Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/FuP51lnTcZLfpqxl85vZjjA8NvY.roa
File:                     FuP51lnTcZLfpqxl85vZjjA8NvY.roa (raw, json)
Hash identifier:          hLLP9ShpmSgTKR5ODvWgByDzOtB+VHgPbhyQCyGF9dQ=
Subject key identifier:   16:E3:F9:D6:59:D3:71:92:DF:A6:AC:65:F3:9B:D9:8E:30:3C:36:F6
Certificate issuer:       /CN=52a5c90ca928313bc70d2683bb0f64d632b273a1
Certificate serial:       0B371207
Authority key identifier: 52:A5:C9:0C:A9:28:31:3B:C7:0D:26:83:BB:0F:64:D6:32:B2:73:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UqXJDKkoMTvHDSaDuw9k1jKyc6E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/FuP51lnTcZLfpqxl85vZjjA8NvY.roa
Signing time:             Sat 01 Jan 2022 13:02:26 +0000
ROA not before:           Sat 01 Jan 2022 13:02:26 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20902
IP address blocks:        80.88.64.0/20 maxlen: 24
                          194.0.184.0/24 maxlen: 24
                          46.229.0.0/20 maxlen: 24
                          185.76.40.0/22 maxlen: 24
                          109.239.160.0/20 maxlen: 24
                          80.73.96.0/19 maxlen: 24
                          2a00:1230::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 188158471 (0xb371207)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52a5c90ca928313bc70d2683bb0f64d632b273a1
        Validity
            Not Before: Jan  1 13:02:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=16e3f9d659d37192dfa6ac65f39bd98e303c36f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:f8:d3:c1:40:88:7a:db:7b:d1:70:f8:73:0b:
                    fd:67:01:50:c6:14:fa:33:4f:d3:c3:54:fd:6f:a9:
                    62:dc:0f:6f:8d:d3:9e:f1:8e:04:1c:57:0a:98:bd:
                    ed:d9:80:d1:ea:80:b0:a9:0f:f5:94:f7:46:e5:11:
                    dd:ef:d0:b8:47:32:48:41:09:a3:57:b4:be:48:58:
                    39:84:1d:73:06:9b:91:d8:41:bf:75:01:3d:fd:96:
                    af:1a:41:7f:ae:a6:ca:51:83:78:b6:49:98:0a:72:
                    92:88:04:17:67:6e:5c:28:c2:c5:11:3e:36:9e:89:
                    a5:b4:b0:e7:52:57:9b:85:5a:8e:b7:ca:bc:30:f5:
                    7d:ba:30:a9:77:d0:c9:f9:6a:53:af:04:a1:f3:e8:
                    69:7e:2f:22:3b:97:7a:94:a6:cf:c2:bd:8f:ca:08:
                    bd:2f:08:bf:c2:97:cc:9f:38:44:c6:0f:60:c9:93:
                    5f:58:d6:ac:ad:0b:a3:1a:18:c4:12:4d:c3:71:23:
                    d6:fd:2c:85:82:c8:6a:64:80:de:f4:75:1f:c2:cb:
                    07:ca:e0:2c:89:c8:d2:72:ef:34:1b:80:b2:40:38:
                    77:b0:cd:a7:3e:1c:0b:2d:23:8c:69:46:5b:65:1d:
                    a0:9f:93:d3:8d:35:0d:00:aa:59:ec:28:7e:a1:81:
                    32:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:E3:F9:D6:59:D3:71:92:DF:A6:AC:65:F3:9B:D9:8E:30:3C:36:F6
            X509v3 Authority Key Identifier:
                keyid:52:A5:C9:0C:A9:28:31:3B:C7:0D:26:83:BB:0F:64:D6:32:B2:73:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UqXJDKkoMTvHDSaDuw9k1jKyc6E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/FuP51lnTcZLfpqxl85vZjjA8NvY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/UqXJDKkoMTvHDSaDuw9k1jKyc6E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.229.0.0/20
                  80.73.96.0/19
                  80.88.64.0/20
                  109.239.160.0/20
                  185.76.40.0/22
                  194.0.184.0/24
                IPv6:
                  2a00:1230::/29

    Signature Algorithm: sha256WithRSAEncryption
         6a:3d:09:88:df:d6:d9:64:7f:ca:fd:75:ff:47:e1:13:21:d7:
         4c:c5:f7:db:2a:bf:0c:48:e8:69:0c:f6:4a:6f:c8:21:75:64:
         3f:11:bf:c6:75:c2:79:6f:ed:69:f9:88:db:aa:c7:ae:12:ff:
         e7:1c:80:5f:a6:64:aa:45:d4:cd:eb:db:fd:4b:8d:be:9a:8b:
         d0:28:6c:c3:69:62:dd:da:47:27:1b:17:c5:df:7c:f8:03:7c:
         53:33:e9:2d:1f:c1:83:ee:23:e3:c6:65:d4:51:dd:8c:3a:91:
         36:37:6f:b9:e1:f3:a9:03:b2:9e:58:76:18:a0:33:2b:4a:3b:
         91:45:db:f7:20:af:b1:07:07:ec:50:fb:95:c5:da:33:5c:c1:
         4d:16:a0:09:0b:5f:57:5a:11:02:8f:9d:ff:e2:6a:40:30:be:
         49:64:0a:50:e6:41:20:f4:9e:71:2b:18:2f:8d:5b:f7:bb:82:
         7b:27:16:6e:1a:7d:ec:94:0e:71:89:28:a3:f3:3a:14:0d:07:
         27:d1:85:f9:bc:98:fb:62:a4:63:94:22:18:d0:4a:5c:79:a2:
         5b:8c:b0:0e:8f:ac:b8:4c:08:f8:d8:5a:b4:34:a3:51:4c:6d:
         98:84:c8:b6:91:b1:f8:4a:76:ee:94:e7:1e:f0:88:54:9a:e1:
         11:9e:09:15
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIECzcSBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MmE1YzkwY2E5MjgzMTNiYzcwZDI2ODNiYjBmNjRkNjMyYjI3M2ExMB4XDTIyMDEw
MTEzMDIyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTZlM2Y5ZDY1OWQz
NzE5MmRmYTZhYzY1ZjM5YmQ5OGUzMDNjMzZmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAML408FAiHrbe9Fw+HML/WcBUMYU+jNP08NU/W+pYtwPb43T
nvGOBBxXCpi97dmA0eqAsKkP9ZT3RuUR3e/QuEcySEEJo1e0vkhYOYQdcwabkdhB
v3UBPf2WrxpBf66mylGDeLZJmApykogEF2duXCjCxRE+Np6JpbSw51JXm4VajrfK
vDD1fbowqXfQyflqU68EofPoaX4vIjuXepSmz8K9j8oIvS8Iv8KXzJ84RMYPYMmT
X1jWrK0LoxoYxBJNw3Ej1v0shYLIamSA3vR1H8LLB8rgLInI0nLvNBuAskA4d7DN
pz4cCy0jjGlGW2UdoJ+T0401DQCqWewofqGBMkcCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBQW4/nWWdNxkt+mrGXzm9mOMDw29jAfBgNVHSMEGDAWgBRSpckMqSgxO8cN
JoO7D2TWMrJzoTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VxWEpES2tvTVR2SERTYUR1dzlrMWpLeWM2RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzQvYzRiN2EwLTFlNTAtNDAzYy1iMjRlLTEzZWQ2MzNmOTIyYS8x
L0Z1UDUxbG5UY1pMZnBxeGw4NXZaampBOE52WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQv
YzRiN2EwLTFlNTAtNDAzYy1iMjRlLTEzZWQ2MzNmOTIyYS8xL1VxWEpES2tvTVR2
SERTYUR1dzlrMWpLeWM2RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEBC7lAAMEBVBJYAMEBFBYQAMEBG3v
oAMEArlMKAMEAMIAuDANBAIAAjAHAwUDKgASMDANBgkqhkiG9w0BAQsFAAOCAQEA
aj0JiN/W2WR/yv11/0fhEyHXTMX32yq/DEjoaQz2Sm/IIXVkPxG/xnXCeW/tafmI
26rHrhL/5xyAX6ZkqkXUzevb/UuNvpqL0Chsw2li3dpHJxsXxd98+AN8UzPpLR/B
g+4j48Zl1FHdjDqRNjdvueHzqQOynlh2GKAzK0o7kUXb9yCvsQcH7FD7lcXaM1zB
TRagCQtfV1oRAo+d/+JqQDC+SWQKUOZBIPSecSsYL41b97uCeycWbhp97JQOcYko
o/M6FA0HJ9GF+byY+2KkY5QiGNBKXHmiW4ywDo+suEwI+NhatDSjUUxtmITItpGx
+Ep27pTnHvCIVJrhEZ4JFQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:00 2024 by rpki-client on console-fra.rpki-client.org