Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/FMV72o4Ln0vkMdxgCODON5bFWAk.roa
File:                     FMV72o4Ln0vkMdxgCODON5bFWAk.roa (raw, json)
Hash identifier:          FIEvzFT8YEphTXSlA3MspdgCHkIRivDdtlQj4kd5y3Q=
Subject key identifier:   14:C5:7B:DA:8E:0B:9F:4B:E4:31:DC:60:08:E0:CE:37:96:C5:58:09
Certificate issuer:       /CN=0321ea39508e0e17a651fe92ac29ea38832d0bff
Certificate serial:       0689734E
Authority key identifier: 03:21:EA:39:50:8E:0E:17:A6:51:FE:92:AC:29:EA:38:83:2D:0B:FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AyHqOVCODhemUf6SrCnqOIMtC_8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/FMV72o4Ln0vkMdxgCODON5bFWAk.roa
Signing time:             Fri 01 Jul 2022 05:53:02 +0000
ROA not before:           Fri 01 Jul 2022 05:53:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     31027
IP address blocks:        91.198.144.0/24 maxlen: 24
                          78.31.32.0/21 maxlen: 21
                          85.202.64.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 109671246 (0x689734e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0321ea39508e0e17a651fe92ac29ea38832d0bff
        Validity
            Not Before: Jul  1 05:53:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=14c57bda8e0b9f4be431dc6008e0ce3796c55809
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:48:d7:0c:04:52:ad:b6:a0:1c:06:d0:92:8f:
                    9f:9e:03:20:1a:b5:24:14:60:b0:ee:30:6a:83:55:
                    e3:da:3a:e1:5f:b7:e4:09:9d:34:80:d2:b9:b8:eb:
                    0f:4a:4a:d2:f4:0a:46:cb:d0:96:0a:ab:34:06:ba:
                    f3:a2:59:01:62:c7:f5:1d:ee:ff:e5:c4:dd:fd:35:
                    af:a6:d7:3b:af:d4:7a:91:38:34:1e:d2:81:83:3b:
                    2d:35:01:f0:4b:58:bc:2f:a5:4b:f7:a6:48:33:1a:
                    a4:8d:55:e0:79:c7:1b:c1:f5:1d:a1:8f:6a:6d:79:
                    0d:99:76:ea:2e:af:96:8d:c9:01:3e:4e:bd:7e:5a:
                    76:b4:ea:d5:0f:5a:44:ba:5f:d4:29:3f:bf:25:e8:
                    d2:e8:0f:0c:93:b2:57:ed:6a:32:97:3a:ee:11:87:
                    4c:14:35:da:2e:e3:31:0a:38:66:0e:08:7b:d5:88:
                    b8:b3:c6:80:47:dd:f4:e0:e7:8a:59:7e:3e:3e:80:
                    7e:92:7a:2d:26:e5:4e:88:9b:2b:a8:3b:97:51:14:
                    da:36:5c:3f:88:d5:12:94:22:87:50:6d:18:85:6b:
                    50:0a:5e:f8:79:f3:31:14:51:b5:b5:f1:d9:b2:61:
                    07:fe:8e:3c:ce:a2:e3:8a:0f:1b:00:0b:20:c3:6d:
                    9b:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:C5:7B:DA:8E:0B:9F:4B:E4:31:DC:60:08:E0:CE:37:96:C5:58:09
            X509v3 Authority Key Identifier:
                keyid:03:21:EA:39:50:8E:0E:17:A6:51:FE:92:AC:29:EA:38:83:2D:0B:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AyHqOVCODhemUf6SrCnqOIMtC_8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/FMV72o4Ln0vkMdxgCODON5bFWAk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/AyHqOVCODhemUf6SrCnqOIMtC_8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.31.32.0/21
                  85.202.64.0/20
                  91.198.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:0f:12:3e:19:ae:33:d2:87:c4:58:a7:8e:7b:cc:c3:d4:d3:
         6c:89:41:84:f5:f1:fe:bf:51:1c:65:4d:a4:af:ee:e9:2c:c8:
         41:a2:69:aa:22:4b:dd:5b:5f:ce:be:61:b6:71:de:d2:3a:21:
         cd:89:db:53:cf:62:20:95:35:fa:9d:bd:58:7e:f2:5d:e4:27:
         90:17:b5:ac:70:ed:39:9a:2d:04:c5:83:7a:ff:ad:13:54:07:
         d0:03:2b:41:fc:43:1d:0d:4a:2a:83:41:99:d4:af:c8:13:5a:
         2b:81:81:f7:45:38:d1:57:d8:22:6d:1e:66:20:0c:de:76:3b:
         a2:2b:66:5a:7d:5b:56:42:32:a0:60:df:31:71:79:b0:80:1a:
         bc:2f:64:3a:8f:33:4d:d7:5a:ac:e6:0f:fe:dc:1f:43:56:db:
         dd:de:35:4f:27:30:4a:8f:e3:62:7e:5e:8d:f7:7c:67:29:eb:
         5d:17:47:49:1f:a4:88:a1:9d:90:96:cb:4d:31:02:44:12:ec:
         3d:b6:23:9f:e1:e3:c4:92:51:12:f7:d6:59:23:dd:34:43:b2:
         42:60:46:e5:0c:49:f4:9e:9c:8d:a4:fe:8f:31:64:59:34:86:
         b0:c1:55:15:a0:ea:97:5b:47:5e:1a:ee:b4:79:e3:a3:86:c0:
         f8:43:7a:ce
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBolzTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MzIxZWEzOTUwOGUwZTE3YTY1MWZlOTJhYzI5ZWEzODgzMmQwYmZmMB4XDTIyMDcw
MTA1NTMwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTRjNTdiZGE4ZTBi
OWY0YmU0MzFkYzYwMDhlMGNlMzc5NmM1NTgwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJhI1wwEUq22oBwG0JKPn54DIBq1JBRgsO4waoNV49o64V+3
5AmdNIDSubjrD0pK0vQKRsvQlgqrNAa686JZAWLH9R3u/+XE3f01r6bXO6/UepE4
NB7SgYM7LTUB8EtYvC+lS/emSDMapI1V4HnHG8H1HaGPam15DZl26i6vlo3JAT5O
vX5adrTq1Q9aRLpf1Ck/vyXo0ugPDJOyV+1qMpc67hGHTBQ12i7jMQo4Zg4Ie9WI
uLPGgEfd9ODnill+Pj6AfpJ6LSblToibK6g7l1EU2jZcP4jVEpQih1BtGIVrUApe
+HnzMRRRtbXx2bJhB/6OPM6i44oPGwALIMNtm7kCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQUxXvajgufS+Qx3GAI4M43lsVYCTAfBgNVHSMEGDAWgBQDIeo5UI4OF6ZR
/pKsKeo4gy0L/zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0F5SHFPVkNPRGhlbVVmNlNyQ25xT0lNdENfOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGMvYzQ4MTdlLTgyODEtNDJmNy05ZjRkLThjZjgwNTUxMTAwMi8x
L0ZNVjcybzRMbjB2a01keGdDT0RPTjViRldBay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMv
YzQ4MTdlLTgyODEtNDJmNy05ZjRkLThjZjgwNTUxMTAwMi8xL0F5SHFPVkNPRGhl
bVVmNlNyQ25xT0lNdENfOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEA04fIAMEBFXKQAMEAFvGkDANBgkq
hkiG9w0BAQsFAAOCAQEACg8SPhmuM9KHxFinjnvMw9TTbIlBhPXx/r9RHGVNpK/u
6SzIQaJpqiJL3Vtfzr5htnHe0johzYnbU89iIJU1+p29WH7yXeQnkBe1rHDtOZot
BMWDev+tE1QH0AMrQfxDHQ1KKoNBmdSvyBNaK4GB90U40VfYIm0eZiAM3nY7oitm
Wn1bVkIyoGDfMXF5sIAavC9kOo8zTddarOYP/twfQ1bb3d41TycwSo/jYn5ejfd8
ZynrXRdHSR+kiKGdkJbLTTECRBLsPbYjn+HjxJJREvfWWSPdNEOyQmBG5QxJ9J6c
jaT+jzFkWTSGsMFVFaDql1tHXhrutHnjo4bA+EN6zg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:21 2024 by rpki-client on console-fra.rpki-client.org