Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/810599-731a-486a-b23f-47537eb644f5/1/FBON8PKzcRy7R4DEPblMRccxMUA.roa
File:                     FBON8PKzcRy7R4DEPblMRccxMUA.roa (raw, json)
Hash identifier:          iG6nGyWN3Yjps6dC6Kby0TpJfOcnb8OL2+Wcg/PAftE=
Subject key identifier:   14:13:8D:F0:F2:B3:71:1C:BB:47:80:C4:3D:B9:4C:45:C7:31:31:40
Certificate issuer:       /CN=e123860e20cdb2cfdf2cefb3753a15b822829266
Certificate serial:       13D907CE
Authority key identifier: E1:23:86:0E:20:CD:B2:CF:DF:2C:EF:B3:75:3A:15:B8:22:82:92:66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4SOGDiDNss_fLO-zdToVuCKCkmY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/810599-731a-486a-b23f-47537eb644f5/1/FBON8PKzcRy7R4DEPblMRccxMUA.roa
Signing time:             Wed 30 Mar 2022 14:10:41 +0000
ROA not before:           Wed 30 Mar 2022 14:10:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     21104
IP address blocks:        80.86.226.0/24 maxlen: 24
                          80.86.225.0/24 maxlen: 24
                          80.86.224.0/24 maxlen: 24
                          80.86.224.0/20 maxlen: 20
                          80.86.230.0/23 maxlen: 24
                          80.86.229.0/24 maxlen: 24
                          80.86.228.0/24 maxlen: 24
                          80.86.227.0/24 maxlen: 24
                          80.86.233.0/24 maxlen: 24
                          80.86.232.0/24 maxlen: 24
                          80.86.237.0/24 maxlen: 24
                          80.86.236.0/24 maxlen: 24
                          80.86.236.0/23 maxlen: 23
                          80.86.235.0/24 maxlen: 24
                          80.86.234.0/24 maxlen: 24
                          80.86.239.0/24 maxlen: 24
                          2a03:3d00::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 332990414 (0x13d907ce)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e123860e20cdb2cfdf2cefb3753a15b822829266
        Validity
            Not Before: Mar 30 14:10:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=14138df0f2b3711cbb4780c43db94c45c7313140
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:84:45:e9:26:8f:ad:1d:96:eb:71:29:d5:cd:
                    94:22:1e:61:ab:8b:6d:c2:d4:dc:4d:e1:1d:86:ee:
                    98:23:04:ba:df:dc:7d:1d:ad:23:7d:66:47:e4:85:
                    46:4d:0d:31:f7:4e:e6:44:9c:a0:ed:b6:84:fc:f0:
                    f7:43:ba:15:28:fe:6c:88:c8:ba:72:26:85:15:8b:
                    bc:27:80:61:b4:c7:9a:3d:94:6e:96:cb:fa:d5:e0:
                    c4:11:d7:c7:20:7c:0e:4c:82:22:ec:90:af:85:23:
                    39:17:aa:e7:1d:43:69:d0:2c:e9:04:31:86:9c:6e:
                    11:c9:e5:5e:94:43:72:25:53:89:ba:fd:41:59:08:
                    cb:6c:dc:f3:24:6c:f8:b5:68:88:d7:62:97:98:e0:
                    03:eb:f9:de:32:65:da:12:0c:df:17:59:d4:8f:03:
                    0a:b2:c7:92:2a:b3:7c:ff:18:fe:58:0a:7c:57:be:
                    64:46:c0:68:d2:97:d3:59:52:b0:9e:6b:d6:4e:26:
                    91:d3:82:8b:aa:1a:31:d3:58:74:c7:35:64:f1:5d:
                    3a:f7:59:fd:6f:8f:bb:76:f7:9a:90:79:53:ce:b5:
                    22:01:24:00:36:20:c7:1c:fb:0a:33:98:6f:d0:86:
                    0a:30:94:3e:44:72:6d:31:07:3b:0f:61:b2:40:79:
                    56:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:13:8D:F0:F2:B3:71:1C:BB:47:80:C4:3D:B9:4C:45:C7:31:31:40
            X509v3 Authority Key Identifier:
                keyid:E1:23:86:0E:20:CD:B2:CF:DF:2C:EF:B3:75:3A:15:B8:22:82:92:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4SOGDiDNss_fLO-zdToVuCKCkmY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/810599-731a-486a-b23f-47537eb644f5/1/FBON8PKzcRy7R4DEPblMRccxMUA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/810599-731a-486a-b23f-47537eb644f5/1/4SOGDiDNss_fLO-zdToVuCKCkmY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.86.224.0/20
                IPv6:
                  2a03:3d00::/32

    Signature Algorithm: sha256WithRSAEncryption
         44:b1:e0:ad:e2:50:10:39:7a:58:cd:d7:a6:72:df:9a:4d:e7:
         24:05:b6:38:fd:12:9d:d0:7c:fa:bb:91:a5:02:ae:4c:93:73:
         14:f5:08:d2:16:3a:2a:23:a7:c2:92:cf:04:5f:27:3a:57:5b:
         42:ee:24:ad:b5:ba:ad:02:58:67:51:86:99:6b:8f:1d:57:b7:
         d6:2f:12:1e:1f:ff:2c:0e:fb:d1:7e:b3:b8:46:83:82:38:56:
         f8:05:a5:4f:ee:2f:ae:af:a1:32:3d:b6:8e:c4:6b:71:12:a8:
         77:03:0a:55:bb:fa:c9:f8:38:cc:03:cb:fb:12:44:11:31:38:
         eb:51:06:08:07:7d:45:48:2c:14:39:9b:95:9a:b9:ea:9d:e7:
         4d:cf:25:f2:b0:e0:5a:b7:45:30:c1:c0:95:0b:c4:e4:4d:6e:
         a1:36:56:cb:34:4a:12:68:82:d6:40:23:65:92:c6:bb:71:68:
         b1:7d:f2:68:93:16:56:57:c2:32:ab:0f:bc:0e:e7:39:d3:44:
         3a:d5:ec:17:77:40:f2:56:b7:87:93:84:d4:4d:30:52:7b:09:
         8a:c2:e9:58:b2:9d:7a:ae:70:9c:c8:cc:2e:07:2e:de:fb:e1:
         68:6a:bf:9e:25:56:19:79:e5:28:7e:10:c0:ba:1d:05:59:0a:
         23:7e:d0:ce
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEE9kHzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MTIzODYwZTIwY2RiMmNmZGYyY2VmYjM3NTNhMTViODIyODI5MjY2MB4XDTIyMDMz
MDE0MTA0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTQxMzhkZjBmMmIz
NzExY2JiNDc4MGM0M2RiOTRjNDVjNzMxMzE0MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKOERekmj60dlutxKdXNlCIeYauLbcLU3E3hHYbumCMEut/c
fR2tI31mR+SFRk0NMfdO5kScoO22hPzw90O6FSj+bIjIunImhRWLvCeAYbTHmj2U
bpbL+tXgxBHXxyB8DkyCIuyQr4UjOReq5x1DadAs6QQxhpxuEcnlXpRDciVTibr9
QVkIy2zc8yRs+LVoiNdil5jgA+v53jJl2hIM3xdZ1I8DCrLHkiqzfP8Y/lgKfFe+
ZEbAaNKX01lSsJ5r1k4mkdOCi6oaMdNYdMc1ZPFdOvdZ/W+Pu3b3mpB5U861IgEk
ADYgxxz7CjOYb9CGCjCUPkRybTEHOw9hskB5Vt8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQUE43w8rNxHLtHgMQ9uUxFxzExQDAfBgNVHSMEGDAWgBThI4YOIM2yz98s
77N1OhW4IoKSZjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRTT0dEaUROc3NfZkxPLXpkVG9WdUNLQ2ttWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTQvODEwNTk5LTczMWEtNDg2YS1iMjNmLTQ3NTM3ZWI2NDRmNS8x
L0ZCT044UEt6Y1J5N1I0REVQYmxNUmNjeE1VQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQv
ODEwNTk5LTczMWEtNDg2YS1iMjNmLTQ3NTM3ZWI2NDRmNS8xLzRTT0dEaUROc3Nf
ZkxPLXpkVG9WdUNLQ2ttWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBFBW4DANBAIAAjAHAwUAKgM9ADAN
BgkqhkiG9w0BAQsFAAOCAQEARLHgreJQEDl6WM3XpnLfmk3nJAW2OP0SndB8+ruR
pQKuTJNzFPUI0hY6KiOnwpLPBF8nOldbQu4krbW6rQJYZ1GGmWuPHVe31i8SHh//
LA770X6zuEaDgjhW+AWlT+4vrq+hMj22jsRrcRKodwMKVbv6yfg4zAPL+xJEETE4
61EGCAd9RUgsFDmblZq56p3nTc8l8rDgWrdFMMHAlQvE5E1uoTZWyzRKEmiC1kAj
ZZLGu3FosX3yaJMWVlfCMqsPvA7nOdNEOtXsF3dA8la3h5OE1E0wUnsJisLpWLKd
eq5wnMjMLgcu3vvhaGq/niVWGXnlKH4QwLodBVkKI37Qzg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:02 2024 by rpki-client on console-fra.rpki-client.org