Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/FNIecQiqjB4WLCEMA8eia_Fx-9E.roa
File:                     FNIecQiqjB4WLCEMA8eia_Fx-9E.roa (raw, json)
Hash identifier:          s+AxF81O66AQjk1m3X1JueBNoZyUBs3tHCxII7+6irc=
Subject key identifier:   14:D2:1E:71:08:AA:8C:1E:16:2C:21:0C:03:C7:A2:6B:F1:71:FB:D1
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       0183338263A687F071552FF5930850BD6B8E
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/FNIecQiqjB4WLCEMA8eia_Fx-9E.roa
Signing time:             Mon 12 Sep 2022 21:02:06 +0000
ROA not before:           Mon 12 Sep 2022 21:02:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205090
IP address blocks:        185.112.102.0/24 maxlen: 24
                          185.112.101.0/24 maxlen: 24
                          185.112.103.0/24 maxlen: 24
                          45.9.73.0/24 maxlen: 24
                          45.9.75.0/24 maxlen: 24
                          193.162.143.0/24 maxlen: 24
                          185.233.83.0/24 maxlen: 24
                          185.105.90.0/24 maxlen: 24
                          185.105.88.0/24 maxlen: 24
                          185.105.91.0/24 maxlen: 24
                          185.105.89.0/24 maxlen: 24
                          185.221.162.0/24 maxlen: 24
                          45.95.202.0/24 maxlen: 24
                          185.102.139.0/24 maxlen: 24
                          45.95.203.0/24 maxlen: 24
                          45.90.216.0/24 maxlen: 24
                          45.90.218.0/24 maxlen: 24
                          45.90.217.0/24 maxlen: 24
                          45.90.219.0/24 maxlen: 24
                          84.252.73.0/24 maxlen: 24
                          84.252.75.0/24 maxlen: 24
                          84.252.74.0/24 maxlen: 24
                          185.233.200.0/24 maxlen: 24
                          185.232.169.0/24 maxlen: 24
                          185.128.105.0/24 maxlen: 24
                          45.89.65.0/24 maxlen: 24
                          85.209.2.0/24 maxlen: 24
                          185.103.109.0/24 maxlen: 24
                          185.128.107.0/24 maxlen: 24
                          185.128.106.0/24 maxlen: 24
                          193.168.227.0/24 maxlen: 24
                          185.217.198.0/24 maxlen: 24
                          185.217.199.0/24 maxlen: 24
                          185.104.251.0/24 maxlen: 24
                          2a09:5302:ffff::/48 maxlen: 48
                          2a0e:d603::/32 maxlen: 32
                          2a09:5302::/32 maxlen: 32
                          2a0d:2dc0::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:33:82:63:a6:87:f0:71:55:2f:f5:93:08:50:bd:6b:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Sep 12 21:02:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=14d21e7108aa8c1e162c210c03c7a26bf171fbd1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:ad:b2:d2:27:95:fc:58:c8:b6:c0:25:89:fc:
                    00:27:63:ac:bf:63:02:45:08:d0:50:32:d7:6b:42:
                    20:b3:72:00:be:73:a2:c9:55:e7:ba:0e:09:4c:92:
                    8d:31:03:c5:d6:97:4c:09:f3:e5:0f:1e:0a:8d:5f:
                    7f:75:b5:a2:ae:67:01:4c:e9:4a:b8:6d:48:d9:96:
                    c5:51:12:eb:f7:eb:c4:03:62:f3:b5:4b:02:72:7b:
                    52:61:1e:96:40:8a:4c:f2:14:19:9d:d8:f8:2e:86:
                    04:c4:39:da:b3:f2:ab:83:09:15:b6:cb:1f:53:2e:
                    87:d0:0f:83:52:24:99:08:b7:19:5f:e3:72:90:a7:
                    76:78:af:a4:41:e9:ad:40:1f:af:af:04:e8:0a:e2:
                    29:bf:d9:b5:d7:49:d0:f2:dc:f2:0f:02:3f:37:8d:
                    ef:e6:ae:10:9f:42:4a:ee:ed:3f:e5:f0:82:a6:f1:
                    01:4a:ab:04:a3:36:0d:8e:58:1e:1c:aa:6c:2f:cb:
                    e1:0f:27:ee:f4:23:c1:8f:71:f7:02:b9:5e:67:01:
                    7d:ed:b7:6c:c9:5c:64:26:e0:08:df:b0:93:7c:78:
                    f2:d6:4e:b9:05:7b:4f:72:41:27:ea:44:3c:39:78:
                    e0:d2:34:c6:69:88:e1:6d:d3:8a:fa:df:30:1e:75:
                    27:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:D2:1E:71:08:AA:8C:1E:16:2C:21:0C:03:C7:A2:6B:F1:71:FB:D1
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/FNIecQiqjB4WLCEMA8eia_Fx-9E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.9.73.0/24
                  45.9.75.0/24
                  45.89.65.0/24
                  45.90.216.0/22
                  45.95.202.0/23
                  84.252.73.0-84.252.75.255
                  85.209.2.0/24
                  185.102.139.0/24
                  185.103.109.0/24
                  185.104.251.0/24
                  185.105.88.0/22
                  185.112.101.0-185.112.103.255
                  185.128.105.0-185.128.107.255
                  185.217.198.0/23
                  185.221.162.0/24
                  185.232.169.0/24
                  185.233.83.0/24
                  185.233.200.0/24
                  193.162.143.0/24
                  193.168.227.0/24
                IPv6:
                  2a09:5302::/32
                  2a0d:2dc0::/29
                  2a0e:d603::/32

    Signature Algorithm: sha256WithRSAEncryption
         4f:0e:6b:0e:6a:a8:02:4e:fc:3d:0a:ea:62:74:31:cf:d3:f8:
         be:83:82:d8:8f:cd:7c:e4:3a:f3:7f:e4:1c:fa:0f:8b:90:25:
         78:7f:b2:54:11:ab:23:a5:7a:62:a9:b7:90:67:28:5f:18:13:
         f8:84:91:ec:ae:29:86:b3:a8:59:2f:43:b2:53:a4:2b:a2:34:
         81:45:4d:01:bc:15:37:c9:ec:5e:51:64:c1:0c:85:40:a7:ae:
         88:58:3b:a7:8b:ac:93:29:79:ba:41:5f:ab:b4:70:7b:05:62:
         40:de:f6:4d:97:6a:09:2f:c8:89:b3:76:eb:7e:f6:4b:4d:7e:
         d8:20:a5:11:1e:13:0b:66:a1:6b:f4:a5:b4:2c:e1:e0:da:0b:
         1a:99:35:3c:b8:5e:4d:60:26:12:69:f4:60:c9:c9:71:cf:b7:
         28:92:b0:63:50:a5:25:e2:47:90:94:f1:34:be:4f:a0:54:d0:
         06:93:99:f7:da:20:1f:66:c3:50:5f:b3:66:ef:b8:77:a3:26:
         4e:dd:98:3a:60:04:77:01:94:06:7a:cf:37:2c:9c:32:b8:6d:
         83:12:4a:6c:c8:0d:d4:3c:78:38:e8:af:6c:f1:b6:d7:52:68:
         b4:4a:10:51:e4:70:bc:7b:ac:ee:e6:1f:e0:23:f1:8a:e6:28:
         e3:12:6c:9e
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAYMzgmOmh/BxVS/1kwhQvWuOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIwOTEyMjEwMjA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGQyMWU3MTA4YWE4YzFlMTYyYzIxMGMwM2M3YTI2YmYxNzFmYmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzq2y0ieV/FjItsAlifwAJ2Osv2MC
RQjQUDLXa0Igs3IAvnOiyVXnug4JTJKNMQPF1pdMCfPlDx4KjV9/dbWirmcBTOlK
uG1I2ZbFURLr9+vEA2LztUsCcntSYR6WQIpM8hQZndj4LoYExDnas/KrgwkVtssf
Uy6H0A+DUiSZCLcZX+NykKd2eK+kQemtQB+vrwToCuIpv9m110nQ8tzyDwI/N43v
5q4Qn0JK7u0/5fCCpvEBSqsEozYNjlgeHKpsL8vhDyfu9CPBj3H3ArleZwF97bds
yVxkJuAI37CTfHjy1k65BXtPckEn6kQ8OXjg0jTGaYjhbdOK+t8wHnUnuQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFBTSHnEIqoweFiwhDAPHomvxcfvRMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvRk5JZWNRaXFqQjRXTENFTUE4ZWlhX0Z4LTlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHKBggrBgEFBQcBBwEB/wSBujCBtzCBlwQCAAEwgZADBAAt
CUkDBAAtCUsDBAAtWUEDBAItWtgDBAEtX8owDAMEAFT8SQMEAlT8SAMEAFXRAgME
ALlmiwMEALlnbQMEALlo+wMEArlpWDAMAwQAuXBlAwQDuXBgMAwDBAC5gGkDBAK5
gGgDBAG52cYDBAC53aIDBAC56KkDBAC56VMDBAC56cgDBADBoo8DBADBqOMwGwQC
AAIwFQMFACoJUwIDBQMqDS3AAwUAKg7WAzANBgkqhkiG9w0BAQsFAAOCAQEATw5r
DmqoAk78PQrqYnQxz9P4voOC2I/NfOQ683/kHPoPi5AleH+yVBGrI6V6Yqm3kGco
XxgT+ISR7K4phrOoWS9DslOkK6I0gUVNAbwVN8nsXlFkwQyFQKeuiFg7p4uskyl5
ukFfq7RwewViQN72TZdqCS/IibN26372S01+2CClER4TC2aha/SltCzh4NoLGpk1
PLheTWAmEmn0YMnJcc+3KJKwY1ClJeJHkJTxNL5PoFTQBpOZ99ogH2bDUF+zZu+4
d6MmTt2YOmAEdwGUBnrPNyycMrhtgxJKbMgN1Dx4OOivbPG211JotEoQUeRwvHus
7uYf4CPxiuYo4xJsng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:08 2024 by rpki-client on console-ams.rpki-client.org