Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/JMKsybKdxIpgdLc0OMbyd-kM4Sc.roa
File:                     JMKsybKdxIpgdLc0OMbyd-kM4Sc.roa (raw, json)
Hash identifier:          siCxtuOGdgWCXxI73kSp9Pbf8t8Wb2V8epHo37MjUgY=
Subject key identifier:   24:C2:AC:C9:B2:9D:C4:8A:60:74:B7:34:38:C6:F2:77:E9:0C:E1:27
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       1F6536
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/JMKsybKdxIpgdLc0OMbyd-kM4Sc.roa
Signing time:             Wed 02 Mar 2022 07:57:49 +0000
ROA not before:           Wed 02 Mar 2022 07:57:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     22333
IP address blocks:        88.216.36.0/22 maxlen: 24
                          88.216.40.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2057526 (0x1f6536)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Mar  2 07:57:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=24c2acc9b29dc48a6074b73438c6f277e90ce127
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:1c:45:7b:46:e3:2f:75:c2:e7:44:06:a8:61:
                    eb:0c:b4:3c:38:d5:53:53:0b:51:12:1c:97:4b:bd:
                    4f:a6:f7:5d:2f:cb:72:81:0e:2a:ad:2f:3c:82:13:
                    2d:f5:f5:0a:f9:d2:94:08:e4:87:ca:46:85:e4:dd:
                    0d:dc:74:b9:c9:16:9b:02:fa:e1:65:76:3f:26:2d:
                    06:24:28:ee:78:81:5d:e3:91:0a:57:08:63:fd:8f:
                    b6:65:a4:ae:7e:c3:3e:6b:79:99:fa:d6:93:b0:18:
                    0b:0c:f8:45:5c:ec:78:74:15:30:2b:9d:a7:e1:94:
                    56:4f:b1:e9:a3:5c:be:8e:a7:c6:9c:c9:67:94:26:
                    87:78:da:95:05:4a:3a:db:80:a5:6d:9e:3a:72:fd:
                    95:33:71:76:ea:ba:55:33:93:66:8f:67:27:35:85:
                    59:f3:8f:e3:70:8c:17:a4:8d:b9:de:48:2a:2a:d0:
                    d8:31:c6:4a:cc:c3:c6:1e:05:6d:65:2f:e2:8a:6d:
                    6a:f3:14:73:ac:c2:1a:61:cf:5f:e1:28:76:ee:8a:
                    bd:fc:47:8e:b9:0b:1b:a2:fe:6f:79:3c:71:d9:e2:
                    53:fc:d9:79:59:e1:d2:9f:af:ad:da:1d:04:26:f9:
                    07:73:21:e6:4f:c4:52:43:94:ea:35:91:9a:5f:90:
                    37:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:C2:AC:C9:B2:9D:C4:8A:60:74:B7:34:38:C6:F2:77:E9:0C:E1:27
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/JMKsybKdxIpgdLc0OMbyd-kM4Sc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.216.36.0-88.216.43.255

    Signature Algorithm: sha256WithRSAEncryption
         3c:3e:7d:e2:75:b8:f7:6e:f7:53:66:93:eb:e8:16:80:e3:e5:
         77:f7:75:ce:37:69:19:16:b9:f3:a3:55:a8:a3:45:55:f8:d8:
         69:42:68:f5:46:30:31:f3:cb:f9:24:09:11:fb:d7:da:85:7d:
         d1:4c:24:dd:12:f8:47:54:d0:06:5a:51:8c:7a:40:62:3e:8f:
         44:1d:a5:a6:e0:54:a7:e3:bd:0b:40:46:bb:48:21:46:4b:b9:
         a7:93:f7:96:ca:84:75:49:77:3a:79:84:7a:26:8c:bd:8e:ec:
         d9:ef:8c:da:dd:9e:2e:af:ee:bc:93:44:e2:96:bc:f8:40:0f:
         86:6d:7b:6d:c0:e7:54:15:1e:1b:97:f2:10:06:f1:74:38:5e:
         8c:f9:de:47:b0:25:5d:42:c4:ad:90:37:32:86:1b:a4:57:d0:
         e3:ef:e3:2b:ec:84:b7:09:8c:84:91:75:81:07:34:55:b2:e0:
         1f:a3:04:10:94:a6:bc:e6:94:72:09:f3:46:6e:8e:15:71:45:
         4f:c1:35:0c:b1:08:0f:6d:e5:1b:ba:63:8d:a5:3f:49:ac:a6:
         89:9a:8d:ae:05:be:e3:75:6c:f4:00:bc:46:12:87:a1:07:41:
         39:98:b1:21:0d:d6:ea:47:44:9a:61:bf:47:37:94:58:fa:7a:
         ab:e5:1a:9f
-----BEGIN CERTIFICATE-----
MIIE9jCCA96gAwIBAgIDH2U2MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRm
YmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZiZGEzYzUwHhcNMjIwMzAy
MDc1NzQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyNGMyYWNjOWIyOWRj
NDhhNjA3NGI3MzQzOGM2ZjI3N2U5MGNlMTI3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArBxFe0bjL3XC50QGqGHrDLQ8ONVTUwtREhyXS71PpvddL8ty
gQ4qrS88ghMt9fUK+dKUCOSHykaF5N0N3HS5yRabAvrhZXY/Ji0GJCjueIFd45EK
Vwhj/Y+2ZaSufsM+a3mZ+taTsBgLDPhFXOx4dBUwK52n4ZRWT7Hpo1y+jqfGnMln
lCaHeNqVBUo624ClbZ46cv2VM3F26rpVM5Nmj2cnNYVZ84/jcIwXpI253kgqKtDY
McZKzMPGHgVtZS/iim1q8xRzrMIaYc9f4Sh27oq9/EeOuQsbov5veTxx2eJT/Nl5
WeHSn6+t2h0EJvkHcyHmT8RSQ5TqNZGaX5A3dwIDAQABo4ICETCCAg0wHQYDVR0O
BBYEFCTCrMmyncSKYHS3NDjG8nfpDOEnMB8GA1UdIwQYMBaAFE+9RfzjVuKmXx5N
Ha94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
VDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMzLzEv
Sk1Lc3liS2R4SXBnZExjME9NYnlkLWtNNFNjLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8z
OTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMzLzEvVDcxRl9PTlc0cVpm
SGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCcG
CCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJY2CQDBAJY2CgwDQYJKoZIhvcN
AQELBQADggEBADw+feJ1uPdu91Nmk+voFoDj5Xf3dc43aRkWufOjVaijRVX42GlC
aPVGMDHzy/kkCRH719qFfdFMJN0S+EdU0AZaUYx6QGI+j0QdpabgVKfjvQtARrtI
IUZLuaeT95bKhHVJdzp5hHomjL2O7NnvjNrdni6v7ryTROKWvPhAD4Zte23A51QV
HhuX8hAG8XQ4Xoz53kewJV1CxK2QNzKGG6RX0OPv4yvshLcJjISRdYEHNFWy4B+j
BBCUprzmlHIJ80ZujhVxRU/BNQyxCA9t5Ru6Y42lP0mspomaja4FvuN1bPQAvEYS
h6EHQTmYsSEN1upHRJphv0c3lFj6eqvlGp8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:32 2024 by rpki-client on console-fra.rpki-client.org