Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8_sUNkk59OYDZUSAdRpCFEhQDTw.roa
File:                     8_sUNkk59OYDZUSAdRpCFEhQDTw.roa (raw, json)
Hash identifier:          /l55dZr6M+Ijyvff9QasDaCmrjxAY671KY+EhQNMlCA=
Subject key identifier:   F3:FB:14:36:49:39:F4:E6:03:65:44:80:75:1A:42:14:48:50:0D:3C
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       0183F3D82580AEB03B53F2708DBC1BF9379C
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8_sUNkk59OYDZUSAdRpCFEhQDTw.roa
Signing time:             Thu 20 Oct 2022 05:22:52 +0000
ROA not before:           Thu 20 Oct 2022 05:22:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211585
IP address blocks:        88.216.180.0/22 maxlen: 24
                          88.216.212.0/22 maxlen: 24
                          88.216.216.0/22 maxlen: 24
                          88.216.220.0/22 maxlen: 24
                          88.216.228.0/22 maxlen: 24
                          88.216.236.0/22 maxlen: 24
                          88.216.240.0/22 maxlen: 24
                          88.216.244.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:f3:d8:25:80:ae:b0:3b:53:f2:70:8d:bc:1b:f9:37:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Oct 20 05:22:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f3fb14364939f4e603654480751a421448500d3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:dd:c0:4a:59:51:63:a8:7f:f2:8f:10:77:27:
                    24:de:0b:1c:b6:a3:b7:0b:e9:c0:8c:e3:80:ab:92:
                    51:d5:0d:e2:85:c9:65:c0:5d:91:66:14:f4:53:e4:
                    2c:8d:89:bf:af:48:68:f6:36:10:8e:b2:35:43:25:
                    f2:bb:77:ab:18:0d:a5:87:15:b7:8e:9c:7d:2e:b5:
                    23:56:8d:b5:45:92:19:ad:41:98:b3:e9:3e:a8:7c:
                    63:72:79:4e:16:26:9a:b1:fc:d6:d6:51:8b:d7:8c:
                    e6:21:56:29:ee:35:2b:7f:df:d8:19:8a:84:94:df:
                    6e:b7:12:a9:77:fa:e7:cd:ca:4c:ba:92:bb:6b:75:
                    8f:88:cd:3f:69:fe:5a:1d:57:c0:66:04:e7:5e:1d:
                    83:78:08:fc:39:1a:86:a6:50:e2:2c:63:9d:9f:68:
                    5a:83:18:3a:1b:49:64:67:56:80:cd:fc:58:c0:bc:
                    28:e5:ab:6c:63:24:5a:c3:91:c8:64:37:70:45:60:
                    94:39:6a:68:79:86:5d:f7:c4:d1:4e:d1:1c:39:2e:
                    7a:bf:af:fb:3a:eb:de:65:fb:2a:65:23:34:39:57:
                    75:c7:8f:d4:18:8a:d8:37:5f:be:fb:1e:93:e3:89:
                    9e:1c:04:28:a7:40:ec:bf:90:3a:09:f4:f4:e4:35:
                    38:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:FB:14:36:49:39:F4:E6:03:65:44:80:75:1A:42:14:48:50:0D:3C
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8_sUNkk59OYDZUSAdRpCFEhQDTw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.216.180.0/22
                  88.216.212.0-88.216.223.255
                  88.216.228.0/22
                  88.216.236.0-88.216.247.255

    Signature Algorithm: sha256WithRSAEncryption
         22:63:f2:d5:c9:4c:65:3f:43:01:bf:be:e2:e3:46:1a:cd:04:
         63:2d:8b:99:a1:16:a9:c2:cf:98:f9:cc:92:96:80:ae:94:39:
         e6:4b:a8:25:b1:73:47:c7:5e:96:21:5f:a7:c3:ba:80:fd:66:
         52:2c:a8:72:30:0e:f0:f1:74:e4:d2:49:ca:ee:fa:9b:89:e7:
         62:95:59:b9:f1:22:9d:39:19:59:3b:ad:66:a2:82:a8:6c:4e:
         c9:5b:80:a4:eb:77:07:96:91:ca:27:65:f2:a6:3c:d7:ae:a3:
         72:82:a6:80:a4:3f:03:28:1d:5c:fe:9e:74:c7:c0:3c:75:35:
         6a:2a:3a:0b:59:04:90:19:42:4b:5d:b9:80:fa:c0:1b:4f:0e:
         b9:b5:e9:29:ae:02:13:6d:75:4b:25:25:7f:b9:52:ef:19:ec:
         35:0e:32:a1:15:76:82:ba:f4:6c:f5:af:98:b3:1e:13:5c:85:
         a4:b8:be:a2:c9:77:55:3c:04:45:29:36:e6:1d:22:84:8e:83:
         9c:4b:a6:1b:ff:54:b2:1d:d2:04:e2:6b:c2:be:25:ac:33:e9:
         37:e9:9a:ee:6b:b4:dc:b7:83:07:86:61:35:4b:17:2e:a1:b0:
         b6:1f:cd:40:6e:05:d7:e9:f1:9c:38:f2:5c:4d:22:eb:a0:67:
         6b:94:db:4b
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYPz2CWArrA7U/Jwjbwb+TecMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMDIwMDUyMjUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2ZiMTQzNjQ5MzlmNGU2MDM2NTQ0ODA3NTFhNDIxNDQ4NTAwZDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgt3ASllRY6h/8o8Qdyck3gsctqO3
C+nAjOOAq5JR1Q3ihcllwF2RZhT0U+QsjYm/r0ho9jYQjrI1QyXyu3erGA2lhxW3
jpx9LrUjVo21RZIZrUGYs+k+qHxjcnlOFiaasfzW1lGL14zmIVYp7jUrf9/YGYqE
lN9utxKpd/rnzcpMupK7a3WPiM0/af5aHVfAZgTnXh2DeAj8ORqGplDiLGOdn2ha
gxg6G0lkZ1aAzfxYwLwo5atsYyRaw5HIZDdwRWCUOWpoeYZd98TRTtEcOS56v6/7
OuveZfsqZSM0OVd1x4/UGIrYN1+++x6T44meHAQop0Dsv5A6CfT05DU4IQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFPP7FDZJOfTmA2VEgHUaQhRIUA08MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvOF9zVU5razU5T1lEWlVTQWRScENGRWhRRFR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQCWNi0MAwD
BAJY2NQDBAVY2MADBAJY2OQwDAMEAljY7AMEA1jY8DANBgkqhkiG9w0BAQsFAAOC
AQEAImPy1clMZT9DAb++4uNGGs0EYy2LmaEWqcLPmPnMkpaArpQ55kuoJbFzR8de
liFfp8O6gP1mUiyocjAO8PF05NJJyu76m4nnYpVZufEinTkZWTutZqKCqGxOyVuA
pOt3B5aRyidl8qY8166jcoKmgKQ/AygdXP6edMfAPHU1aio6C1kEkBlCS125gPrA
G08OubXpKa4CE211SyUlf7lS7xnsNQ4yoRV2grr0bPWvmLMeE1yFpLi+osl3VTwE
RSk25h0ihI6DnEumG/9Ush3SBOJrwr4lrDPpN+ma7mu03LeDB4ZhNUsXLqGwth/N
QG4F1+nxnDjyXE0i66Bna5TbSw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:31 2024 by rpki-client on console-fra.rpki-client.org