Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-4VQs_xzcIgGl69chXi263rDaJA.roa
File:                     1-4VQs_xzcIgGl69chXi263rDaJA.roa (raw, json)
Hash identifier:          PFi6PFAm/q0CEJPdFfZ9zAjXOhCL8D6oKoDHWay6btk=
Subject key identifier:   FB:85:50:B3:FC:73:70:88:06:97:AF:5C:85:78:B6:EB:7A:C3:68:90
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       0183ABBE36ECF0E2D8D916401D79055E91C5
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-4VQs_xzcIgGl69chXi263rDaJA.roa
Signing time:             Thu 06 Oct 2022 05:21:53 +0000
ROA not before:           Thu 06 Oct 2022 05:21:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        84.32.60.0/24 maxlen: 24
                          84.32.63.0/24 maxlen: 24
                          84.32.65.0/24 maxlen: 24
                          84.32.77.0/24 maxlen: 24
                          88.216.188.0/24 maxlen: 24
                          88.216.190.0/24 maxlen: 24
                          88.216.198.0/24 maxlen: 24
                          84.32.86.0/24 maxlen: 24
                          84.32.92.0/24 maxlen: 24
                          84.32.94.0/24 maxlen: 24
                          84.32.7.0/24 maxlen: 24
                          84.32.15.0/24 maxlen: 24
                          84.32.42.0/24 maxlen: 24
                          84.32.49.0/24 maxlen: 24
                          88.216.91.0/24 maxlen: 24
                          88.216.102.0/24 maxlen: 24
                          88.216.2.0/24 maxlen: 24
                          88.216.35.0/24 maxlen: 24
                          88.216.40.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:ab:be:36:ec:f0:e2:d8:d9:16:40:1d:79:05:5e:91:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Oct  6 05:21:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fb8550b3fc7370880697af5c8578b6eb7ac36890
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:b1:fd:31:36:fc:5d:97:45:83:66:89:cb:98:
                    0c:8a:8e:10:71:a2:a3:85:1f:98:49:ce:b1:d2:2a:
                    79:7c:95:94:d1:04:5c:b4:9d:1c:77:e2:c7:c6:31:
                    59:43:c8:98:1a:49:6d:00:4e:63:e6:92:09:74:06:
                    33:71:c3:eb:c8:eb:16:7b:94:af:66:ad:81:ae:9c:
                    0c:9d:c4:40:36:63:f4:6f:c5:2e:a3:f0:27:88:dc:
                    7c:da:18:85:8e:8c:74:6d:28:82:94:b8:a0:71:3b:
                    bb:d8:30:f9:6e:fb:83:48:a0:5c:6c:a4:bb:e7:cb:
                    d4:56:94:8c:d4:05:57:b8:fe:f1:d5:ac:8a:c3:89:
                    f5:39:0b:51:bc:bc:67:e7:2e:70:39:cc:a9:73:b5:
                    66:06:63:28:89:54:75:2a:4b:d1:0e:c2:69:01:e3:
                    73:de:87:34:44:ca:d7:7a:f1:1f:4f:d4:51:fd:f3:
                    07:f3:ce:9c:2b:a2:e0:c0:aa:9f:e8:ab:80:72:11:
                    33:2c:5a:13:6b:19:c9:67:d7:a5:be:66:02:25:3f:
                    56:27:0c:ef:a2:3c:d5:63:0f:dd:a4:ca:2d:11:2a:
                    59:73:63:34:2f:14:4f:cf:5d:62:c3:f3:c5:91:d9:
                    3f:de:8b:4a:ac:07:71:14:18:ee:c9:cc:8d:b3:3e:
                    95:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:85:50:B3:FC:73:70:88:06:97:AF:5C:85:78:B6:EB:7A:C3:68:90
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-4VQs_xzcIgGl69chXi263rDaJA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.7.0/24
                  84.32.15.0/24
                  84.32.42.0/24
                  84.32.49.0/24
                  84.32.60.0/24
                  84.32.63.0/24
                  84.32.65.0/24
                  84.32.77.0/24
                  84.32.86.0/24
                  84.32.92.0/24
                  84.32.94.0/24
                  88.216.2.0/24
                  88.216.35.0/24
                  88.216.40.0/24
                  88.216.91.0/24
                  88.216.102.0/24
                  88.216.188.0/24
                  88.216.190.0/24
                  88.216.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:43:2f:9f:08:cc:ac:d2:88:9d:d1:70:1f:fa:e1:d0:2c:62:
         ba:22:38:2f:0b:af:ac:1a:7d:cf:70:c5:b9:67:fd:d8:43:3e:
         6c:44:4c:51:03:93:fa:04:43:f7:c9:a5:f6:42:cd:9a:5c:cd:
         6d:5b:da:ac:50:d2:5f:fb:df:60:d1:aa:9e:a1:ae:af:d3:01:
         df:55:37:d4:6d:d9:13:83:65:c9:a2:d1:1a:aa:5d:30:e3:cc:
         23:93:d4:23:43:1e:67:0d:1f:8b:34:db:a6:14:54:cf:c0:d3:
         d7:2d:dc:4f:51:d1:77:c4:a7:3e:48:74:6d:28:9c:e5:e2:4b:
         55:5b:d3:f5:ee:b5:82:a4:53:80:93:d5:f5:7c:63:8f:48:3c:
         d3:47:cc:22:eb:cd:f3:e6:fc:64:9d:45:83:7a:fb:9e:6a:dc:
         e1:a7:c5:40:1b:0d:67:bc:49:90:30:fd:da:fa:1a:b7:ca:72:
         41:59:c4:f4:05:2c:ca:4a:96:27:b8:e4:95:98:2b:df:10:ce:
         81:35:d6:a6:41:86:b8:fb:04:59:01:c2:f3:93:c8:30:29:e7:
         cd:be:15:11:cf:9a:6d:c4:e9:a6:b9:4c:26:d3:15:90:43:1c:
         9b:4a:79:5c:88:06:91:75:3b:aa:c9:4a:81:5c:5b:69:dd:70:
         96:3c:d5:36
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgISAYOrvjbs8OLY2RZAHXkFXpHFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMDA2MDUyMTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjg1NTBiM2ZjNzM3MDg4MDY5N2FmNWM4NTc4YjZlYjdhYzM2ODkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobH9MTb8XZdFg2aJy5gMio4QcaKj
hR+YSc6x0ip5fJWU0QRctJ0cd+LHxjFZQ8iYGkltAE5j5pIJdAYzccPryOsWe5Sv
Zq2BrpwMncRANmP0b8Uuo/AniNx82hiFjox0bSiClLigcTu72DD5bvuDSKBcbKS7
58vUVpSM1AVXuP7x1ayKw4n1OQtRvLxn5y5wOcypc7VmBmMoiVR1KkvRDsJpAeNz
3oc0RMrXevEfT9RR/fMH886cK6LgwKqf6KuAchEzLFoTaxnJZ9elvmYCJT9WJwzv
ojzVYw/dpMotESpZc2M0LxRPz11iw/PFkdk/3otKrAdxFBjuycyNsz6VnwIDAQAB
o4ICdzCCAnMwHQYDVR0OBBYEFPuFULP8c3CIBpevXIV4tut6w2iQMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMS00VlFzX3h6Y0lnR2w2OWNoWGkyNjNyRGFKQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFj
My8xL1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBiwYIKwYBBQUHAQcBAf8EfDB6MHgEAgABMHIDBABUIAcD
BABUIA8DBABUICoDBABUIDEDBABUIDwDBABUID8DBABUIEEDBABUIE0DBABUIFYD
BABUIFwDBABUIF4DBABY2AIDBABY2CMDBABY2CgDBABY2FsDBABY2GYDBABY2LwD
BABY2L4DBABY2MYwDQYJKoZIhvcNAQELBQADggEBAB5DL58IzKzSiJ3RcB/64dAs
YroiOC8Lr6wafc9wxbln/dhDPmxETFEDk/oEQ/fJpfZCzZpczW1b2qxQ0l/732DR
qp6hrq/TAd9VN9Rt2RODZcmi0RqqXTDjzCOT1CNDHmcNH4s026YUVM/A09ct3E9R
0XfEpz5IdG0onOXiS1Vb0/XutYKkU4CT1fV8Y49IPNNHzCLrzfPm/GSdRYN6+55q
3OGnxUAbDWe8SZAw/dr6GrfKckFZxPQFLMpKlie45JWYK98QzoE11qZBhrj7BFkB
wvOTyDAp582+FRHPmm3E6aa5TCbTFZBDHJtKeVyIBpF1O6rJSoFcW2ndcJY81TY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:23 2024 by rpki-client on console-ams.rpki-client.org