Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/18dhiQjtcmoeYV89-G2F82OcG44.roa
File:                     18dhiQjtcmoeYV89-G2F82OcG44.roa (raw, json)
Hash identifier:          1SKC4X592Am/kEAckMm/VxlmVx2rUteiE5/zAlKDYrk=
Subject key identifier:   D7:C7:61:89:08:ED:72:6A:1E:61:5F:3D:F8:6D:85:F3:63:9C:1B:8E
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       018387EFEB7D98ACD718E7CD7222E6F02631
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/18dhiQjtcmoeYV89-G2F82OcG44.roa
Signing time:             Thu 29 Sep 2022 06:29:51 +0000
ROA not before:           Thu 29 Sep 2022 06:29:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200019
IP address blocks:        84.32.88.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:87:ef:eb:7d:98:ac:d7:18:e7:cd:72:22:e6:f0:26:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Sep 29 06:29:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d7c7618908ed726a1e615f3df86d85f3639c1b8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:b1:cc:ed:a9:eb:57:e2:f9:aa:79:7c:c8:40:
                    e5:49:ac:a2:fb:f4:8b:b5:6a:c5:21:4e:81:f7:36:
                    27:05:30:58:29:db:14:90:ff:d4:6c:ae:6c:f1:b9:
                    b4:8d:fd:08:5c:c1:71:ec:94:82:1c:d4:69:97:bc:
                    e1:21:39:f4:a4:20:ab:dc:ec:1a:b8:f2:91:77:bb:
                    10:f6:f3:76:bb:f6:0a:fd:33:4f:aa:c5:c3:1f:6d:
                    88:12:83:d4:55:d4:e6:b2:3b:ea:6a:c8:d6:30:d7:
                    b2:0e:4a:05:51:51:a3:10:a7:95:27:26:12:80:f5:
                    f3:5b:a0:7d:4d:96:a0:1d:63:c0:df:b9:d2:1a:df:
                    60:eb:c5:ec:4c:a2:bc:50:c7:fa:66:66:6e:f3:9c:
                    1d:05:54:af:79:71:4c:ad:3a:1e:b4:18:cd:b2:60:
                    72:10:91:e7:81:1b:ab:f5:11:1a:bc:a8:fa:c7:e5:
                    30:da:0a:fa:58:f0:0e:e0:2a:0d:59:8d:ca:2c:6e:
                    ff:73:85:14:86:07:4a:7b:b8:f7:fe:53:05:97:3f:
                    4e:33:c2:9d:f0:d9:95:e3:aa:99:da:f3:46:e1:31:
                    3f:07:26:bc:f3:bc:a5:70:cb:e0:39:c4:07:8f:ca:
                    e4:0c:05:a6:30:cb:ec:70:cc:ce:be:d1:c8:0e:86:
                    75:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:C7:61:89:08:ED:72:6A:1E:61:5F:3D:F8:6D:85:F3:63:9C:1B:8E
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/18dhiQjtcmoeYV89-G2F82OcG44.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.88.0/22

    Signature Algorithm: sha256WithRSAEncryption
         02:17:a1:90:b6:98:df:39:85:2c:05:5b:ff:00:ea:c8:76:f4:
         60:df:7a:39:14:10:3b:21:5d:4e:c4:83:fa:a8:c7:5e:9e:71:
         ce:4f:6b:e8:a0:c5:fc:c7:6d:d7:b7:48:5c:b8:a2:6a:60:38:
         81:0b:4f:b9:f7:ab:e8:ad:b6:76:1b:5c:17:00:01:cf:14:06:
         21:da:cf:6f:cf:d4:3a:59:01:d0:8e:0a:17:49:68:ff:f6:6b:
         5c:7b:36:06:56:51:69:b2:02:c1:4c:00:b0:a4:fc:10:65:ec:
         28:65:33:75:76:48:c8:d3:a2:af:21:32:e2:1a:46:0f:c9:6b:
         42:76:a6:f6:3d:9c:f2:32:ce:9d:e7:38:9f:23:34:ae:c3:04:
         ea:53:3f:bf:45:0b:dd:50:b5:32:8b:db:b3:a8:04:a3:40:13:
         b9:8b:e7:a2:fe:8f:95:06:99:94:a4:48:93:a8:ac:f5:a2:23:
         c6:b4:a8:57:31:95:19:22:85:9b:cb:d2:9b:64:aa:3e:18:b3:
         e8:88:58:0a:11:d8:f3:a3:25:71:d2:4e:ba:6a:2e:c4:7a:72:
         10:db:59:d3:4c:98:8c:18:9a:f5:d0:7e:91:5b:cb:d8:a9:6e:
         71:34:41:d3:5c:86:3d:f4:0e:f7:f3:a8:8a:39:4c:c6:ac:60:
         0d:b9:e3:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOH7+t9mKzXGOfNciLm8CYxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIwOTI5MDYyOTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2M3NjE4OTA4ZWQ3MjZhMWU2MTVmM2RmODZkODVmMzYzOWMxYjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrHM7anrV+L5qnl8yEDlSayi+/SL
tWrFIU6B9zYnBTBYKdsUkP/UbK5s8bm0jf0IXMFx7JSCHNRpl7zhITn0pCCr3Owa
uPKRd7sQ9vN2u/YK/TNPqsXDH22IEoPUVdTmsjvqasjWMNeyDkoFUVGjEKeVJyYS
gPXzW6B9TZagHWPA37nSGt9g68XsTKK8UMf6ZmZu85wdBVSveXFMrToetBjNsmBy
EJHngRur9REavKj6x+Uw2gr6WPAO4CoNWY3KLG7/c4UUhgdKe7j3/lMFlz9OM8Kd
8NmV46qZ2vNG4TE/Bya887ylcMvgOcQHj8rkDAWmMMvscMzOvtHIDoZ1VQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNfHYYkI7XJqHmFfPfhthfNjnBuOMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMThkaGlRanRjbW9lWVY4OS1HMkY4Mk9jRzQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVCBYMA0G
CSqGSIb3DQEBCwUAA4IBAQACF6GQtpjfOYUsBVv/AOrIdvRg33o5FBA7IV1OxIP6
qMdennHOT2vooMX8x23Xt0hcuKJqYDiBC0+596vorbZ2G1wXAAHPFAYh2s9vz9Q6
WQHQjgoXSWj/9mtcezYGVlFpsgLBTACwpPwQZewoZTN1dkjI06KvITLiGkYPyWtC
dqb2PZzyMs6d5zifIzSuwwTqUz+/RQvdULUyi9uzqASjQBO5i+ei/o+VBpmUpEiT
qKz1oiPGtKhXMZUZIoWby9KbZKo+GLPoiFgKEdjzoyVx0k66ai7EenIQ21nTTJiM
GJr10H6RW8vYqW5xNEHTXIY99A7386iKOUzGrGANueO3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:23 2024 by rpki-client on console-ams.rpki-client.org