Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/fc8883-aad2-418b-9b87-ea216ba2594d/1/fAbLiI5LoNiT1SNF1f-HuFOAVp4.roa
File:                     fAbLiI5LoNiT1SNF1f-HuFOAVp4.roa (raw, json)
Hash identifier:          Yf80I3KefZHaoXdjMxGSInmn+yPU44tcAXWf7Avu2Ks=
Subject key identifier:   7C:06:CB:88:8E:4B:A0:D8:93:D5:23:45:D5:FF:87:B8:53:80:56:9E
Certificate issuer:       /CN=16fcf4866b6c85eb0cb7688edd43830f419d66a2
Certificate serial:       03B7ADD3
Authority key identifier: 16:FC:F4:86:6B:6C:85:EB:0C:B7:68:8E:DD:43:83:0F:41:9D:66:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Fvz0hmtshesMt2iO3UODD0GdZqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/fc8883-aad2-418b-9b87-ea216ba2594d/1/fAbLiI5LoNiT1SNF1f-HuFOAVp4.roa
Signing time:             Sat 01 Jan 2022 12:06:46 +0000
ROA not before:           Sat 01 Jan 2022 12:06:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212613
IP address blocks:        193.176.121.0/24 maxlen: 24
                          193.176.120.0/22 maxlen: 22
                          193.176.120.0/24 maxlen: 24
                          193.176.123.0/24 maxlen: 24
                          193.176.122.0/24 maxlen: 24
                          2a05:5a00::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 62369235 (0x3b7add3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16fcf4866b6c85eb0cb7688edd43830f419d66a2
        Validity
            Not Before: Jan  1 12:06:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7c06cb888e4ba0d893d52345d5ff87b85380569e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:ff:08:6a:b2:63:0b:1c:06:6f:6b:19:a4:77:
                    be:3a:98:22:d5:e8:c0:38:32:cc:4b:45:39:1e:6d:
                    a8:02:6b:4a:52:34:d1:9d:8c:85:ce:fb:4c:a3:69:
                    02:70:85:42:b6:7f:6e:c9:45:8a:ff:74:27:5c:c5:
                    3c:d2:1a:08:b5:fd:d4:65:08:5d:de:07:c2:6b:4e:
                    28:41:a9:0b:f7:ef:e6:d9:00:90:60:f4:8c:a5:15:
                    35:39:b1:30:27:e0:a0:d5:e3:b9:75:b7:e2:a5:b7:
                    9e:2d:21:38:37:75:28:2a:76:7e:2d:cf:b2:2b:99:
                    ed:71:c2:c2:c6:a8:3c:21:8f:34:83:3d:26:d8:db:
                    33:ab:a4:11:76:bd:77:0a:96:be:c6:4e:3e:f3:ed:
                    27:c8:52:3f:28:cb:73:a5:7d:e3:3d:cd:f8:2b:4c:
                    08:d0:a1:b5:10:5b:6d:30:8a:03:1b:dc:51:fb:90:
                    72:35:56:b6:32:bc:b3:d3:5b:1f:f2:1d:54:40:ff:
                    a5:37:fe:90:99:8b:98:fc:1a:44:04:8c:ac:8c:86:
                    98:b3:88:c6:31:a1:77:d7:d3:be:d2:b0:e5:40:da:
                    9b:83:6c:8b:e9:56:0c:0c:bf:12:ef:96:40:fa:4a:
                    d0:99:31:f9:a6:be:62:fd:3a:ea:a4:9f:7b:3d:fb:
                    ce:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:06:CB:88:8E:4B:A0:D8:93:D5:23:45:D5:FF:87:B8:53:80:56:9E
            X509v3 Authority Key Identifier:
                keyid:16:FC:F4:86:6B:6C:85:EB:0C:B7:68:8E:DD:43:83:0F:41:9D:66:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fvz0hmtshesMt2iO3UODD0GdZqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/fc8883-aad2-418b-9b87-ea216ba2594d/1/fAbLiI5LoNiT1SNF1f-HuFOAVp4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/fc8883-aad2-418b-9b87-ea216ba2594d/1/Fvz0hmtshesMt2iO3UODD0GdZqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.176.120.0/22
                IPv6:
                  2a05:5a00::/29

    Signature Algorithm: sha256WithRSAEncryption
         32:a5:23:49:8b:54:9a:2a:4b:f0:cc:ea:97:36:cc:61:82:93:
         cc:f3:7f:15:bb:63:d7:bb:44:78:22:b9:88:99:9e:82:be:ee:
         15:cd:1b:94:c6:72:60:93:a8:4c:ca:48:ee:2d:a8:98:3c:46:
         d8:4f:e4:ac:ff:df:9a:45:87:38:64:4b:d1:38:85:b0:0c:5a:
         85:2a:5e:85:62:12:50:70:86:8e:2c:af:00:eb:f8:8f:4c:5f:
         a8:96:ef:ef:65:de:9b:25:d8:58:ac:be:6f:70:82:26:ba:fc:
         81:ea:fb:9b:9c:70:00:ac:ad:21:0a:12:cb:d4:bb:c2:58:3c:
         ee:37:2b:84:60:72:ce:e6:5a:54:e6:da:cf:a9:d9:15:be:df:
         82:44:45:a6:8c:4c:2c:6a:ca:93:82:f2:1c:61:55:5c:50:f5:
         1c:a8:ed:2e:b1:0b:d4:c8:e7:71:5a:37:7e:ed:57:23:86:38:
         37:df:2e:f3:b8:a1:50:b2:bc:ec:bd:b2:94:64:4a:43:7a:87:
         5b:ff:c3:79:b9:e4:83:8a:45:f8:d3:d5:0e:39:05:a0:2a:98:
         2e:c5:b9:e2:e8:89:1a:79:2a:0c:19:e7:59:eb:56:38:a9:82:
         59:25:06:d1:03:98:d3:50:50:e3:a6:fc:c2:6a:92:f3:85:af:
         6b:d2:7d:31
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEA7et0zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NmZjZjQ4NjZiNmM4NWViMGNiNzY4OGVkZDQzODMwZjQxOWQ2NmEyMB4XDTIyMDEw
MTEyMDY0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2MwNmNiODg4ZTRi
YTBkODkzZDUyMzQ1ZDVmZjg3Yjg1MzgwNTY5ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALf/CGqyYwscBm9rGaR3vjqYItXowDgyzEtFOR5tqAJrSlI0
0Z2Mhc77TKNpAnCFQrZ/bslFiv90J1zFPNIaCLX91GUIXd4HwmtOKEGpC/fv5tkA
kGD0jKUVNTmxMCfgoNXjuXW34qW3ni0hODd1KCp2fi3PsiuZ7XHCwsaoPCGPNIM9
JtjbM6ukEXa9dwqWvsZOPvPtJ8hSPyjLc6V94z3N+CtMCNChtRBbbTCKAxvcUfuQ
cjVWtjK8s9NbH/IdVED/pTf+kJmLmPwaRASMrIyGmLOIxjGhd9fTvtKw5UDam4Ns
i+lWDAy/Eu+WQPpK0Jkx+aa+Yv066qSfez37zk0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBR8BsuIjkug2JPVI0XV/4e4U4BWnjAfBgNVHSMEGDAWgBQW/PSGa2yF6wy3
aI7dQ4MPQZ1mojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Z2ejBobXRzaGVzTXQyaU8zVU9ERDBHZFpxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvZmM4ODgzLWFhZDItNDE4Yi05Yjg3LWVhMjE2YmEyNTk0ZC8x
L2ZBYkxpSTVMb05pVDFTTkYxZi1IdUZPQVZwNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
ZmM4ODgzLWFhZDItNDE4Yi05Yjg3LWVhMjE2YmEyNTk0ZC8xL0Z2ejBobXRzaGVz
TXQyaU8zVU9ERDBHZFpxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAsGweDANBAIAAjAHAwUDKgVaADAN
BgkqhkiG9w0BAQsFAAOCAQEAMqUjSYtUmipL8MzqlzbMYYKTzPN/Fbtj17tEeCK5
iJmegr7uFc0blMZyYJOoTMpI7i2omDxG2E/krP/fmkWHOGRL0TiFsAxahSpehWIS
UHCGjiyvAOv4j0xfqJbv72XemyXYWKy+b3CCJrr8ger7m5xwAKytIQoSy9S7wlg8
7jcrhGByzuZaVObaz6nZFb7fgkRFpoxMLGrKk4LyHGFVXFD1HKjtLrEL1MjncVo3
fu1XI4Y4N98u87ihULK87L2ylGRKQ3qHW//Debnkg4pF+NPVDjkFoCqYLsW54uiJ
GnkqDBnnWetWOKmCWSUG0QOY01BQ46b8wmqS84Wva9J9MQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:02 2024 by rpki-client on console-ams.rpki-client.org