Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/FYTmR1x-lnGj3tpnqRNN8WqPT_4.roa
File:                     FYTmR1x-lnGj3tpnqRNN8WqPT_4.roa (raw, json)
Hash identifier:          mHiWQQOaulS7Mf+E7VcvqyGpVJ+mqfbDbZyNpQIdAlE=
Subject key identifier:   15:84:E6:47:5C:7E:96:71:A3:DE:DA:67:A9:13:4D:F1:6A:8F:4F:FE
Certificate issuer:       /CN=cda843e812b16dec60bb7098ca4133117db8474d
Certificate serial:       154FEFF0
Authority key identifier: CD:A8:43:E8:12:B1:6D:EC:60:BB:70:98:CA:41:33:11:7D:B8:47:4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zahD6BKxbexgu3CYykEzEX24R00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/FYTmR1x-lnGj3tpnqRNN8WqPT_4.roa
Signing time:             Sat 01 Jan 2022 09:58:23 +0000
ROA not before:           Sat 01 Jan 2022 09:58:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60781
IP address blocks:        185.96.140.0/24 maxlen: 24
                          2a00:5020::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 357560304 (0x154feff0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cda843e812b16dec60bb7098ca4133117db8474d
        Validity
            Not Before: Jan  1 09:58:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1584e6475c7e9671a3deda67a9134df16a8f4ffe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:ac:bb:e9:9d:25:c6:e6:21:81:4c:24:4b:35:
                    5e:cf:33:9b:69:b3:9e:92:15:06:f3:97:08:08:1c:
                    a1:ec:82:60:23:a6:f6:5e:c3:89:60:3f:06:8d:e5:
                    7b:96:99:8d:cf:8f:5b:87:de:e7:34:09:ff:e1:97:
                    af:c1:9e:fe:5c:a3:d0:c9:f3:d4:aa:20:45:ed:5e:
                    ed:1f:6f:bd:32:81:7f:8c:f7:11:74:f2:75:15:10:
                    1d:94:a4:9d:7b:97:9f:40:84:be:7b:6c:a3:ca:89:
                    bc:8c:f6:d7:87:92:1d:c9:38:fa:0f:95:6f:b5:6e:
                    0e:d0:51:c2:51:66:7d:10:e2:6d:7f:b8:b1:75:8d:
                    f7:eb:95:26:9f:9f:f9:67:df:20:27:1e:65:47:e8:
                    35:93:7e:10:f0:53:28:36:9c:72:69:ca:35:d8:d7:
                    c2:e8:34:8b:b2:32:40:13:29:48:07:d4:db:88:a7:
                    31:84:3e:85:4c:78:71:14:6c:06:26:e4:0c:a0:2c:
                    44:b4:1e:ed:a7:15:93:f3:5a:cb:54:4f:b7:cc:94:
                    cf:3d:0b:45:e3:6a:6c:ad:08:2b:c4:78:c4:55:6e:
                    1a:cb:81:29:f0:1d:9a:96:10:3c:cc:de:18:27:c5:
                    1e:ba:4d:06:f9:cd:cd:71:d4:32:4a:fb:f5:ff:80:
                    ad:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:84:E6:47:5C:7E:96:71:A3:DE:DA:67:A9:13:4D:F1:6A:8F:4F:FE
            X509v3 Authority Key Identifier:
                keyid:CD:A8:43:E8:12:B1:6D:EC:60:BB:70:98:CA:41:33:11:7D:B8:47:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zahD6BKxbexgu3CYykEzEX24R00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/FYTmR1x-lnGj3tpnqRNN8WqPT_4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.96.140.0/24
                IPv6:
                  2a00:5020::/48

    Signature Algorithm: sha256WithRSAEncryption
         94:90:28:1d:93:fe:eb:a3:a8:7c:a6:14:69:ae:07:ff:2e:2f:
         09:9f:25:4e:69:88:b8:02:97:92:7a:6f:39:a6:dd:77:41:1e:
         72:6b:f8:89:b6:17:d0:7b:84:66:75:18:e4:ff:fc:eb:30:10:
         ab:a2:07:e1:41:80:b0:3d:95:d3:98:1a:2d:71:8e:2d:d0:db:
         f4:fa:77:84:b8:66:18:ab:9f:60:3c:70:fc:fe:74:e7:66:b3:
         ac:79:20:4f:93:58:65:13:72:ad:29:50:b2:c4:4f:e4:f2:40:
         ff:65:20:8b:85:b9:7f:76:5e:82:02:da:e5:9f:1d:e2:69:7e:
         cd:36:59:fb:16:21:e0:11:2f:ed:6a:11:aa:4b:6b:09:b4:ed:
         a8:84:ab:2c:29:3a:40:e1:b3:ae:dc:f6:c4:b6:a6:1a:47:de:
         78:56:29:0f:70:3d:10:4f:e8:47:06:5a:af:14:57:97:0a:58:
         20:b5:3c:d1:b6:3d:d8:97:fa:ad:7d:ba:43:1b:2a:bc:0b:85:
         75:b6:3a:2d:23:ed:8b:03:f4:95:40:cd:af:73:60:03:b9:a8:
         72:18:ae:94:25:05:f1:8d:44:0a:6d:1c:d9:3d:03:0f:cd:8b:
         50:c8:cc:6a:39:ca:cd:ee:e4:50:0e:4a:34:35:49:be:03:b1:
         eb:ba:d4:4e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEFU/v8DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZGE4NDNlODEyYjE2ZGVjNjBiYjcwOThjYTQxMzMxMTdkYjg0NzRkMB4XDTIyMDEw
MTA5NTgyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTU4NGU2NDc1Yzdl
OTY3MWEzZGVkYTY3YTkxMzRkZjE2YThmNGZmZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALSsu+mdJcbmIYFMJEs1Xs8zm2mznpIVBvOXCAgcoeyCYCOm
9l7DiWA/Bo3le5aZjc+PW4fe5zQJ/+GXr8Ge/lyj0Mnz1KogRe1e7R9vvTKBf4z3
EXTydRUQHZSknXuXn0CEvntso8qJvIz214eSHck4+g+Vb7VuDtBRwlFmfRDibX+4
sXWN9+uVJp+f+WffICceZUfoNZN+EPBTKDaccmnKNdjXwug0i7IyQBMpSAfU24in
MYQ+hUx4cRRsBibkDKAsRLQe7acVk/Nay1RPt8yUzz0LReNqbK0IK8R4xFVuGsuB
KfAdmpYQPMzeGCfFHrpNBvnNzXHUMkr79f+ArbkCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQVhOZHXH6WcaPe2mepE03xao9P/jAfBgNVHSMEGDAWgBTNqEPoErFt7GC7
cJjKQTMRfbhHTTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3phaEQ2Qkt4YmV4Z3UzQ1l5a0V6RVgyNFIwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTQvOGViMzJkLWY3ZTMtNGE5Yy1hYWE0LTg0MjFkNzgxYjAzYi8x
L0ZZVG1SMXgtbG5HajN0cG5xUk5OOFdxUFRfNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQv
OGViMzJkLWY3ZTMtNGE5Yy1hYWE0LTg0MjFkNzgxYjAzYi8xL3phaEQ2Qkt4YmV4
Z3UzQ1l5a0V6RVgyNFIwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEALlgjDAPBAIAAjAJAwcAKgBQIAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCUkCgdk/7ro6h8phRprgf/Li8JnyVOaYi4ApeS
em85pt13QR5ya/iJthfQe4RmdRjk//zrMBCrogfhQYCwPZXTmBotcY4t0Nv0+neE
uGYYq59gPHD8/nTnZrOseSBPk1hlE3KtKVCyxE/k8kD/ZSCLhbl/dl6CAtrlnx3i
aX7NNln7FiHgES/tahGqS2sJtO2ohKssKTpA4bOu3PbEtqYaR954VikPcD0QT+hH
BlqvFFeXClggtTzRtj3Yl/qtfbpDGyq8C4V1tjotI+2LA/SVQM2vc2ADuahyGK6U
JQXxjUQKbRzZPQMPzYtQyMxqOcrN7uRQDko0NUm+A7HrutRO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:03 2024 by rpki-client on console-fra.rpki-client.org