Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/qM1xrc2R6-QTwP6dFvG86X6MzXw.roa
File:                     qM1xrc2R6-QTwP6dFvG86X6MzXw.roa (raw, json)
Hash identifier:          NaL4cHVJHv2t72zefr0HcFu/y9unWAV9Ujhge1249Hw=
Subject key identifier:   A8:CD:71:AD:CD:91:EB:E4:13:C0:FE:9D:16:F1:BC:E9:7E:8C:CD:7C
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       018502593D8C4D8A0A5495FF8F7837884C0D
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/qM1xrc2R6-QTwP6dFvG86X6MzXw.roa
Signing time:             Sun 11 Dec 2022 18:01:20 +0000
ROA not before:           Sun 11 Dec 2022 18:01:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206119
IP address blocks:        84.32.179.0/24 maxlen: 24
                          84.32.222.0/24 maxlen: 24
                          84.32.220.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:02:59:3d:8c:4d:8a:0a:54:95:ff:8f:78:37:88:4c:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Dec 11 18:01:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a8cd71adcd91ebe413c0fe9d16f1bce97e8ccd7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:b8:b7:f5:44:1a:a2:bc:89:e3:db:5d:e2:77:
                    6d:3d:eb:02:aa:ff:b8:e6:37:8b:33:03:f9:34:e8:
                    f6:e0:95:1d:33:1d:13:8a:bc:a7:77:5d:28:5a:6f:
                    7f:5c:cc:fa:3f:bf:71:1a:8e:a7:ad:ee:5b:92:21:
                    34:74:fa:3f:fd:b2:32:a8:d2:e4:1a:9e:ef:61:94:
                    07:c5:e2:12:0b:6f:c4:8a:3d:97:9d:2d:bb:e5:0b:
                    36:ed:e9:29:59:57:ce:7d:52:da:56:b7:c7:85:db:
                    f3:99:00:c0:68:1d:d9:f1:ca:6d:70:d5:a8:8f:b9:
                    94:60:2c:1f:e7:a0:88:48:40:ad:56:24:04:46:1b:
                    ca:3b:93:e6:f8:f1:73:5f:47:f9:98:4f:43:6c:d8:
                    e7:b2:59:69:d0:7d:e8:06:bd:ba:14:9a:72:1b:fe:
                    a8:46:95:24:8c:01:80:81:18:d2:a4:95:22:76:18:
                    64:1a:88:a1:60:41:dd:46:dc:23:f1:56:6f:c8:e0:
                    26:11:56:a0:1c:82:0d:8e:72:05:17:08:a3:70:9c:
                    41:83:67:71:69:9c:a8:4b:da:da:da:9f:0b:04:21:
                    fc:cb:3b:33:7c:db:6e:c9:9f:a1:7c:e1:5b:6f:69:
                    00:8f:a6:ba:d7:d8:90:ae:94:5a:28:40:79:79:7e:
                    9f:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:CD:71:AD:CD:91:EB:E4:13:C0:FE:9D:16:F1:BC:E9:7E:8C:CD:7C
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/qM1xrc2R6-QTwP6dFvG86X6MzXw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.179.0/24
                  84.32.220.0/24
                  84.32.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:9d:37:d4:4d:31:73:4e:f6:5a:69:be:72:d1:93:d9:3f:c3:
         3b:0b:db:42:96:ab:43:b3:24:4d:87:3c:b9:93:5f:6e:3b:13:
         9b:3b:e7:02:f7:18:59:7a:17:29:f0:14:12:1f:73:c8:c1:c8:
         31:39:e3:ab:81:87:ee:9d:2b:a1:c7:c2:3c:2a:9a:49:57:b8:
         35:f0:12:b7:b4:af:bb:ae:dd:50:bd:ce:30:3b:4c:0b:67:f4:
         3d:54:b3:83:92:98:f3:ab:c2:d5:bf:13:0f:2c:d4:4a:af:39:
         40:5d:7b:83:b6:27:01:95:aa:04:dd:82:ab:28:d9:53:de:2c:
         94:14:94:ea:d2:14:30:8f:12:e0:4a:4f:83:11:cb:b1:85:87:
         45:ad:e0:51:34:d6:0d:7c:d0:e9:e4:c3:2c:9f:63:52:44:ad:
         8a:b2:ac:45:25:0f:ed:b3:70:24:39:c4:e6:37:d6:c6:90:f7:
         11:86:fa:42:e3:0d:93:58:4f:c0:f8:66:38:e8:b5:5c:43:74:
         2d:88:16:08:61:e8:3e:8a:a9:d6:40:5c:f9:9a:31:78:e6:84:
         ba:e1:67:d5:59:5e:74:15:1b:1b:de:1c:24:7b:31:a2:34:93:
         0c:bd:d6:d1:d4:38:02:f5:28:94:56:72:4d:b4:2d:50:e2:ca:
         d4:70:c9:68
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYUCWT2MTYoKVJX/j3g3iEwNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjExMTgwMTIwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGNkNzFhZGNkOTFlYmU0MTNjMGZlOWQxNmYxYmNlOTdlOGNjZDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjri39UQaoryJ49td4ndtPesCqv+4
5jeLMwP5NOj24JUdMx0Tirynd10oWm9/XMz6P79xGo6nre5bkiE0dPo//bIyqNLk
Gp7vYZQHxeISC2/Eij2XnS275Qs27ekpWVfOfVLaVrfHhdvzmQDAaB3Z8cptcNWo
j7mUYCwf56CISECtViQERhvKO5Pm+PFzX0f5mE9DbNjnsllp0H3oBr26FJpyG/6o
RpUkjAGAgRjSpJUidhhkGoihYEHdRtwj8VZvyOAmEVagHIINjnIFFwijcJxBg2dx
aZyoS9ra2p8LBCH8yzszfNtuyZ+hfOFbb2kAj6a619iQrpRaKEB5eX6fJQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKjNca3NkevkE8D+nRbxvOl+jM18MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvcU0xeHJjMlI2LVFUd1A2ZEZ2Rzg2WDZNelh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCCzAwQA
VCDcAwQAVCDeMA0GCSqGSIb3DQEBCwUAA4IBAQBJnTfUTTFzTvZaab5y0ZPZP8M7
C9tClqtDsyRNhzy5k19uOxObO+cC9xhZehcp8BQSH3PIwcgxOeOrgYfunSuhx8I8
KppJV7g18BK3tK+7rt1Qvc4wO0wLZ/Q9VLODkpjzq8LVvxMPLNRKrzlAXXuDticB
laoE3YKrKNlT3iyUFJTq0hQwjxLgSk+DEcuxhYdFreBRNNYNfNDp5MMsn2NSRK2K
sqxFJQ/ts3AkOcTmN9bGkPcRhvpC4w2TWE/A+GY46LVcQ3QtiBYIYeg+iqnWQFz5
mjF45oS64WfVWV50FRsb3hwkezGiNJMMvdbR1DgC9SiUVnJNtC1Q4srUcMlo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:32 2024 by rpki-client on console-ams.rpki-client.org