Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/7b308c-70cd-4f24-b610-7aba569658d5/1/FDlI3fmN8LYX_v3gvdY3DPNCBkA.roa
File:                     FDlI3fmN8LYX_v3gvdY3DPNCBkA.roa (raw, json)
Hash identifier:          pIrjS4gts/EOiphbdxuTiRH2zBq9hWoKB+3jr+RiZ0A=
Subject key identifier:   14:39:48:DD:F9:8D:F0:B6:17:FE:FD:E0:BD:D6:37:0C:F3:42:06:40
Certificate issuer:       /CN=a01012ec845500718cab76c9dd0af010890de26d
Certificate serial:       010B9926
Authority key identifier: A0:10:12:EC:84:55:00:71:8C:AB:76:C9:DD:0A:F0:10:89:0D:E2:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oBAS7IRVAHGMq3bJ3QrwEIkN4m0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/7b308c-70cd-4f24-b610-7aba569658d5/1/FDlI3fmN8LYX_v3gvdY3DPNCBkA.roa
Signing time:             Sat 01 Jan 2022 07:54:07 +0000
ROA not before:           Sat 01 Jan 2022 07:54:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48286
IP address blocks:        185.241.56.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17537318 (0x10b9926)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a01012ec845500718cab76c9dd0af010890de26d
        Validity
            Not Before: Jan  1 07:54:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=143948ddf98df0b617fefde0bdd6370cf3420640
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:21:f9:dc:52:49:9a:d8:45:50:05:be:9e:23:
                    4a:d6:dd:39:7a:53:52:f7:16:55:e6:4c:c9:0e:ae:
                    59:e6:ec:7a:7e:08:0f:15:36:b9:22:40:30:d2:59:
                    a0:80:8b:30:13:08:0e:2c:a4:04:49:04:91:62:a4:
                    5f:7e:0f:46:b6:28:5a:6f:db:55:6a:c1:ec:90:a2:
                    f1:c1:8d:20:d4:d1:a5:be:31:17:d3:d0:46:7e:95:
                    a1:9e:64:83:61:61:f1:d7:62:10:08:0f:03:07:73:
                    3d:d7:12:68:fc:3b:5a:ea:ce:fb:3d:3b:d0:47:b3:
                    f2:48:13:1e:08:0c:db:6e:e5:30:8a:94:57:8c:01:
                    8b:f3:d4:b0:ce:b9:1f:3c:38:c7:23:ab:99:15:da:
                    d2:8f:f7:ef:0c:00:20:f9:ca:af:60:64:8b:f2:c2:
                    fa:1f:e1:01:92:f1:78:20:fc:10:c8:0a:08:c5:96:
                    89:81:af:14:e6:a2:74:b7:c1:7a:6c:18:59:28:1f:
                    d2:97:4e:2f:2b:36:53:e2:60:4c:b4:5e:39:b9:5c:
                    cd:91:53:f5:56:49:4c:59:d0:1d:c3:a7:8e:cb:af:
                    9d:06:d3:e9:e3:0d:2a:ca:5e:78:03:7e:13:1f:02:
                    74:ea:b2:bd:52:30:f9:06:26:70:e7:f2:66:42:03:
                    9b:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:39:48:DD:F9:8D:F0:B6:17:FE:FD:E0:BD:D6:37:0C:F3:42:06:40
            X509v3 Authority Key Identifier:
                keyid:A0:10:12:EC:84:55:00:71:8C:AB:76:C9:DD:0A:F0:10:89:0D:E2:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oBAS7IRVAHGMq3bJ3QrwEIkN4m0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/7b308c-70cd-4f24-b610-7aba569658d5/1/FDlI3fmN8LYX_v3gvdY3DPNCBkA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/7b308c-70cd-4f24-b610-7aba569658d5/1/oBAS7IRVAHGMq3bJ3QrwEIkN4m0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.241.56.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:c7:55:5d:1b:46:3f:53:65:47:42:53:f2:cb:33:0e:ae:b9:
         96:c5:6b:eb:1d:78:ad:cd:b8:64:38:07:9b:10:da:ad:78:84:
         74:f9:d0:4f:6c:50:1e:d4:80:42:4a:6a:77:25:e2:a3:6b:96:
         65:74:d9:27:bb:8a:02:07:96:06:66:fc:36:39:6c:fd:78:52:
         2f:7d:ed:61:de:61:91:2f:d1:69:96:03:96:a9:44:6f:33:ea:
         97:49:a5:07:3a:ae:0b:04:2e:3f:c6:e9:10:47:ac:32:8e:32:
         bd:6a:d4:ef:e5:1d:94:db:7e:ab:86:bc:ec:41:48:34:66:7a:
         49:95:f5:af:56:59:93:6d:07:9b:ad:97:de:3d:e3:15:a6:61:
         bb:01:85:6e:1c:c6:18:be:e2:de:44:bb:6b:0d:05:7d:4f:f7:
         c7:90:02:72:1d:84:d3:41:7e:9f:8a:25:e6:2f:d4:01:25:e9:
         7b:ca:31:03:88:3d:0f:8b:2c:8c:a0:29:1a:9a:fe:79:ea:39:
         39:48:81:26:37:3c:fd:21:de:74:ab:3c:c1:4b:f1:71:f5:eb:
         7e:4f:d7:fe:48:9d:41:cb:37:fa:02:c7:15:2b:fc:ee:41:65:
         81:a1:bf:af:af:64:85:f1:41:08:90:b0:f2:a2:91:8d:b8:62:
         8c:26:28:1f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAQuZJjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MDEwMTJlYzg0NTUwMDcxOGNhYjc2YzlkZDBhZjAxMDg5MGRlMjZkMB4XDTIyMDEw
MTA3NTQwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTQzOTQ4ZGRmOThk
ZjBiNjE3ZmVmZGUwYmRkNjM3MGNmMzQyMDY0MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKAh+dxSSZrYRVAFvp4jStbdOXpTUvcWVeZMyQ6uWebsen4I
DxU2uSJAMNJZoICLMBMIDiykBEkEkWKkX34PRrYoWm/bVWrB7JCi8cGNINTRpb4x
F9PQRn6VoZ5kg2Fh8ddiEAgPAwdzPdcSaPw7WurO+z070Eez8kgTHggM227lMIqU
V4wBi/PUsM65Hzw4xyOrmRXa0o/37wwAIPnKr2Bki/LC+h/hAZLxeCD8EMgKCMWW
iYGvFOaidLfBemwYWSgf0pdOLys2U+JgTLReOblczZFT9VZJTFnQHcOnjsuvnQbT
6eMNKspeeAN+Ex8CdOqyvVIw+QYmcOfyZkIDm8MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQUOUjd+Y3wthf+/eC91jcM80IGQDAfBgNVHSMEGDAWgBSgEBLshFUAcYyr
dsndCvAQiQ3ibTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29CQVM3SVJWQUhHTXEzYkozUXJ3RUlrTjRtMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGUvN2IzMDhjLTcwY2QtNGYyNC1iNjEwLTdhYmE1Njk2NThkNS8x
L0ZEbEkzZm1OOExZWF92M2d2ZFkzRFBOQ0JrQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGUv
N2IzMDhjLTcwY2QtNGYyNC1iNjEwLTdhYmE1Njk2NThkNS8xL29CQVM3SVJWQUhH
TXEzYkozUXJ3RUlrTjRtMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnxODANBgkqhkiG9w0BAQsFAAOC
AQEACsdVXRtGP1NlR0JT8sszDq65lsVr6x14rc24ZDgHmxDarXiEdPnQT2xQHtSA
QkpqdyXio2uWZXTZJ7uKAgeWBmb8Njls/XhSL33tYd5hkS/RaZYDlqlEbzPql0ml
BzquCwQuP8bpEEesMo4yvWrU7+UdlNt+q4a87EFINGZ6SZX1r1ZZk20Hm62X3j3j
FaZhuwGFbhzGGL7i3kS7aw0FfU/3x5ACch2E00F+n4ol5i/UASXpe8oxA4g9D4ss
jKApGpr+eeo5OUiBJjc8/SHedKs8wUvxcfXrfk/X/kidQcs3+gLHFSv87kFlgaG/
r69khfFBCJCw8qKRjbhijCYoHw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:06 2024 by rpki-client on console-ams.rpki-client.org