh5mGWNXPC1ZXNA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org