Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/U70be3ps4ZgD-TdiigTcVxhaFo0.roa
File:                     U70be3ps4ZgD-TdiigTcVxhaFo0.roa (raw, json)
Hash identifier:          2mIjUGOFcjlMYWtMkYw9TaJy3/6bCfEJ/q4fIGyfesw=
Subject key identifier:   53:BD:1B:7B:7A:6C:E1:98:03:F9:37:62:8A:04:DC:57:18:5A:16:8D
Certificate issuer:       /CN=fbac50f19d9930aeec09cd27f508fc502ea14d1f
Certificate serial:       06ECB3EE
Authority key identifier: FB:AC:50:F1:9D:99:30:AE:EC:09:CD:27:F5:08:FC:50:2E:A1:4D:1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/U70be3ps4ZgD-TdiigTcVxhaFo0.roa
Signing time:             Fri 27 May 2022 11:42:13 +0000
ROA not before:           Fri 27 May 2022 11:42:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205723
IP address blocks:        194.50.176.0/24 maxlen: 24
                          2a0a:4540:2000::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 116175854 (0x6ecb3ee)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fbac50f19d9930aeec09cd27f508fc502ea14d1f
        Validity
            Not Before: May 27 11:42:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=53bd1b7b7a6ce19803f937628a04dc57185a168d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:be:ec:9b:b4:d6:10:1e:49:23:3d:37:ac:e4:
                    30:1f:37:bb:70:5c:fb:e0:59:8f:ec:28:ef:27:d8:
                    1c:8c:70:cf:3c:df:1f:3b:fd:09:f6:9f:a8:61:ef:
                    db:e7:f3:92:c0:3c:07:b1:56:40:e6:66:7b:23:eb:
                    9a:a5:14:9d:f1:f9:7b:23:03:e1:68:24:61:2c:3c:
                    35:26:97:34:29:b6:d1:d2:38:fb:2f:29:c5:e3:5e:
                    43:8c:f3:fe:b2:3c:63:61:41:e9:ab:5e:c6:87:06:
                    85:5f:b1:0d:9b:38:1f:77:8b:c9:8c:69:22:75:04:
                    3a:7f:92:c7:65:40:95:62:3b:c5:55:30:6b:7f:c8:
                    ef:c0:7e:1f:0f:68:cb:30:b2:5f:17:22:90:3d:a1:
                    70:a9:3d:1c:8f:51:41:1d:cf:be:a4:c5:55:a8:e7:
                    1d:37:23:52:86:6d:0c:14:40:77:22:6c:fd:4d:a3:
                    f9:54:30:5a:75:07:33:a1:21:e2:3a:0e:44:fa:78:
                    c4:f2:ba:17:cc:df:3a:bd:c5:5f:19:51:f1:25:a4:
                    48:84:86:a0:e7:1f:e4:16:5a:2d:e8:09:b8:3e:18:
                    30:c4:29:77:8e:16:0a:3b:55:ee:61:ef:3b:4e:1a:
                    b7:dd:32:3f:b6:3e:63:a2:1a:7a:ff:35:c4:25:f1:
                    38:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:BD:1B:7B:7A:6C:E1:98:03:F9:37:62:8A:04:DC:57:18:5A:16:8D
            X509v3 Authority Key Identifier:
                keyid:FB:AC:50:F1:9D:99:30:AE:EC:09:CD:27:F5:08:FC:50:2E:A1:4D:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/U70be3ps4ZgD-TdiigTcVxhaFo0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.50.176.0/24
                IPv6:
                  2a0a:4540:2000::/48

    Signature Algorithm: sha256WithRSAEncryption
         03:f1:a4:53:24:97:48:e6:23:95:97:aa:86:88:70:c1:7a:20:
         69:c5:ff:c4:26:20:c4:36:61:0a:15:aa:59:fc:27:59:33:e1:
         01:78:51:b1:e4:b8:05:33:55:e6:6a:65:31:25:8a:03:ff:4b:
         eb:22:8d:a7:7f:f0:27:e5:37:e9:3b:f7:09:75:43:ff:e6:e1:
         b8:84:a6:ca:b3:af:8d:f1:dc:de:85:b1:74:72:91:f5:cd:f7:
         84:94:08:bd:a9:83:e0:5e:a8:d7:48:5f:47:13:9f:d4:b7:b4:
         ec:76:dd:68:1e:fc:0f:7d:db:e5:fa:41:b4:ab:15:e2:fe:76:
         8b:6d:0d:1c:0c:07:f9:b3:2a:15:92:c7:23:51:b3:a2:fd:d0:
         fe:bc:b4:a7:dc:a7:3a:6d:0f:69:6a:93:44:e1:6c:b2:63:f0:
         34:97:c1:a2:ed:da:0e:9d:f9:dd:12:26:f9:4b:75:51:c8:30:
         6f:c3:d8:ba:70:8e:a0:72:e9:8a:8a:14:87:58:7e:99:b5:74:
         c4:fe:af:70:81:5e:35:9c:02:54:49:a2:38:58:0c:c3:30:fe:
         47:9f:a3:52:a4:25:54:b2:8b:bb:c4:ff:e7:50:e9:fc:88:d3:
         c6:ae:59:5c:82:b8:83:12:01:85:e1:50:73:44:74:0e:98:bd:
         de:8b:b8:ab
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIEBuyz7jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YmFjNTBmMTlkOTkzMGFlZWMwOWNkMjdmNTA4ZmM1MDJlYTE0ZDFmMB4XDTIyMDUy
NzExNDIxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTNiZDFiN2I3YTZj
ZTE5ODAzZjkzNzYyOGEwNGRjNTcxODVhMTY4ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ++7Ju01hAeSSM9N6zkMB83u3Bc++BZj+wo7yfYHIxwzzzf
Hzv9CfafqGHv2+fzksA8B7FWQOZmeyPrmqUUnfH5eyMD4WgkYSw8NSaXNCm20dI4
+y8pxeNeQ4zz/rI8Y2FB6atexocGhV+xDZs4H3eLyYxpInUEOn+Sx2VAlWI7xVUw
a3/I78B+Hw9oyzCyXxcikD2hcKk9HI9RQR3PvqTFVajnHTcjUoZtDBRAdyJs/U2j
+VQwWnUHM6Eh4joORPp4xPK6F8zfOr3FXxlR8SWkSISGoOcf5BZaLegJuD4YMMQp
d44WCjtV7mHvO04at90yP7Y+Y6Iaev81xCXxOLcCAwEAAaOCAhwwggIYMB0GA1Ud
DgQWBBRTvRt7emzhmAP5N2KKBNxXGFoWjTAfBgNVHSMEGDAWgBT7rFDxnZkwruwJ
zSf1CPxQLqFNHzAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtNnhROFoyWk1LN3NDYzBuOVFqOFVDNmhUUjguY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzRlLzhmYzA5ZC03ZDI1LTQyNWMtOGI5MS1kNjJlNDU0YmYzN2Yv
MS9VNzBiZTNwczRaZ0QtVGRpaWdUY1Z4aGFGbzAucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRl
LzhmYzA5ZC03ZDI1LTQyNWMtOGI5MS1kNjJlNDU0YmYzN2YvMS8xLTZ4UThaMlpN
SzdzQ2MwbjlRajhVQzZoVFI4LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwjKwMA8EAgACMAkDBwAqCkVA
IAAwDQYJKoZIhvcNAQELBQADggEBAAPxpFMkl0jmI5WXqoaIcMF6IGnF/8QmIMQ2
YQoVqln8J1kz4QF4UbHkuAUzVeZqZTEligP/S+sijad/8CflN+k79wl1Q//m4biE
psqzr43x3N6FsXRykfXN94SUCL2pg+BeqNdIX0cTn9S3tOx23Wge/A992+X6QbSr
FeL+dottDRwMB/mzKhWSxyNRs6L90P68tKfcpzptD2lqk0ThbLJj8DSXwaLt2g6d
+d0SJvlLdVHIMG/D2LpwjqBy6YqKFIdYfpm1dMT+r3CBXjWcAlRJojhYDMMw/kef
o1KkJVSyi7vE/+dQ6fyI08auWVyCuIMSAYXhUHNEdA6Yvd6LuKs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:55 2024 by rpki-client on console-fra.rpki-client.org