Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ggbcehhF3pmTagkJHdWl7FUKuY8.roa
File:                     ggbcehhF3pmTagkJHdWl7FUKuY8.roa (raw, json)
Hash identifier:          0PA2TtMOUbgldt0VGHhzzxMhQBBcsLe1XqfQ5NlFK7g=
Subject key identifier:   82:06:DC:7A:18:45:DE:99:93:6A:09:09:1D:D5:A5:EC:55:0A:B9:8F
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       013288BC
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ggbcehhF3pmTagkJHdWl7FUKuY8.roa
Signing time:             Sun 22 May 2022 19:07:29 +0000
ROA not before:           Sun 22 May 2022 19:07:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     25369
IP address blocks:        84.32.84.0/22 maxlen: 24
                          88.216.99.0/24 maxlen: 24
                          88.216.47.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20089020 (0x13288bc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: May 22 19:07:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8206dc7a1845de99936a09091dd5a5ec550ab98f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:66:a7:75:7f:18:a2:38:93:e3:e1:31:4c:81:
                    c4:53:02:04:ef:3f:e5:55:aa:9d:9a:b4:b8:1d:2d:
                    ac:0b:03:22:a9:cc:1d:9d:d9:c2:62:41:0f:9b:0d:
                    d9:86:3e:7d:b1:a6:29:5c:d7:03:e0:9f:36:77:73:
                    f6:4d:ee:55:5b:3c:de:62:bc:54:9b:70:4b:e2:25:
                    4c:6c:ce:6c:c3:c6:db:ea:f8:44:a1:69:38:13:87:
                    5c:a4:7a:43:95:40:2f:dd:88:8c:02:ee:e9:6c:08:
                    16:59:a5:8a:a0:6a:46:77:c9:bb:8e:ba:4b:3f:9a:
                    bb:f9:5f:1f:70:ef:4d:4e:bd:00:c8:b2:7e:b9:32:
                    cc:d7:89:66:5c:d3:0c:20:37:72:00:5e:14:62:f6:
                    bd:5e:98:29:95:0e:e7:8b:77:2b:f3:4c:d0:ac:41:
                    ef:0c:9a:73:55:53:89:f9:cf:b0:aa:39:2e:05:51:
                    bc:67:06:6c:11:66:e6:ef:d2:e1:5a:d9:26:b1:14:
                    65:b1:52:79:32:06:fa:0e:29:ea:49:67:81:cc:27:
                    88:09:0c:d9:e7:2f:bf:29:e3:33:a1:9d:2d:fe:2b:
                    31:cc:f3:09:74:d9:20:55:d9:ae:48:f4:01:0d:e8:
                    1a:51:a1:ef:48:a0:c3:82:d5:bd:36:7f:3a:66:dd:
                    5a:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:06:DC:7A:18:45:DE:99:93:6A:09:09:1D:D5:A5:EC:55:0A:B9:8F
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ggbcehhF3pmTagkJHdWl7FUKuY8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.84.0/22
                  88.216.47.0/24
                  88.216.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:81:7b:b1:16:e0:43:d2:e8:aa:06:8c:00:46:42:ca:05:64:
         b3:1e:c9:33:4b:50:45:e3:3a:6b:48:ad:d8:d3:7b:92:38:70:
         a3:ee:c1:3f:6c:05:fe:56:52:71:55:7a:6f:f6:64:de:df:59:
         51:5b:fa:f6:b6:92:df:4d:4d:59:3f:0f:fa:13:f5:35:f2:84:
         8e:26:df:d2:a7:40:33:36:3c:e1:bd:3d:e3:e2:2f:2e:b2:33:
         fa:0a:78:10:fd:16:52:b6:b7:74:7f:5d:fb:72:0b:23:8c:35:
         49:81:51:7e:5b:bc:a2:8a:b1:f9:e5:c8:e7:a6:34:33:32:c8:
         1f:0e:4b:b6:90:7d:99:41:d6:dd:f8:55:cc:8a:f0:ca:a9:89:
         b2:68:66:44:87:04:c1:69:a7:0f:7f:03:da:06:c7:45:dd:87:
         97:9e:c9:39:5c:87:d3:60:a2:e3:94:ab:91:8d:c6:db:6a:9e:
         e9:aa:ff:cc:b9:1b:0f:de:c8:e6:c9:6b:fa:94:da:38:20:31:
         03:5e:9b:43:8c:e8:7a:80:0b:01:e5:80:c8:50:01:09:30:39:
         f6:bb:50:64:98:b7:fa:cb:7e:d8:f2:8d:18:07:01:72:76:d6:
         ae:c6:c6:8c:61:ad:29:42:c5:6c:f1:8a:61:a0:52:92:0b:f6:
         94:63:21:c0
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEATKIvDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZmJkNDVmY2UzNTZlMmE2NWYxZTRkMWRhZjc4MTRiNmQ2YmRhM2M1MB4XDTIyMDUy
MjE5MDcyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODIwNmRjN2ExODQ1
ZGU5OTkzNmEwOTA5MWRkNWE1ZWM1NTBhYjk4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJZmp3V/GKI4k+PhMUyBxFMCBO8/5VWqnZq0uB0trAsDIqnM
HZ3ZwmJBD5sN2YY+fbGmKVzXA+CfNndz9k3uVVs83mK8VJtwS+IlTGzObMPG2+r4
RKFpOBOHXKR6Q5VAL92IjALu6WwIFlmliqBqRnfJu466Sz+au/lfH3DvTU69AMiy
frkyzNeJZlzTDCA3cgBeFGL2vV6YKZUO54t3K/NM0KxB7wyac1VTifnPsKo5LgVR
vGcGbBFm5u/S4VrZJrEUZbFSeTIG+g4p6klngcwniAkM2ecvvynjM6GdLf4rMczz
CXTZIFXZrkj0AQ3oGlGh70igw4LVvTZ/OmbdWmkCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSCBtx6GEXemZNqCQkd1aXsVQq5jzAfBgNVHSMEGDAWgBRPvUX841bipl8e
TR2veBS21r2jxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8x
L2dnYmNlaGhGM3BtVGFna0pIZFdsN0ZVS3VZOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
Mzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8xL1Q3MUZfT05XNHFa
ZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAlQgVAMEAFjYLwMEAFjYYzANBgkq
hkiG9w0BAQsFAAOCAQEAa4F7sRbgQ9LoqgaMAEZCygVksx7JM0tQReM6a0it2NN7
kjhwo+7BP2wF/lZScVV6b/Zk3t9ZUVv69raS301NWT8P+hP1NfKEjibf0qdAMzY8
4b094+IvLrIz+gp4EP0WUra3dH9d+3ILI4w1SYFRflu8ooqx+eXI56Y0MzLIHw5L
tpB9mUHW3fhVzIrwyqmJsmhmRIcEwWmnD38D2gbHRd2Hl57JOVyH02Ci45SrkY3G
22qe6ar/zLkbD97I5slr+pTaOCAxA16bQ4zoeoALAeWAyFABCTA59rtQZJi3+st+
2PKNGAcBcnbWrsbGjGGtKULFbPGKYaBSkgv2lGMhwA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:34 2024 by rpki-client on console-fra.rpki-client.org