Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/8c1323-afcc-4b44-9881-06308a44856d/1/FPOIsl4J2O7DAhQ-4daywegOUTM.roa
File:                     FPOIsl4J2O7DAhQ-4daywegOUTM.roa (raw, json)
Hash identifier:          EjQk/JDfGAzF04O6rBUl3i7zy4+rHrrCkjSOdfVUuLw=
Subject key identifier:   14:F3:88:B2:5E:09:D8:EE:C3:02:14:3E:E1:D6:B2:C1:E8:0E:51:33
Certificate issuer:       /CN=2cb035707202d4013a4479be5112d7fa227b7275
Certificate serial:       05591126
Authority key identifier: 2C:B0:35:70:72:02:D4:01:3A:44:79:BE:51:12:D7:FA:22:7B:72:75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LLA1cHIC1AE6RHm-URLX-iJ7cnU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/8c1323-afcc-4b44-9881-06308a44856d/1/FPOIsl4J2O7DAhQ-4daywegOUTM.roa
Signing time:             Sat 01 Jan 2022 02:53:39 +0000
ROA not before:           Sat 01 Jan 2022 02:53:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209566
IP address blocks:        194.62.129.0/24 maxlen: 24
                          2a0d:8c40:209::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 89723174 (0x5591126)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2cb035707202d4013a4479be5112d7fa227b7275
        Validity
            Not Before: Jan  1 02:53:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=14f388b25e09d8eec302143ee1d6b2c1e80e5133
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:28:26:64:18:a6:15:6f:26:ff:40:ef:f7:18:
                    06:99:77:cb:ee:00:c6:4f:21:3b:94:99:bb:b4:c5:
                    f0:40:18:71:d1:41:b9:47:f5:3e:7d:d5:6b:72:50:
                    c5:38:af:5d:26:9b:ec:10:ca:ad:7c:c4:9b:25:02:
                    36:44:b3:bc:93:ae:f9:1e:4c:03:5f:c4:5e:11:de:
                    cc:92:73:10:1b:53:52:f3:e6:8a:fa:bc:23:45:2c:
                    20:91:56:b8:4b:ec:08:0c:51:9f:b6:24:e7:1f:c8:
                    d4:2a:aa:e5:1f:ba:0e:2c:1b:05:22:ff:e5:8b:d8:
                    fb:98:59:16:e0:cd:ed:dd:4f:0c:77:a2:61:66:58:
                    e8:db:aa:64:17:b5:a9:f4:35:ba:17:e7:7f:6f:d5:
                    08:e7:49:11:bd:18:23:61:ab:ca:8c:99:19:40:e4:
                    0f:bc:10:4c:db:84:8a:9f:5b:89:5e:d5:39:31:f7:
                    76:30:c2:b3:22:d6:de:f4:56:17:86:3d:f5:93:38:
                    20:d1:28:a0:32:2b:95:b9:70:2c:ff:3e:a2:b7:6a:
                    2a:40:2f:09:30:44:33:fe:b0:46:07:37:e5:bb:55:
                    c5:b4:42:73:e0:98:b1:9c:8e:b3:6b:ef:30:43:94:
                    89:3b:23:7f:3e:45:c9:ec:7b:f0:53:4b:e6:cd:ea:
                    63:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:F3:88:B2:5E:09:D8:EE:C3:02:14:3E:E1:D6:B2:C1:E8:0E:51:33
            X509v3 Authority Key Identifier:
                keyid:2C:B0:35:70:72:02:D4:01:3A:44:79:BE:51:12:D7:FA:22:7B:72:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LLA1cHIC1AE6RHm-URLX-iJ7cnU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/8c1323-afcc-4b44-9881-06308a44856d/1/FPOIsl4J2O7DAhQ-4daywegOUTM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/8c1323-afcc-4b44-9881-06308a44856d/1/LLA1cHIC1AE6RHm-URLX-iJ7cnU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.62.129.0/24
                IPv6:
                  2a0d:8c40:209::/48

    Signature Algorithm: sha256WithRSAEncryption
         71:b4:aa:9c:46:41:9a:89:13:f0:05:2d:86:25:f5:c8:7e:19:
         be:2a:1a:f5:49:23:ff:00:8c:6f:71:f1:3a:1d:57:07:5e:ea:
         df:aa:f7:70:7a:7d:e8:ec:63:a5:11:a9:57:f8:5f:95:e9:b6:
         99:fd:66:ca:e6:b3:02:cc:1f:84:4b:15:1a:fa:e2:8b:8a:40:
         11:44:a4:06:d8:72:0a:64:68:52:fc:56:6e:71:f8:87:67:11:
         71:37:ae:a3:97:91:c5:61:0a:cc:f9:78:4a:79:ae:89:5c:ac:
         0e:d2:7f:b4:d8:d3:73:3d:2e:36:89:4e:8e:ba:dc:44:d7:b4:
         ce:52:68:cc:08:5d:88:b5:13:e6:c1:3f:13:90:4a:a9:a8:2f:
         0a:68:eb:37:98:6b:88:50:10:80:cd:48:be:d3:82:7a:16:d6:
         ed:e1:d8:9b:e1:75:67:c1:c6:2c:fb:74:df:59:35:a4:f9:6c:
         29:5c:27:13:92:76:24:42:ed:5e:1e:53:17:7c:d2:64:18:97:
         55:aa:f2:1d:4c:5a:f5:c3:4d:dc:34:19:fd:6c:9a:bf:73:db:
         3a:c7:76:f0:9c:1b:8d:f0:e0:84:38:ef:b2:67:1f:3a:e7:cc:
         28:d2:4d:39:71:d5:54:d0:27:e2:d1:2c:1d:07:60:f9:bc:3a:
         80:40:4a:42
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEBVkRJjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
Y2IwMzU3MDcyMDJkNDAxM2E0NDc5YmU1MTEyZDdmYTIyN2I3Mjc1MB4XDTIyMDEw
MTAyNTMzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTRmMzg4YjI1ZTA5
ZDhlZWMzMDIxNDNlZTFkNmIyYzFlODBlNTEzMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOwoJmQYphVvJv9A7/cYBpl3y+4Axk8hO5SZu7TF8EAYcdFB
uUf1Pn3Va3JQxTivXSab7BDKrXzEmyUCNkSzvJOu+R5MA1/EXhHezJJzEBtTUvPm
ivq8I0UsIJFWuEvsCAxRn7Yk5x/I1Cqq5R+6DiwbBSL/5YvY+5hZFuDN7d1PDHei
YWZY6NuqZBe1qfQ1uhfnf2/VCOdJEb0YI2GryoyZGUDkD7wQTNuEip9biV7VOTH3
djDCsyLW3vRWF4Y99ZM4INEooDIrlblwLP8+ordqKkAvCTBEM/6wRgc35btVxbRC
c+CYsZyOs2vvMEOUiTsjfz5Fyex78FNL5s3qY0UCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQU84iyXgnY7sMCFD7h1rLB6A5RMzAfBgNVHSMEGDAWgBQssDVwcgLUATpE
eb5REtf6IntydTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xMQTFjSElDMUFFNlJIbS1VUkxYLWlKN2NuVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjEvOGMxMzIzLWFmY2MtNGI0NC05ODgxLTA2MzA4YTQ0ODU2ZC8x
L0ZQT0lzbDRKMk83REFoUS00ZGF5d2VnT1VUTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEv
OGMxMzIzLWFmY2MtNGI0NC05ODgxLTA2MzA4YTQ0ODU2ZC8xL0xMQTFjSElDMUFF
NlJIbS1VUkxYLWlKN2NuVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAMI+gTAPBAIAAjAJAwcAKg2MQAIJ
MA0GCSqGSIb3DQEBCwUAA4IBAQBxtKqcRkGaiRPwBS2GJfXIfhm+Khr1SSP/AIxv
cfE6HVcHXurfqvdwen3o7GOlEalX+F+V6baZ/WbK5rMCzB+ESxUa+uKLikARRKQG
2HIKZGhS/FZucfiHZxFxN66jl5HFYQrM+XhKea6JXKwO0n+02NNzPS42iU6OutxE
17TOUmjMCF2ItRPmwT8TkEqpqC8KaOs3mGuIUBCAzUi+04J6Ftbt4dib4XVnwcYs
+3TfWTWk+WwpXCcTknYkQu1eHlMXfNJkGJdVqvIdTFr1w03cNBn9bJq/c9s6x3bw
nBuN8OCEOO+yZx8658wo0k05cdVU0Cfi0SwdB2D5vDqAQEpC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:07 2024 by rpki-client on console-ams.rpki-client.org