Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/bxqqJNWW-x7ZnOzfYgE9MKQjTRU.roa
File:                     bxqqJNWW-x7ZnOzfYgE9MKQjTRU.roa (raw, json)
Hash identifier:          gdDhN0++PRJgcedHQ+ByCR/Av23krxbqGs/1usjvaT8=
Subject key identifier:   6F:1A:AA:24:D5:96:FB:1E:D9:9C:EC:DF:62:01:3D:30:A4:23:4D:15
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       018460A6F0851DC844F5351EEA2DD1B275F2
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/bxqqJNWW-x7ZnOzfYgE9MKQjTRU.roa
Signing time:             Thu 10 Nov 2022 08:27:44 +0000
ROA not before:           Thu 10 Nov 2022 08:27:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49581
IP address blocks:        88.216.181.0/24 maxlen: 24
                          84.32.240.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:60:a6:f0:85:1d:c8:44:f5:35:1e:ea:2d:d1:b2:75:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Nov 10 08:27:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6f1aaa24d596fb1ed99cecdf62013d30a4234d15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:db:b2:78:e6:42:69:00:60:b0:07:3e:e0:f0:
                    ca:c2:ef:d4:ce:bb:f1:17:78:d9:d3:21:0c:d6:c6:
                    77:f4:b5:8e:3c:d4:7f:ee:2a:2a:40:be:6a:fd:57:
                    e0:b2:7b:31:0a:18:b5:dd:c8:f3:09:54:f2:cf:c9:
                    0d:d1:f0:6b:1e:dc:ab:14:96:ac:20:d0:4e:e9:d7:
                    5c:fc:6c:6f:6f:58:74:a9:ec:a1:2b:9e:73:b5:d4:
                    15:4a:2d:64:8d:ab:86:34:d2:9b:5d:54:a8:74:24:
                    28:8b:73:dd:fe:aa:5f:72:79:95:83:ae:18:5f:74:
                    47:b8:b9:0e:20:fd:b8:6b:0a:fa:99:a9:2f:12:8f:
                    14:b9:a1:19:b7:ef:c2:a8:ec:8b:63:83:fa:22:fd:
                    c3:98:5d:a7:ea:96:c1:30:33:93:0a:b2:28:9f:fa:
                    bc:41:88:f7:5a:e4:17:a4:a2:2e:12:3d:47:18:17:
                    66:85:b3:2f:fc:c7:aa:84:9d:cb:27:05:03:4c:b5:
                    43:ee:50:34:12:cd:c4:bb:25:ed:03:b8:4d:83:06:
                    18:63:0f:00:69:7f:ef:ca:1c:2e:e1:29:22:34:5b:
                    50:b4:d6:fc:3d:b0:72:46:5b:c9:b8:00:68:cb:e3:
                    96:94:80:7f:fd:11:98:dd:16:dd:99:a1:d1:22:86:
                    7f:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:1A:AA:24:D5:96:FB:1E:D9:9C:EC:DF:62:01:3D:30:A4:23:4D:15
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/bxqqJNWW-x7ZnOzfYgE9MKQjTRU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.240.0/24
                  88.216.181.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:85:ce:08:f3:29:04:0d:a6:b2:68:16:ab:c2:71:9c:6e:8b:
         95:9d:37:9e:99:51:de:36:14:30:85:32:71:25:e5:09:91:e2:
         bd:8b:c0:fa:d1:5b:35:5f:ba:cd:0c:03:aa:a3:e2:ce:71:1e:
         c1:63:f4:e8:95:bb:88:5c:f3:18:57:58:12:e7:67:7f:10:36:
         8a:2b:da:62:06:1a:99:36:e9:5c:50:24:46:ea:1e:c2:35:24:
         93:b5:db:3b:51:1f:de:b5:26:d9:b5:dc:b3:96:ba:c1:61:4a:
         a5:af:28:0e:b2:b7:b0:c1:aa:f8:48:3b:16:da:60:b7:67:61:
         da:85:c7:38:31:c1:1d:e8:5e:d5:91:e7:39:9b:bf:d1:09:71:
         b6:f5:69:ad:7d:00:a1:a8:13:c6:03:7e:6f:e3:91:1b:b2:dc:
         a4:31:df:70:55:61:c3:53:aa:c3:d9:59:17:5b:63:82:bc:9f:
         85:55:29:9f:21:a2:e2:73:19:52:74:71:17:94:79:01:99:12:
         5e:ef:13:1d:98:c5:00:69:ad:eb:0d:62:fa:76:29:18:52:ce:
         8e:17:0d:af:d4:2b:fc:9b:bb:98:08:68:94:60:5a:b6:4f:4a:
         d4:95:81:aa:a9:03:ec:7e:ca:0a:f9:8d:37:c4:c0:17:a3:3f:
         9e:99:35:da
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRgpvCFHchE9TUe6i3RsnXyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTEwMDgyNzQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjFhYWEyNGQ1OTZmYjFlZDk5Y2VjZGY2MjAxM2QzMGE0MjM0ZDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxduyeOZCaQBgsAc+4PDKwu/Uzrvx
F3jZ0yEM1sZ39LWOPNR/7ioqQL5q/VfgsnsxChi13cjzCVTyz8kN0fBrHtyrFJas
INBO6ddc/Gxvb1h0qeyhK55ztdQVSi1kjauGNNKbXVSodCQoi3Pd/qpfcnmVg64Y
X3RHuLkOIP24awr6makvEo8UuaEZt+/CqOyLY4P6Iv3DmF2n6pbBMDOTCrIon/q8
QYj3WuQXpKIuEj1HGBdmhbMv/MeqhJ3LJwUDTLVD7lA0Es3EuyXtA7hNgwYYYw8A
aX/vyhwu4SkiNFtQtNb8PbByRlvJuABoy+OWlIB//RGY3RbdmaHRIoZ/0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG8aqiTVlvse2Zzs32IBPTCkI00VMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvYnhxcUpOV1cteDdabk96ZllnRTlNS1FqVFJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCDwAwQA
WNi1MA0GCSqGSIb3DQEBCwUAA4IBAQCZhc4I8ykEDaayaBarwnGcbouVnTeemVHe
NhQwhTJxJeUJkeK9i8D60Vs1X7rNDAOqo+LOcR7BY/TolbuIXPMYV1gS52d/EDaK
K9piBhqZNulcUCRG6h7CNSSTtds7UR/etSbZtdyzlrrBYUqlrygOsrewwar4SDsW
2mC3Z2Hahcc4McEd6F7Vkec5m7/RCXG29WmtfQChqBPGA35v45EbstykMd9wVWHD
U6rD2VkXW2OCvJ+FVSmfIaLicxlSdHEXlHkBmRJe7xMdmMUAaa3rDWL6dikYUs6O
Fw2v1Cv8m7uYCGiUYFq2T0rUlYGqqQPsfsoK+Y03xMAXoz+emTXa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:34 2024 by rpki-client on console-fra.rpki-client.org