Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8-WqMGcL4fKmF2FV6Btj6gm-V5E.roa
File:                     8-WqMGcL4fKmF2FV6Btj6gm-V5E.roa (raw, json)
Hash identifier:          WJ/c3V0xtVfehIpz4VwGrqmjfHWv4gawESZRNhITncw=
Subject key identifier:   F3:E5:AA:30:67:0B:E1:F2:A6:17:61:55:E8:1B:63:EA:09:BE:57:91
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       01851FC0008D92B2EA7433D0671C55A1B9DE
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8-WqMGcL4fKmF2FV6Btj6gm-V5E.roa
Signing time:             Sat 17 Dec 2022 11:02:34 +0000
ROA not before:           Sat 17 Dec 2022 11:02:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49581
IP address blocks:        84.32.174.0/24 maxlen: 24
                          84.32.173.0/24 maxlen: 24
                          88.216.181.0/24 maxlen: 24
                          84.32.223.0/24 maxlen: 24
                          84.32.251.0/24 maxlen: 24
                          84.32.249.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:1f:c0:00:8d:92:b2:ea:74:33:d0:67:1c:55:a1:b9:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Dec 17 11:02:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f3e5aa30670be1f2a6176155e81b63ea09be5791
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:cf:4b:89:b9:8b:bf:69:19:0b:e2:f0:0b:44:
                    ba:38:34:4a:a1:73:ab:2c:82:3a:b0:e6:fa:54:e9:
                    7b:26:89:ae:9e:68:58:1b:e5:70:e7:bf:f7:f1:20:
                    32:41:1e:ca:d8:b0:24:1e:8b:cf:fc:96:9e:1a:a4:
                    02:99:73:e1:9e:b3:57:82:7a:9a:f6:6f:21:ed:b4:
                    f6:45:22:f9:a5:df:2b:49:29:a1:77:09:14:71:56:
                    9f:b6:17:67:e9:ff:18:64:d2:97:4a:4d:9c:d5:3a:
                    1f:b4:8c:fa:c1:17:39:9f:41:21:cd:9d:6c:dc:06:
                    91:bc:aa:11:55:59:a3:32:76:93:b0:4d:a3:b8:ae:
                    c6:30:f3:f0:8d:50:25:f4:11:07:be:61:ac:ce:06:
                    cd:ce:43:70:28:8a:8e:c0:01:64:c4:38:0f:13:c9:
                    f1:94:b9:fd:17:d9:75:3d:7f:81:4c:f5:10:ab:b7:
                    b1:55:42:41:1e:d6:61:33:a9:94:1b:ee:42:7f:a1:
                    ff:09:39:8f:3b:c4:05:91:61:52:8b:3e:17:6c:bb:
                    87:97:ae:83:22:e5:6e:c7:fb:52:12:3d:59:88:0c:
                    7c:42:6d:99:ab:97:69:78:12:ad:6d:db:87:31:3a:
                    a7:b0:ff:5c:8d:9b:b1:85:d4:83:d5:47:6c:b3:ef:
                    9b:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:E5:AA:30:67:0B:E1:F2:A6:17:61:55:E8:1B:63:EA:09:BE:57:91
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8-WqMGcL4fKmF2FV6Btj6gm-V5E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.173.0-84.32.174.255
                  84.32.223.0/24
                  84.32.249.0/24
                  84.32.251.0/24
                  88.216.181.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:81:c4:5e:4f:d8:e0:84:a2:00:26:16:ba:d1:73:52:86:9e:
         e4:2f:e9:35:3d:a4:70:ca:a5:96:94:6f:0e:bd:63:6b:8c:2b:
         c6:a6:73:0d:02:42:73:11:92:e1:83:d8:a5:8a:ec:67:d6:54:
         b1:15:d1:49:6a:4b:05:ec:19:ae:1d:0e:43:33:97:9d:4d:32:
         31:cc:c0:c8:9d:ba:00:44:b1:ae:5d:a9:f0:0a:02:68:0b:a8:
         f0:1d:72:d0:3d:4a:56:91:c2:dd:cb:f2:fd:59:6c:b3:15:c9:
         49:4c:9b:cb:2d:60:37:0f:5d:6b:ff:9c:a8:55:c6:c4:de:4c:
         0b:15:14:23:83:52:6d:fe:bd:ad:57:27:ac:1e:82:9a:23:17:
         da:f7:3c:ca:e9:58:94:9f:92:2c:72:75:9b:3f:e2:0d:36:e6:
         e8:fb:3c:bd:0c:92:7c:9c:db:5e:0f:bc:b6:44:20:6c:22:a4:
         6b:8b:51:cb:dc:20:67:e0:38:7e:30:a8:bc:ca:c1:c2:3d:51:
         a8:d2:cc:28:a0:ec:70:c4:7c:bc:bd:34:13:a1:b6:a0:77:01:
         b9:ed:99:26:b4:1d:d7:6f:92:71:fc:74:f3:c1:b1:0e:d3:af:
         68:c3:cb:72:fd:77:7d:4f:15:48:12:46:37:48:db:99:4c:67:
         de:37:4f:07
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYUfwACNkrLqdDPQZxxVobneMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjE3MTEwMjM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2U1YWEzMDY3MGJlMWYyYTYxNzYxNTVlODFiNjNlYTA5YmU1NzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoM9LibmLv2kZC+LwC0S6ODRKoXOr
LII6sOb6VOl7JomunmhYG+Vw57/38SAyQR7K2LAkHovP/JaeGqQCmXPhnrNXgnqa
9m8h7bT2RSL5pd8rSSmhdwkUcVafthdn6f8YZNKXSk2c1ToftIz6wRc5n0EhzZ1s
3AaRvKoRVVmjMnaTsE2juK7GMPPwjVAl9BEHvmGszgbNzkNwKIqOwAFkxDgPE8nx
lLn9F9l1PX+BTPUQq7exVUJBHtZhM6mUG+5Cf6H/CTmPO8QFkWFSiz4XbLuHl66D
IuVux/tSEj1ZiAx8Qm2Zq5dpeBKtbduHMTqnsP9cjZuxhdSD1Udss++bJQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFPPlqjBnC+HyphdhVegbY+oJvleRMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvOC1XcU1HY0w0ZkttRjJGVjZCdGo2Z20tVjVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBABUIK0D
BABUIK4DBABUIN8DBABUIPkDBABUIPsDBABY2LUwDQYJKoZIhvcNAQELBQADggEB
AESBxF5P2OCEogAmFrrRc1KGnuQv6TU9pHDKpZaUbw69Y2uMK8amcw0CQnMRkuGD
2KWK7GfWVLEV0UlqSwXsGa4dDkMzl51NMjHMwMidugBEsa5dqfAKAmgLqPAdctA9
SlaRwt3L8v1ZbLMVyUlMm8stYDcPXWv/nKhVxsTeTAsVFCODUm3+va1XJ6wegpoj
F9r3PMrpWJSfkixydZs/4g025uj7PL0Mknyc214PvLZEIGwipGuLUcvcIGfgOH4w
qLzKwcI9UajSzCig7HDEfLy9NBOhtqB3AbntmSa0HddvknH8dPPBsQ7Tr2jDy3L9
d31PFUgSRjdI25lMZ943Twc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:24 2024 by rpki-client on console-ams.rpki-client.org