Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/fb_AkoN_GSduCeiBlmAThIYC-8U.roa
File:                     fb_AkoN_GSduCeiBlmAThIYC-8U.roa (raw, json)
Hash identifier:          oZpebJnAQ1qkHCakwqxwuxQ92kZOqo14hp9dx1LiYO4=
Subject key identifier:   7D:BF:C0:92:83:7F:19:27:6E:09:E8:81:96:60:13:84:86:02:FB:C5
Certificate issuer:       /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial:       0182B74153E2AAB9C81421219CEBD70C354E
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/fb_AkoN_GSduCeiBlmAThIYC-8U.roa
Signing time:             Fri 19 Aug 2022 17:58:07 +0000
ROA not before:           Fri 19 Aug 2022 17:58:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        85.153.125.0/24 maxlen: 24
                          85.153.124.0/24 maxlen: 24
                          85.153.120.0/24 maxlen: 24
                          85.153.119.0/24 maxlen: 24
                          85.153.121.0/24 maxlen: 24
                          85.153.123.0/24 maxlen: 24
                          85.153.122.0/24 maxlen: 24
                          85.153.126.0/24 maxlen: 24
                          85.153.68.0/22 maxlen: 22
                          85.153.66.0/24 maxlen: 24
                          85.153.65.0/24 maxlen: 24
                          85.153.67.0/24 maxlen: 24
                          85.153.76.0/22 maxlen: 22
                          85.153.75.0/24 maxlen: 24
                          85.153.73.0/24 maxlen: 24
                          85.153.72.0/24 maxlen: 24
                          85.153.74.0/24 maxlen: 24
                          85.153.83.0/24 maxlen: 24
                          85.153.82.0/24 maxlen: 24
                          85.153.84.0/22 maxlen: 22
                          85.153.80.0/24 maxlen: 24
                          85.153.81.0/24 maxlen: 24
                          85.153.88.0/22 maxlen: 22
                          85.153.96.0/22 maxlen: 22
                          85.153.92.0/24 maxlen: 24
                          85.153.93.0/24 maxlen: 24
                          85.153.95.0/24 maxlen: 24
                          85.153.94.0/24 maxlen: 24
                          85.153.100.0/22 maxlen: 22
                          85.153.112.0/24 maxlen: 24
                          85.153.108.0/22 maxlen: 22
                          85.153.113.0/24 maxlen: 24
                          85.153.114.0/24 maxlen: 24
                          85.153.116.0/24 maxlen: 24
                          85.153.115.0/24 maxlen: 24
                          85.153.118.0/24 maxlen: 24
                          85.153.117.0/24 maxlen: 24
                          85.153.16.0/22 maxlen: 22
                          85.153.12.0/22 maxlen: 22
                          85.153.20.0/24 maxlen: 24
                          85.153.22.0/24 maxlen: 24
                          85.153.21.0/24 maxlen: 24
                          85.153.24.0/22 maxlen: 22
                          85.153.23.0/24 maxlen: 24
                          85.153.29.0/24 maxlen: 24
                          85.153.28.0/24 maxlen: 24
                          85.153.31.0/24 maxlen: 24
                          85.153.30.0/24 maxlen: 24
                          85.153.32.0/24 maxlen: 24
                          85.153.34.0/24 maxlen: 24
                          85.153.36.0/22 maxlen: 22
                          85.153.35.0/24 maxlen: 24
                          85.153.41.0/24 maxlen: 24
                          85.153.42.0/24 maxlen: 24
                          85.153.44.0/24 maxlen: 24
                          85.153.40.0/24 maxlen: 24
                          85.153.47.0/24 maxlen: 24
                          85.153.45.0/24 maxlen: 24
                          85.153.46.0/24 maxlen: 24
                          85.153.57.0/24 maxlen: 24
                          85.153.56.0/24 maxlen: 24
                          85.153.52.0/22 maxlen: 22
                          85.153.59.0/24 maxlen: 24
                          85.153.60.0/22 maxlen: 22
                          85.115.204.0/24 maxlen: 24
                          85.115.206.0/24 maxlen: 24
                          85.115.205.0/24 maxlen: 24
                          85.115.207.0/24 maxlen: 24
                          85.153.4.0/24 maxlen: 24
                          85.153.7.0/24 maxlen: 24
                          85.153.6.0/24 maxlen: 24
                          85.153.8.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:b7:41:53:e2:aa:b9:c8:14:21:21:9c:eb:d7:0c:35:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
        Validity
            Not Before: Aug 19 17:58:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7dbfc092837f19276e09e881966013848602fbc5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:2c:cf:ec:32:85:f3:e3:c3:43:05:d1:28:f5:
                    a3:8c:d1:ea:d4:cd:88:e2:71:72:63:cd:a5:0c:b6:
                    af:6e:cf:b4:a2:dc:a8:b3:5c:8e:9d:ba:2a:bd:03:
                    09:da:fc:a1:4f:12:13:6f:78:10:a6:01:a2:e3:7f:
                    7a:e1:f8:f2:9f:67:64:a0:4f:c0:a1:79:d3:f2:0d:
                    07:1c:ba:93:ac:07:73:40:a3:e3:32:be:0d:3a:eb:
                    1e:52:32:3b:2d:59:a2:9e:f8:06:df:32:e6:66:16:
                    7b:2e:8a:6e:fe:21:ae:18:44:4b:8e:d9:32:79:4d:
                    de:a5:11:a7:b4:ad:01:83:2e:e0:3e:22:e9:6b:54:
                    53:aa:d7:f8:22:45:0e:9f:af:1e:e3:dd:78:58:9d:
                    72:13:e1:db:62:61:f5:a8:41:f5:5e:bf:ca:43:bc:
                    17:0f:19:ea:e3:30:1d:ab:78:a2:77:7d:a6:2f:dc:
                    cc:a0:c7:28:5d:11:94:46:f1:d4:c5:57:ad:01:34:
                    b4:f4:e2:35:c0:a5:b3:76:e3:5e:b0:6f:63:cc:fc:
                    69:7b:11:de:8a:c5:45:78:1e:e8:83:c3:df:2d:88:
                    fc:7e:9c:f2:b1:9c:30:bf:77:f4:bc:c7:d5:d3:31:
                    b0:1d:2a:7c:1f:db:da:3e:14:9f:77:c5:b4:e7:69:
                    45:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:BF:C0:92:83:7F:19:27:6E:09:E8:81:96:60:13:84:86:02:FB:C5
            X509v3 Authority Key Identifier:
                keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/fb_AkoN_GSduCeiBlmAThIYC-8U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.115.204.0/22
                  85.153.4.0/24
                  85.153.6.0-85.153.8.255
                  85.153.12.0-85.153.32.255
                  85.153.34.0-85.153.42.255
                  85.153.44.0/22
                  85.153.52.0-85.153.57.255
                  85.153.59.0-85.153.63.255
                  85.153.65.0-85.153.103.255
                  85.153.108.0-85.153.126.255

    Signature Algorithm: sha256WithRSAEncryption
         59:c4:7e:8f:77:53:87:c4:36:ca:bd:ae:15:9d:d7:7e:74:30:
         9c:05:04:40:0c:16:75:b1:df:b7:38:22:2d:68:85:73:e9:0f:
         54:8c:32:cb:0b:e3:45:58:2c:10:20:fb:78:f7:b7:b2:78:c2:
         46:1f:c3:96:15:ed:db:72:df:de:ff:70:13:5f:4a:21:b1:8a:
         94:54:76:26:f6:1a:14:dd:94:1c:be:71:d0:3c:9c:b5:91:f6:
         c7:1b:47:56:9f:30:87:4b:07:27:45:be:5e:79:a5:fc:a5:0e:
         c6:be:5a:40:74:7b:20:d6:d2:4e:56:16:fe:00:ba:a3:98:60:
         1b:f4:b1:05:bc:74:3d:e7:fd:f2:bf:9f:2a:bd:88:c4:d4:1e:
         a5:f0:2d:18:c0:6b:36:7b:9a:89:d4:81:db:da:2a:08:1e:a4:
         da:23:ee:b6:4a:88:ee:93:4d:cd:25:3a:10:0c:a7:63:b1:0e:
         2f:cb:55:ef:a4:6c:9c:51:fa:fa:22:d8:d6:39:94:3d:3a:02:
         be:b8:de:05:88:5d:88:35:bb:31:fa:1b:05:52:93:9f:b0:df:
         a1:ff:cd:48:da:9d:73:74:83:b2:16:60:60:63:06:2d:5a:6b:
         74:cb:7c:e2:f0:08:74:49:94:cb:29:04:6c:d5:29:6d:3a:db:
         f8:73:33:8e
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAYK3QVPiqrnIFCEhnOvXDDVOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjIwODE5MTc1ODA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGJmYzA5MjgzN2YxOTI3NmUwOWU4ODE5NjYwMTM4NDg2MDJmYmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSzP7DKF8+PDQwXRKPWjjNHq1M2I
4nFyY82lDLavbs+0otyos1yOnboqvQMJ2vyhTxITb3gQpgGi43964fjyn2dkoE/A
oXnT8g0HHLqTrAdzQKPjMr4NOuseUjI7LVminvgG3zLmZhZ7Lopu/iGuGERLjtky
eU3epRGntK0Bgy7gPiLpa1RTqtf4IkUOn68e4914WJ1yE+HbYmH1qEH1Xr/KQ7wX
Dxnq4zAdq3iid32mL9zMoMcoXRGURvHUxVetATS09OI1wKWzduNesG9jzPxpexHe
isVFeB7og8PfLYj8fpzysZwwv3f0vMfV0zGwHSp8H9vaPhSfd8W052lFNwIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFH2/wJKDfxknbgnogZZgE4SGAvvFMB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEvZmJfQWtvTl9HU2R1Q2VpQmxtQVRoSVlDLThVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAlVzzAME
AFWZBDAMAwQBVZkGAwQAVZkIMAwDBAJVmQwDBABVmSAwDAMEAVWZIgMEAFWZKgME
AlWZLDAMAwQCVZk0AwQBVZk4MAwDBABVmTsDBAZVmQAwDAMEAFWZQQMEA1WZYDAM
AwQCVZlsAwQAVZl+MA0GCSqGSIb3DQEBCwUAA4IBAQBZxH6Pd1OHxDbKva4Vndd+
dDCcBQRADBZ1sd+3OCItaIVz6Q9UjDLLC+NFWCwQIPt497eyeMJGH8OWFe3bct/e
/3ATX0ohsYqUVHYm9hoU3ZQcvnHQPJy1kfbHG0dWnzCHSwcnRb5eeaX8pQ7GvlpA
dHsg1tJOVhb+ALqjmGAb9LEFvHQ95/3yv58qvYjE1B6l8C0YwGs2e5qJ1IHb2ioI
HqTaI+62Sojuk03NJToQDKdjsQ4vy1XvpGycUfr6ItjWOZQ9OgK+uN4FiF2INbsx
+hsFUpOfsN+h/81I2p1zdIOyFmBgYwYtWmt0y3zi8Ah0SZTLKQRs1SltOtv4czOO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:40 2024 by rpki-client on console-ams.rpki-client.org