Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/XL1nWJdsA0ZOHt4qHzO0s_ZO0_g.roa
File:                     XL1nWJdsA0ZOHt4qHzO0s_ZO0_g.roa (raw, json)
Hash identifier:          gNMzf8gb9yokFAF08nH8WYwAP6uvfIYPWEtrd1B6zWM=
Subject key identifier:   5C:BD:67:58:97:6C:03:46:4E:1E:DE:2A:1F:33:B4:B3:F6:4E:D3:F8
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       0183FB6DFB91E9ACF5B51801BDB6354050C7
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/XL1nWJdsA0ZOHt4qHzO0s_ZO0_g.roa
Signing time:             Fri 21 Oct 2022 16:43:52 +0000
ROA not before:           Fri 21 Oct 2022 16:43:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     142430
IP address blocks:        84.32.83.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:fb:6d:fb:91:e9:ac:f5:b5:18:01:bd:b6:35:40:50:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Oct 21 16:43:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5cbd6758976c03464e1ede2a1f33b4b3f64ed3f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:bf:fb:c5:d0:f8:5f:6d:af:8e:3e:5a:9b:b5:
                    bc:af:2e:ef:86:8b:87:c8:5f:23:f0:c0:a1:25:8a:
                    04:62:c8:41:e0:85:8d:c9:b9:1b:52:4e:9b:32:87:
                    71:28:a1:94:e0:1f:08:60:30:5d:09:4d:1a:98:6b:
                    d6:87:83:c6:17:70:4c:35:d7:b0:f3:70:70:c4:15:
                    3a:9e:8b:c0:d5:ee:1a:df:44:44:8f:f2:44:59:f1:
                    8c:b6:f6:a2:aa:60:19:f3:34:17:a5:af:3e:eb:a1:
                    58:61:87:42:a5:28:3f:8b:8d:80:6d:f1:49:7e:1e:
                    ec:96:f5:45:90:c3:77:af:d1:ff:db:a9:78:e6:10:
                    9a:fb:39:5a:ea:3f:af:7f:50:9b:1f:e3:24:44:e5:
                    37:bd:8e:48:ef:79:8d:97:ed:31:8f:cd:10:79:57:
                    71:0b:be:7a:5c:10:af:61:8e:e9:e3:83:4a:5b:57:
                    a2:2a:f6:19:bf:80:37:c1:23:98:da:69:01:ba:e6:
                    d4:63:2d:9a:c4:7d:44:39:e2:86:05:24:0f:20:ab:
                    9e:03:e9:dd:31:c2:21:5d:f9:e4:1e:45:a1:63:4c:
                    f4:08:84:2d:fe:3f:aa:53:23:ab:05:b9:f0:ff:26:
                    9f:80:a9:b7:e8:5b:aa:5f:aa:f1:98:62:43:0d:fb:
                    a3:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:BD:67:58:97:6C:03:46:4E:1E:DE:2A:1F:33:B4:B3:F6:4E:D3:F8
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/XL1nWJdsA0ZOHt4qHzO0s_ZO0_g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.83.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:9b:f8:7f:8c:70:c6:15:b0:57:80:61:36:ea:08:0c:a5:c3:
         f2:3f:f8:44:4b:45:70:21:87:ae:72:d0:b8:b6:61:36:d6:dc:
         a8:44:c1:32:4d:84:9c:b9:46:f4:ce:96:05:88:40:1f:e7:9f:
         3f:c8:8c:38:43:b3:1f:2a:4e:d7:be:c6:f4:3e:76:81:4d:77:
         70:88:64:1e:1e:58:41:39:5d:9a:9f:6c:9a:db:5a:99:d7:02:
         bf:85:95:79:10:7b:88:40:9b:7a:4e:ca:ef:6e:93:5a:d8:35:
         eb:2f:dc:9d:dd:67:3d:f7:92:9e:2e:5c:d3:0f:a7:4c:b5:30:
         80:8d:d9:77:cf:ba:6d:37:b8:fe:85:11:b0:c1:db:78:08:9e:
         9f:0c:98:aa:23:57:bd:56:73:c4:a5:75:94:6a:c8:0f:cb:64:
         68:41:96:6f:4f:53:a3:d2:0a:8b:ba:3e:e5:4e:a4:44:1e:b6:
         99:d0:87:26:c0:cd:c6:fa:f0:e9:d6:a6:23:fe:ae:95:1d:cd:
         8d:af:91:e2:07:84:b3:9b:3b:bd:27:ff:4f:22:56:69:34:b0:
         ae:20:8c:12:a6:9a:6b:f9:a0:27:65:fd:8e:bf:11:53:7e:e5:
         6b:a5:d7:c3:a9:2b:42:52:3c:c5:8a:36:2d:5c:69:6b:7f:8a:
         ca:70:ce:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYP7bfuR6az1tRgBvbY1QFDHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMDIxMTY0MzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2JkNjc1ODk3NmMwMzQ2NGUxZWRlMmExZjMzYjRiM2Y2NGVkM2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAor/7xdD4X22vjj5am7W8ry7vhouH
yF8j8MChJYoEYshB4IWNybkbUk6bModxKKGU4B8IYDBdCU0amGvWh4PGF3BMNdew
83BwxBU6novA1e4a30REj/JEWfGMtvaiqmAZ8zQXpa8+66FYYYdCpSg/i42AbfFJ
fh7slvVFkMN3r9H/26l45hCa+zla6j+vf1CbH+MkROU3vY5I73mNl+0xj80QeVdx
C756XBCvYY7p44NKW1eiKvYZv4A3wSOY2mkBuubUYy2axH1EOeKGBSQPIKueA+nd
McIhXfnkHkWhY0z0CIQt/j+qUyOrBbnw/yafgKm36FuqX6rxmGJDDfuj7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFy9Z1iXbANGTh7eKh8ztLP2TtP4MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvWEwxbldKZHNBMFpPSHQ0cUh6TzBzX1pPMF9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVCBTMA0G
CSqGSIb3DQEBCwUAA4IBAQAcm/h/jHDGFbBXgGE26ggMpcPyP/hES0VwIYeuctC4
tmE21tyoRMEyTYScuUb0zpYFiEAf558/yIw4Q7MfKk7Xvsb0PnaBTXdwiGQeHlhB
OV2an2ya21qZ1wK/hZV5EHuIQJt6TsrvbpNa2DXrL9yd3Wc995KeLlzTD6dMtTCA
jdl3z7ptN7j+hRGwwdt4CJ6fDJiqI1e9VnPEpXWUasgPy2RoQZZvT1Oj0gqLuj7l
TqREHraZ0IcmwM3G+vDp1qYj/q6VHc2Nr5HiB4Szmzu9J/9PIlZpNLCuIIwSpppr
+aAnZf2OvxFTfuVrpdfDqStCUjzFijYtXGlrf4rKcM4a
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:28 2024 by rpki-client on console-ams.rpki-client.org