Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-3MkKdX2rhGXgU7l8xnWgyc-feo.roa
File:                     1-3MkKdX2rhGXgU7l8xnWgyc-feo.roa (raw, json)
Hash identifier:          PO6k0a3zLJikNLLC/p/Nq8JExegt+AY6EPam5iKpvik=
Subject key identifier:   FB:73:24:29:D5:F6:AE:11:97:81:4E:E5:F3:19:D6:83:27:3E:7D:EA
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       0184A5AB471420099C4A5831B8825ADC97EF
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-3MkKdX2rhGXgU7l8xnWgyc-feo.roa
Signing time:             Wed 23 Nov 2022 18:06:16 +0000
ROA not before:           Wed 23 Nov 2022 18:06:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        88.216.188.0/24 maxlen: 24
                          88.216.190.0/24 maxlen: 24
                          88.216.191.0/24 maxlen: 24
                          88.216.198.0/24 maxlen: 24
                          88.216.209.0/24 maxlen: 24
                          84.32.225.0/24 maxlen: 24
                          84.32.227.0/24 maxlen: 24
                          84.32.255.0/24 maxlen: 24
                          84.32.60.0/24 maxlen: 24
                          84.32.63.0/24 maxlen: 24
                          84.32.65.0/24 maxlen: 24
                          84.32.66.0/24 maxlen: 24
                          84.32.68.0/24 maxlen: 24
                          84.32.86.0/24 maxlen: 24
                          84.32.90.0/24 maxlen: 24
                          84.32.92.0/24 maxlen: 24
                          84.32.94.0/24 maxlen: 24
                          84.32.15.0/24 maxlen: 24
                          84.32.42.0/24 maxlen: 24
                          84.32.44.0/24 maxlen: 24
                          84.32.46.0/24 maxlen: 24
                          84.32.47.0/24 maxlen: 24
                          84.32.49.0/24 maxlen: 24
                          88.216.91.0/24 maxlen: 24
                          88.216.102.0/24 maxlen: 24
                          88.216.103.0/24 maxlen: 24
                          88.216.40.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:a5:ab:47:14:20:09:9c:4a:58:31:b8:82:5a:dc:97:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Nov 23 18:06:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fb732429d5f6ae1197814ee5f319d683273e7dea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:4c:28:87:4f:3a:89:a1:ff:f6:ab:b3:74:2d:
                    5f:75:0b:5a:e3:7d:03:0c:b9:bf:c4:33:8d:08:72:
                    c8:5b:8c:0f:1b:eb:7c:55:dc:87:9a:9e:e5:fd:76:
                    7d:56:70:7d:00:be:a4:dc:51:08:f0:d5:b2:0f:de:
                    01:fd:1a:b4:c4:24:9c:f8:e4:c5:1c:42:55:04:28:
                    ce:ba:0b:1b:11:2d:06:bd:18:3b:3f:13:45:5f:b1:
                    dc:c3:f8:77:42:43:31:2b:ce:12:89:a4:f8:e8:22:
                    77:4a:08:73:95:05:ce:96:eb:86:c8:5d:f3:b6:ed:
                    0f:16:29:40:c0:26:26:2a:00:d0:2c:f4:2b:18:f8:
                    31:51:03:1a:db:16:12:2c:d3:bc:89:7e:0b:21:5d:
                    8b:bf:0a:d1:3e:29:1c:f8:69:b1:5f:da:b3:36:ed:
                    42:5a:17:cc:8c:68:7e:77:46:02:0a:ae:46:92:30:
                    ae:37:ae:96:ee:23:35:46:57:15:52:98:c4:c0:1f:
                    80:bf:4f:77:75:0b:c7:e5:23:08:26:8f:52:e6:06:
                    87:c7:5c:6c:e7:8d:1f:0b:a8:64:12:95:76:ff:00:
                    bf:20:f9:39:d5:51:11:93:26:76:ad:61:b1:18:79:
                    94:0d:96:e4:dd:e9:5b:f9:d6:6d:02:d8:44:36:43:
                    ef:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:73:24:29:D5:F6:AE:11:97:81:4E:E5:F3:19:D6:83:27:3E:7D:EA
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-3MkKdX2rhGXgU7l8xnWgyc-feo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.15.0/24
                  84.32.42.0/24
                  84.32.44.0/24
                  84.32.46.0/23
                  84.32.49.0/24
                  84.32.60.0/24
                  84.32.63.0/24
                  84.32.65.0-84.32.66.255
                  84.32.68.0/24
                  84.32.86.0/24
                  84.32.90.0/24
                  84.32.92.0/24
                  84.32.94.0/24
                  84.32.225.0/24
                  84.32.227.0/24
                  84.32.255.0/24
                  88.216.40.0/24
                  88.216.91.0/24
                  88.216.102.0/23
                  88.216.188.0/24
                  88.216.190.0/23
                  88.216.198.0/24
                  88.216.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:42:fa:e4:dc:39:80:c7:bd:5d:24:7d:7e:db:39:af:85:b9:
         cc:72:4d:eb:bd:89:dc:5b:32:53:d2:7f:1f:ee:d2:68:06:41:
         15:1f:52:88:34:2c:a6:3c:3d:8b:1a:53:a4:ee:fd:96:80:14:
         f7:41:0e:09:a8:0f:5f:3d:02:19:52:dd:fc:1f:4b:cc:48:08:
         8d:14:5a:48:d7:5d:5d:5a:9e:82:ef:ba:2d:01:7e:14:71:c1:
         bf:38:eb:4c:f4:62:41:1c:5f:8c:4c:24:b2:41:4c:f2:78:72:
         41:3b:c0:98:81:f7:60:31:c7:1a:b1:be:f8:d5:32:0c:9b:9e:
         de:fb:bd:98:10:56:19:cd:fa:b7:57:95:97:e9:b1:5d:92:0d:
         c3:83:b4:18:36:96:21:1f:04:3e:7b:cd:2a:57:8d:f9:7d:6c:
         39:8d:8c:95:a7:6e:7d:0d:e7:ae:7a:04:5d:f3:19:04:e6:53:
         cf:7f:a5:16:a4:b2:d6:d1:60:41:b9:a8:ec:a7:b2:5a:42:2e:
         33:fb:25:80:50:d0:91:f3:32:9d:a6:aa:79:b1:09:72:30:79:
         99:3a:7e:20:ed:44:7b:d0:97:36:f8:68:66:88:42:53:50:70:
         90:41:c3:ae:7f:44:f9:d2:9e:7f:f0:85:2d:82:c7:06:2d:46:
         60:4a:69:1d
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAYSlq0cUIAmcSlgxuIJa3JfvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTIzMTgwNjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjczMjQyOWQ1ZjZhZTExOTc4MTRlZTVmMzE5ZDY4MzI3M2U3ZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEwoh086iaH/9quzdC1fdQta430D
DLm/xDONCHLIW4wPG+t8VdyHmp7l/XZ9VnB9AL6k3FEI8NWyD94B/Rq0xCSc+OTF
HEJVBCjOugsbES0GvRg7PxNFX7Hcw/h3QkMxK84SiaT46CJ3SghzlQXOluuGyF3z
tu0PFilAwCYmKgDQLPQrGPgxUQMa2xYSLNO8iX4LIV2LvwrRPikc+GmxX9qzNu1C
WhfMjGh+d0YCCq5GkjCuN66W7iM1RlcVUpjEwB+Av093dQvH5SMIJo9S5gaHx1xs
540fC6hkEpV2/wC/IPk51VERkyZ2rWGxGHmUDZbk3elb+dZtAthENkPvHQIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFPtzJCnV9q4Rl4FO5fMZ1oMnPn3qMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMS0zTWtLZFgycmhHWGdVN2w4eG5XZ3ljLWZlby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFj
My8xL1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBrwYIKwYBBQUHAQcBAf8EgZ8wgZwwgZkEAgABMIGSAwQA
VCAPAwQAVCAqAwQAVCAsAwQBVCAuAwQAVCAxAwQAVCA8AwQAVCA/MAwDBABUIEED
BABUIEIDBABUIEQDBABUIFYDBABUIFoDBABUIFwDBABUIF4DBABUIOEDBABUIOMD
BABUIP8DBABY2CgDBABY2FsDBAFY2GYDBABY2LwDBAFY2L4DBABY2MYDBABY2NEw
DQYJKoZIhvcNAQELBQADggEBAAdC+uTcOYDHvV0kfX7bOa+FucxyTeu9idxbMlPS
fx/u0mgGQRUfUog0LKY8PYsaU6Tu/ZaAFPdBDgmoD189AhlS3fwfS8xICI0UWkjX
XV1anoLvui0BfhRxwb8460z0YkEcX4xMJLJBTPJ4ckE7wJiB92AxxxqxvvjVMgyb
nt77vZgQVhnN+rdXlZfpsV2SDcODtBg2liEfBD57zSpXjfl9bDmNjJWnbn0N5656
BF3zGQTmU89/pRakstbRYEG5qOynslpCLjP7JYBQ0JHzMp2mqnmxCXIweZk6fiDt
RHvQlzb4aGaIQlNQcJBBw65/RPnSnn/whS2CxwYtRmBKaR0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:23 2024 by rpki-client on console-ams.rpki-client.org