Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/m1Q0zbWKoeqpfOpev6AmXc6dn5c.roa
File:                     m1Q0zbWKoeqpfOpev6AmXc6dn5c.roa (raw, json)
Hash identifier:          UQTJOAkq1bGAVj1jn/u0iQB/wGvlKFRl+38VUtBq+/4=
Subject key identifier:   9B:54:34:CD:B5:8A:A1:EA:A9:7C:EA:5E:BF:A0:26:5D:CE:9D:9F:97
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       0184D1982C4293A4D823D6DB9501A5AA6FEE
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/m1Q0zbWKoeqpfOpev6AmXc6dn5c.roa
Signing time:             Fri 02 Dec 2022 06:48:41 +0000
ROA not before:           Fri 02 Dec 2022 06:48:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210441
IP address blocks:        88.216.184.0/23 maxlen: 24
                          88.216.186.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:d1:98:2c:42:93:a4:d8:23:d6:db:95:01:a5:aa:6f:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Dec  2 06:48:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9b5434cdb58aa1eaa97cea5ebfa0265dce9d9f97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:da:c4:be:36:27:66:39:84:3e:ce:f0:1c:79:
                    d0:90:57:c8:87:b1:50:28:dd:1f:78:88:45:ab:ad:
                    b4:1d:cf:9b:f2:c8:32:0c:3a:d4:88:50:be:5c:01:
                    fc:5a:1b:b1:e9:3c:e6:47:ed:03:9f:2a:46:ad:16:
                    a6:12:1e:ea:7a:2f:b7:73:79:d0:8a:05:e0:c7:f5:
                    6e:6e:0f:c5:f6:41:ce:62:82:86:66:12:f4:9f:8d:
                    93:06:8f:bd:b0:3a:b2:bb:5a:3c:52:b0:66:66:79:
                    67:dd:91:67:8d:e3:30:36:12:4b:2c:ed:76:61:b6:
                    1f:4f:66:1c:43:85:fa:65:15:10:47:86:24:ea:96:
                    ad:eb:8f:ad:d1:93:a9:92:d9:f3:b0:c5:5a:6a:2c:
                    76:48:49:f7:41:a5:9c:2d:a1:32:5d:2b:a0:90:48:
                    50:27:bc:95:8a:27:05:0c:82:98:63:2e:f2:60:c8:
                    62:16:bc:19:c3:86:0d:cf:89:d5:bc:57:10:a8:08:
                    bf:01:a0:6b:7e:6c:0d:0b:f3:ca:a3:2f:e2:a2:2f:
                    af:8e:5a:5d:1e:90:92:c6:f1:37:b9:51:cf:f3:42:
                    b1:bb:4b:69:13:a9:56:62:91:b1:aa:5f:b8:fe:e8:
                    86:75:da:ee:6a:2b:9e:f6:85:60:0e:ed:13:2b:ee:
                    9d:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:54:34:CD:B5:8A:A1:EA:A9:7C:EA:5E:BF:A0:26:5D:CE:9D:9F:97
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/m1Q0zbWKoeqpfOpev6AmXc6dn5c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.216.184.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7d:80:a4:6b:35:51:99:ec:a3:9a:a0:68:d3:e9:73:ea:12:55:
         35:9a:ac:19:d3:5f:eb:00:64:4b:60:05:66:79:32:73:33:b9:
         61:42:80:9a:3b:a0:5c:7a:c2:98:cf:41:5f:ab:b6:e7:55:46:
         27:9c:cd:70:17:56:f1:16:b4:17:dc:d8:33:c5:d5:4c:30:42:
         96:10:95:7c:ef:e7:a3:9b:d8:5e:f2:fa:18:1b:da:00:ac:fd:
         0a:b8:b0:14:4a:ee:e2:81:f2:a4:29:c4:1e:1b:03:4d:fc:ed:
         c4:8d:f5:e7:5d:cf:50:5b:86:7a:aa:2b:ff:f3:68:29:9a:27:
         f5:94:a5:88:fa:9b:f3:db:78:a1:27:e3:0b:3a:06:38:a5:65:
         1c:e9:f9:ad:ba:86:9d:7a:b4:ba:ca:69:6e:20:24:a5:73:7b:
         08:2c:1f:fe:c8:80:21:47:9f:8b:28:43:e8:0b:ed:95:f7:09:
         be:d4:ae:1d:d1:f4:ec:a7:e8:e7:50:dc:75:10:cd:20:e3:7f:
         70:0d:88:07:77:6b:b1:3a:5a:c8:3e:71:49:e3:db:30:26:f3:
         5f:49:6c:f0:41:be:e8:ad:af:a1:82:c9:8d:7f:5c:a6:2d:fc:
         d6:7e:f0:0d:99:e8:7b:e9:09:bc:d0:09:e5:52:9d:f8:66:5b:
         9c:d6:d3:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTRmCxCk6TYI9bblQGlqm/uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjAyMDY0ODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjU0MzRjZGI1OGFhMWVhYTk3Y2VhNWViZmEwMjY1ZGNlOWQ5Zjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdrEvjYnZjmEPs7wHHnQkFfIh7FQ
KN0feIhFq620Hc+b8sgyDDrUiFC+XAH8Whux6TzmR+0DnypGrRamEh7qei+3c3nQ
igXgx/Vubg/F9kHOYoKGZhL0n42TBo+9sDqyu1o8UrBmZnln3ZFnjeMwNhJLLO12
YbYfT2YcQ4X6ZRUQR4Yk6pat64+t0ZOpktnzsMVaaix2SEn3QaWcLaEyXSugkEhQ
J7yViicFDIKYYy7yYMhiFrwZw4YNz4nVvFcQqAi/AaBrfmwNC/PKoy/ioi+vjlpd
HpCSxvE3uVHP80Kxu0tpE6lWYpGxql+4/uiGddruaiue9oVgDu0TK+6d2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJtUNM21iqHqqXzqXr+gJl3OnZ+XMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvbTFRMHpiV0tvZXFwZk9wZXY2QW1YYzZkbjVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWNi4MA0G
CSqGSIb3DQEBCwUAA4IBAQB9gKRrNVGZ7KOaoGjT6XPqElU1mqwZ01/rAGRLYAVm
eTJzM7lhQoCaO6BcesKYz0Ffq7bnVUYnnM1wF1bxFrQX3NgzxdVMMEKWEJV87+ej
m9he8voYG9oArP0KuLAUSu7igfKkKcQeGwNN/O3EjfXnXc9QW4Z6qiv/82gpmif1
lKWI+pvz23ihJ+MLOgY4pWUc6fmtuoaderS6ymluICSlc3sILB/+yIAhR5+LKEPo
C+2V9wm+1K4d0fTsp+jnUNx1EM0g439wDYgHd2uxOlrIPnFJ49swJvNfSWzwQb7o
ra+hgsmNf1ymLfzWfvANmeh76Qm80AnlUp34Zluc1tNQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:31 2024 by rpki-client on console-ams.rpki-client.org