Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/SyaDqVi4RZ1jiEiXggpeRlOZ6Yg.roa
File:                     SyaDqVi4RZ1jiEiXggpeRlOZ6Yg.roa (raw, json)
Hash identifier:          UUK0K+Dxl+Zoo3PYfr1p1lls1Do3bdzuWRI3RoCalig=
Subject key identifier:   4B:26:83:A9:58:B8:45:9D:63:88:48:97:82:0A:5E:46:53:99:E9:88
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       0183F3D91067AA7B28C13F4B482958E1D22D
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/SyaDqVi4RZ1jiEiXggpeRlOZ6Yg.roa
Signing time:             Thu 20 Oct 2022 05:23:52 +0000
ROA not before:           Thu 20 Oct 2022 05:23:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49999
IP address blocks:        84.32.76.0/24 maxlen: 24
                          88.216.188.0/22 maxlen: 24
                          88.216.187.0/24 maxlen: 24
                          84.32.79.0/24 maxlen: 24
                          84.32.88.0/24 maxlen: 24
                          84.32.14.0/24 maxlen: 24
                          88.216.18.0/24 maxlen: 24
                          88.216.248.0/22 maxlen: 24
                          84.32.34.0/24 maxlen: 24
                          88.216.40.0/24 maxlen: 24
                          84.32.40.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:f3:d9:10:67:aa:7b:28:c1:3f:4b:48:29:58:e1:d2:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Oct 20 05:23:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4b2683a958b8459d63884897820a5e465399e988
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:fd:46:c5:15:39:ec:ee:28:74:96:ce:4b:6d:
                    ff:0a:ec:f7:0d:00:ee:ae:6d:06:6e:16:39:32:ce:
                    24:57:e9:34:a2:8d:78:5e:f3:01:88:17:51:ac:cb:
                    42:25:e6:6a:8d:c9:8a:cb:82:81:46:c9:89:e7:1c:
                    bd:a9:c5:13:61:86:f3:df:67:b3:22:b5:6d:5f:48:
                    30:27:75:f4:1c:13:97:66:e2:3f:af:2c:10:3f:e1:
                    7d:1a:99:c6:b2:5d:3f:6d:e1:c3:29:cd:e6:62:11:
                    75:f6:30:65:20:1a:6e:b9:02:46:f6:3a:98:9b:6c:
                    83:5f:bf:4d:35:bb:49:23:1b:ba:fc:e5:aa:eb:eb:
                    04:32:a8:29:0d:99:95:70:ee:19:e6:6a:07:5d:ad:
                    9a:d2:92:e4:c3:26:c8:be:e1:10:03:29:30:2e:2c:
                    00:b7:f5:de:65:5e:20:4c:1d:ee:03:24:11:79:7b:
                    9b:a7:e9:6b:9c:27:26:e9:7a:bc:a0:bf:b2:9a:ec:
                    ef:10:1e:e2:e2:11:d1:ae:1b:9a:70:43:24:d4:ab:
                    a1:ff:ad:2b:56:42:03:ba:e5:91:09:cb:43:a4:42:
                    01:17:4d:cc:66:e6:d1:d1:2b:ae:fb:3a:50:d0:f9:
                    37:fa:6c:9d:8e:da:59:6f:d3:34:85:9e:af:9f:d6:
                    7a:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:26:83:A9:58:B8:45:9D:63:88:48:97:82:0A:5E:46:53:99:E9:88
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/SyaDqVi4RZ1jiEiXggpeRlOZ6Yg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.14.0/24
                  84.32.34.0/24
                  84.32.40.0/22
                  84.32.76.0/24
                  84.32.79.0/24
                  84.32.88.0/24
                  88.216.18.0/24
                  88.216.40.0/24
                  88.216.187.0-88.216.191.255
                  88.216.248.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9e:9e:ed:f9:18:16:cd:4c:24:4e:be:a8:fa:3d:45:74:65:d7:
         f3:86:0c:a6:8c:46:92:bf:b9:55:a0:ea:e1:74:a6:37:b1:ff:
         b4:ef:99:f0:a5:76:b6:ab:aa:8d:bb:f2:82:9a:cc:01:3f:ac:
         50:93:f3:85:b4:86:9c:97:94:d8:72:80:0b:3f:7e:f9:14:92:
         c6:08:08:e3:7b:75:2a:f1:7e:fa:7a:6c:6c:26:e4:c1:df:3a:
         cd:8e:de:f2:4e:b5:2b:54:78:64:46:85:ff:b3:74:6a:52:2e:
         fe:56:3f:8f:4a:50:6a:d4:7b:cb:6c:51:e1:00:95:3d:83:28:
         e3:35:39:ac:89:9f:fe:e2:43:bc:37:2c:12:5b:80:97:ef:08:
         ef:20:dc:b1:b3:11:7e:c3:41:d5:e9:54:77:36:e6:a4:3b:70:
         cf:ab:92:ba:91:b5:e1:d9:91:b4:57:ee:5e:f2:cb:b8:7f:19:
         39:3a:17:0e:4c:3a:cd:73:83:77:6a:94:c0:15:44:1d:3e:66:
         c3:26:e0:cd:42:ac:df:17:df:bf:18:42:64:64:07:1a:9d:7c:
         ea:94:6d:49:57:61:6d:f6:84:f8:44:53:d2:41:97:a5:e8:d8:
         8d:d3:fc:c9:a7:65:e2:c8:b8:a0:61:15:94:32:3c:4d:4a:ef:
         74:c1:81:91
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYPz2RBnqnsowT9LSClY4dItMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMDIwMDUyMzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjI2ODNhOTU4Yjg0NTlkNjM4ODQ4OTc4MjBhNWU0NjUzOTllOTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhv1GxRU57O4odJbOS23/Cuz3DQDu
rm0GbhY5Ms4kV+k0oo14XvMBiBdRrMtCJeZqjcmKy4KBRsmJ5xy9qcUTYYbz32ez
IrVtX0gwJ3X0HBOXZuI/rywQP+F9GpnGsl0/beHDKc3mYhF19jBlIBpuuQJG9jqY
m2yDX79NNbtJIxu6/OWq6+sEMqgpDZmVcO4Z5moHXa2a0pLkwybIvuEQAykwLiwA
t/XeZV4gTB3uAyQReXubp+lrnCcm6Xq8oL+ymuzvEB7i4hHRrhuacEMk1Kuh/60r
VkIDuuWRCctDpEIBF03MZubR0Suu+zpQ0Pk3+mydjtpZb9M0hZ6vn9Z62QIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFEsmg6lYuEWdY4hIl4IKXkZTmemIMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvU3lhRHFWaTRSWjFqaUVpWGdncGVSbE9aNllnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAVCAOAwQA
VCAiAwQCVCAoAwQAVCBMAwQAVCBPAwQAVCBYAwQAWNgSAwQAWNgoMAwDBABY2LsD
BAZY2IADBAJY2PgwDQYJKoZIhvcNAQELBQADggEBAJ6e7fkYFs1MJE6+qPo9RXRl
1/OGDKaMRpK/uVWg6uF0pjex/7TvmfCldrarqo278oKazAE/rFCT84W0hpyXlNhy
gAs/fvkUksYICON7dSrxfvp6bGwm5MHfOs2O3vJOtStUeGRGhf+zdGpSLv5WP49K
UGrUe8tsUeEAlT2DKOM1OayJn/7iQ7w3LBJbgJfvCO8g3LGzEX7DQdXpVHc25qQ7
cM+rkrqRteHZkbRX7l7yy7h/GTk6Fw5MOs1zg3dqlMAVRB0+ZsMm4M1CrN8X378Y
QmRkBxqdfOqUbUlXYW32hPhEU9JBl6Xo2I3T/MmnZeLIuKBhFZQyPE1K73TBgZE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:33 2024 by rpki-client on console-fra.rpki-client.org