Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/FUj1fUs_0S-epzWF7YY0RenDPuU.roa
File:                     FUj1fUs_0S-epzWF7YY0RenDPuU.roa (raw, json)
Hash identifier:          ZmuA6PF7JLHdDUOE/6OSSMxz4wHX3zEBvoy9z2nANZ8=
Subject key identifier:   15:48:F5:7D:4B:3F:D1:2F:9E:A7:35:85:ED:86:34:45:E9:C3:3E:E5
Certificate issuer:       /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial:       0182119014D7E94EF436859490501669AE2F
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/FUj1fUs_0S-epzWF7YY0RenDPuU.roa
Signing time:             Mon 18 Jul 2022 13:47:11 +0000
ROA not before:           Mon 18 Jul 2022 13:47:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203020
IP address blocks:        45.144.88.0/22 maxlen: 24
                          87.239.254.0/24 maxlen: 32
                          45.149.28.0/22 maxlen: 24
                          89.44.205.0/24 maxlen: 32
                          91.228.216.0/24 maxlen: 24
                          185.36.254.0/24 maxlen: 32
                          185.217.64.0/22 maxlen: 22
                          185.166.84.0/24 maxlen: 32
                          86.105.183.0/24 maxlen: 32
                          185.188.61.0/24 maxlen: 24
                          185.188.62.0/24 maxlen: 24
                          185.188.63.0/24 maxlen: 24
                          94.46.206.0/24 maxlen: 32
                          89.40.24.0/24 maxlen: 32
                          185.152.248.0/22 maxlen: 32
                          5.154.174.0/24 maxlen: 24
                          80.246.30.0/24 maxlen: 32
                          185.153.151.0/24 maxlen: 32
                          188.119.154.0/24 maxlen: 32
                          185.160.44.0/22 maxlen: 32
                          185.96.162.0/24 maxlen: 32
                          77.246.152.0/22 maxlen: 22
                          45.95.24.0/22 maxlen: 32
                          185.152.36.0/22 maxlen: 32
                          195.47.194.0/24 maxlen: 32
                          89.35.249.0/24 maxlen: 32
                          185.108.104.0/24 maxlen: 32
                          185.108.105.0/24 maxlen: 32
                          2a06:4a00::/29 maxlen: 32
                          2a05:28c0::/29 maxlen: 32
                          2a06:5700::/29 maxlen: 32
                          2a01:4740::/32 maxlen: 32
                          2a06:46c0::/29 maxlen: 32
                          2a06:5000::/29 maxlen: 32
                          2a05:f4c0::/29 maxlen: 29
                          2a06:3040::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:11:90:14:d7:e9:4e:f4:36:85:94:90:50:16:69:ae:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
        Validity
            Not Before: Jul 18 13:47:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1548f57d4b3fd12f9ea73585ed863445e9c33ee5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:88:58:72:60:99:18:c5:31:18:80:df:8c:fd:
                    88:7f:9e:ca:b7:61:a8:3f:47:64:98:1d:ae:5d:64:
                    d8:20:31:8f:f0:c2:05:3a:56:0c:01:d3:73:ba:88:
                    e8:06:08:ca:20:6d:88:8b:cf:57:bb:dc:5b:71:a9:
                    07:97:2d:79:94:4a:f1:cb:ed:72:2b:f6:a4:bf:cf:
                    db:13:2f:e6:27:fe:eb:4c:3c:a2:bf:2d:d1:d9:85:
                    0b:eb:95:8d:6b:9e:30:40:03:00:89:bd:1a:b7:7c:
                    65:c5:cb:86:f1:f7:47:b1:d9:f4:9c:4d:85:55:ae:
                    4f:9b:95:41:25:69:4c:38:be:e3:0e:08:b3:70:fb:
                    4f:0b:42:eb:1e:dd:ba:f5:80:62:98:05:27:b0:84:
                    35:15:e2:5c:49:ef:37:e5:4a:24:f2:12:46:2c:a6:
                    10:c8:45:5e:2e:7f:23:cf:f2:53:6d:c7:38:12:c1:
                    5d:cf:16:b6:0b:f8:c5:38:6c:b1:c8:a9:97:e1:8e:
                    86:35:fb:91:cf:a1:5c:0d:dc:fa:74:42:7a:f0:6f:
                    82:c1:88:2a:b1:c5:bd:d1:30:39:ff:71:16:7f:c6:
                    20:9a:1b:c8:6d:9d:dd:40:dd:1c:2f:34:04:dd:f5:
                    74:0c:36:db:e1:c9:2c:b4:55:e3:61:5a:22:ac:fc:
                    b9:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:48:F5:7D:4B:3F:D1:2F:9E:A7:35:85:ED:86:34:45:E9:C3:3E:E5
            X509v3 Authority Key Identifier:
                keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/FUj1fUs_0S-epzWF7YY0RenDPuU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.154.174.0/24
                  45.95.24.0/22
                  45.144.88.0/22
                  45.149.28.0/22
                  77.246.152.0/22
                  80.246.30.0/24
                  86.105.183.0/24
                  87.239.254.0/24
                  89.35.249.0/24
                  89.40.24.0/24
                  89.44.205.0/24
                  91.228.216.0/24
                  94.46.206.0/24
                  185.36.254.0/24
                  185.96.162.0/24
                  185.108.104.0/23
                  185.152.36.0/22
                  185.152.248.0/22
                  185.153.151.0/24
                  185.160.44.0/22
                  185.166.84.0/24
                  185.188.61.0-185.188.63.255
                  185.217.64.0/22
                  188.119.154.0/24
                  195.47.194.0/24
                IPv6:
                  2a01:4740::/32
                  2a05:28c0::/29
                  2a05:f4c0::/29
                  2a06:3040::/29
                  2a06:46c0::/29
                  2a06:4a00::/29
                  2a06:5000::/29
                  2a06:5700::/29

    Signature Algorithm: sha256WithRSAEncryption
         76:f4:32:a0:76:48:2f:c2:b8:ca:f9:ba:f3:f5:92:26:00:ec:
         7e:a7:2c:61:a8:73:62:a0:19:25:de:37:08:3b:6c:8d:b9:39:
         88:24:96:f5:0b:2f:0a:15:37:b0:df:1f:30:ca:78:c9:cc:f8:
         09:6e:2c:54:68:21:74:cc:1d:be:74:67:1a:04:00:8f:6e:60:
         fc:2e:fc:a0:8b:a0:4b:64:1c:a3:cc:f5:a4:28:b3:74:62:36:
         54:ae:ea:de:2c:01:28:36:e7:ce:cc:e3:9e:2f:88:3e:3f:fa:
         09:7c:01:76:27:80:7c:1f:a7:e5:cc:47:a3:02:6f:3e:92:1c:
         34:fd:63:c9:f5:84:ee:ef:d6:e3:ba:46:03:02:1e:7d:47:cc:
         ed:ae:9c:86:2c:7f:32:a9:ca:89:bd:5f:08:6c:9f:ae:4d:fd:
         0e:d8:5d:8f:f9:68:3a:89:60:5a:a9:53:f9:d3:2c:54:da:23:
         5a:fb:d9:df:31:6b:36:c5:18:7b:23:b6:3d:19:4c:17:96:5a:
         e0:1b:e7:e2:97:46:33:e2:6f:5b:9d:61:e9:36:58:95:88:88:
         fd:52:6a:35:0b:b1:a5:cb:b5:21:a6:27:d7:7d:47:7c:8f:05:
         e2:82:92:dd:57:a3:f9:92:2a:38:91:2b:8f:28:93:78:72:c6:
         68:b4:a2:6b
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgISAYIRkBTX6U70NoWUkFAWaa4vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjIwNzE4MTM0NzExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTQ4ZjU3ZDRiM2ZkMTJmOWVhNzM1ODVlZDg2MzQ0NWU5YzMzZWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIhYcmCZGMUxGIDfjP2If57Kt2Go
P0dkmB2uXWTYIDGP8MIFOlYMAdNzuojoBgjKIG2Ii89Xu9xbcakHly15lErxy+1y
K/akv8/bEy/mJ/7rTDyivy3R2YUL65WNa54wQAMAib0at3xlxcuG8fdHsdn0nE2F
Va5Pm5VBJWlMOL7jDgizcPtPC0LrHt269YBimAUnsIQ1FeJcSe835Uok8hJGLKYQ
yEVeLn8jz/JTbcc4EsFdzxa2C/jFOGyxyKmX4Y6GNfuRz6FcDdz6dEJ68G+CwYgq
scW90TA5/3EWf8YgmhvIbZ3dQN0cLzQE3fV0DDbb4ckstFXjYVoirPy5JQIDAQAB
o4IC5jCCAuIwHQYDVR0OBBYEFBVI9X1LP9Evnqc1he2GNEXpwz7lMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvRlVqMWZVc18wUy1lcHpXRjdZWTBSZW5EUHVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH7BggrBgEFBQcBBwEB/wSB6zCB6DCBpQQCAAEwgZ4DBAAF
mq4DBAItXxgDBAItkFgDBAItlRwDBAJN9pgDBABQ9h4DBABWabcDBABX7/4DBABZ
I/kDBABZKBgDBABZLM0DBABb5NgDBABeLs4DBAC5JP4DBAC5YKIDBAG5bGgDBAK5
mCQDBAK5mPgDBAC5mZcDBAK5oCwDBAC5plQwDAMEALm8PQMEBrm8AAMEArnZQAME
ALx3mgMEAMMvwjA+BAIAAjA4AwUAKgFHQAMFAyoFKMADBQMqBfTAAwUDKgYwQAMF
AyoGRsADBQMqBkoAAwUDKgZQAAMFAyoGVwAwDQYJKoZIhvcNAQELBQADggEBAHb0
MqB2SC/CuMr5uvP1kiYA7H6nLGGoc2KgGSXeNwg7bI25OYgklvULLwoVN7DfHzDK
eMnM+AluLFRoIXTMHb50ZxoEAI9uYPwu/KCLoEtkHKPM9aQos3RiNlSu6t4sASg2
587M454viD4/+gl8AXYngHwfp+XMR6MCbz6SHDT9Y8n1hO7v1uO6RgMCHn1HzO2u
nIYsfzKpyom9Xwhsn65N/Q7YXY/5aDqJYFqpU/nTLFTaI1r72d8xazbFGHsjtj0Z
TBeWWuAb5+KXRjPib1udYek2WJWIiP1SajULsaXLtSGmJ9d9R3yPBeKCkt1Xo/mS
KjiRK48ok3hyxmi0oms=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:46 2024 by rpki-client on console-fra.rpki-client.org