Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/FPLJF7YX_nKL_05CnyLCwqljomA.roa
File:                     FPLJF7YX_nKL_05CnyLCwqljomA.roa (raw, json)
Hash identifier:          NO1zZBAxjuYnUV1I9D2yDoWFdZgNEbcvruIPC7HACMM=
Subject key identifier:   14:F2:C9:17:B6:17:FE:72:8B:FF:4E:42:9F:22:C2:C2:A9:63:A2:60
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       03DDE819
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/FPLJF7YX_nKL_05CnyLCwqljomA.roa
Signing time:             Sat 01 Jan 2022 13:04:07 +0000
ROA not before:           Sat 01 Jan 2022 13:04:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203704
IP address blocks:        89.190.152.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 64874521 (0x3dde819)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Jan  1 13:04:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=14f2c917b617fe728bff4e429f22c2c2a963a260
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:43:f0:0a:f2:b0:4b:bd:a6:16:dd:e3:cc:82:
                    2c:44:56:1e:55:c0:fa:73:e0:0c:85:e7:13:cd:81:
                    d6:f5:40:7b:39:34:19:81:95:20:17:5b:e7:b4:0c:
                    16:2e:bd:7f:29:ff:18:76:31:d9:a3:19:87:36:c9:
                    c0:d4:99:32:18:95:d3:bf:b3:59:1c:55:5d:74:96:
                    26:cb:0e:8b:a6:90:aa:0a:33:af:7a:16:1c:93:da:
                    21:5e:57:7c:ce:be:dd:1f:56:03:7f:fc:dd:8e:27:
                    48:fa:62:d1:97:01:6c:a0:3d:7c:c5:c4:d6:fa:1a:
                    ff:a2:21:b8:18:c9:7a:49:d3:68:98:e1:58:9e:8a:
                    89:a4:95:41:b5:4f:d0:c3:7d:61:59:66:dd:9f:08:
                    81:7a:8a:48:8e:75:21:ab:dc:28:2d:78:11:20:f9:
                    47:f9:33:38:dd:e9:28:11:60:c7:71:7c:6e:8a:9f:
                    e6:e9:9f:64:78:cf:9b:b3:d9:bc:00:df:fa:8e:85:
                    ee:0c:1b:6f:fe:f8:8c:dd:15:81:fd:51:a8:5c:f3:
                    76:f3:bd:28:97:28:f7:67:49:8f:a5:7b:5a:d7:a9:
                    fe:2e:87:e1:2c:89:b3:e4:d5:19:0e:15:80:18:51:
                    a8:cc:87:2e:e0:16:cf:d9:1f:8d:b8:2d:67:1e:d3:
                    98:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:F2:C9:17:B6:17:FE:72:8B:FF:4E:42:9F:22:C2:C2:A9:63:A2:60
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/FPLJF7YX_nKL_05CnyLCwqljomA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.190.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         45:f4:6e:a7:99:13:a4:57:73:d9:c5:6a:37:d2:4f:76:94:09:
         f2:62:3a:a7:8a:3c:81:8d:84:0b:a7:b6:88:eb:b8:b7:a9:84:
         f8:4a:c3:f3:31:5a:48:25:3f:62:c8:02:e1:06:db:06:b3:a7:
         10:09:d8:55:d1:91:85:54:92:0a:63:05:52:31:93:76:3b:ca:
         fc:dc:c0:d6:49:ac:0f:b1:b7:a1:6f:81:f8:c8:e7:24:8f:02:
         94:82:27:8b:a8:79:4f:ee:a3:4f:12:73:6d:42:65:43:99:e3:
         23:ee:c0:c8:4e:00:1e:18:32:aa:31:46:85:7c:bc:41:87:4b:
         00:ac:22:b9:39:55:4c:8d:20:7a:cc:dd:56:d6:d7:e4:b8:ec:
         30:39:58:37:7f:ab:09:b9:9a:b2:81:84:7d:0d:4a:41:f4:b4:
         a7:cc:62:3e:68:43:5e:33:d8:00:7c:f6:45:f3:01:3c:2e:f9:
         2d:cf:c9:2c:07:3c:6c:33:f4:53:b3:09:0b:f9:32:8c:e0:c6:
         3d:ba:49:12:85:77:04:29:a3:a1:9d:7f:86:e9:7b:e9:c7:3b:
         46:d6:da:ab:1c:e2:0e:ec:b0:f3:d9:2a:76:c0:80:c7:2b:be:
         17:3c:52:b9:e7:46:0a:99:ce:b9:58:6f:a7:61:1a:03:fd:cd:
         c3:c7:7c:3b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA93oGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTM0YzQ5ZmNmYThhNDUwNDFkOTVlZDRkOGQ0ZmM2OWM3MjdhNDY3MB4XDTIyMDEw
MTEzMDQwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTRmMmM5MTdiNjE3
ZmU3MjhiZmY0ZTQyOWYyMmMyYzJhOTYzYTI2MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1D8ArysEu9phbd48yCLERWHlXA+nPgDIXnE82B1vVAezk0
GYGVIBdb57QMFi69fyn/GHYx2aMZhzbJwNSZMhiV07+zWRxVXXSWJssOi6aQqgoz
r3oWHJPaIV5XfM6+3R9WA3/83Y4nSPpi0ZcBbKA9fMXE1voa/6IhuBjJeknTaJjh
WJ6KiaSVQbVP0MN9YVlm3Z8IgXqKSI51IavcKC14ESD5R/kzON3pKBFgx3F8boqf
5umfZHjPm7PZvADf+o6F7gwbb/74jN0Vgf1RqFzzdvO9KJco92dJj6V7Wtep/i6H
4SyJs+TVGQ4VgBhRqMyHLuAWz9kfjbgtZx7TmEUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQU8skXthf+cov/TkKfIsLCqWOiYDAfBgNVHSMEGDAWgBQFNMSfz6ikUEHZ
XtTY1PxpxyekZzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JUVEVuOC1vcEZCQjJWN1UyTlQ4YWNjbnBHYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvMGNjYmRhLWQ2ZjEtNDUyNy04MTA2LWNkN2UwNmNiYjUzMS8x
L0ZQTEpGN1lYX25LTF8wNUNueUxDd3Fsam9tQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
MGNjYmRhLWQ2ZjEtNDUyNy04MTA2LWNkN2UwNmNiYjUzMS8xL0JUVEVuOC1vcEZC
QjJWN1UyTlQ4YWNjbnBHYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlm+mDANBgkqhkiG9w0BAQsFAAOC
AQEARfRup5kTpFdz2cVqN9JPdpQJ8mI6p4o8gY2EC6e2iOu4t6mE+ErD8zFaSCU/
YsgC4QbbBrOnEAnYVdGRhVSSCmMFUjGTdjvK/NzA1kmsD7G3oW+B+MjnJI8ClIIn
i6h5T+6jTxJzbUJlQ5njI+7AyE4AHhgyqjFGhXy8QYdLAKwiuTlVTI0geszdVtbX
5LjsMDlYN3+rCbmasoGEfQ1KQfS0p8xiPmhDXjPYAHz2RfMBPC75Lc/JLAc8bDP0
U7MJC/kyjODGPbpJEoV3BCmjoZ1/hul76cc7RtbaqxziDuyw89kqdsCAxyu+FzxS
uedGCpnOuVhvp2EaA/3Nw8d8Ow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:56 2024 by rpki-client on console-fra.rpki-client.org