Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/1fFKUcol85LGiKRpFaVktsJcDJE.roa
File:                     1fFKUcol85LGiKRpFaVktsJcDJE.roa (raw, json)
Hash identifier:          6ahgLCCYhXr7YFEFMCtd5O7GdAn/Fbmak3sOkAzfFCM=
Subject key identifier:   D5:F1:4A:51:CA:25:F3:92:C6:88:A4:69:15:A5:64:B6:C2:5C:0C:91
Certificate issuer:       /CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Certificate serial:       016B7508
Authority key identifier: F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/1fFKUcol85LGiKRpFaVktsJcDJE.roa
Signing time:             Mon 21 Feb 2022 09:46:09 +0000
ROA not before:           Mon 21 Feb 2022 09:46:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     149428
IP address blocks:        147.185.226.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 23819528 (0x16b7508)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
        Validity
            Not Before: Feb 21 09:46:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d5f14a51ca25f392c688a46915a564b6c25c0c91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:8f:81:e9:f4:dc:9b:1a:9a:5f:4b:0c:a2:65:
                    a3:1d:01:0c:05:72:5a:92:9a:42:c2:48:79:33:8d:
                    c2:b6:ed:fe:50:5c:86:bf:f1:62:05:eb:e1:4c:3f:
                    e5:b0:a3:da:56:d8:e4:ec:38:bb:da:42:6b:90:34:
                    e7:3d:b1:c9:fb:e4:1c:2a:e0:31:36:10:c5:c3:79:
                    e5:2b:2b:5e:b5:2d:4a:ec:81:0f:05:47:ca:7e:26:
                    66:fd:a7:a6:27:ba:f0:1a:a0:b6:e1:42:a3:f8:e5:
                    a0:68:06:6d:ed:92:27:3d:de:a7:02:9c:54:89:00:
                    5a:09:38:24:79:13:8d:2e:ad:7c:5e:e5:92:29:33:
                    da:ec:ca:c1:8f:0b:d7:ed:21:30:44:33:45:68:21:
                    f6:f5:b7:b7:e1:13:73:62:9f:b5:65:97:a7:e6:fe:
                    7f:e6:11:33:36:aa:a2:6c:fc:68:cd:fe:03:61:2d:
                    74:a6:37:8b:4b:c6:12:0f:2b:42:a9:23:a3:c4:54:
                    7e:a9:b9:32:33:28:c4:98:6f:d0:91:b6:00:ab:53:
                    57:f8:da:53:0b:8d:8c:fa:9d:0b:35:68:09:7a:2e:
                    61:ea:aa:61:4a:d2:9d:30:c3:d2:0e:2a:8d:98:78:
                    ad:70:b5:13:d9:28:67:ad:85:6b:a1:4e:cd:a2:b9:
                    4f:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:F1:4A:51:CA:25:F3:92:C6:88:A4:69:15:A5:64:B6:C2:5C:0C:91
            X509v3 Authority Key Identifier:
                keyid:F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/1fFKUcol85LGiKRpFaVktsJcDJE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.185.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:ce:72:41:97:fb:39:2b:8b:51:be:14:ef:af:7d:88:73:01:
         0e:8b:dc:0e:65:cf:3c:96:28:bf:92:7a:2e:cd:27:d5:d7:92:
         85:2d:b0:38:b2:d0:13:c2:7d:e8:e1:45:36:dc:e6:02:a0:cd:
         3a:a3:4a:9f:a7:ab:db:3a:fd:46:a9:98:07:a9:03:36:b5:8f:
         1f:d8:1f:48:01:ce:74:ef:25:8f:ec:c5:6a:39:31:1c:4a:ba:
         b2:bc:12:69:8e:8e:ed:7f:e6:5b:7b:34:3b:7b:9a:99:a6:5a:
         eb:f7:55:77:50:b9:35:5c:db:7b:35:5c:b1:90:41:c7:e6:80:
         f9:f7:42:83:a6:d2:61:e4:bc:c8:f9:f3:52:d7:77:03:1d:c4:
         1f:97:c0:25:50:2f:5f:aa:ba:ac:c4:0a:bb:ad:57:62:e5:b9:
         fc:25:66:66:cc:39:ea:c7:72:d3:f8:ef:3c:1f:cd:73:39:17:
         5f:2b:ed:80:de:f1:4f:be:69:e0:b7:c4:b0:06:55:b2:c4:58:
         f9:01:8f:b5:ef:88:e2:99:c6:6e:2c:4f:e3:46:5e:11:28:b4:
         9b:37:8d:69:e3:56:b6:b8:06:4a:65:b9:ae:9a:45:d6:80:61:
         3a:c7:51:27:61:23:d2:91:56:d4:7e:71:f2:90:dd:5f:18:23:
         46:ac:b6:3e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAWt1CDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NWZiMzJkMjI2NmIxZjliY2U1N2NhYzk4YmMwMjQ3ZjJjOTE5N2YyMB4XDTIyMDIy
MTA5NDYwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDVmMTRhNTFjYTI1
ZjM5MmM2ODhhNDY5MTVhNTY0YjZjMjVjMGM5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALmPgen03Jsaml9LDKJlox0BDAVyWpKaQsJIeTONwrbt/lBc
hr/xYgXr4Uw/5bCj2lbY5Ow4u9pCa5A05z2xyfvkHCrgMTYQxcN55SsrXrUtSuyB
DwVHyn4mZv2npie68BqgtuFCo/jloGgGbe2SJz3epwKcVIkAWgk4JHkTjS6tfF7l
kikz2uzKwY8L1+0hMEQzRWgh9vW3t+ETc2KftWWXp+b+f+YRMzaqomz8aM3+A2Et
dKY3i0vGEg8rQqkjo8RUfqm5MjMoxJhv0JG2AKtTV/jaUwuNjPqdCzVoCXouYeqq
YUrSnTDD0g4qjZh4rXC1E9koZ62Fa6FOzaK5T+ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTV8UpRyiXzksaIpGkVpWS2wlwMkTAfBgNVHSMEGDAWgBT1+zLSJmsfm85X
ysmLwCR/LJGX8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzlmc3kwaVpySDV2T1Y4ckppOEFrZnl5UmxfSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODAvZmI0MmVjLTEwYjQtNGRjZi1iZWYwLTJkMTQzZDdiODUzYy8x
LzFmRktVY29sODVMR2lLUnBGYVZrdHNKY0RKRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAv
ZmI0MmVjLTEwYjQtNGRjZi1iZWYwLTJkMTQzZDdiODUzYy8xLzlmc3kwaVpySDV2
T1Y4ckppOEFrZnl5UmxfSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJO54jANBgkqhkiG9w0BAQsFAAOC
AQEAj85yQZf7OSuLUb4U7699iHMBDovcDmXPPJYov5J6Ls0n1deShS2wOLLQE8J9
6OFFNtzmAqDNOqNKn6er2zr9RqmYB6kDNrWPH9gfSAHOdO8lj+zFajkxHEq6srwS
aY6O7X/mW3s0O3uamaZa6/dVd1C5NVzbezVcsZBBx+aA+fdCg6bSYeS8yPnzUtd3
Ax3EH5fAJVAvX6q6rMQKu61XYuW5/CVmZsw56sdy0/jvPB/NczkXXyvtgN7xT75p
4LfEsAZVssRY+QGPte+I4pnGbixP40ZeESi0mzeNaeNWtrgGSmW5rppF1oBhOsdR
J2Ej0pFW1H5x8pDdXxgjRqy2Pg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:57 2024 by rpki-client on console-fra.rpki-client.org