Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/FUwwfNYCrRTZXDRaedBE0rxPINQ.roa
File:                     FUwwfNYCrRTZXDRaedBE0rxPINQ.roa (raw, json)
Hash identifier:          4L06dCptKXTkVNRPek/GtWDCX53K4acgJrQTREJ2eeA=
Subject key identifier:   15:4C:30:7C:D6:02:AD:14:D9:5C:34:5A:79:D0:44:D2:BC:4F:20:D4
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       0185069F7EDB673BE063FE7470B0132F5D2E
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/FUwwfNYCrRTZXDRaedBE0rxPINQ.roa
Signing time:             Mon 12 Dec 2022 13:56:33 +0000
ROA not before:           Mon 12 Dec 2022 13:56:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204843
IP address blocks:        5.105.130.0/24 maxlen: 24
                          5.105.96.0/24 maxlen: 24
                          5.105.30.0/24 maxlen: 24
                          5.105.31.0/24 maxlen: 24
                          5.105.38.0/24 maxlen: 24
                          5.105.33.0/24 maxlen: 24
                          5.105.32.0/24 maxlen: 24
                          5.105.247.0/24 maxlen: 24
                          5.105.39.0/24 maxlen: 24
                          5.105.184.0/24 maxlen: 24
                          5.105.200.0/24 maxlen: 24
                          5.105.215.0/24 maxlen: 24
                          5.105.7.0/24 maxlen: 24
                          5.105.226.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:06:9f:7e:db:67:3b:e0:63:fe:74:70:b0:13:2f:5d:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: Dec 12 13:56:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=154c307cd602ad14d95c345a79d044d2bc4f20d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:0c:77:44:0c:00:3b:60:a3:43:eb:e1:d0:13:
                    01:10:2d:d4:16:d8:44:97:34:39:a8:2d:74:d6:b5:
                    22:e5:4b:8c:dd:b1:26:27:25:91:54:bc:e0:8c:6f:
                    4e:0c:72:08:78:13:0c:11:e0:fa:6b:e3:fd:1e:e2:
                    c8:11:e0:f6:62:5c:07:5d:58:74:ac:33:03:0b:5d:
                    d7:f2:bb:67:7f:58:a6:5d:b8:56:35:a1:70:81:e5:
                    b4:f8:8d:6f:af:2d:81:2d:52:34:a1:ec:a2:05:a9:
                    09:4b:4f:5f:f1:60:10:5f:83:68:97:2f:74:66:fc:
                    5a:fe:e7:92:87:8e:79:fc:29:7c:31:6d:11:13:f0:
                    fd:db:fa:d6:54:b4:95:65:1d:c1:ed:b0:02:ae:e0:
                    70:d7:55:28:4c:ba:68:8e:9d:c5:bf:30:80:90:65:
                    a3:08:9e:05:d0:b1:e1:39:73:6f:43:43:7c:2e:bc:
                    2d:07:16:55:71:ce:44:d5:3e:e4:6c:9a:5c:64:c1:
                    90:d0:5a:34:42:2d:5c:ab:64:fe:d2:1e:48:2f:d8:
                    15:fd:6d:13:07:22:96:23:69:b9:f9:d5:27:71:25:
                    65:6e:b0:28:62:0c:2e:d5:2d:a9:fa:86:fe:fe:fd:
                    dc:49:86:e4:02:18:9a:dd:45:e4:b2:36:07:fd:b4:
                    bf:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:4C:30:7C:D6:02:AD:14:D9:5C:34:5A:79:D0:44:D2:BC:4F:20:D4
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/FUwwfNYCrRTZXDRaedBE0rxPINQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.7.0/24
                  5.105.30.0-5.105.33.255
                  5.105.38.0/23
                  5.105.96.0/24
                  5.105.130.0/24
                  5.105.184.0/24
                  5.105.200.0/24
                  5.105.215.0/24
                  5.105.226.0/24
                  5.105.247.0/24

    Signature Algorithm: sha256WithRSAEncryption
         64:ad:09:8d:2f:a8:9d:0f:c9:95:f5:58:73:ea:68:2a:53:9f:
         53:3f:66:71:b8:ee:b8:5f:e2:3a:d3:c6:bb:b9:bd:a0:e4:cb:
         f0:c4:d4:52:12:8b:51:ea:65:5a:b7:9e:2e:cd:84:bf:6e:e1:
         65:e3:aa:b3:62:d1:1f:d1:b1:b9:6a:aa:ba:0f:da:42:eb:f6:
         ea:54:e1:49:60:e2:90:27:85:41:ee:89:9c:f4:ce:1d:5d:4e:
         4a:63:f0:fb:cd:76:64:a7:b0:58:60:2f:e3:0d:e9:da:f0:5c:
         5b:a6:3a:d9:db:00:39:d4:b4:16:d3:e5:44:87:e2:89:d3:3a:
         65:d6:94:14:83:5a:f7:07:59:b7:9f:fd:d8:c9:f7:a8:40:7a:
         83:77:71:7b:31:aa:e9:dc:a0:28:0b:cb:56:16:89:57:65:5e:
         cd:6f:b6:c7:3e:77:2f:26:90:b6:e8:ff:ac:e5:de:45:d8:16:
         60:ae:d1:07:18:15:e5:09:eb:35:09:87:03:be:79:12:15:7f:
         01:26:50:8a:e9:a6:23:de:68:f5:31:19:88:db:e4:bc:48:50:
         cc:f4:9b:82:66:e1:54:6c:f2:82:b0:83:0a:65:1e:6e:c1:1a:
         2e:1a:fe:90:61:3e:96:38:4c:a4:04:e6:0b:09:d9:bd:a2:56:
         c6:c4:b6:fa
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYUGn37bZzvgY/50cLATL10uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMjEyMTM1NjMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTRjMzA3Y2Q2MDJhZDE0ZDk1YzM0NWE3OWQwNDRkMmJjNGYyMGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwx3RAwAO2CjQ+vh0BMBEC3UFthE
lzQ5qC101rUi5UuM3bEmJyWRVLzgjG9ODHIIeBMMEeD6a+P9HuLIEeD2YlwHXVh0
rDMDC13X8rtnf1imXbhWNaFwgeW0+I1vry2BLVI0oeyiBakJS09f8WAQX4Noly90
Zvxa/ueSh455/Cl8MW0RE/D92/rWVLSVZR3B7bACruBw11UoTLpojp3FvzCAkGWj
CJ4F0LHhOXNvQ0N8LrwtBxZVcc5E1T7kbJpcZMGQ0Fo0Qi1cq2T+0h5IL9gV/W0T
ByKWI2m5+dUncSVlbrAoYgwu1S2p+ob+/v3cSYbkAhia3UXksjYH/bS/0wIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFBVMMHzWAq0U2Vw0WnnQRNK8TyDUMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvRlV3d2ZOWUNyUlRaWERSYWVkQkUwcnhQSU5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQABWkHMAwD
BAEFaR4DBAEFaSADBAEFaSYDBAAFaWADBAAFaYIDBAAFabgDBAAFacgDBAAFadcD
BAAFaeIDBAAFafcwDQYJKoZIhvcNAQELBQADggEBAGStCY0vqJ0PyZX1WHPqaCpT
n1M/ZnG47rhf4jrTxru5vaDky/DE1FISi1HqZVq3ni7NhL9u4WXjqrNi0R/Rsblq
qroP2kLr9upU4Ulg4pAnhUHuiZz0zh1dTkpj8PvNdmSnsFhgL+MN6drwXFumOtnb
ADnUtBbT5USH4onTOmXWlBSDWvcHWbef/djJ96hAeoN3cXsxquncoCgLy1YWiVdl
Xs1vtsc+dy8mkLbo/6zl3kXYFmCu0QcYFeUJ6zUJhwO+eRIVfwEmUIrppiPeaPUx
GYjb5LxIUMz0m4Jm4VRs8oKwgwplHm7BGi4a/pBhPpY4TKQE5gsJ2b2iVsbEtvo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:27 2024 by rpki-client on console-fra.rpki-client.org