Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/PJoKWOTi7vOAp-u5RtOEQUD6g5A.roa
File:                     PJoKWOTi7vOAp-u5RtOEQUD6g5A.roa (raw, json)
Hash identifier:          JdbeRpO2/Ve6J5XQRMi8dEJtQtkw7eIh2dajWHvbuPA=
Subject key identifier:   3C:9A:0A:58:E4:E2:EE:F3:80:A7:EB:B9:46:D3:84:41:40:FA:83:90
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       018486FDB3020390A7DE2D1EEF111D7D47FF
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/PJoKWOTi7vOAp-u5RtOEQUD6g5A.roa
Signing time:             Thu 17 Nov 2022 19:08:04 +0000
ROA not before:           Thu 17 Nov 2022 19:08:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49999
IP address blocks:        88.216.187.0/24 maxlen: 24
                          84.32.88.0/24 maxlen: 24
                          84.32.220.0/22 maxlen: 24
                          84.32.224.0/24 maxlen: 24
                          84.32.14.0/24 maxlen: 24
                          88.216.248.0/22 maxlen: 24
                          84.32.34.0/24 maxlen: 24
                          88.216.40.0/24 maxlen: 24
                          84.32.40.0/22 maxlen: 24
                          84.32.254.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:86:fd:b3:02:03:90:a7:de:2d:1e:ef:11:1d:7d:47:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Nov 17 19:08:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3c9a0a58e4e2eef380a7ebb946d3844140fa8390
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:c8:7e:a7:9c:48:1b:30:9f:ce:d3:3a:68:a4:
                    42:16:64:6a:22:ca:1d:0d:b8:af:60:34:13:81:75:
                    06:82:db:88:22:91:a6:ae:37:a1:ae:c8:ed:18:a8:
                    c3:81:11:83:94:f0:e3:65:39:b8:79:b7:aa:aa:88:
                    f6:51:42:70:27:72:e6:95:30:0d:7f:80:50:19:20:
                    07:72:e9:a8:42:00:fe:59:0e:c9:07:43:f3:ba:29:
                    62:c1:7c:e5:53:0d:5e:8d:a6:ee:03:5f:bb:07:5f:
                    e1:75:31:62:e8:e3:22:f7:2f:1e:80:7b:73:54:f7:
                    ad:4d:b2:b5:fc:02:4f:ea:5f:3a:9d:a8:2a:0a:db:
                    e9:25:05:d7:ec:c3:9e:96:9b:ad:d8:40:de:6c:6a:
                    a5:1b:14:7f:11:15:48:56:b0:92:41:69:e8:a5:3d:
                    04:76:9d:5d:8a:d2:01:1e:b0:dc:ac:13:e4:ce:54:
                    a3:e3:c3:20:f0:d8:6e:bb:eb:06:ef:25:36:16:bd:
                    5f:bf:c1:74:0d:89:61:96:2c:46:ca:e3:32:3f:82:
                    aa:7d:21:19:c7:6b:52:1a:2f:60:07:0b:0e:c9:c2:
                    79:f6:b5:e2:f9:d9:c3:2f:cd:d3:70:ee:a2:a0:d3:
                    6b:c8:f5:59:7f:ff:9c:c8:1a:fa:d3:c0:da:53:33:
                    60:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:9A:0A:58:E4:E2:EE:F3:80:A7:EB:B9:46:D3:84:41:40:FA:83:90
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/PJoKWOTi7vOAp-u5RtOEQUD6g5A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.14.0/24
                  84.32.34.0/24
                  84.32.40.0/22
                  84.32.88.0/24
                  84.32.220.0-84.32.224.255
                  84.32.254.0/24
                  88.216.40.0/24
                  88.216.187.0/24
                  88.216.248.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6a:fb:c5:d6:42:4f:fa:6c:55:6b:48:d5:b9:80:06:9d:a6:c0:
         55:d1:ee:8c:f0:fc:4d:51:ea:24:6e:81:6f:ad:98:53:2e:1e:
         03:99:3f:e2:a3:e6:38:0a:48:01:d4:96:65:9b:99:ec:f8:dd:
         b3:0e:6d:98:41:df:19:c9:1f:ba:2a:93:b9:7c:1f:46:8d:2d:
         a1:a3:d2:e3:36:9d:23:b9:0f:1b:8c:c7:27:0d:f2:f1:7f:eb:
         de:2c:56:da:d9:a6:d5:2c:0b:fc:35:52:d9:bc:39:cd:b1:06:
         65:2d:c3:74:86:b7:4c:17:54:e4:8d:56:5f:11:57:7f:05:af:
         5d:f4:33:59:04:f9:06:a1:7d:5d:52:84:42:4c:b0:80:76:b7:
         8c:04:94:21:f2:0c:bc:9c:3d:c0:0b:72:12:d2:a4:99:78:38:
         80:66:71:90:5b:1f:94:87:15:66:4b:1e:bc:77:4a:e6:81:2c:
         aa:85:7f:ba:c6:80:90:fc:3c:77:b9:bd:bc:4e:91:33:20:2b:
         7a:9c:4d:06:71:de:34:8e:8a:c7:12:ae:0a:ba:35:70:b4:81:
         95:a6:91:26:1d:84:c2:4b:bf:0e:a7:4b:0a:61:1f:bc:f6:5b:
         0a:5c:1d:ea:ea:c8:86:a7:70:a4:27:f7:30:8e:c8:19:45:ac:
         3c:03:09:8a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYSG/bMCA5Cn3i0e7xEdfUf/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTE3MTkwODA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzlhMGE1OGU0ZTJlZWYzODBhN2ViYjk0NmQzODQ0MTQwZmE4MzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8h+p5xIGzCfztM6aKRCFmRqIsod
DbivYDQTgXUGgtuIIpGmrjehrsjtGKjDgRGDlPDjZTm4ebeqqoj2UUJwJ3LmlTAN
f4BQGSAHcumoQgD+WQ7JB0PzuiliwXzlUw1ejabuA1+7B1/hdTFi6OMi9y8egHtz
VPetTbK1/AJP6l86nagqCtvpJQXX7MOelput2EDebGqlGxR/ERVIVrCSQWnopT0E
dp1ditIBHrDcrBPkzlSj48Mg8Nhuu+sG7yU2Fr1fv8F0DYlhlixGyuMyP4KqfSEZ
x2tSGi9gBwsOycJ59rXi+dnDL83TcO6ioNNryPVZf/+cyBr608DaUzNg6wIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFDyaCljk4u7zgKfruUbThEFA+oOQMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvUEpvS1dPVGk3dk9BcC11NVJ0T0VRVUQ2ZzVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAVCAOAwQA
VCAiAwQCVCAoAwQAVCBYMAwDBAJUINwDBABUIOADBABUIP4DBABY2CgDBABY2LsD
BAJY2PgwDQYJKoZIhvcNAQELBQADggEBAGr7xdZCT/psVWtI1bmABp2mwFXR7ozw
/E1R6iRugW+tmFMuHgOZP+Kj5jgKSAHUlmWbmez43bMObZhB3xnJH7oqk7l8H0aN
LaGj0uM2nSO5DxuMxycN8vF/694sVtrZptUsC/w1Utm8Oc2xBmUtw3SGt0wXVOSN
Vl8RV38Fr130M1kE+QahfV1ShEJMsIB2t4wElCHyDLycPcALchLSpJl4OIBmcZBb
H5SHFWZLHrx3SuaBLKqFf7rGgJD8PHe5vbxOkTMgK3qcTQZx3jSOiscSrgq6NXC0
gZWmkSYdhMJLvw6nSwphH7z2WwpcHerqyIancKQn9zCOyBlFrDwDCYo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:27 2024 by rpki-client on console-ams.rpki-client.org