Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/6bb5b1-1e6a-4455-9d75-e64c885f62ce/1/FOHI2ZT7pEdlWgAJeKkM1EcNR-k.roa
File:                     FOHI2ZT7pEdlWgAJeKkM1EcNR-k.roa (raw, json)
Hash identifier:          mMsIsiMuKsC0PcmhffO2gBl1QOe5N3R3Om6WumXRzSI=
Subject key identifier:   14:E1:C8:D9:94:FB:A4:47:65:5A:00:09:78:A9:0C:D4:47:0D:47:E9
Certificate issuer:       /CN=9f96ae2770265af32e7d4be86bab07a07c2d3353
Certificate serial:       10443B39
Authority key identifier: 9F:96:AE:27:70:26:5A:F3:2E:7D:4B:E8:6B:AB:07:A0:7C:2D:33:53
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/n5auJ3AmWvMufUvoa6sHoHwtM1M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/6bb5b1-1e6a-4455-9d75-e64c885f62ce/1/FOHI2ZT7pEdlWgAJeKkM1EcNR-k.roa
Signing time:             Sat 01 Jan 2022 09:54:31 +0000
ROA not before:           Sat 01 Jan 2022 09:54:31 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201600
IP address blocks:        93.159.115.0/24 maxlen: 24
                          46.227.220.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 272907065 (0x10443b39)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f96ae2770265af32e7d4be86bab07a07c2d3353
        Validity
            Not Before: Jan  1 09:54:31 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=14e1c8d994fba447655a000978a90cd4470d47e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:af:24:8a:4a:2c:66:a5:68:31:1f:8f:bc:b7:
                    f9:0a:0b:08:f3:3e:a8:52:3a:4d:e4:0e:17:93:81:
                    2d:25:5e:3c:03:97:f1:35:1a:bd:6d:61:ec:72:f8:
                    15:f0:a6:1f:6b:c4:45:55:65:d4:19:c1:eb:49:65:
                    45:7c:9f:ca:04:4d:4f:01:ee:31:42:a6:09:7c:03:
                    dd:0d:8a:b0:70:f0:6d:11:93:37:6c:7d:8c:dd:b1:
                    f2:53:70:9d:79:1e:f0:70:a1:0a:f4:69:1d:78:f3:
                    ab:9c:8e:b8:0c:5d:34:3a:b8:f8:51:96:2e:a1:b2:
                    24:77:13:39:dc:00:a1:01:45:a1:ed:ad:d8:59:1d:
                    c4:b7:49:08:f8:78:f0:12:fb:69:84:3c:32:b7:b7:
                    35:7f:e3:34:77:24:5c:12:44:ce:65:42:40:43:e1:
                    df:02:56:c7:13:8f:71:da:6e:10:88:6f:ca:12:ae:
                    66:0b:77:c4:78:ea:37:38:2f:de:db:3c:9c:bd:9e:
                    e1:33:d9:fe:5c:99:e2:0a:80:9e:35:6f:c7:44:49:
                    fb:ab:52:b0:b3:f6:8f:38:ff:7f:b6:7e:e2:c9:a6:
                    b1:7f:d8:5f:a4:24:bb:97:0a:74:f8:8d:84:9b:da:
                    f6:bd:fd:eb:b5:d6:a8:34:b1:d4:ae:0d:67:24:4e:
                    ed:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:E1:C8:D9:94:FB:A4:47:65:5A:00:09:78:A9:0C:D4:47:0D:47:E9
            X509v3 Authority Key Identifier:
                keyid:9F:96:AE:27:70:26:5A:F3:2E:7D:4B:E8:6B:AB:07:A0:7C:2D:33:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n5auJ3AmWvMufUvoa6sHoHwtM1M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/6bb5b1-1e6a-4455-9d75-e64c885f62ce/1/FOHI2ZT7pEdlWgAJeKkM1EcNR-k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/6bb5b1-1e6a-4455-9d75-e64c885f62ce/1/n5auJ3AmWvMufUvoa6sHoHwtM1M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.227.220.0/24
                  93.159.115.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:f8:e9:a2:68:08:d4:5a:b2:0c:24:47:8c:a9:93:38:32:bd:
         88:36:83:8d:36:06:13:82:17:df:ab:a9:e9:54:47:67:58:6a:
         a9:f3:c5:26:5b:c5:b1:ac:b7:45:4c:12:c8:c2:c5:3c:08:cf:
         16:94:ae:e1:5f:9c:06:86:f1:d7:7e:5c:4b:b9:2c:81:62:94:
         ec:e3:f7:92:57:82:79:c5:cf:ac:43:bd:c0:24:e5:47:28:67:
         31:d4:ee:35:ad:ba:56:f5:c7:73:25:3c:4b:8b:ef:a2:d0:36:
         75:43:ca:3d:a3:be:6c:93:84:76:8e:a1:4c:12:51:48:ad:5b:
         d7:fa:cf:8d:11:14:be:68:ef:05:9c:5a:89:5a:42:49:70:8e:
         3f:60:19:65:7d:71:0b:08:d4:6a:b0:88:6e:9e:a4:d2:ab:b2:
         67:1f:a2:52:b7:94:28:2d:46:1f:97:9d:09:f4:dc:8e:8e:a6:
         ac:b6:ea:22:4b:18:29:19:d4:ff:b5:b4:61:2d:67:b0:6c:ea:
         1a:87:c4:db:e1:56:ec:09:44:56:b9:de:45:71:81:90:6e:ea:
         05:93:65:04:0b:ae:3d:7c:c4:d1:98:3b:cb:14:c0:59:27:aa:
         36:8e:56:99:6a:a8:a0:89:cd:9a:e0:50:c4:25:a3:91:28:c4:
         90:10:76:20
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEEEQ7OTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
Zjk2YWUyNzcwMjY1YWYzMmU3ZDRiZTg2YmFiMDdhMDdjMmQzMzUzMB4XDTIyMDEw
MTA5NTQzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTRlMWM4ZDk5NGZi
YTQ0NzY1NWEwMDA5NzhhOTBjZDQ0NzBkNDdlOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKOvJIpKLGalaDEfj7y3+QoLCPM+qFI6TeQOF5OBLSVePAOX
8TUavW1h7HL4FfCmH2vERVVl1BnB60llRXyfygRNTwHuMUKmCXwD3Q2KsHDwbRGT
N2x9jN2x8lNwnXke8HChCvRpHXjzq5yOuAxdNDq4+FGWLqGyJHcTOdwAoQFFoe2t
2FkdxLdJCPh48BL7aYQ8Mre3NX/jNHckXBJEzmVCQEPh3wJWxxOPcdpuEIhvyhKu
Zgt3xHjqNzgv3ts8nL2e4TPZ/lyZ4gqAnjVvx0RJ+6tSsLP2jzj/f7Z+4smmsX/Y
X6Qku5cKdPiNhJva9r3967XWqDSx1K4NZyRO7SECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQU4cjZlPukR2VaAAl4qQzURw1H6TAfBgNVHSMEGDAWgBSflq4ncCZa8y59
S+hrqwegfC0zUzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L241YXVKM0FtV3ZNdWZVdm9hNnNIb0h3dE0xTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDQvNmJiNWIxLTFlNmEtNDQ1NS05ZDc1LWU2NGM4ODVmNjJjZS8x
L0ZPSEkyWlQ3cEVkbFdnQUplS2tNMUVjTlItay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQv
NmJiNWIxLTFlNmEtNDQ1NS05ZDc1LWU2NGM4ODVmNjJjZS8xL241YXVKM0FtV3ZN
dWZVdm9hNnNIb0h3dE0xTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAC7j3AMEAF2fczANBgkqhkiG9w0B
AQsFAAOCAQEAlPjpomgI1FqyDCRHjKmTODK9iDaDjTYGE4IX36up6VRHZ1hqqfPF
JlvFsay3RUwSyMLFPAjPFpSu4V+cBobx135cS7ksgWKU7OP3kleCecXPrEO9wCTl
RyhnMdTuNa26VvXHcyU8S4vvotA2dUPKPaO+bJOEdo6hTBJRSK1b1/rPjREUvmjv
BZxaiVpCSXCOP2AZZX1xCwjUarCIbp6k0quyZx+iUreUKC1GH5edCfTcjo6mrLbq
IksYKRnU/7W0YS1nsGzqGofE2+FW7AlEVrneRXGBkG7qBZNlBAuuPXzE0Zg7yxTA
WSeqNo5WmWqooInNmuBQxCWjkSjEkBB2IA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:20 2024 by rpki-client on console-fra.rpki-client.org