Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/4d4e4c-d6a9-422d-bacb-d8a7a2cc873b/1/FIBTFPtsVr1N0NF_V_MCitGoZ2M.roa
File:                     FIBTFPtsVr1N0NF_V_MCitGoZ2M.roa (raw, json)
Hash identifier:          ZXy522/Yfkqp+H17zUVdfkkDtuTgHqHMdjU9eWn9IGQ=
Subject key identifier:   14:80:53:14:FB:6C:56:BD:4D:D0:D1:7F:57:F3:02:8A:D1:A8:67:63
Certificate issuer:       /CN=ef49cac151db158ed6a856335855557f4e75f725
Certificate serial:       018533A196954B498AF3EAF400FCAECEB569
Authority key identifier: EF:49:CA:C1:51:DB:15:8E:D6:A8:56:33:58:55:55:7F:4E:75:F7:25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/70nKwVHbFY7WqFYzWFVVf0519yU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/4d4e4c-d6a9-422d-bacb-d8a7a2cc873b/1/FIBTFPtsVr1N0NF_V_MCitGoZ2M.roa
Signing time:             Wed 21 Dec 2022 07:41:45 +0000
ROA not before:           Wed 21 Dec 2022 07:41:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47958
IP address blocks:        91.208.215.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:33:a1:96:95:4b:49:8a:f3:ea:f4:00:fc:ae:ce:b5:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef49cac151db158ed6a856335855557f4e75f725
        Validity
            Not Before: Dec 21 07:41:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=14805314fb6c56bd4dd0d17f57f3028ad1a86763
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:92:9b:76:46:54:4e:d5:d2:45:3f:42:9d:83:
                    53:11:35:05:0b:5f:aa:a7:d4:e8:69:56:a4:dc:2f:
                    2e:ef:49:ab:2d:ec:46:42:c6:1c:c3:48:5b:65:07:
                    ab:d5:5e:62:c1:88:68:c7:eb:d6:b9:c9:20:32:07:
                    8b:7f:d8:d3:f7:e7:a6:e9:2b:e8:e0:3a:fc:c5:29:
                    9c:86:42:7e:53:06:7c:1c:7b:3f:29:bf:70:55:f4:
                    8a:b3:11:10:10:a9:43:f5:ba:9b:77:cc:cf:5e:7a:
                    a7:8b:2a:ba:f8:22:cf:78:44:91:4d:56:f4:01:98:
                    93:3f:32:a9:51:17:fb:08:38:ea:ff:cf:b5:73:8d:
                    44:30:52:92:d3:bb:b3:6d:d5:c2:3f:8b:f6:fe:17:
                    fe:be:51:cc:66:f9:de:f4:35:cd:9e:c2:28:74:9e:
                    89:f7:fb:a8:4c:f4:e6:8d:89:bd:9a:cd:26:57:59:
                    0f:ca:52:91:5c:08:24:e9:c3:d9:65:f2:c2:fa:1d:
                    44:ab:ff:8e:1a:83:00:c2:ce:8e:c3:ee:98:81:82:
                    2c:23:f2:87:5a:2a:42:ea:04:aa:cf:9a:74:97:8a:
                    1c:bd:b7:00:44:cf:23:ec:89:86:a2:e6:a0:db:19:
                    ce:7d:2b:74:b9:ad:13:a8:4d:96:10:6c:8d:05:98:
                    46:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:80:53:14:FB:6C:56:BD:4D:D0:D1:7F:57:F3:02:8A:D1:A8:67:63
            X509v3 Authority Key Identifier:
                keyid:EF:49:CA:C1:51:DB:15:8E:D6:A8:56:33:58:55:55:7F:4E:75:F7:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/70nKwVHbFY7WqFYzWFVVf0519yU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/4d4e4c-d6a9-422d-bacb-d8a7a2cc873b/1/FIBTFPtsVr1N0NF_V_MCitGoZ2M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/4d4e4c-d6a9-422d-bacb-d8a7a2cc873b/1/70nKwVHbFY7WqFYzWFVVf0519yU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.208.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b9:9e:7d:bf:cf:b4:a0:72:27:20:4a:bb:21:89:e6:78:a1:ca:
         8b:82:38:2b:e7:77:33:63:0f:a0:d3:05:d4:65:c5:e1:51:32:
         1e:82:c5:8a:99:89:56:bd:9c:04:3e:4a:3b:ad:42:bb:fc:3e:
         b2:48:a6:59:a9:bc:c5:18:43:21:79:23:62:df:e3:c4:e4:05:
         3e:e7:d6:87:ec:c4:37:3d:77:c9:19:29:83:70:cd:37:d7:bd:
         06:56:03:d3:ca:f7:35:12:4d:e1:59:1e:b4:5c:0e:cc:b0:f6:
         a6:0b:f7:50:5d:cd:64:d5:90:b7:85:6a:97:d3:a8:86:c4:e7:
         6e:81:f3:ab:60:35:7c:e9:ff:c9:c4:c5:60:29:c5:de:53:fc:
         8f:02:0f:ea:97:89:64:f2:68:df:32:8d:34:28:e1:c9:e9:3d:
         e1:d8:99:02:bc:96:08:0c:98:94:f0:36:2b:75:66:64:aa:e0:
         0b:f6:03:f1:da:75:06:27:4e:c6:5c:bd:4f:76:0a:c5:b9:d3:
         d8:10:ee:4b:5a:b3:d3:a0:88:1d:3d:f6:7b:5f:62:71:95:8a:
         52:f2:1f:1f:c4:a3:db:31:49:c2:e0:c8:6b:e2:f4:db:ff:f1:
         c3:2f:b5:0e:cf:6b:60:31:bc:1f:b3:2a:e7:ea:40:b8:88:fa:
         0a:e1:a1:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUzoZaVS0mK8+r0APyuzrVpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNDljYWMxNTFkYjE1OGVkNmE4NTYzMzU4NTU1NTdmNGU3
NWY3MjUwHhcNMjIxMjIxMDc0MTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDgwNTMxNGZiNmM1NmJkNGRkMGQxN2Y1N2YzMDI4YWQxYTg2NzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZKbdkZUTtXSRT9CnYNTETUFC1+q
p9ToaVak3C8u70mrLexGQsYcw0hbZQer1V5iwYhox+vWuckgMgeLf9jT9+em6Svo
4Dr8xSmchkJ+UwZ8HHs/Kb9wVfSKsxEQEKlD9bqbd8zPXnqniyq6+CLPeESRTVb0
AZiTPzKpURf7CDjq/8+1c41EMFKS07uzbdXCP4v2/hf+vlHMZvne9DXNnsIodJ6J
9/uoTPTmjYm9ms0mV1kPylKRXAgk6cPZZfLC+h1Eq/+OGoMAws6Ow+6YgYIsI/KH
WipC6gSqz5p0l4ocvbcARM8j7ImGouag2xnOfSt0ua0TqE2WEGyNBZhGCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBSAUxT7bFa9TdDRf1fzAorRqGdjMB8GA1UdIwQY
MBaAFO9JysFR2xWO1qhWM1hVVX9OdfclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzBuS3dWSGJGWTdXcUZZeldGVlZmMDUxOXlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80ZDRlNGMtZDZhOS00MjJkLWJhY2It
ZDhhN2EyY2M4NzNiLzEvRklCVEZQdHNWcjFOME5GX1ZfTUNpdEdvWjJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80ZDRlNGMtZDZhOS00MjJkLWJhY2ItZDhhN2EyY2M4NzNi
LzEvNzBuS3dWSGJGWTdXcUZZeldGVlZmMDUxOXlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9DXMA0G
CSqGSIb3DQEBCwUAA4IBAQC5nn2/z7SgcicgSrshieZ4ocqLgjgr53czYw+g0wXU
ZcXhUTIegsWKmYlWvZwEPko7rUK7/D6ySKZZqbzFGEMheSNi3+PE5AU+59aH7MQ3
PXfJGSmDcM03170GVgPTyvc1Ek3hWR60XA7MsPamC/dQXc1k1ZC3hWqX06iGxOdu
gfOrYDV86f/JxMVgKcXeU/yPAg/ql4lk8mjfMo00KOHJ6T3h2JkCvJYIDJiU8DYr
dWZkquAL9gPx2nUGJ07GXL1PdgrFudPYEO5LWrPToIgdPfZ7X2JxlYpS8h8fxKPb
MUnC4Mhr4vTb//HDL7UOz2tgMbwfsyrn6kC4iPoK4aEn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:04 2024 by rpki-client on console-ams.rpki-client.org