Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/cf028e-757e-4843-a1ea-4c74d332ea58/1/FaFoCFUxKtLML70NQaCBNSzkKcE.roa
File:                     FaFoCFUxKtLML70NQaCBNSzkKcE.roa (raw, json)
Hash identifier:          DvXZiwNkhtqwHnV8PxjKem1hKavi+dYfUpBP95XD0T0=
Subject key identifier:   15:A1:68:08:55:31:2A:D2:CC:2F:BD:0D:41:A0:81:35:2C:E4:29:C1
Certificate issuer:       /CN=d959676fe138d4eb2aae19bb6731fee6292d793d
Certificate serial:       14E0A76A
Authority key identifier: D9:59:67:6F:E1:38:D4:EB:2A:AE:19:BB:67:31:FE:E6:29:2D:79:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Vlnb-E41Osqrhm7ZzH-5ikteT0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/cf028e-757e-4843-a1ea-4c74d332ea58/1/FaFoCFUxKtLML70NQaCBNSzkKcE.roa
Signing time:             Sat 01 Jan 2022 16:01:10 +0000
ROA not before:           Sat 01 Jan 2022 16:01:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     19905
IP address blocks:        185.103.188.0/24 maxlen: 24
                          185.103.189.0/24 maxlen: 24
                          185.103.190.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 350267242 (0x14e0a76a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d959676fe138d4eb2aae19bb6731fee6292d793d
        Validity
            Not Before: Jan  1 16:01:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=15a1680855312ad2cc2fbd0d41a081352ce429c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:ba:8d:fd:ef:0a:28:14:af:11:89:3b:fd:17:
                    eb:a0:43:d6:cc:ed:23:e3:8f:fa:3f:2a:73:60:cb:
                    91:43:f9:ea:99:57:b9:ef:28:23:a2:0c:94:bd:60:
                    56:fb:7d:3d:9a:16:a3:63:68:8d:c5:42:cb:f1:7a:
                    d7:f8:2a:a9:30:04:0a:b6:6d:ee:06:b8:55:5d:18:
                    53:27:2d:23:d9:1e:c3:ce:05:c2:f8:da:f7:9f:d3:
                    0e:7f:57:70:4b:17:59:48:c2:68:66:ff:a5:a1:df:
                    2a:8d:fa:c8:69:a1:a7:f9:0c:0b:9c:4c:e3:a3:6c:
                    8c:5e:83:ef:e2:6c:ca:6a:84:b7:bb:2c:54:1a:2b:
                    be:23:d7:ae:1a:f1:71:24:b3:64:cd:f9:ae:df:c6:
                    2c:89:3b:64:3f:ff:74:de:68:9c:9d:29:f7:17:eb:
                    f4:54:5a:dc:99:a4:c2:d7:fc:b2:f8:26:83:ff:c4:
                    de:fc:48:54:0d:b2:52:c5:88:68:33:6e:97:a6:21:
                    aa:01:5f:44:26:1d:2a:96:2b:cf:36:8d:e8:ae:20:
                    2d:9e:22:be:b1:3c:28:56:08:1c:ab:c9:ea:3f:69:
                    39:35:dc:5e:f2:f7:90:8a:0c:27:8d:61:4b:7a:96:
                    62:de:40:47:ae:21:35:b7:77:ea:bf:28:af:2b:42:
                    01:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:A1:68:08:55:31:2A:D2:CC:2F:BD:0D:41:A0:81:35:2C:E4:29:C1
            X509v3 Authority Key Identifier:
                keyid:D9:59:67:6F:E1:38:D4:EB:2A:AE:19:BB:67:31:FE:E6:29:2D:79:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Vlnb-E41Osqrhm7ZzH-5ikteT0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/cf028e-757e-4843-a1ea-4c74d332ea58/1/FaFoCFUxKtLML70NQaCBNSzkKcE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/cf028e-757e-4843-a1ea-4c74d332ea58/1/2Vlnb-E41Osqrhm7ZzH-5ikteT0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.103.188.0-185.103.190.255

    Signature Algorithm: sha256WithRSAEncryption
         0c:df:c9:16:fb:2f:24:43:92:af:4d:34:93:e3:d2:fc:90:ed:
         fd:04:0b:97:ab:7b:15:40:0a:63:f8:40:2a:47:1c:28:03:b7:
         8a:cd:db:80:87:a9:fa:22:92:27:eb:9e:0d:34:bf:12:b0:93:
         93:de:51:aa:54:93:71:4b:42:b3:a8:fc:dd:73:ac:fb:81:f8:
         0f:9f:fc:20:50:1b:cf:0a:50:b3:fc:3f:2a:cd:a4:67:05:22:
         6a:4b:0e:23:14:e9:45:c7:0e:20:0c:1b:8c:1b:ad:9b:aa:b0:
         ea:64:b6:ce:8b:60:d0:ff:e5:88:f0:9f:02:b8:d7:62:eb:84:
         28:f2:8b:70:72:cd:0a:62:e2:ee:30:97:b3:c1:2d:19:c1:58:
         2c:93:a2:27:da:08:67:ac:5a:26:31:1f:61:7b:1c:31:d2:06:
         e8:4c:58:fd:42:ec:cb:7b:0d:c0:7c:b5:b5:93:97:b1:e7:26:
         fe:78:44:19:82:8f:f3:65:be:a6:aa:40:d5:52:10:30:d7:e5:
         bb:ce:da:dd:e7:9e:68:7d:ad:88:3c:a4:32:79:ce:69:4e:5c:
         f5:f1:a8:42:aa:35:6d:6c:c8:f4:63:9d:73:df:62:a7:63:74:
         f3:2f:46:b8:63:83:d2:9d:63:da:56:9c:1c:33:4e:9b:14:dc:
         7f:75:ba:8a
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEFOCnajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OTU5Njc2ZmUxMzhkNGViMmFhZTE5YmI2NzMxZmVlNjI5MmQ3OTNkMB4XDTIyMDEw
MTE2MDExMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTVhMTY4MDg1NTMx
MmFkMmNjMmZiZDBkNDFhMDgxMzUyY2U0MjljMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALC6jf3vCigUrxGJO/0X66BD1sztI+OP+j8qc2DLkUP56plX
ue8oI6IMlL1gVvt9PZoWo2NojcVCy/F61/gqqTAECrZt7ga4VV0YUyctI9kew84F
wvja95/TDn9XcEsXWUjCaGb/paHfKo36yGmhp/kMC5xM46NsjF6D7+JsymqEt7ss
VBorviPXrhrxcSSzZM35rt/GLIk7ZD//dN5onJ0p9xfr9FRa3Jmkwtf8svgmg//E
3vxIVA2yUsWIaDNul6YhqgFfRCYdKpYrzzaN6K4gLZ4ivrE8KFYIHKvJ6j9pOTXc
XvL3kIoMJ41hS3qWYt5AR64hNbd36r8orytCAdUCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQVoWgIVTEq0swvvQ1BoIE1LOQpwTAfBgNVHSMEGDAWgBTZWWdv4TjU6yqu
GbtnMf7mKS15PTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJWbG5iLUU0MU9zcXJobTdaekgtNWlrdGVUMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvY2YwMjhlLTc1N2UtNDg0My1hMWVhLTRjNzRkMzMyZWE1OC8x
L0ZhRm9DRlV4S3RMTUw3ME5RYUNCTlN6a0tjRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
Y2YwMjhlLTc1N2UtNDg0My1hMWVhLTRjNzRkMzMyZWE1OC8xLzJWbG5iLUU0MU9z
cXJobTdaekgtNWlrdGVUMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQCuWe8AwQAuWe+MA0GCSqGSIb3
DQEBCwUAA4IBAQAM38kW+y8kQ5KvTTST49L8kO39BAuXq3sVQApj+EAqRxwoA7eK
zduAh6n6IpIn654NNL8SsJOT3lGqVJNxS0KzqPzdc6z7gfgPn/wgUBvPClCz/D8q
zaRnBSJqSw4jFOlFxw4gDBuMG62bqrDqZLbOi2DQ/+WI8J8CuNdi64Qo8otwcs0K
YuLuMJezwS0ZwVgsk6In2ghnrFomMR9hexwx0gboTFj9QuzLew3AfLW1k5ex5yb+
eEQZgo/zZb6mqkDVUhAw1+W7ztrd555ofa2IPKQyec5pTlz18ahCqjVtbMj0Y51z
32KnY3TzL0a4Y4PSnWPaVpwcM06bFNx/dbqK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:43 2024 by rpki-client on console-fra.rpki-client.org