Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Deda7tbRDw6ROWxf_TSGHiTFqKc.roa
File:                     Deda7tbRDw6ROWxf_TSGHiTFqKc.roa (raw, json)
Hash identifier:          NgHerjCy4JwaKXzpqR25nsZ8xkWNK1gjpaqHzvlMsI8=
Subject key identifier:   0D:E7:5A:EE:D6:D1:0F:0E:91:39:6C:5F:FD:34:86:1E:24:C5:A8:A7
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       928663
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Deda7tbRDw6ROWxf_TSGHiTFqKc.roa
Signing time:             Wed 06 Apr 2022 06:18:40 +0000
ROA not before:           Wed 06 Apr 2022 06:18:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49999
IP address blocks:        84.32.92.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9602659 (0x928663)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Apr  6 06:18:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0de75aeed6d10f0e91396c5ffd34861e24c5a8a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:80:c8:84:4a:7c:0c:0b:78:68:d5:ca:10:4e:
                    a9:e5:81:09:be:03:3f:ce:70:ab:97:e9:67:ae:20:
                    5d:73:6b:88:6b:31:48:24:f1:36:d5:79:e7:f0:2f:
                    df:81:5f:ea:b0:b9:7a:5b:16:a4:1d:8e:8f:5b:58:
                    cc:f2:8a:ce:c3:b7:44:19:75:bf:7b:49:e8:7a:c5:
                    a0:84:a8:b9:32:34:ec:f4:c0:de:58:3f:5a:04:7e:
                    2b:b3:4b:ac:d6:f0:0d:62:7f:2e:c0:aa:75:87:a9:
                    a6:18:a8:da:8a:b0:a5:95:df:40:7f:a0:67:07:05:
                    6b:2a:a7:b0:71:1f:55:91:af:ee:ea:88:31:f4:a9:
                    a1:cd:20:55:2f:03:0e:19:79:7b:6e:44:e8:28:90:
                    44:3b:fe:a5:37:f3:3e:98:88:7b:10:5d:15:44:72:
                    17:aa:81:ad:b3:51:8c:9a:14:14:f7:01:68:dd:ad:
                    b0:6b:2f:95:a6:7c:f4:b0:5d:c2:2f:b1:6c:e3:61:
                    ea:20:2f:e5:92:c9:53:1f:a8:c3:35:5d:17:71:70:
                    41:c0:b8:ef:5e:19:b1:e0:02:a2:9e:c7:a0:93:83:
                    5d:7b:6b:a6:46:e1:00:a5:64:a8:10:9a:e9:c3:5d:
                    38:81:3a:13:ee:d0:f2:e9:ba:e0:05:35:02:81:37:
                    7f:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:E7:5A:EE:D6:D1:0F:0E:91:39:6C:5F:FD:34:86:1E:24:C5:A8:A7
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Deda7tbRDw6ROWxf_TSGHiTFqKc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         72:4d:40:5d:8f:89:8e:59:14:d0:27:c7:a0:b8:1c:ea:6e:1d:
         ad:de:eb:d8:e7:2a:de:ad:1f:4e:49:f7:d4:3d:13:fa:da:d3:
         cd:7c:1a:5c:fb:16:ff:40:91:50:81:8c:33:c3:d5:86:63:7a:
         fb:b1:6a:70:21:39:ee:1d:33:88:4b:2f:45:d7:c9:78:cd:66:
         c2:f0:d6:7d:d5:7e:d0:4d:67:51:57:3f:9c:4d:d8:27:b8:ab:
         d8:0f:bd:19:3b:8f:1e:a1:20:b0:ea:8e:d6:99:d7:56:f1:76:
         a7:9b:f2:2b:04:24:7a:27:dd:bd:83:1a:4f:7d:54:38:03:70:
         3a:85:e7:a9:f1:b8:97:ff:ad:ea:3c:c5:0a:8d:8e:3f:fc:21:
         08:32:63:db:93:3c:e0:11:b1:df:70:9e:74:c2:40:27:05:a3:
         b8:83:e5:18:5e:29:90:eb:de:b3:77:09:63:8d:46:49:35:80:
         64:2f:8f:08:04:ba:41:b5:40:13:25:1d:70:85:80:50:6c:e3:
         a9:9a:10:fa:90:60:39:c0:f2:89:97:32:47:02:c6:13:9f:f5:
         7d:88:bd:10:fb:08:59:84:da:1f:9d:a3:2c:cf:25:71:f5:4a:
         61:d3:3e:5e:46:34:5b:f4:29:5e:5c:c8:91:e5:5b:cc:9d:9c:
         02:4b:45:4a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAJKGYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZmJkNDVmY2UzNTZlMmE2NWYxZTRkMWRhZjc4MTRiNmQ2YmRhM2M1MB4XDTIyMDQw
NjA2MTg0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGRlNzVhZWVkNmQx
MGYwZTkxMzk2YzVmZmQzNDg2MWUyNGM1YThhNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMSAyIRKfAwLeGjVyhBOqeWBCb4DP85wq5fpZ64gXXNriGsx
SCTxNtV55/Av34Ff6rC5elsWpB2Oj1tYzPKKzsO3RBl1v3tJ6HrFoISouTI07PTA
3lg/WgR+K7NLrNbwDWJ/LsCqdYepphio2oqwpZXfQH+gZwcFayqnsHEfVZGv7uqI
MfSpoc0gVS8DDhl5e25E6CiQRDv+pTfzPpiIexBdFURyF6qBrbNRjJoUFPcBaN2t
sGsvlaZ89LBdwi+xbONh6iAv5ZLJUx+owzVdF3FwQcC4714ZseACop7HoJODXXtr
pkbhAKVkqBCa6cNdOIE6E+7Q8um64AU1AoE3fysCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQN51ru1tEPDpE5bF/9NIYeJMWopzAfBgNVHSMEGDAWgBRPvUX841bipl8e
TR2veBS21r2jxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8x
L0RlZGE3dGJSRHc2Uk9XeGZfVFNHSGlURnFLYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
Mzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8xL1Q3MUZfT05XNHFa
ZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlQgXDANBgkqhkiG9w0BAQsFAAOC
AQEAck1AXY+JjlkU0CfHoLgc6m4drd7r2Ocq3q0fTkn31D0T+trTzXwaXPsW/0CR
UIGMM8PVhmN6+7FqcCE57h0ziEsvRdfJeM1mwvDWfdV+0E1nUVc/nE3YJ7ir2A+9
GTuPHqEgsOqO1pnXVvF2p5vyKwQkeifdvYMaT31UOANwOoXnqfG4l/+t6jzFCo2O
P/whCDJj25M84BGx33CedMJAJwWjuIPlGF4pkOves3cJY41GSTWAZC+PCAS6QbVA
EyUdcIWAUGzjqZoQ+pBgOcDyiZcyRwLGE5/1fYi9EPsIWYTaH52jLM8lcfVKYdM+
XkY0W/QpXlzIkeVbzJ2cAktFSg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:25 2024 by rpki-client on console-ams.rpki-client.org