Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/FCKgGuqLua35OnhEc7QXpSLAawA.roa
File:                     FCKgGuqLua35OnhEc7QXpSLAawA.roa (raw, json)
Hash identifier:          kATQ7ETfIhYUeKkhX7KNnI7Y0ren9DT1pv9q1k7O498=
Subject key identifier:   14:22:A0:1A:EA:8B:B9:AD:F9:3A:78:44:73:B4:17:A5:22:C0:6B:00
Certificate issuer:       /CN=59a06c187953cfc8133b2beee5f01a15e45da078
Certificate serial:       CB07A7
Authority key identifier: 59:A0:6C:18:79:53:CF:C8:13:3B:2B:EE:E5:F0:1A:15:E4:5D:A0:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WaBsGHlTz8gTOyvu5fAaFeRdoHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/FCKgGuqLua35OnhEc7QXpSLAawA.roa
Signing time:             Sat 01 Jan 2022 12:57:36 +0000
ROA not before:           Sat 01 Jan 2022 12:57:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210994
IP address blocks:        91.233.120.0/24 maxlen: 24
                          194.104.235.0/24 maxlen: 24
                          2a11:6740::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13305767 (0xcb07a7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=59a06c187953cfc8133b2beee5f01a15e45da078
        Validity
            Not Before: Jan  1 12:57:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1422a01aea8bb9adf93a784473b417a522c06b00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:78:de:fb:f8:33:fd:90:22:1e:f8:96:ed:80:
                    44:f0:71:a4:3c:24:48:64:92:9e:f9:56:f0:7f:f8:
                    5e:78:70:06:02:8c:ed:08:71:4b:18:cf:46:ad:95:
                    56:96:3d:ca:70:e9:35:e8:6c:a9:c9:eb:94:ea:36:
                    61:b2:b5:88:3c:fe:72:ed:65:22:1c:d4:c9:48:8c:
                    3b:c9:ae:43:c1:00:82:ae:06:9c:7b:ae:5c:cd:3f:
                    29:2b:5e:7c:5c:eb:97:63:05:7c:df:22:9b:f6:fc:
                    e5:5e:f4:e1:ab:cb:d8:32:d3:c8:1b:ec:c6:ef:ce:
                    2d:01:e3:8c:8d:52:a1:8e:1d:06:5a:b8:58:ae:15:
                    f5:03:38:9c:b6:81:63:b4:41:63:83:a1:cf:75:e4:
                    42:69:28:a5:01:d8:6e:f0:db:c3:00:4b:94:46:7e:
                    4e:2c:c8:b8:0f:65:1b:fe:bc:b6:75:9b:7d:4d:8c:
                    6a:2d:8d:4f:83:7a:8d:a5:89:20:7b:06:1b:d4:fd:
                    a7:58:bf:d1:51:17:c3:bb:8e:32:ee:83:0e:47:44:
                    40:53:d2:a6:34:f3:12:1d:3c:3a:70:48:6a:56:ed:
                    7c:a5:6f:4b:8f:07:d4:90:72:d7:97:fd:be:dc:1e:
                    69:dd:4f:0e:82:38:f6:74:28:68:41:de:38:0e:ad:
                    b5:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:22:A0:1A:EA:8B:B9:AD:F9:3A:78:44:73:B4:17:A5:22:C0:6B:00
            X509v3 Authority Key Identifier:
                keyid:59:A0:6C:18:79:53:CF:C8:13:3B:2B:EE:E5:F0:1A:15:E4:5D:A0:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WaBsGHlTz8gTOyvu5fAaFeRdoHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/FCKgGuqLua35OnhEc7QXpSLAawA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/WaBsGHlTz8gTOyvu5fAaFeRdoHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.233.120.0/24
                  194.104.235.0/24
                IPv6:
                  2a11:6740::/29

    Signature Algorithm: sha256WithRSAEncryption
         98:af:7e:bb:5f:3d:2f:13:7c:bf:a3:f4:5a:41:75:82:87:b1:
         7b:71:08:c0:d3:a9:a7:1b:fa:fd:5c:d0:ca:65:ea:b3:2a:44:
         31:d4:b4:97:6a:a3:20:0d:88:12:87:0d:ee:59:91:75:21:33:
         35:ff:f1:f9:22:8c:a6:77:03:ca:f5:15:fe:28:cd:1d:b0:6e:
         12:91:bb:07:9a:a8:eb:ec:82:39:3c:82:6a:0b:24:60:27:ec:
         8c:3e:e8:2e:14:b9:4a:79:6b:ea:d7:85:ab:52:d2:4f:ec:5f:
         ec:00:3b:27:4f:e0:68:a4:c6:cf:fd:51:2b:51:c3:29:86:78:
         a1:45:70:46:67:a6:88:7f:bb:42:a6:7d:b3:90:72:aa:5d:37:
         20:1f:23:42:42:a6:2f:07:e9:f1:45:5d:e9:8b:d3:69:0e:74:
         79:0a:7e:54:fc:c8:fa:f9:6c:49:e8:84:1a:96:5d:f2:9d:d3:
         42:aa:5c:77:43:b2:8f:b9:69:c3:02:73:a9:ec:55:9a:87:c0:
         a6:ce:0b:a9:d0:d7:3f:f4:bc:60:40:ac:59:12:2a:a3:ed:33:
         9e:50:1e:aa:43:c4:99:b8:9e:0d:4f:4f:1f:2a:cd:27:81:0d:
         e1:d9:7b:b5:e4:0b:9e:b9:27:65:5a:4c:60:46:a6:d8:a0:32:
         eb:ce:a3:27
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEAMsHpzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
OWEwNmMxODc5NTNjZmM4MTMzYjJiZWVlNWYwMWExNWU0NWRhMDc4MB4XDTIyMDEw
MTEyNTczNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTQyMmEwMWFlYThi
YjlhZGY5M2E3ODQ0NzNiNDE3YTUyMmMwNmIwMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKV43vv4M/2QIh74lu2ARPBxpDwkSGSSnvlW8H/4XnhwBgKM
7QhxSxjPRq2VVpY9ynDpNehsqcnrlOo2YbK1iDz+cu1lIhzUyUiMO8muQ8EAgq4G
nHuuXM0/KStefFzrl2MFfN8im/b85V704avL2DLTyBvsxu/OLQHjjI1SoY4dBlq4
WK4V9QM4nLaBY7RBY4Ohz3XkQmkopQHYbvDbwwBLlEZ+TizIuA9lG/68tnWbfU2M
ai2NT4N6jaWJIHsGG9T9p1i/0VEXw7uOMu6DDkdEQFPSpjTzEh08OnBIalbtfKVv
S48H1JBy15f9vtwead1PDoI49nQoaEHeOA6ttc0CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQUIqAa6ou5rfk6eERztBelIsBrADAfBgNVHSMEGDAWgBRZoGwYeVPPyBM7
K+7l8BoV5F2geDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dhQnNHSGxUejhnVE95dnU1ZkFhRmVSZG9IZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjIvOTE3MGUzLWU5YjMtNGQ2ZC04Nzg3LWU0NmVhODliZjg0OS8x
L0ZDS2dHdXFMdWEzNU9uaEVjN1FYcFNMQWF3QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjIv
OTE3MGUzLWU5YjMtNGQ2ZC04Nzg3LWU0NmVhODliZjg0OS8xL1dhQnNHSGxUejhn
VE95dnU1ZkFhRmVSZG9IZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAFvpeAMEAMJo6zANBAIAAjAHAwUD
KhFnQDANBgkqhkiG9w0BAQsFAAOCAQEAmK9+u189LxN8v6P0WkF1goexe3EIwNOp
pxv6/VzQymXqsypEMdS0l2qjIA2IEocN7lmRdSEzNf/x+SKMpncDyvUV/ijNHbBu
EpG7B5qo6+yCOTyCagskYCfsjD7oLhS5Snlr6teFq1LST+xf7AA7J0/gaKTGz/1R
K1HDKYZ4oUVwRmemiH+7QqZ9s5Byql03IB8jQkKmLwfp8UVd6YvTaQ50eQp+VPzI
+vlsSeiEGpZd8p3TQqpcd0Oyj7lpwwJzqexVmofAps4LqdDXP/S8YECsWRIqo+0z
nlAeqkPEmbieDU9PHyrNJ4EN4dl7teQLnrknZVpMYEam2KAy686jJw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:26 2024 by rpki-client on console-fra.rpki-client.org