Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hw417y8OQ4n7LS8DgC1fnXjDXpo.roa
File:                     hw417y8OQ4n7LS8DgC1fnXjDXpo.roa (raw, json)
Hash identifier:          l0cxrU2bs1s84FRSsRyixHf57qkjOIK9vcCKhiHM5po=
Subject key identifier:   87:0E:35:EF:2F:0E:43:89:FB:2D:2F:03:80:2D:5F:9D:78:C3:5E:9A
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       0184F767B49B0875436843EFF7723181AC7C
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hw417y8OQ4n7LS8DgC1fnXjDXpo.roa
Signing time:             Fri 09 Dec 2022 15:01:19 +0000
ROA not before:           Fri 09 Dec 2022 15:01:19 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     53356
IP address blocks:        88.216.94.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:f7:67:b4:9b:08:75:43:68:43:ef:f7:72:31:81:ac:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Dec  9 15:01:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=870e35ef2f0e4389fb2d2f03802d5f9d78c35e9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:3f:41:3a:c5:46:5c:4b:4e:8e:b9:fc:e3:12:
                    af:0c:60:3e:cf:82:4e:b1:1f:8f:45:6b:97:e7:7a:
                    e1:a2:e9:38:2d:28:a5:bc:eb:5f:bb:e0:e7:a3:39:
                    1d:0d:e8:bf:99:ee:d0:31:5a:d0:a0:4b:03:3e:aa:
                    8c:b0:6b:46:0c:d7:97:1e:f9:bf:63:79:b3:a0:e9:
                    28:33:e1:04:27:94:e2:39:3a:ab:43:ab:b0:0a:d9:
                    91:b1:04:af:2c:47:7f:00:67:ff:d9:84:4d:04:c0:
                    2d:57:22:0e:a5:0b:1a:b0:e4:b6:e5:41:b5:cf:f6:
                    69:63:08:b0:af:5d:29:90:f4:e1:4b:e5:24:31:6c:
                    e7:b4:47:37:d0:57:58:44:90:da:19:c3:a3:b6:d1:
                    e7:6b:26:6a:3f:c2:00:a6:e3:aa:46:d2:f3:d1:fb:
                    27:91:3f:66:ca:cb:9b:3f:20:9a:7c:27:57:e0:c4:
                    cf:e6:1e:28:ae:fc:3b:6f:50:65:4f:30:29:78:24:
                    4a:b1:4a:a1:74:11:ad:e0:fe:11:21:93:d3:b9:bc:
                    91:b8:2d:72:1b:29:ff:6e:aa:b5:a1:16:11:d8:13:
                    eb:ea:98:ea:f2:18:52:bd:3a:55:ed:60:25:74:d4:
                    7e:95:6f:2f:95:ad:7d:fa:ed:25:e0:79:8a:db:a0:
                    f0:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:0E:35:EF:2F:0E:43:89:FB:2D:2F:03:80:2D:5F:9D:78:C3:5E:9A
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hw417y8OQ4n7LS8DgC1fnXjDXpo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.216.94.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:31:95:ef:60:02:db:cc:68:30:a3:58:8f:94:1c:2e:bd:46:
         a7:56:ae:2e:e6:96:bc:2c:9c:d0:1c:0f:79:95:29:7a:c1:cf:
         d3:7a:a3:68:db:8f:9f:fc:31:57:0a:03:0d:56:b8:86:29:d4:
         2f:d3:16:7d:63:60:6d:0a:c0:ee:a2:f2:19:b8:a5:7e:c2:c8:
         3b:7a:bd:cc:ca:50:93:0e:37:90:1b:7e:43:2a:bb:f5:2c:03:
         c2:e8:8d:64:21:29:66:92:5b:07:de:fa:9e:47:e5:c9:85:9e:
         99:34:f3:ce:b7:f8:cb:6c:ea:a9:cc:22:e9:73:f4:1a:10:e6:
         c6:17:ff:61:38:b2:81:e2:ee:05:21:7a:01:ce:2e:dc:d3:77:
         d7:3e:e1:2a:5b:a6:c7:c1:c3:80:24:ec:13:02:50:da:e4:b0:
         d5:54:9c:1e:4a:59:db:79:d2:5a:b9:21:fe:b9:62:e9:de:c0:
         83:67:b5:11:e8:9c:66:10:71:e9:8f:dd:72:d4:a9:d3:38:0e:
         cf:61:32:7a:e7:43:19:ef:11:09:8e:92:cc:7c:ee:a7:c2:22:
         a5:52:35:99:5a:df:95:13:b1:92:34:43:77:34:fd:77:a7:1a:
         9e:ac:c9:54:bc:bb:0a:5b:97:ce:88:45:37:8f:13:6a:7c:7a:
         f7:7b:77:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYT3Z7SbCHVDaEPv93Ixgax8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjA5MTUwMTE5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzBlMzVlZjJmMGU0Mzg5ZmIyZDJmMDM4MDJkNWY5ZDc4YzM1ZTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjD9BOsVGXEtOjrn84xKvDGA+z4JO
sR+PRWuX53rhouk4LSilvOtfu+DnozkdDei/me7QMVrQoEsDPqqMsGtGDNeXHvm/
Y3mzoOkoM+EEJ5TiOTqrQ6uwCtmRsQSvLEd/AGf/2YRNBMAtVyIOpQsasOS25UG1
z/ZpYwiwr10pkPThS+UkMWzntEc30FdYRJDaGcOjttHnayZqP8IApuOqRtLz0fsn
kT9mysubPyCafCdX4MTP5h4orvw7b1BlTzApeCRKsUqhdBGt4P4RIZPTubyRuC1y
Gyn/bqq1oRYR2BPr6pjq8hhSvTpV7WAldNR+lW8vla19+u0l4HmK26DwPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIcONe8vDkOJ+y0vA4AtX514w16aMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvaHc0MTd5OE9RNG43TFM4RGdDMWZuWGpEWHBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNheMA0G
CSqGSIb3DQEBCwUAA4IBAQCCMZXvYALbzGgwo1iPlBwuvUanVq4u5pa8LJzQHA95
lSl6wc/TeqNo24+f/DFXCgMNVriGKdQv0xZ9Y2BtCsDuovIZuKV+wsg7er3MylCT
DjeQG35DKrv1LAPC6I1kISlmklsH3vqeR+XJhZ6ZNPPOt/jLbOqpzCLpc/QaEObG
F/9hOLKB4u4FIXoBzi7c03fXPuEqW6bHwcOAJOwTAlDa5LDVVJweSlnbedJauSH+
uWLp3sCDZ7UR6JxmEHHpj91y1KnTOA7PYTJ650MZ7xEJjpLMfO6nwiKlUjWZWt+V
E7GSNEN3NP13pxqerMlUvLsKW5fOiEU3jxNqfHr3e3eX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:30 2024 by rpki-client on console-ams.rpki-client.org