Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/f7gC0Glua6oriOUNGIb6M7eU9zM.roa
File:                     f7gC0Glua6oriOUNGIb6M7eU9zM.roa (raw, json)
Hash identifier:          nNhbZHxELG3FX21kI2eRhhqSWBi9sjkLDr9SU6s1Aao=
Subject key identifier:   7F:B8:02:D0:69:6E:6B:AA:2B:88:E5:0D:18:86:FA:33:B7:94:F7:33
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       017DB940
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/f7gC0Glua6oriOUNGIb6M7eU9zM.roa
Signing time:             Fri 17 Jun 2022 05:35:44 +0000
ROA not before:           Fri 17 Jun 2022 05:35:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211585
IP address blocks:        88.216.236.0/22 maxlen: 24
                          88.216.240.0/22 maxlen: 24
                          88.216.244.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 25016640 (0x17db940)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Jun 17 05:35:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7fb802d0696e6baa2b88e50d1886fa33b794f733
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:7d:2d:d6:77:60:49:55:fb:59:4e:53:2d:87:
                    7a:b7:1a:22:4d:62:41:3a:ed:b4:44:83:74:65:75:
                    53:c6:68:4b:c3:c9:6a:dc:6b:64:c9:f4:07:d4:26:
                    80:85:32:7b:ae:a0:8a:25:ae:a1:1e:a1:36:26:a1:
                    95:74:64:90:e9:a2:35:aa:49:c8:8b:45:16:e4:96:
                    0f:f9:7d:98:b9:20:5d:28:f9:3e:fb:10:86:14:34:
                    33:46:23:d0:ac:9a:72:f9:bc:00:86:89:6a:9e:f0:
                    cc:17:fb:61:4a:69:47:3a:e8:a9:3e:0a:2a:c0:c4:
                    15:ca:2a:e2:c5:bf:15:a3:24:ea:6e:0b:43:40:c2:
                    fc:a5:cc:89:3f:a2:c0:be:52:b6:54:14:46:59:07:
                    2c:aa:e9:41:c2:82:42:96:32:e1:05:64:5c:85:a1:
                    51:c1:ee:b9:5c:5a:05:a2:e6:fd:16:42:7c:ac:74:
                    ce:0b:6f:f7:69:f8:64:b8:fa:53:5a:70:84:03:80:
                    3b:4b:34:02:6b:c3:f2:f1:f7:f0:f8:e6:2a:ef:e1:
                    4a:20:d1:49:17:fa:30:21:b1:e8:5f:c5:73:57:fd:
                    80:66:9a:3d:20:03:5b:8a:26:2c:4f:6d:90:6c:62:
                    0b:85:68:18:ac:22:8a:60:9a:ec:27:9e:83:4d:98:
                    d4:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:B8:02:D0:69:6E:6B:AA:2B:88:E5:0D:18:86:FA:33:B7:94:F7:33
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/f7gC0Glua6oriOUNGIb6M7eU9zM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.216.236.0-88.216.247.255

    Signature Algorithm: sha256WithRSAEncryption
         68:8e:a8:00:91:93:75:18:a8:72:15:6e:c0:10:60:32:b7:81:
         a6:da:60:66:e4:8a:5c:b5:e2:04:4a:82:ce:e5:50:6c:c4:fb:
         2b:b6:60:df:8f:ce:1a:b3:f5:e4:80:ba:20:7e:08:92:e9:9d:
         0a:a7:cc:e9:93:4e:4c:b4:eb:19:7a:aa:6a:b6:fb:b2:60:d8:
         23:46:1f:d4:2d:79:99:df:e7:1d:bb:16:ef:fd:9b:1c:69:4f:
         6a:59:87:39:c3:3b:c8:2e:b9:cc:2f:90:8e:20:87:ce:5d:c8:
         93:05:f8:47:9e:da:5f:80:2d:99:29:eb:2b:50:22:c6:ac:e6:
         24:ea:2f:ad:5f:10:a7:49:a8:c1:be:b3:4e:21:8d:72:b8:fd:
         b0:bb:d7:56:fb:ca:c7:ea:fd:68:bf:13:73:1d:84:4c:29:d3:
         67:98:20:1c:b8:52:3e:28:32:34:8a:16:ef:bf:f3:94:1a:3c:
         28:ba:6a:5d:a5:72:88:b4:f7:6c:54:1e:34:39:99:02:7c:02:
         ac:31:48:9c:ed:3c:f5:43:6e:43:ad:93:94:79:9c:dd:b4:29:
         38:0e:c4:f7:15:ca:69:33:51:ae:0b:db:97:9d:8a:45:6a:c6:
         3b:b0:0e:a1:b3:c2:19:ae:08:f3:43:b4:b1:92:02:8f:95:5e:
         33:9f:5b:16
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAX25QDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZmJkNDVmY2UzNTZlMmE2NWYxZTRkMWRhZjc4MTRiNmQ2YmRhM2M1MB4XDTIyMDYx
NzA1MzU0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2ZiODAyZDA2OTZl
NmJhYTJiODhlNTBkMTg4NmZhMzNiNzk0ZjczMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJx9LdZ3YElV+1lOUy2HercaIk1iQTrttESDdGV1U8ZoS8PJ
atxrZMn0B9QmgIUye66giiWuoR6hNiahlXRkkOmiNapJyItFFuSWD/l9mLkgXSj5
PvsQhhQ0M0Yj0Kyacvm8AIaJap7wzBf7YUppRzroqT4KKsDEFcoq4sW/FaMk6m4L
Q0DC/KXMiT+iwL5StlQURlkHLKrpQcKCQpYy4QVkXIWhUcHuuVxaBaLm/RZCfKx0
zgtv92n4ZLj6U1pwhAOAO0s0AmvD8vH38PjmKu/hSiDRSRf6MCGx6F/Fc1f9gGaa
PSADW4omLE9tkGxiC4VoGKwiimCa7Ceeg02Y1BkCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBR/uALQaW5rqiuI5Q0Yhvozt5T3MzAfBgNVHSMEGDAWgBRPvUX841bipl8e
TR2veBS21r2jxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8x
L2Y3Z0MwR2x1YTZvcmlPVU5HSWI2TTdlVTl6TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
Mzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8xL1Q3MUZfT05XNHFa
ZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQCWNjsAwQDWNjwMA0GCSqGSIb3
DQEBCwUAA4IBAQBojqgAkZN1GKhyFW7AEGAyt4Gm2mBm5IpcteIESoLO5VBsxPsr
tmDfj84as/XkgLogfgiS6Z0Kp8zpk05MtOsZeqpqtvuyYNgjRh/ULXmZ3+cduxbv
/ZscaU9qWYc5wzvILrnML5COIIfOXciTBfhHntpfgC2ZKesrUCLGrOYk6i+tXxCn
SajBvrNOIY1yuP2wu9dW+8rH6v1ovxNzHYRMKdNnmCAcuFI+KDI0ihbvv/OUGjwo
umpdpXKItPdsVB40OZkCfAKsMUic7Tz1Q25DrZOUeZzdtCk4DsT3FcppM1GuC9uX
nYpFasY7sA6hs8IZrgjzQ7SxkgKPlV4zn1sW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:34 2024 by rpki-client on console-fra.rpki-client.org