Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/P_TeeryWD-9BOucMh-ahSKVDhh0.roa
File:                     P_TeeryWD-9BOucMh-ahSKVDhh0.roa (raw, json)
Hash identifier:          3QXwxRunqIvX+7g+eIQ3vDelMch7oTUV0tyxkJa0rWg=
Subject key identifier:   3F:F4:DE:7A:BC:96:0F:EF:41:3A:E7:0C:87:E6:A1:48:A5:43:86:1D
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       010C1E53
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/P_TeeryWD-9BOucMh-ahSKVDhh0.roa
Signing time:             Fri 13 May 2022 06:53:03 +0000
ROA not before:           Fri 13 May 2022 06:53:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209371
IP address blocks:        88.216.98.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17571411 (0x10c1e53)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: May 13 06:53:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3ff4de7abc960fef413ae70c87e6a148a543861d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:88:ed:7b:6d:4e:77:26:de:75:48:71:5e:27:
                    02:c1:7a:bf:f1:2e:84:9b:de:7a:80:e2:d7:4f:e0:
                    99:d6:4d:37:b6:8b:16:cb:f5:33:a8:64:87:6e:98:
                    ab:a2:3c:db:51:94:91:41:30:55:65:57:f8:3f:35:
                    d8:ee:a0:31:6d:b2:cc:0a:c8:61:31:a7:b0:9a:1d:
                    c0:c3:80:f4:ca:b1:81:1f:9f:bf:b6:32:84:b8:5a:
                    1c:92:7a:2e:46:63:84:c6:eb:35:98:38:3f:a5:1d:
                    b8:61:93:38:43:30:60:ae:cb:92:90:d1:1d:1b:f5:
                    65:26:c2:c4:65:f1:2d:56:a0:1d:2a:cb:46:a6:0e:
                    d5:24:a7:7b:94:66:e8:d1:5e:c9:2d:c6:c8:13:70:
                    9c:bc:5d:af:66:7c:f8:14:3d:58:c8:6e:80:11:0d:
                    ca:18:2f:58:06:be:d5:2f:01:72:59:10:19:a7:14:
                    52:09:2d:75:7a:52:24:f8:57:c3:1d:a7:e8:76:b5:
                    4f:c2:36:80:15:54:57:86:17:60:ec:d8:72:9c:5c:
                    be:5e:8d:91:50:3d:91:50:7b:75:cd:af:c1:05:b1:
                    c0:b7:bc:17:fa:8c:2e:23:54:90:26:75:38:04:78:
                    34:60:48:c8:54:f7:86:6d:6d:f4:49:53:a2:23:ad:
                    b4:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:F4:DE:7A:BC:96:0F:EF:41:3A:E7:0C:87:E6:A1:48:A5:43:86:1D
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/P_TeeryWD-9BOucMh-ahSKVDhh0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.216.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:5e:5c:7c:43:5d:75:d6:c6:cd:8d:e1:18:e7:fe:80:54:b7:
         66:03:80:bf:08:f2:63:f8:64:57:11:5f:a2:ff:22:ec:76:c0:
         dc:85:70:25:20:75:82:3a:16:54:bd:f0:26:e2:2b:75:ad:b4:
         bc:34:23:7b:3b:0f:b4:d2:e5:83:a3:75:ac:64:c7:ed:d4:14:
         43:54:03:9f:50:31:6e:e9:b7:59:65:5c:77:48:48:ed:a6:c4:
         d4:22:6f:29:8a:c1:02:ab:ea:eb:50:5c:15:1b:40:7a:3f:46:
         93:1d:d8:50:7b:2c:57:4a:de:d7:9b:90:59:91:db:45:97:1b:
         b0:22:77:a6:21:42:c8:bb:f6:5a:1a:5e:7a:32:bb:66:19:bc:
         42:e6:24:7b:07:30:d7:fb:29:d9:81:a4:ea:14:74:7a:fe:bc:
         bf:02:56:11:d8:46:98:2a:fe:8e:e2:eb:5d:cf:b7:b0:42:f1:
         8b:d7:d3:1c:b2:84:ef:e4:34:e1:2c:8e:de:27:9b:08:8f:38:
         eb:20:42:c1:7e:9f:f4:3e:88:b8:13:6f:14:79:53:50:1a:a0:
         5d:e1:f3:c3:c2:ed:27:7e:c4:9d:a3:f6:37:c8:9f:1e:f4:27:
         c4:85:5f:7b:13:19:e5:7a:2f:37:f5:c0:99:98:5f:95:a0:f8:
         b2:f1:54:01
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAQweUzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZmJkNDVmY2UzNTZlMmE2NWYxZTRkMWRhZjc4MTRiNmQ2YmRhM2M1MB4XDTIyMDUx
MzA2NTMwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2ZmNGRlN2FiYzk2
MGZlZjQxM2FlNzBjODdlNmExNDhhNTQzODYxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOGI7XttTncm3nVIcV4nAsF6v/EuhJveeoDi10/gmdZNN7aL
Fsv1M6hkh26Yq6I821GUkUEwVWVX+D812O6gMW2yzArIYTGnsJodwMOA9MqxgR+f
v7YyhLhaHJJ6LkZjhMbrNZg4P6UduGGTOEMwYK7LkpDRHRv1ZSbCxGXxLVagHSrL
RqYO1SSne5Rm6NFeyS3GyBNwnLxdr2Z8+BQ9WMhugBENyhgvWAa+1S8BclkQGacU
UgktdXpSJPhXwx2n6Ha1T8I2gBVUV4YXYOzYcpxcvl6NkVA9kVB7dc2vwQWxwLe8
F/qMLiNUkCZ1OAR4NGBIyFT3hm1t9ElToiOttBsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ/9N56vJYP70E65wyH5qFIpUOGHTAfBgNVHSMEGDAWgBRPvUX841bipl8e
TR2veBS21r2jxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8x
L1BfVGVlcnlXRC05Qk91Y01oLWFoU0tWRGhoMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
Mzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8xL1Q3MUZfT05XNHFa
ZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFjYYjANBgkqhkiG9w0BAQsFAAOC
AQEAeF5cfENdddbGzY3hGOf+gFS3ZgOAvwjyY/hkVxFfov8i7HbA3IVwJSB1gjoW
VL3wJuIrda20vDQjezsPtNLlg6N1rGTH7dQUQ1QDn1Axbum3WWVcd0hI7abE1CJv
KYrBAqvq61BcFRtAej9Gkx3YUHssV0re15uQWZHbRZcbsCJ3piFCyLv2WhpeejK7
Zhm8QuYkewcw1/sp2YGk6hR0ev68vwJWEdhGmCr+juLrXc+3sELxi9fTHLKE7+Q0
4SyO3iebCI846yBCwX6f9D6IuBNvFHlTUBqgXeHzw8LtJ37EnaP2N8ifHvQnxIVf
exMZ5XovN/XAmZhflaD4svFUAQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:32 2024 by rpki-client on console-fra.rpki-client.org