Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/BlR_t9wsaqQKRktYt50tuSxh0FQ.roa
File:                     BlR_t9wsaqQKRktYt50tuSxh0FQ.roa (raw, json)
Hash identifier:          MdJ3P2BUm0/glFc0tstI4WC0eyUwv5mGBaLg2kZPOD0=
Subject key identifier:   06:54:7F:B7:DC:2C:6A:A4:0A:46:4B:58:B7:9D:2D:B9:2C:61:D0:54
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       0184F61DE029BF8D8C2C165B32CC5CCA7BE7
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/BlR_t9wsaqQKRktYt50tuSxh0FQ.roa
Signing time:             Fri 09 Dec 2022 09:01:03 +0000
ROA not before:           Fri 09 Dec 2022 09:01:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        88.216.188.0/24 maxlen: 24
                          88.216.190.0/24 maxlen: 24
                          88.216.191.0/24 maxlen: 24
                          88.216.198.0/24 maxlen: 24
                          88.216.209.0/24 maxlen: 24
                          84.32.225.0/24 maxlen: 24
                          84.32.227.0/24 maxlen: 24
                          84.32.255.0/24 maxlen: 24
                          84.32.59.0/24 maxlen: 24
                          84.32.60.0/24 maxlen: 24
                          84.32.65.0/24 maxlen: 24
                          84.32.66.0/24 maxlen: 24
                          84.32.68.0/24 maxlen: 24
                          84.32.86.0/24 maxlen: 24
                          84.32.90.0/24 maxlen: 24
                          84.32.92.0/24 maxlen: 24
                          84.32.94.0/24 maxlen: 24
                          84.32.28.0/24 maxlen: 24
                          84.32.30.0/24 maxlen: 24
                          84.32.44.0/24 maxlen: 24
                          84.32.46.0/24 maxlen: 24
                          84.32.47.0/24 maxlen: 24
                          88.216.95.0/24 maxlen: 24
                          88.216.102.0/24 maxlen: 24
                          88.216.103.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:f6:1d:e0:29:bf:8d:8c:2c:16:5b:32:cc:5c:ca:7b:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Dec  9 09:01:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=06547fb7dc2c6aa40a464b58b79d2db92c61d054
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:67:c7:c8:80:23:99:98:c6:ae:30:10:3d:31:
                    81:a4:22:06:9e:1c:04:7d:d6:cb:c2:19:23:26:cf:
                    ac:85:7f:39:98:9e:c1:40:ff:9f:2c:1c:32:82:41:
                    27:14:5b:09:ab:ed:92:b0:4e:36:ec:17:34:f6:e4:
                    b4:91:32:23:50:27:d2:d3:f5:97:26:71:34:4c:fa:
                    cc:20:6a:b5:1b:bd:13:90:a9:21:a6:e0:d2:b7:83:
                    e4:9f:b5:8e:04:92:b3:d7:7f:c1:86:c6:16:7e:ce:
                    81:78:50:c3:cb:b6:85:20:32:9d:2c:d7:fb:0f:b2:
                    98:b2:c7:55:03:67:d0:88:89:1c:08:69:19:55:7d:
                    97:78:15:d3:2d:7e:5a:ea:c1:24:e9:6c:ea:01:a7:
                    e9:6a:94:65:63:7e:41:3d:6b:50:8a:85:a1:ec:26:
                    f1:ee:62:32:a7:9f:58:fa:f5:11:7b:8d:2e:af:5b:
                    e2:47:c4:b0:4c:1a:00:7d:12:70:05:9d:40:ec:38:
                    09:d0:d2:e2:55:41:ce:31:bf:4f:a3:73:02:d8:2f:
                    29:b9:e3:22:2b:b8:36:2d:62:a5:b5:84:5e:c7:7f:
                    fb:8e:2b:7e:b8:0e:45:b4:36:ff:f0:2a:15:2a:c6:
                    d2:08:cb:15:2c:c4:46:f4:9e:65:33:53:79:50:3c:
                    a5:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:54:7F:B7:DC:2C:6A:A4:0A:46:4B:58:B7:9D:2D:B9:2C:61:D0:54
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/BlR_t9wsaqQKRktYt50tuSxh0FQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.28.0/24
                  84.32.30.0/24
                  84.32.44.0/24
                  84.32.46.0/23
                  84.32.59.0-84.32.60.255
                  84.32.65.0-84.32.66.255
                  84.32.68.0/24
                  84.32.86.0/24
                  84.32.90.0/24
                  84.32.92.0/24
                  84.32.94.0/24
                  84.32.225.0/24
                  84.32.227.0/24
                  84.32.255.0/24
                  88.216.95.0/24
                  88.216.102.0/23
                  88.216.188.0/24
                  88.216.190.0/23
                  88.216.198.0/24
                  88.216.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:33:75:56:73:c6:2e:5d:89:26:79:66:06:10:82:3e:2e:03:
         10:1f:aa:00:66:ba:a3:78:ca:1e:62:4b:42:cc:9c:59:f5:9a:
         45:98:14:18:75:ca:48:ff:96:ce:e3:a0:20:51:58:b5:c2:36:
         72:a2:d0:34:9f:5b:38:17:41:4f:c3:bc:20:61:b3:39:4a:c4:
         2f:56:86:f4:1a:39:d4:0e:77:ff:26:45:ff:7a:da:6c:46:d4:
         10:2a:d5:ac:ea:f6:c0:7a:56:2d:9a:f4:1f:2a:9c:ce:d1:b9:
         2c:ef:15:e7:9b:46:fa:86:22:b9:c4:4a:b7:9d:9f:ae:73:5e:
         23:dd:5e:ba:c3:13:fd:a0:3c:6e:88:a1:e9:01:b3:56:8e:aa:
         12:bd:97:11:ee:df:9a:b3:e3:6b:65:ca:d3:99:0b:97:85:11:
         e2:69:26:55:ab:58:a0:51:31:5f:47:6a:c4:68:b9:0d:fe:92:
         72:02:43:ca:6f:73:fa:ff:4b:e7:1b:1c:3f:e0:0d:42:5e:5e:
         4d:02:93:6c:83:91:10:ac:20:7f:0a:ea:10:a1:35:c4:9d:21:
         b7:aa:94:cf:f6:cf:c0:f0:4e:03:08:6f:ae:4d:a1:3d:2d:d2:
         b7:aa:49:65:aa:8b:fa:18:44:72:5b:dd:fd:97:32:c0:fb:82:
         3e:d0:26:b4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYT2HeApv42MLBZbMsxcynvnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjA5MDkwMTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjU0N2ZiN2RjMmM2YWE0MGE0NjRiNThiNzlkMmRiOTJjNjFkMDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2fHyIAjmZjGrjAQPTGBpCIGnhwE
fdbLwhkjJs+shX85mJ7BQP+fLBwygkEnFFsJq+2SsE427Bc09uS0kTIjUCfS0/WX
JnE0TPrMIGq1G70TkKkhpuDSt4Pkn7WOBJKz13/BhsYWfs6BeFDDy7aFIDKdLNf7
D7KYssdVA2fQiIkcCGkZVX2XeBXTLX5a6sEk6WzqAafpapRlY35BPWtQioWh7Cbx
7mIyp59Y+vURe40ur1viR8SwTBoAfRJwBZ1A7DgJ0NLiVUHOMb9Po3MC2C8pueMi
K7g2LWKltYRex3/7jit+uA5FtDb/8CoVKsbSCMsVLMRG9J5lM1N5UDylfwIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFAZUf7fcLGqkCkZLWLedLbksYdBUMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvQmxSX3Q5d3NhcVFLUmt0WXQ1MHR1U3hoMEZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBABU
IBwDBABUIB4DBABUICwDBAFUIC4wDAMEAFQgOwMEAFQgPDAMAwQAVCBBAwQAVCBC
AwQAVCBEAwQAVCBWAwQAVCBaAwQAVCBcAwQAVCBeAwQAVCDhAwQAVCDjAwQAVCD/
AwQAWNhfAwQBWNhmAwQAWNi8AwQBWNi+AwQAWNjGAwQAWNjRMA0GCSqGSIb3DQEB
CwUAA4IBAQAdM3VWc8YuXYkmeWYGEII+LgMQH6oAZrqjeMoeYktCzJxZ9ZpFmBQY
dcpI/5bO46AgUVi1wjZyotA0n1s4F0FPw7wgYbM5SsQvVob0GjnUDnf/JkX/etps
RtQQKtWs6vbAelYtmvQfKpzO0bks7xXnm0b6hiK5xEq3nZ+uc14j3V66wxP9oDxu
iKHpAbNWjqoSvZcR7t+as+NrZcrTmQuXhRHiaSZVq1igUTFfR2rEaLkN/pJyAkPK
b3P6/0vnGxw/4A1CXl5NApNsg5EQrCB/CuoQoTXEnSG3qpTP9s/A8E4DCG+uTaE9
LdK3qkllqov6GERyW939lzLA+4I+0Ca0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:31 2024 by rpki-client on console-fra.rpki-client.org