Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/oYz7o8_XeywsAo_cVecILlX1msQ.roa
File:                     oYz7o8_XeywsAo_cVecILlX1msQ.roa (raw, json)
Hash identifier:          tmFYrPSchtw/Iot4X7jw8pg6kF45ED3v4DqVvgZmf/o=
Subject key identifier:   A1:8C:FB:A3:CF:D7:7B:2C:2C:02:8F:DC:55:E7:08:2E:55:F5:9A:C4
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       01847AA7257816A35AD0219F8F55F5757DD1
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/oYz7o8_XeywsAo_cVecILlX1msQ.roa
Signing time:             Tue 15 Nov 2022 09:38:05 +0000
ROA not before:           Tue 15 Nov 2022 09:38:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        88.216.188.0/24 maxlen: 24
                          88.216.190.0/24 maxlen: 24
                          88.216.191.0/24 maxlen: 24
                          88.216.198.0/24 maxlen: 24
                          84.32.227.0/24 maxlen: 24
                          84.32.255.0/24 maxlen: 24
                          84.32.60.0/24 maxlen: 24
                          84.32.63.0/24 maxlen: 24
                          84.32.65.0/24 maxlen: 24
                          84.32.66.0/24 maxlen: 24
                          84.32.68.0/24 maxlen: 24
                          84.32.86.0/24 maxlen: 24
                          84.32.90.0/24 maxlen: 24
                          84.32.92.0/24 maxlen: 24
                          84.32.94.0/24 maxlen: 24
                          84.32.7.0/24 maxlen: 24
                          84.32.15.0/24 maxlen: 24
                          84.32.42.0/24 maxlen: 24
                          84.32.44.0/24 maxlen: 24
                          84.32.46.0/24 maxlen: 24
                          84.32.47.0/24 maxlen: 24
                          84.32.49.0/24 maxlen: 24
                          88.216.91.0/24 maxlen: 24
                          88.216.102.0/24 maxlen: 24
                          88.216.103.0/24 maxlen: 24
                          88.216.2.0/24 maxlen: 24
                          88.216.35.0/24 maxlen: 24
                          88.216.40.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:7a:a7:25:78:16:a3:5a:d0:21:9f:8f:55:f5:75:7d:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Nov 15 09:38:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a18cfba3cfd77b2c2c028fdc55e7082e55f59ac4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:c5:21:04:4a:1c:58:8d:69:b2:0f:da:5c:00:
                    38:52:3b:75:17:ff:1b:90:96:57:a1:f3:35:2c:01:
                    8c:fd:0d:de:0e:9d:3b:24:b5:c5:08:98:c2:fd:15:
                    a2:de:ce:26:8e:14:61:aa:fa:1a:a6:22:65:0f:cf:
                    80:9a:24:c0:80:54:df:a1:b0:f7:68:de:2e:d8:09:
                    ef:dc:e5:e5:79:81:c6:bb:82:92:7e:9f:d6:fb:6b:
                    f8:89:90:97:50:2c:f3:b3:9c:fc:58:cd:d1:dc:7d:
                    80:f1:c3:03:b2:c5:bc:cc:80:24:65:5a:fe:dc:7f:
                    da:8a:83:68:f8:41:bb:68:60:3b:1f:1d:ba:e5:37:
                    f0:03:70:13:d0:f2:98:cf:98:d6:a9:4f:3c:10:5a:
                    a3:c8:b9:37:15:fd:d0:ca:7e:90:90:c2:26:49:69:
                    c7:df:ac:1f:f4:b1:33:60:45:ad:40:bc:a1:58:38:
                    5c:9a:6e:ac:ef:08:48:b0:36:88:af:40:cb:3e:78:
                    cc:cc:a5:f1:9e:47:1d:50:82:79:3f:9e:70:31:2b:
                    d3:33:cb:2a:8e:c5:86:cb:38:6b:ca:bf:37:3d:de:
                    8d:56:01:43:1e:3b:7d:d5:7a:6d:ac:99:2e:da:52:
                    a0:0f:b3:72:db:5f:2f:f4:71:ce:53:e1:e5:75:ce:
                    3e:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:8C:FB:A3:CF:D7:7B:2C:2C:02:8F:DC:55:E7:08:2E:55:F5:9A:C4
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/oYz7o8_XeywsAo_cVecILlX1msQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.7.0/24
                  84.32.15.0/24
                  84.32.42.0/24
                  84.32.44.0/24
                  84.32.46.0/23
                  84.32.49.0/24
                  84.32.60.0/24
                  84.32.63.0/24
                  84.32.65.0-84.32.66.255
                  84.32.68.0/24
                  84.32.86.0/24
                  84.32.90.0/24
                  84.32.92.0/24
                  84.32.94.0/24
                  84.32.227.0/24
                  84.32.255.0/24
                  88.216.2.0/24
                  88.216.35.0/24
                  88.216.40.0/24
                  88.216.91.0/24
                  88.216.102.0/23
                  88.216.188.0/24
                  88.216.190.0/23
                  88.216.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:5e:91:45:c9:43:32:2a:91:f1:8e:1e:39:d9:8b:b6:86:4c:
         55:ea:51:1d:ca:c3:cd:dd:af:21:17:6d:2f:73:74:db:75:cf:
         d6:46:7e:de:3a:ac:52:a0:43:f4:15:df:aa:f6:a8:8b:65:56:
         61:6a:f8:3a:52:9c:19:0c:2f:1e:3e:09:c4:1b:4a:47:53:64:
         ff:83:4b:8f:0e:3f:04:a0:d1:19:25:3d:ee:3c:4d:71:b3:26:
         66:b2:7e:77:ab:44:21:68:12:9f:c0:3d:37:61:f4:ac:43:6c:
         c9:ae:c4:9d:ec:92:0f:c4:8e:10:2a:0b:8d:8d:3e:6d:d1:37:
         39:ac:d7:4e:11:63:42:d0:7b:9e:05:a3:a8:14:5e:b0:5a:27:
         2b:e2:6a:9e:da:52:76:85:8d:49:74:9c:17:e4:b8:1d:1f:b2:
         b8:00:f3:08:0c:4a:1c:96:06:00:cf:0c:1d:04:e2:f6:e2:1e:
         85:26:3c:aa:e6:10:15:e9:f4:3b:92:09:d3:7c:46:d7:20:be:
         d7:bc:a2:b0:ee:cc:0d:05:3f:dd:a5:3d:3d:b6:80:9c:da:c4:
         35:35:bc:fc:0a:93:24:89:6e:93:81:61:4e:52:7b:de:f7:1d:
         12:1d:b6:a5:ec:85:5a:c6:28:ce:6d:be:11:6a:70:ce:33:a0:
         cd:e9:bb:f1
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYR6pyV4FqNa0CGfj1X1dX3RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTE1MDkzODA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMThjZmJhM2NmZDc3YjJjMmMwMjhmZGM1NWU3MDgyZTU1ZjU5YWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8UhBEocWI1psg/aXAA4Ujt1F/8b
kJZXofM1LAGM/Q3eDp07JLXFCJjC/RWi3s4mjhRhqvoapiJlD8+AmiTAgFTfobD3
aN4u2Anv3OXleYHGu4KSfp/W+2v4iZCXUCzzs5z8WM3R3H2A8cMDssW8zIAkZVr+
3H/aioNo+EG7aGA7Hx265TfwA3AT0PKYz5jWqU88EFqjyLk3Ff3Qyn6QkMImSWnH
36wf9LEzYEWtQLyhWDhcmm6s7whIsDaIr0DLPnjMzKXxnkcdUIJ5P55wMSvTM8sq
jsWGyzhryr83Pd6NVgFDHjt91XptrJku2lKgD7Ny218v9HHOU+Hldc4+DwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFKGM+6PP13ssLAKP3FXnCC5V9ZrEMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvb1l6N284X1hleXdzQW9fY1ZlY0lMbFgxbXNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBnwQCAAEwgZgDBABU
IAcDBABUIA8DBABUICoDBABUICwDBAFUIC4DBABUIDEDBABUIDwDBABUID8wDAME
AFQgQQMEAFQgQgMEAFQgRAMEAFQgVgMEAFQgWgMEAFQgXAMEAFQgXgMEAFQg4wME
AFQg/wMEAFjYAgMEAFjYIwMEAFjYKAMEAFjYWwMEAVjYZgMEAFjYvAMEAVjYvgME
AFjYxjANBgkqhkiG9w0BAQsFAAOCAQEAAF6RRclDMiqR8Y4eOdmLtoZMVepRHcrD
zd2vIRdtL3N023XP1kZ+3jqsUqBD9BXfqvaoi2VWYWr4OlKcGQwvHj4JxBtKR1Nk
/4NLjw4/BKDRGSU97jxNcbMmZrJ+d6tEIWgSn8A9N2H0rENsya7EneySD8SOECoL
jY0+bdE3OazXThFjQtB7ngWjqBResFonK+JqntpSdoWNSXScF+S4HR+yuADzCAxK
HJYGAM8MHQTi9uIehSY8quYQFen0O5IJ03xG1yC+17yisO7MDQU/3aU9PbaAnNrE
NTW8/AqTJIluk4FhTlJ73vcdEh22peyFWsYozm2+EWpwzjOgzem78Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:31 2024 by rpki-client on console-ams.rpki-client.org