Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/buj-TFUIADKQCR66O0ujGAilP3k.roa
File:                     buj-TFUIADKQCR66O0ujGAilP3k.roa (raw, json)
Hash identifier:          MJKUgW23vkLDVxMPWEhm8d/iP0i9DLEINOWtLtAY22A=
Subject key identifier:   6E:E8:FE:4C:55:08:00:32:90:09:1E:BA:3B:4B:A3:18:08:A5:3F:79
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       01823E395EA701B796A9DB3A8A458D2AA9E2
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/buj-TFUIADKQCR66O0ujGAilP3k.roa
Signing time:             Wed 27 Jul 2022 05:55:23 +0000
ROA not before:           Wed 27 Jul 2022 05:55:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3320
IP address blocks:        84.32.52.0/22 maxlen: 24
                          84.32.56.0/22 maxlen: 24
                          84.32.64.0/22 maxlen: 24
                          84.32.68.0/22 maxlen: 24
                          88.216.208.0/24 maxlen: 24
                          84.32.20.0/22 maxlen: 24
                          84.32.48.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:3e:39:5e:a7:01:b7:96:a9:db:3a:8a:45:8d:2a:a9:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Jul 27 05:55:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6ee8fe4c5508003290091eba3b4ba31808a53f79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:42:af:8a:0f:ca:95:4d:d6:c7:c3:c0:5f:83:
                    c5:46:3d:16:53:22:e5:b9:59:3f:a9:5d:90:49:1f:
                    60:17:dd:e3:48:d5:fb:be:a7:3e:5c:f6:fa:ae:96:
                    50:41:3a:82:60:c8:9a:c8:44:e9:2a:55:38:41:81:
                    2a:e4:6e:b5:dc:bd:9a:bd:f3:cc:bf:de:f7:a2:12:
                    df:b0:0e:e5:aa:8c:a9:ee:a9:1b:aa:cf:5d:51:d0:
                    a5:9a:0b:21:05:6f:cb:0a:f8:19:99:e9:b5:e1:4c:
                    63:04:e4:7c:48:2d:f3:40:b7:01:3a:43:96:da:c6:
                    76:be:eb:12:e6:ff:56:ba:84:c3:8a:fd:ae:ee:84:
                    22:2e:31:f2:74:91:8d:f3:07:a3:ac:02:56:a1:9e:
                    1f:83:b3:f3:5c:c6:cb:85:50:f3:18:97:72:ba:7f:
                    78:4d:2d:10:b3:a7:34:67:ef:d6:7b:c0:5c:25:c0:
                    52:3f:1a:ed:6e:4e:6a:f1:96:26:c4:ce:b0:d7:c2:
                    6d:43:41:4d:98:da:07:97:18:f1:02:09:6a:b9:41:
                    08:ba:86:40:d6:0c:07:14:bf:3d:4d:0a:8e:11:53:
                    8d:5a:c9:67:d5:3b:83:ff:6f:c4:4d:eb:58:9f:27:
                    12:ba:46:fd:44:95:b2:a3:4e:06:a4:72:7b:d8:1f:
                    6f:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:E8:FE:4C:55:08:00:32:90:09:1E:BA:3B:4B:A3:18:08:A5:3F:79
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/buj-TFUIADKQCR66O0ujGAilP3k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.20.0/22
                  84.32.48.0-84.32.59.255
                  84.32.64.0/21
                  88.216.208.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:f9:47:06:58:d0:94:10:47:79:2e:26:82:f5:1a:dd:46:c3:
         85:ed:c9:7d:a3:c8:27:6f:c4:ef:f7:6d:e0:9a:b2:83:69:d2:
         62:7c:8c:ad:51:da:94:ac:db:78:82:65:ba:e2:63:53:1f:22:
         75:32:2d:38:70:1b:5d:55:ff:27:e8:a4:ad:b7:40:50:d7:07:
         63:27:cb:36:f8:55:b0:f5:e6:0a:24:07:98:2a:81:33:8f:29:
         f9:8f:71:a3:0b:6a:86:14:7e:98:44:91:01:7c:df:a3:23:d7:
         dd:df:72:f5:34:5b:4e:00:08:61:9c:0b:32:80:4c:77:ef:45:
         55:38:2c:5a:4c:ca:97:a6:cb:2c:62:f0:b4:6d:60:75:6c:3c:
         59:73:17:4c:85:01:96:b9:fd:2a:77:54:23:cc:82:7a:79:65:
         63:b7:41:12:9f:f9:23:90:f3:86:41:96:fe:de:5f:fd:03:eb:
         b9:0f:cf:c5:b1:36:d9:de:f7:0a:69:9b:f1:70:0e:cb:3d:fd:
         01:bb:ec:62:be:f0:23:7a:5a:f6:62:a7:8c:db:6c:01:10:3d:
         3a:c2:fe:c5:4e:ef:22:4b:4c:37:03:43:6d:00:07:45:5a:e0:
         5f:0d:9c:44:e4:56:32:c1:2d:f2:46:4b:44:ad:5d:7f:3e:56:
         88:a6:e1:a8
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYI+OV6nAbeWqds6ikWNKqniMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIwNzI3MDU1NTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWU4ZmU0YzU1MDgwMDMyOTAwOTFlYmEzYjRiYTMxODA4YTUzZjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkKvig/KlU3Wx8PAX4PFRj0WUyLl
uVk/qV2QSR9gF93jSNX7vqc+XPb6rpZQQTqCYMiayETpKlU4QYEq5G613L2avfPM
v973ohLfsA7lqoyp7qkbqs9dUdClmgshBW/LCvgZmem14UxjBOR8SC3zQLcBOkOW
2sZ2vusS5v9WuoTDiv2u7oQiLjHydJGN8wejrAJWoZ4fg7PzXMbLhVDzGJdyun94
TS0Qs6c0Z+/We8BcJcBSPxrtbk5q8ZYmxM6w18JtQ0FNmNoHlxjxAglquUEIuoZA
1gwHFL89TQqOEVONWsln1TuD/2/ETetYnycSukb9RJWyo04GpHJ72B9vfQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFG7o/kxVCAAykAkeujtLoxgIpT95MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvYnVqLVRGVUlBREtRQ1I2Nk8wdWpHQWlsUDNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCVCAUMAwD
BARUIDADBAJUIDgDBANUIEADBABY2NAwDQYJKoZIhvcNAQELBQADggEBAEn5RwZY
0JQQR3kuJoL1Gt1Gw4XtyX2jyCdvxO/3beCasoNp0mJ8jK1R2pSs23iCZbriY1Mf
InUyLThwG11V/yfopK23QFDXB2Mnyzb4VbD15gokB5gqgTOPKfmPcaMLaoYUfphE
kQF836Mj193fcvU0W04ACGGcCzKATHfvRVU4LFpMypemyyxi8LRtYHVsPFlzF0yF
AZa5/Sp3VCPMgnp5ZWO3QRKf+SOQ84ZBlv7eX/0D67kPz8WxNtne9wppm/FwDss9
/QG77GK+8CN6WvZip4zbbAEQPTrC/sVO7yJLTDcDQ20AB0Va4F8NnETkVjLBLfJG
S0StXX8+Voim4ag=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:34 2024 by rpki-client on console-fra.rpki-client.org