Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/TBfaDY3E5aqWjTiw-W9syuQEAJQ.roa
File:                     TBfaDY3E5aqWjTiw-W9syuQEAJQ.roa (raw, json)
Hash identifier:          jQm7E14qWjWA1oRTuilwRe0Dsro8DBFx2kbs+7Nt+yI=
Subject key identifier:   4C:17:DA:0D:8D:C4:E5:AA:96:8D:38:B0:F9:6F:6C:CA:E4:04:00:94
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       01824336874FCDBD608E6FF9A5B7FE5B9E70
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/TBfaDY3E5aqWjTiw-W9syuQEAJQ.roa
Signing time:             Thu 28 Jul 2022 05:10:23 +0000
ROA not before:           Thu 28 Jul 2022 05:10:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     398465
IP address blocks:        84.32.24.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:43:36:87:4f:cd:bd:60:8e:6f:f9:a5:b7:fe:5b:9e:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Jul 28 05:10:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4c17da0d8dc4e5aa968d38b0f96f6ccae4040094
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:c0:04:00:24:74:09:18:40:37:83:2b:1f:e6:
                    ba:ed:ba:f5:00:a8:33:5f:7b:23:a1:86:0e:c8:14:
                    d1:61:57:d1:9d:44:53:bd:7c:f1:64:9e:25:5e:28:
                    2f:10:53:11:ad:20:de:fa:34:5d:f3:69:c8:be:8b:
                    ab:40:4f:69:96:71:99:f0:3a:4f:f5:88:5c:34:1c:
                    d1:be:66:23:e6:3e:a7:d9:fc:87:81:6f:68:78:02:
                    ed:a5:17:0b:38:b9:11:35:ce:25:53:7e:92:df:4a:
                    61:6a:03:a7:69:a5:00:4c:e6:cc:4e:1e:4c:c9:46:
                    ed:df:e3:74:ab:6d:8f:12:03:54:ab:88:16:7d:9a:
                    99:db:75:50:59:2e:37:4a:61:0a:87:c5:52:7f:57:
                    3e:ff:cd:41:a5:a5:a8:37:74:25:a4:18:2b:31:79:
                    e2:70:1b:10:13:de:85:7b:d7:89:ea:ae:f7:bb:97:
                    e6:c1:25:25:87:57:8e:d7:d4:db:c8:39:e6:da:65:
                    22:5a:d2:a6:7a:34:c6:d2:25:d8:4b:3b:8c:d2:97:
                    b7:ad:8f:b0:1f:58:01:15:99:3c:4a:4a:eb:19:ca:
                    a0:3d:d0:b2:ae:9b:49:54:6a:9b:66:53:21:6a:39:
                    e2:bb:d4:90:a8:51:fd:a2:69:2c:65:a4:2f:79:38:
                    da:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:17:DA:0D:8D:C4:E5:AA:96:8D:38:B0:F9:6F:6C:CA:E4:04:00:94
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/TBfaDY3E5aqWjTiw-W9syuQEAJQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.24.0/21

    Signature Algorithm: sha256WithRSAEncryption
         9a:09:52:dc:39:5b:a7:5a:cf:ea:a4:f5:19:e2:fa:3e:8e:9a:
         8a:bd:f9:26:e5:16:ce:f8:4e:82:77:d4:3d:08:ea:28:04:4a:
         9d:26:a5:81:6c:08:df:8b:e2:d6:fe:40:83:88:29:ad:bc:fb:
         f1:25:8b:e6:9c:c7:bd:fd:be:a9:49:75:68:38:bd:c1:0a:fd:
         6d:dd:7d:57:e0:66:c5:28:2a:64:d4:b8:f7:55:1e:73:f6:ee:
         41:4e:07:80:ff:0b:3b:a6:db:25:f7:be:87:da:20:2b:c8:f6:
         a9:78:01:ea:85:77:ad:c5:52:a3:e5:e4:19:3c:4c:bf:76:73:
         b1:35:94:b0:48:53:d5:ba:00:4f:7e:85:76:e2:3e:d0:0f:67:
         93:39:17:84:47:73:24:e8:43:d9:74:29:fe:b5:49:f6:6a:19:
         8f:cc:e0:75:b4:81:7e:c5:8e:b9:32:94:c8:9e:a2:86:59:f6:
         c5:47:bc:e3:23:69:4b:30:d2:c1:a9:30:84:5f:4c:82:e8:c0:
         28:eb:1a:81:1d:92:a7:40:b0:5c:e6:5d:ef:c8:ae:ed:08:57:
         42:20:18:0c:03:67:60:42:b5:bf:01:82:a5:8e:f9:c7:20:09:
         d5:d9:f8:08:57:d4:fb:1b:08:f7:1d:b2:12:c0:f2:e3:c8:86:
         0a:e8:a7:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJDNodPzb1gjm/5pbf+W55wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIwNzI4MDUxMDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzE3ZGEwZDhkYzRlNWFhOTY4ZDM4YjBmOTZmNmNjYWU0MDQwMDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMAEACR0CRhAN4MrH+a67br1AKgz
X3sjoYYOyBTRYVfRnURTvXzxZJ4lXigvEFMRrSDe+jRd82nIvourQE9plnGZ8DpP
9YhcNBzRvmYj5j6n2fyHgW9oeALtpRcLOLkRNc4lU36S30phagOnaaUATObMTh5M
yUbt3+N0q22PEgNUq4gWfZqZ23VQWS43SmEKh8VSf1c+/81BpaWoN3QlpBgrMXni
cBsQE96Fe9eJ6q73u5fmwSUlh1eO19TbyDnm2mUiWtKmejTG0iXYSzuM0pe3rY+w
H1gBFZk8SkrrGcqgPdCyrptJVGqbZlMhajniu9SQqFH9omksZaQveTjaTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEwX2g2NxOWqlo04sPlvbMrkBACUMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvVEJmYURZM0U1YXFXalRpdy1XOXN5dVFFQUpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVCAYMA0G
CSqGSIb3DQEBCwUAA4IBAQCaCVLcOVunWs/qpPUZ4vo+jpqKvfkm5RbO+E6Cd9Q9
COooBEqdJqWBbAjfi+LW/kCDiCmtvPvxJYvmnMe9/b6pSXVoOL3BCv1t3X1X4GbF
KCpk1Lj3VR5z9u5BTgeA/ws7ptsl976H2iAryPapeAHqhXetxVKj5eQZPEy/dnOx
NZSwSFPVugBPfoV24j7QD2eTOReER3Mk6EPZdCn+tUn2ahmPzOB1tIF+xY65MpTI
nqKGWfbFR7zjI2lLMNLBqTCEX0yC6MAo6xqBHZKnQLBc5l3vyK7tCFdCIBgMA2dg
QrW/AYKljvnHIAnV2fgIV9T7Gwj3HbISwPLjyIYK6KeA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:28 2024 by rpki-client on console-ams.rpki-client.org