Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/B3d_xDEM7Atqzfz2MNolbwkBkjc.roa
File:                     B3d_xDEM7Atqzfz2MNolbwkBkjc.roa (raw, json)
Hash identifier:          /tW/POdSWQlFxysTv4K6dvSUH5NJ6o3Q3XrjqM7le34=
Subject key identifier:   07:77:7F:C4:31:0C:EC:0B:6A:CD:FC:F6:30:DA:25:6F:09:01:92:37
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       018480474172493AF307485D5C7A39D78BDD
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/B3d_xDEM7Atqzfz2MNolbwkBkjc.roa
Signing time:             Wed 16 Nov 2022 11:51:04 +0000
ROA not before:           Wed 16 Nov 2022 11:51:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20473
IP address blocks:        84.32.7.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:80:47:41:72:49:3a:f3:07:48:5d:5c:7a:39:d7:8b:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Nov 16 11:51:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=07777fc4310cec0b6acdfcf630da256f09019237
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:28:40:cc:f0:9a:7d:8f:d8:be:9e:17:7f:80:
                    c4:2f:2d:83:f0:d8:f2:2e:7f:29:ef:ec:f4:52:ca:
                    c9:be:e5:47:b1:67:15:83:6b:39:e2:3a:d7:52:12:
                    53:60:fb:db:c9:2b:af:02:e5:36:d1:40:da:6a:f2:
                    04:39:ec:61:76:9a:41:c4:dd:6e:2b:49:b1:f5:f1:
                    70:72:d9:80:e3:44:f0:e3:66:cd:9a:fa:7e:1d:ee:
                    45:de:55:a4:23:94:69:db:ee:87:5d:54:7b:02:1d:
                    46:de:59:e9:7c:53:38:4c:6a:e4:28:96:dd:32:c8:
                    ac:36:a5:fa:61:c4:00:fb:2d:29:53:ba:d2:45:b0:
                    f1:be:c5:09:14:9f:3a:10:71:07:ff:ce:10:3f:2c:
                    89:d3:2a:38:eb:f2:0e:0a:14:de:b1:3d:14:1c:1f:
                    b1:c4:90:fc:ab:1c:fc:ed:f6:f6:a5:1c:0f:05:53:
                    49:c2:fe:cf:ca:73:fa:ac:bf:7b:40:61:1a:d2:43:
                    56:16:e7:dc:9c:eb:30:1f:0e:c1:f1:94:21:2b:1e:
                    e6:33:b2:e6:52:20:d3:8d:ce:7e:7b:73:84:4b:e3:
                    f0:f9:50:fa:c7:73:88:c2:f7:b7:46:f6:11:38:64:
                    4b:de:95:16:81:d4:5f:58:d9:cb:ea:47:74:b4:8f:
                    6a:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:77:7F:C4:31:0C:EC:0B:6A:CD:FC:F6:30:DA:25:6F:09:01:92:37
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/B3d_xDEM7Atqzfz2MNolbwkBkjc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         91:9f:ad:19:be:11:d3:af:93:cd:5f:91:62:33:76:48:c8:96:
         95:3c:07:d2:ba:f4:86:92:99:a6:f8:af:ae:fa:4a:9f:03:38:
         d6:62:dd:7b:87:4e:71:5b:91:bf:3a:4b:84:23:25:19:70:46:
         24:b0:bd:3f:e3:d4:05:92:f8:81:97:08:3f:a5:6d:ca:c2:18:
         71:64:c2:78:67:06:db:76:ad:a9:13:32:9e:2e:64:55:4d:a2:
         06:f4:db:ca:3e:26:67:c7:10:00:f5:34:d7:cf:ec:ea:4a:74:
         ee:ef:1c:5a:30:37:44:cf:f2:71:1e:66:2f:8d:c6:0b:ec:3c:
         74:2d:69:0e:a1:b2:74:7b:e0:c5:2a:99:be:95:3e:e2:49:d7:
         48:23:60:98:2b:c0:dd:6a:df:7c:91:75:4f:db:d0:73:88:48:
         8b:1c:3e:ed:e4:4b:0a:7b:93:e1:5b:f1:15:6e:66:33:be:d5:
         95:62:17:be:fc:22:29:9a:d1:c6:d3:6e:96:52:11:60:05:37:
         2e:5b:0c:0b:5d:75:5e:92:4f:d3:37:37:c4:15:3b:bc:8f:4d:
         cd:19:8d:75:52:9f:09:b1:d9:f4:43:e8:cf:18:dc:85:4b:b8:
         fb:8f:68:03:c0:31:ad:d6:dd:1b:f9:bd:95:e9:6f:8b:b3:a4:
         58:e5:23:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSAR0FySTrzB0hdXHo514vdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTE2MTE1MTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzc3N2ZjNDMxMGNlYzBiNmFjZGZjZjYzMGRhMjU2ZjA5MDE5MjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlihAzPCafY/Yvp4Xf4DELy2D8Njy
Ln8p7+z0UsrJvuVHsWcVg2s54jrXUhJTYPvbySuvAuU20UDaavIEOexhdppBxN1u
K0mx9fFwctmA40Tw42bNmvp+He5F3lWkI5Rp2+6HXVR7Ah1G3lnpfFM4TGrkKJbd
MsisNqX6YcQA+y0pU7rSRbDxvsUJFJ86EHEH/84QPyyJ0yo46/IOChTesT0UHB+x
xJD8qxz87fb2pRwPBVNJwv7PynP6rL97QGEa0kNWFufcnOswHw7B8ZQhKx7mM7Lm
UiDTjc5+e3OES+Pw+VD6x3OIwve3RvYROGRL3pUWgdRfWNnL6kd0tI9qmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAd3f8QxDOwLas389jDaJW8JAZI3MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvQjNkX3hERU03QXRxemZ6Mk1Ob2xid2tCa2pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVCAHMA0G
CSqGSIb3DQEBCwUAA4IBAQCRn60ZvhHTr5PNX5FiM3ZIyJaVPAfSuvSGkpmm+K+u
+kqfAzjWYt17h05xW5G/OkuEIyUZcEYksL0/49QFkviBlwg/pW3KwhhxZMJ4Zwbb
dq2pEzKeLmRVTaIG9NvKPiZnxxAA9TTXz+zqSnTu7xxaMDdEz/JxHmYvjcYL7Dx0
LWkOobJ0e+DFKpm+lT7iSddII2CYK8Ddat98kXVP29BziEiLHD7t5EsKe5PhW/EV
bmYzvtWVYhe+/CIpmtHG026WUhFgBTcuWwwLXXVekk/TNzfEFTu8j03NGY11Up8J
sdn0Q+jPGNyFS7j7j2gDwDGt1t0b+b2V6W+Ls6RY5SPP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:31 2024 by rpki-client on console-fra.rpki-client.org