Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/FhgbWAFy44k4BtFXOcju9TINlJw.roa
File:                     FhgbWAFy44k4BtFXOcju9TINlJw.roa (raw, json)
Hash identifier:          zqtq/v5IxxZJZaBuQOqKso+0i9N9cxKYDv3CY6XaJTA=
Subject key identifier:   16:18:1B:58:01:72:E3:89:38:06:D1:57:39:C8:EE:F5:32:0D:94:9C
Certificate issuer:       /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial:       01846418E5CBA0AB2702EA651731F46FA954
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/FhgbWAFy44k4BtFXOcju9TINlJw.roa
Signing time:             Fri 11 Nov 2022 00:31:04 +0000
ROA not before:           Fri 11 Nov 2022 00:31:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3320
IP address blocks:        92.53.160.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:64:18:e5:cb:a0:ab:27:02:ea:65:17:31:f4:6f:a9:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
        Validity
            Not Before: Nov 11 00:31:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=16181b580172e3893806d15739c8eef5320d949c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:65:7c:f9:77:db:91:aa:3f:6f:6c:0b:51:2a:
                    03:58:1f:74:97:43:6b:e3:54:1a:2e:9b:d7:da:96:
                    2c:6d:ce:26:83:25:9d:a0:72:b8:4c:31:1b:97:e7:
                    fe:4c:05:5e:ac:a6:6c:49:8f:c5:58:69:af:9b:dd:
                    6c:b5:8b:c6:37:90:97:50:95:7a:18:29:54:c1:56:
                    08:af:cd:d6:ca:2a:26:49:5a:ba:4a:b9:84:3c:3e:
                    4d:5c:44:d0:f6:17:76:1d:87:2c:4c:8c:09:90:dc:
                    98:26:5d:0a:cd:7a:e5:fd:77:d4:32:85:b2:5c:3b:
                    25:61:0b:b3:6f:f4:66:8e:d5:d9:ac:eb:e9:cb:93:
                    20:68:cb:96:6f:1e:49:fe:5d:57:e1:e7:bb:7f:3e:
                    e4:c8:3e:d2:e9:eb:df:48:60:6e:1d:8d:3c:4b:a1:
                    70:64:1d:bf:29:a4:09:18:df:0d:15:71:61:83:a2:
                    ee:70:ca:4d:bf:14:d3:5e:89:2d:cc:9c:95:e0:93:
                    7f:67:3d:34:4b:a2:9d:7d:18:fe:4d:5d:dd:36:53:
                    b8:41:b1:b7:eb:80:64:8e:bc:ee:27:6b:07:7c:9b:
                    0c:e9:74:00:85:91:be:f4:66:07:05:01:74:73:2a:
                    66:7b:26:e2:47:d0:52:35:27:d8:55:67:8c:5a:e9:
                    59:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:18:1B:58:01:72:E3:89:38:06:D1:57:39:C8:EE:F5:32:0D:94:9C
            X509v3 Authority Key Identifier:
                keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/FhgbWAFy44k4BtFXOcju9TINlJw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.53.160.0/22

    Signature Algorithm: sha256WithRSAEncryption
         34:c3:f2:23:7f:6a:b2:d3:d4:e5:ca:c6:88:e5:27:d9:bc:e3:
         1d:90:7a:b6:b8:47:07:06:31:3d:99:57:88:88:c0:b2:82:db:
         37:de:47:33:83:d0:19:3b:4f:25:dc:10:38:10:6e:3a:65:ce:
         c5:cd:e6:5c:40:96:af:27:a6:b6:38:be:e2:6b:76:4e:5d:70:
         0c:b8:81:38:ee:c2:bf:61:90:0a:c3:44:0a:ff:b3:e0:e5:e4:
         10:00:af:cd:55:79:b1:56:99:88:5d:b2:c4:8c:42:00:92:44:
         ef:f3:0f:64:8c:f9:5c:7c:24:e1:da:f4:1a:bf:c1:9d:b1:c9:
         1d:e7:dd:d7:b3:f8:34:a6:bb:6f:70:c8:74:96:29:a3:3d:93:
         9c:72:8b:ef:64:d3:e3:2e:ee:f6:14:1b:1e:1b:60:da:b6:c8:
         8e:99:ab:b7:37:23:d1:9e:87:68:e1:dc:81:2b:bb:80:36:48:
         84:16:96:df:e9:77:a7:42:76:54:90:6b:ed:17:7c:2d:53:cd:
         8a:b1:dc:9c:c5:32:69:76:d2:a2:4e:51:83:79:44:27:65:f2:
         44:d7:e9:56:d0:b2:68:07:48:35:5f:e6:aa:9e:11:fa:df:b2:
         bc:1d:ba:93:75:a3:53:a0:f9:20:3f:46:96:1e:dc:fb:ed:40:
         70:bd:f7:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRkGOXLoKsnAuplFzH0b6lUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNzc5ZTU2MjM4YjZmMmVhMDY4ZWRlNGUyMGFlZjAwYzkw
NDEzMmIwHhcNMjIxMTExMDAzMTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjE4MWI1ODAxNzJlMzg5MzgwNmQxNTczOWM4ZWVmNTMyMGQ5NDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2V8+Xfbkao/b2wLUSoDWB90l0Nr
41QaLpvX2pYsbc4mgyWdoHK4TDEbl+f+TAVerKZsSY/FWGmvm91stYvGN5CXUJV6
GClUwVYIr83WyiomSVq6SrmEPD5NXETQ9hd2HYcsTIwJkNyYJl0KzXrl/XfUMoWy
XDslYQuzb/RmjtXZrOvpy5MgaMuWbx5J/l1X4ee7fz7kyD7S6evfSGBuHY08S6Fw
ZB2/KaQJGN8NFXFhg6LucMpNvxTTXoktzJyV4JN/Zz00S6KdfRj+TV3dNlO4QbG3
64BkjrzuJ2sHfJsM6XQAhZG+9GYHBQF0cypmeybiR9BSNSfYVWeMWulZNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBYYG1gBcuOJOAbRVznI7vUyDZScMB8GA1UdIwQY
MBaAFP53nlYji28uoGjt5OIK7wDJBBMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQt
MzM4OTQ5MTNkY2I3LzEvRmhnYldBRnk0NGs0QnRGWE9janU5VElObEp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQtMzM4OTQ5MTNkY2I3
LzEvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXDWgMA0G
CSqGSIb3DQEBCwUAA4IBAQA0w/Ijf2qy09TlysaI5SfZvOMdkHq2uEcHBjE9mVeI
iMCygts33kczg9AZO08l3BA4EG46Zc7FzeZcQJavJ6a2OL7ia3ZOXXAMuIE47sK/
YZAKw0QK/7Pg5eQQAK/NVXmxVpmIXbLEjEIAkkTv8w9kjPlcfCTh2vQav8Gdsckd
593Xs/g0prtvcMh0limjPZOccovvZNPjLu72FBseG2DatsiOmau3NyPRnodo4dyB
K7uANkiEFpbf6XenQnZUkGvtF3wtU82KsdycxTJpdtKiTlGDeUQnZfJE1+lW0LJo
B0g1X+aqnhH637K8HbqTdaNToPkgP0aWHtz77UBwvffb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:04 2024 by rpki-client on console-ams.rpki-client.org