Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ihx2L7ywUGW49-LLrmRx-5dMCnY.roa
File:                     ihx2L7ywUGW49-LLrmRx-5dMCnY.roa (raw, json)
Hash identifier:          F0KOFZ0qpoEwohmkOnnpD++F2YGK3MppfNINH2DhwGI=
Subject key identifier:   8A:1C:76:2F:BC:B0:50:65:B8:F7:E2:CB:AE:64:71:FB:97:4C:0A:76
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       01A325AC
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ihx2L7ywUGW49-LLrmRx-5dMCnY.roa
Signing time:             Thu 30 Jun 2022 15:06:02 +0000
ROA not before:           Thu 30 Jun 2022 15:06:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62164
IP address blocks:        88.216.99.0/24 maxlen: 24
                          84.32.5.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 27469228 (0x1a325ac)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Jun 30 15:06:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8a1c762fbcb05065b8f7e2cbae6471fb974c0a76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:85:43:e1:33:dd:49:54:d3:13:ee:81:62:75:
                    b0:df:63:50:1d:2b:c3:fe:67:cb:21:33:5f:d5:c1:
                    c0:6e:e1:b0:e3:13:cf:4f:13:0e:ca:3d:f0:df:b9:
                    74:79:e0:b1:fc:76:51:30:8f:b5:50:67:6a:cd:e1:
                    69:5c:8f:6a:61:ca:79:8f:07:82:3f:dc:d8:23:6c:
                    ed:83:bb:57:58:b9:23:74:34:74:99:71:32:a1:28:
                    b2:7c:73:b0:eb:48:75:0f:fd:d4:6f:fa:05:2f:35:
                    2b:c9:ba:b6:93:8d:db:76:d7:82:c6:c0:be:50:0e:
                    27:79:72:c2:1f:39:eb:f1:74:f1:86:4e:31:f5:4e:
                    d2:90:de:71:ce:bd:1d:23:f6:73:54:80:bf:11:53:
                    9f:0f:ba:91:82:71:da:d2:24:6a:99:e8:92:9b:0d:
                    01:82:08:a0:f0:82:62:50:10:6e:47:ef:e9:08:f4:
                    2c:40:e5:9b:ff:82:5c:02:ce:f1:72:cf:96:01:37:
                    a2:16:32:33:75:91:bf:ca:6d:60:74:78:5e:f5:43:
                    d8:2f:cd:37:4c:eb:d5:7c:2c:45:0a:74:02:80:f0:
                    c2:b0:0e:36:86:c6:2f:32:53:0d:ff:6c:e3:02:f8:
                    6a:1a:a0:53:6d:38:86:5d:99:de:51:3c:70:1c:4a:
                    e1:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:1C:76:2F:BC:B0:50:65:B8:F7:E2:CB:AE:64:71:FB:97:4C:0A:76
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ihx2L7ywUGW49-LLrmRx-5dMCnY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.5.0/24
                  88.216.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:6b:d5:f9:a9:37:06:8a:3e:9d:7b:79:a7:87:42:56:6b:4a:
         02:60:38:fb:6b:a2:e7:59:82:11:03:25:6b:8d:f7:b8:0c:b2:
         93:8b:18:a5:81:fc:8f:54:3b:de:4c:72:b6:14:08:c9:18:a9:
         9c:1b:80:e7:d6:66:da:f1:fd:c9:56:2e:37:87:9a:90:e1:9a:
         e7:48:4f:47:18:ac:39:86:98:da:44:e0:da:2e:bd:03:1c:a7:
         ac:9d:84:b9:45:7a:39:9e:fa:3c:42:1f:19:71:06:cc:02:00:
         1b:71:c0:eb:c2:32:29:59:01:0d:6e:8e:56:fb:88:60:c8:22:
         83:3b:fb:b8:b0:ef:f4:33:6a:28:a1:00:45:da:a2:dc:0b:13:
         f5:3a:76:c6:6a:6f:9f:b6:26:35:da:e0:32:27:cf:40:31:30:
         c2:13:96:5c:d4:a1:74:f7:0a:fc:3c:26:22:68:e1:12:66:46:
         65:f1:0c:b0:c2:63:a2:42:38:0d:19:ea:d7:52:69:fe:f7:c6:
         f6:e5:66:d0:93:fc:a9:0e:1d:68:43:2c:19:95:4d:4b:88:2c:
         2f:d5:50:3a:2e:21:53:30:5b:9d:86:ce:cf:7a:2b:4d:78:1b:
         5b:60:9a:cd:f3:69:93:a9:16:7a:8c:de:5b:e1:50:6c:e8:03:
         a0:a3:64:01
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAaMlrDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZmJkNDVmY2UzNTZlMmE2NWYxZTRkMWRhZjc4MTRiNmQ2YmRhM2M1MB4XDTIyMDYz
MDE1MDYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGExYzc2MmZiY2Iw
NTA2NWI4ZjdlMmNiYWU2NDcxZmI5NzRjMGE3NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIWFQ+Ez3UlU0xPugWJ1sN9jUB0rw/5nyyEzX9XBwG7hsOMT
z08TDso98N+5dHngsfx2UTCPtVBnas3haVyPamHKeY8Hgj/c2CNs7YO7V1i5I3Q0
dJlxMqEosnxzsOtIdQ/91G/6BS81K8m6tpON23bXgsbAvlAOJ3lywh856/F08YZO
MfVO0pDecc69HSP2c1SAvxFTnw+6kYJx2tIkapnokpsNAYIIoPCCYlAQbkfv6Qj0
LEDlm/+CXALO8XLPlgE3ohYyM3WRv8ptYHR4XvVD2C/NN0zr1XwsRQp0AoDwwrAO
NobGLzJTDf9s4wL4ahqgU204hl2Z3lE8cBxK4Q8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSKHHYvvLBQZbj34suuZHH7l0wKdjAfBgNVHSMEGDAWgBRPvUX841bipl8e
TR2veBS21r2jxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8x
L2loeDJMN3l3VUdXNDktTExybVJ4LTVkTUNuWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
Mzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8xL1Q3MUZfT05XNHFa
ZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFQgBQMEAFjYYzANBgkqhkiG9w0B
AQsFAAOCAQEATWvV+ak3Boo+nXt5p4dCVmtKAmA4+2ui51mCEQMla433uAyyk4sY
pYH8j1Q73kxythQIyRipnBuA59Zm2vH9yVYuN4eakOGa50hPRxisOYaY2kTg2i69
AxynrJ2EuUV6OZ76PEIfGXEGzAIAG3HA68IyKVkBDW6OVvuIYMgigzv7uLDv9DNq
KKEARdqi3AsT9Tp2xmpvn7YmNdrgMifPQDEwwhOWXNShdPcK/DwmImjhEmZGZfEM
sMJjokI4DRnq11Jp/vfG9uVm0JP8qQ4daEMsGZVNS4gsL9VQOi4hUzBbnYbOz3or
TXgbW2CazfNpk6kWeozeW+FQbOgDoKNkAQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:34 2024 by rpki-client on console-fra.rpki-client.org