Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/FcwPriHMoncp83Yk-QhZ-LJMumo.roa
File:                     FcwPriHMoncp83Yk-QhZ-LJMumo.roa (raw, json)
Hash identifier:          jVX08ATR1CPxKnADqM0AfqH1mMvpmFJwo77MVpYrBy0=
Subject key identifier:   15:CC:0F:AE:21:CC:A2:77:29:F3:76:24:F9:08:59:F8:B2:4C:BA:6A
Certificate issuer:       /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial:       01852F4FA25A53B20B773BCFC7EA267619FA
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/FcwPriHMoncp83Yk-QhZ-LJMumo.roa
Signing time:             Tue 20 Dec 2022 11:33:46 +0000
ROA not before:           Tue 20 Dec 2022 11:33:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43260
IP address blocks:        213.21.232.0/24 maxlen: 24
                          213.21.237.0/24 maxlen: 24
                          213.21.236.0/24 maxlen: 24
                          213.21.240.0/24 maxlen: 24
                          213.21.245.0/24 maxlen: 24
                          213.21.243.0/24 maxlen: 24
                          213.21.241.0/24 maxlen: 24
                          213.21.251.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:2f:4f:a2:5a:53:b2:0b:77:3b:cf:c7:ea:26:76:19:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
        Validity
            Not Before: Dec 20 11:33:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=15cc0fae21cca27729f37624f90859f8b24cba6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:af:ec:f9:df:c9:10:92:63:59:8f:93:0a:a6:
                    f2:ef:3f:1d:f0:48:14:b5:ca:df:71:0b:06:c6:b4:
                    fa:eb:d0:bd:06:17:b5:8c:9e:9e:44:52:fd:9a:aa:
                    be:0c:d2:3d:90:99:0f:f5:54:59:3c:c3:f1:64:7b:
                    bf:25:5e:5f:a3:ea:bd:0f:03:8e:21:24:62:49:0a:
                    94:08:6a:9a:b2:c4:8f:d0:c1:af:d5:e4:9d:b0:b7:
                    cc:88:d8:64:1e:e3:8c:d1:07:3c:5c:fd:55:4a:9c:
                    aa:16:78:31:68:a6:0b:5a:c2:b2:b0:87:26:41:4c:
                    50:2f:b2:66:b5:a3:1c:81:bd:06:71:c5:e6:7e:a3:
                    04:93:89:c6:2e:86:9d:b4:0a:39:0d:39:e2:94:ff:
                    91:90:a7:e4:07:27:a8:8f:52:85:af:ed:60:6a:53:
                    06:12:da:85:9b:90:25:a3:99:26:9a:65:aa:40:d3:
                    05:0c:e3:83:ce:1a:e5:01:2a:26:2a:7a:d2:84:00:
                    cd:be:d5:4d:5e:e1:c2:b8:1f:25:a3:06:dc:42:bc:
                    a3:94:ca:f6:03:13:35:68:85:d2:d4:e3:55:9f:69:
                    31:79:62:26:4d:2d:ed:4c:56:7c:b6:91:e8:f1:09:
                    8b:19:9d:8a:6d:7f:18:2a:1a:71:6a:bf:67:11:7b:
                    17:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:CC:0F:AE:21:CC:A2:77:29:F3:76:24:F9:08:59:F8:B2:4C:BA:6A
            X509v3 Authority Key Identifier:
                keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/FcwPriHMoncp83Yk-QhZ-LJMumo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.21.232.0/24
                  213.21.236.0/23
                  213.21.240.0/23
                  213.21.243.0/24
                  213.21.245.0/24
                  213.21.251.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:6a:1b:ad:9b:32:85:57:ad:6a:50:b3:dc:08:84:37:c6:83:
         ba:be:59:c5:51:b7:55:89:6f:d8:e3:b8:37:cd:5e:f0:b4:01:
         21:9c:50:ba:87:e6:42:41:93:9e:dd:3e:11:09:78:70:62:5e:
         30:2b:69:5c:54:9a:d0:2c:77:9e:69:53:2d:80:87:6d:b0:2f:
         77:db:2f:25:b0:2f:45:0f:68:65:56:7e:35:2f:d2:2d:5a:70:
         74:d7:dd:49:98:5b:48:e0:b6:eb:4a:13:24:f9:ad:d0:1c:51:
         9b:85:5f:22:a8:94:ef:a2:6f:a5:8c:c4:2c:89:f5:78:f2:c7:
         ff:7c:86:87:9f:f1:ea:86:8f:a5:5f:15:dc:d4:3d:10:d1:82:
         53:dd:5a:05:6b:74:7f:08:b7:41:bd:98:2c:b1:7c:ad:92:11:
         04:46:9b:5a:0a:b5:33:d4:a1:08:23:47:b6:6f:13:22:e0:31:
         5f:95:a6:de:16:52:f3:b3:f5:48:c1:a1:68:c2:e9:5b:d9:8f:
         c7:40:b4:36:65:a9:00:8e:2c:3a:4e:f0:69:42:88:af:e3:31:
         83:78:3d:04:71:ac:fc:25:a5:f8:39:d8:c4:08:08:0b:e5:39:
         6b:cf:df:92:ef:03:8e:b6:31:0f:92:4c:ab:e9:5d:dc:5c:94:
         8c:7b:34:30
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYUvT6JaU7ILdzvPx+omdhn6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjIxMjIwMTEzMzQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWNjMGZhZTIxY2NhMjc3MjlmMzc2MjRmOTA4NTlmOGIyNGNiYTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqa/s+d/JEJJjWY+TCqby7z8d8EgU
tcrfcQsGxrT669C9Bhe1jJ6eRFL9mqq+DNI9kJkP9VRZPMPxZHu/JV5fo+q9DwOO
ISRiSQqUCGqassSP0MGv1eSdsLfMiNhkHuOM0Qc8XP1VSpyqFngxaKYLWsKysIcm
QUxQL7JmtaMcgb0GccXmfqMEk4nGLoadtAo5DTnilP+RkKfkByeoj1KFr+1galMG
EtqFm5Alo5kmmmWqQNMFDOODzhrlASomKnrShADNvtVNXuHCuB8lowbcQryjlMr2
AxM1aIXS1ONVn2kxeWImTS3tTFZ8tpHo8QmLGZ2KbX8YKhpxar9nEXsX6QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBXMD64hzKJ3KfN2JPkIWfiyTLpqMB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvRmN3UHJpSE1vbmNwODNZay1RaFotTEpNdW1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQA1RXoAwQB
1RXsAwQB1RXwAwQA1RXzAwQA1RX1AwQA1RX7MA0GCSqGSIb3DQEBCwUAA4IBAQAK
ahutmzKFV61qULPcCIQ3xoO6vlnFUbdViW/Y47g3zV7wtAEhnFC6h+ZCQZOe3T4R
CXhwYl4wK2lcVJrQLHeeaVMtgIdtsC932y8lsC9FD2hlVn41L9ItWnB0191JmFtI
4LbrShMk+a3QHFGbhV8iqJTvom+ljMQsifV48sf/fIaHn/Hqho+lXxXc1D0Q0YJT
3VoFa3R/CLdBvZgssXytkhEERptaCrUz1KEII0e2bxMi4DFflabeFlLzs/VIwaFo
wulb2Y/HQLQ2ZakAjiw6TvBpQoiv4zGDeD0Ecaz8JaX4OdjECAgL5Tlrz9+S7wOO
tjEPkkyr6V3cXJSMezQw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:38 2024 by rpki-client on console-ams.rpki-client.org