Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/FLtqqVshQYJrcGE8lUMhO3afgHk.roa
File:                     FLtqqVshQYJrcGE8lUMhO3afgHk.roa (raw, json)
Hash identifier:          YVe9oTKindEU6pXZVRu0wUg4iGGKYvCBIpqcZo7RBe0=
Subject key identifier:   14:BB:6A:A9:5B:21:41:82:6B:70:61:3C:95:43:21:3B:76:9F:80:79
Certificate issuer:       /CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Certificate serial:       07164049
Authority key identifier: 99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/FLtqqVshQYJrcGE8lUMhO3afgHk.roa
Signing time:             Mon 31 Jan 2022 15:20:15 +0000
ROA not before:           Mon 31 Jan 2022 15:20:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1299
IP address blocks:        79.132.145.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 118898761 (0x7164049)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=996721831afb8b38307b49f5b9ee6292ad1e5850
        Validity
            Not Before: Jan 31 15:20:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=14bb6aa95b2141826b70613c9543213b769f8079
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:d7:2e:b5:99:39:9b:04:8e:23:4b:99:8d:3a:
                    17:e0:87:34:75:50:80:0c:93:18:4c:f4:0e:a1:05:
                    f2:8e:b9:b9:d5:69:37:34:9a:fd:89:e3:5a:8e:99:
                    3c:c6:21:ee:a6:40:32:3f:8c:eb:30:e8:a0:40:e1:
                    2e:4c:f9:9e:d2:02:2e:f5:50:76:c0:e3:40:9f:b5:
                    02:9f:58:54:eb:69:84:f3:bc:4a:94:1d:54:df:44:
                    7e:4a:27:d0:8b:15:7e:1e:ad:2c:81:b6:37:12:78:
                    2a:d0:fe:27:29:a3:31:17:7f:f6:64:30:94:f0:94:
                    d5:19:27:ad:8e:c8:a2:72:50:fb:f1:0f:af:e7:71:
                    1f:85:e5:8c:d0:f2:21:5c:bc:01:cd:18:d8:41:19:
                    72:1a:1e:8f:dc:c3:b5:d0:2e:fe:1b:ca:8b:c7:c9:
                    d8:fb:6b:69:17:7b:6e:e2:ec:af:a1:c0:6f:93:a7:
                    99:9a:6d:79:09:e5:cc:9e:db:23:91:e7:8e:b7:c1:
                    e4:de:af:9b:bf:34:13:c6:82:a1:b6:82:de:90:c0:
                    da:a2:05:f1:ef:54:94:e2:5a:e0:9b:bf:2a:ad:19:
                    42:41:fc:19:b9:a8:99:31:86:a3:11:ab:b7:68:f6:
                    43:f3:63:35:63:bc:de:32:16:fc:1d:9f:14:67:e0:
                    99:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:BB:6A:A9:5B:21:41:82:6B:70:61:3C:95:43:21:3B:76:9F:80:79
            X509v3 Authority Key Identifier:
                keyid:99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/FLtqqVshQYJrcGE8lUMhO3afgHk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/mWchgxr7izgwe0n1ue5ikq0eWFA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.132.145.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:21:01:32:c2:eb:4b:03:79:9e:00:ed:df:71:74:94:65:60:
         f3:7e:81:22:1e:90:1f:9c:08:c9:2f:b3:69:ea:38:91:fa:9c:
         de:dc:c6:7f:d3:6f:48:e5:0a:19:2a:c1:78:4d:3b:1a:67:87:
         9c:2f:9a:ab:a7:6a:60:a3:63:af:24:c9:77:2f:a4:79:31:b7:
         4c:68:b5:46:7a:09:17:ad:21:48:91:38:96:ac:7e:9f:47:4f:
         ab:e6:a7:b2:b1:b6:14:19:09:42:88:d9:6d:fa:c9:7b:7d:ee:
         30:7b:5a:ca:3d:a0:14:a1:16:1e:e5:c1:c5:30:b1:9a:e5:d5:
         9e:3e:fa:e9:6d:f9:0c:a1:9d:d0:c5:52:94:02:49:95:57:b5:
         2a:c9:50:f8:c9:25:f8:33:74:5a:cb:65:d8:4d:67:5d:5f:a4:
         9d:c3:c3:35:33:62:56:d5:e3:ce:6d:5f:63:a4:c3:b5:49:b1:
         d8:8a:9d:36:34:28:57:1a:11:ea:0c:f4:9f:92:8d:5c:fa:5f:
         e6:6c:49:d7:87:3d:53:b3:8b:03:3f:76:2c:1f:67:24:1d:46:
         d9:40:07:7a:6f:ba:68:c3:04:8c:bc:87:74:f5:1a:ef:85:74:
         d0:74:94:d9:1c:42:c7:b4:78:29:5d:2d:5f:ad:c9:31:e8:db:
         9d:e9:f2:d5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBxZASTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OTY3MjE4MzFhZmI4YjM4MzA3YjQ5ZjViOWVlNjI5MmFkMWU1ODUwMB4XDTIyMDEz
MTE1MjAxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTRiYjZhYTk1YjIx
NDE4MjZiNzA2MTNjOTU0MzIxM2I3NjlmODA3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKTXLrWZOZsEjiNLmY06F+CHNHVQgAyTGEz0DqEF8o65udVp
NzSa/YnjWo6ZPMYh7qZAMj+M6zDooEDhLkz5ntICLvVQdsDjQJ+1Ap9YVOtphPO8
SpQdVN9Efkon0IsVfh6tLIG2NxJ4KtD+JymjMRd/9mQwlPCU1RknrY7IonJQ+/EP
r+dxH4XljNDyIVy8Ac0Y2EEZchoej9zDtdAu/hvKi8fJ2PtraRd7buLsr6HAb5On
mZpteQnlzJ7bI5HnjrfB5N6vm780E8aCobaC3pDA2qIF8e9UlOJa4Ju/Kq0ZQkH8
GbmomTGGoxGrt2j2Q/NjNWO83jIW/B2fFGfgmYcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQUu2qpWyFBgmtwYTyVQyE7dp+AeTAfBgNVHSMEGDAWgBSZZyGDGvuLODB7
SfW57mKSrR5YUDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21XY2hneHI3aXpnd2UwbjF1ZTVpa3EwZVdGQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvMWMxZWIyLTFmNjUtNGY3MS04YjMyLWI0YmZlNDU2ZGRlMC8x
L0ZMdHFxVnNoUVlKcmNHRThsVU1oTzNhZmdIay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
MWMxZWIyLTFmNjUtNGY3MS04YjMyLWI0YmZlNDU2ZGRlMC8xL21XY2hneHI3aXpn
d2UwbjF1ZTVpa3EwZVdGQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE+EkTANBgkqhkiG9w0BAQsFAAOC
AQEAUSEBMsLrSwN5ngDt33F0lGVg836BIh6QH5wIyS+zaeo4kfqc3tzGf9NvSOUK
GSrBeE07GmeHnC+aq6dqYKNjryTJdy+keTG3TGi1RnoJF60hSJE4lqx+n0dPq+an
srG2FBkJQojZbfrJe33uMHtayj2gFKEWHuXBxTCxmuXVnj766W35DKGd0MVSlAJJ
lVe1KslQ+Mkl+DN0Wstl2E1nXV+kncPDNTNiVtXjzm1fY6TDtUmx2IqdNjQoVxoR
6gz0n5KNXPpf5mxJ14c9U7OLAz92LB9nJB1G2UAHem+6aMMEjLyHdPUa74V00HSU
2RxCx7R4KV0tX63JMejbneny1Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:46 2024 by rpki-client on console-fra.rpki-client.org