Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/sugi7fpsRICtK6p9LxRUB21j48g.roa
File:                     sugi7fpsRICtK6p9LxRUB21j48g.roa (raw, json)
Hash identifier:          FNHGjcI9HTI7DbrX+EpIF7KY2BJdlNnVEc1wt1IzLqU=
Subject key identifier:   B2:E8:22:ED:FA:6C:44:80:AD:2B:AA:7D:2F:14:54:07:6D:63:E3:C8
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       0184EBF5BD264838B244A3ECE05B35F62031
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/sugi7fpsRICtK6p9LxRUB21j48g.roa
Signing time:             Wed 07 Dec 2022 09:41:01 +0000
ROA not before:           Wed 07 Dec 2022 09:41:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211237
IP address blocks:        84.32.58.0/24 maxlen: 24
                          84.32.71.0/24 maxlen: 24
                          88.216.199.0/24 maxlen: 24
                          84.32.88.0/24 maxlen: 24
                          84.32.93.0/24 maxlen: 24
                          88.216.211.0/24 maxlen: 24
                          88.216.210.0/24 maxlen: 24
                          84.32.226.0/24 maxlen: 24
                          84.32.10.0/24 maxlen: 24
                          84.32.8.0/24 maxlen: 24
                          84.32.239.0/24 maxlen: 24
                          84.32.238.0/24 maxlen: 24
                          84.32.245.0/24 maxlen: 24
                          88.216.134.0/24 maxlen: 24
                          84.32.48.0/24 maxlen: 24
                          84.32.50.0/24 maxlen: 24
                          88.216.92.0/24 maxlen: 24
                          88.216.3.0/24 maxlen: 24
                          88.216.223.0/24 maxlen: 24
                          88.216.21.0/24 maxlen: 24
                          88.216.22.0/24 maxlen: 24
                          88.216.32.0/24 maxlen: 24
                          88.216.47.0/24 maxlen: 24
                          88.216.46.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:eb:f5:bd:26:48:38:b2:44:a3:ec:e0:5b:35:f6:20:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Dec  7 09:41:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b2e822edfa6c4480ad2baa7d2f1454076d63e3c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:cb:69:47:0c:5e:96:2c:ba:af:09:47:33:8b:
                    66:db:55:66:c1:38:f1:60:45:4f:f2:85:de:e5:24:
                    f7:19:ef:35:72:32:fe:d5:14:03:e1:f2:7f:5e:fa:
                    ed:99:18:41:eb:b9:e2:40:c8:d4:4b:30:00:c5:7f:
                    9b:a1:4e:67:f3:f9:9a:32:43:10:0b:3f:dc:1e:64:
                    27:c4:8f:fb:66:01:41:58:0f:74:e6:34:19:49:f1:
                    3b:f7:ad:9e:9d:be:23:d3:ad:d9:6d:c2:3d:19:02:
                    64:c9:0c:01:0b:1b:94:25:2d:5e:1d:20:70:92:ac:
                    a6:70:38:aa:18:34:fe:6c:a8:6a:de:e5:13:42:9c:
                    47:5d:6c:47:d4:b4:e7:32:22:55:ed:7e:43:52:ed:
                    49:1f:1b:1f:90:1f:a0:56:c0:27:5d:f9:0d:16:5c:
                    36:6a:fe:eb:f4:d6:f1:81:17:06:90:66:d4:2e:bd:
                    b7:5f:7b:61:45:16:bd:89:0c:86:34:d9:83:b6:26:
                    0f:fe:d7:05:58:d2:9b:ac:e1:56:f6:d7:9b:f2:de:
                    1a:c3:96:1c:9a:02:8a:6b:c2:98:98:5a:71:25:4f:
                    af:95:0d:49:b2:92:e9:30:b1:39:6f:ab:f0:c7:44:
                    64:76:e4:75:93:fe:cc:d7:7e:29:56:fb:6d:e1:37:
                    5b:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:E8:22:ED:FA:6C:44:80:AD:2B:AA:7D:2F:14:54:07:6D:63:E3:C8
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/sugi7fpsRICtK6p9LxRUB21j48g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.8.0/24
                  84.32.10.0/24
                  84.32.48.0/24
                  84.32.50.0/24
                  84.32.58.0/24
                  84.32.71.0/24
                  84.32.88.0/24
                  84.32.93.0/24
                  84.32.226.0/24
                  84.32.238.0/23
                  84.32.245.0/24
                  88.216.3.0/24
                  88.216.21.0-88.216.22.255
                  88.216.32.0/24
                  88.216.46.0/23
                  88.216.92.0/24
                  88.216.134.0/24
                  88.216.199.0/24
                  88.216.210.0/23
                  88.216.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         64:46:21:9a:48:fa:32:57:c8:44:d6:1f:88:6b:3c:7f:a2:47:
         64:9a:2b:2a:4f:06:74:a6:9b:78:75:5b:37:54:47:d7:8b:a5:
         c8:a1:08:1f:e6:0a:89:58:6c:ab:b0:e6:0b:06:23:a1:50:4a:
         7d:b5:2d:c5:5a:63:10:55:b9:3a:3f:1f:17:48:48:04:ba:b1:
         ca:5d:2e:72:f9:a7:94:b5:29:0c:38:be:17:55:b4:6c:4f:39:
         d1:29:f8:0a:75:59:d5:01:36:94:58:1f:b0:e0:a1:3a:06:6b:
         66:80:ec:c0:b8:26:27:9e:89:39:4c:a1:df:47:ee:b9:e7:8e:
         85:e1:19:d1:98:3f:23:dc:ae:9f:d0:60:92:08:15:2e:c6:2d:
         5c:2c:8c:52:9a:e4:e5:b6:f3:ba:4f:aa:ce:33:42:d6:fe:6f:
         6d:82:78:fb:e3:71:8d:77:85:04:e5:62:4b:03:e9:cf:79:fa:
         cf:f3:73:c8:3d:26:0f:1e:e6:36:70:59:17:a1:37:b0:72:5a:
         c1:8d:8f:8e:6a:a4:34:27:1f:24:d6:3f:16:0e:c1:3b:00:28:
         55:ec:ff:47:aa:5a:65:11:de:ec:01:87:f3:df:5e:41:3a:f9:
         fe:21:e1:93:c4:74:93:89:69:1f:c9:4c:90:71:19:3c:c2:6e:
         3f:32:88:98
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYTr9b0mSDiyRKPs4Fs19iAxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjA3MDk0MTAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmU4MjJlZGZhNmM0NDgwYWQyYmFhN2QyZjE0NTQwNzZkNjNlM2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjstpRwxeliy6rwlHM4tm21VmwTjx
YEVP8oXe5ST3Ge81cjL+1RQD4fJ/XvrtmRhB67niQMjUSzAAxX+boU5n8/maMkMQ
Cz/cHmQnxI/7ZgFBWA905jQZSfE7962enb4j063ZbcI9GQJkyQwBCxuUJS1eHSBw
kqymcDiqGDT+bKhq3uUTQpxHXWxH1LTnMiJV7X5DUu1JHxsfkB+gVsAnXfkNFlw2
av7r9NbxgRcGkGbULr23X3thRRa9iQyGNNmDtiYP/tcFWNKbrOFW9teb8t4aw5Yc
mgKKa8KYmFpxJU+vlQ1JspLpMLE5b6vwx0RkduR1k/7M134pVvtt4TdbgwIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFLLoIu36bESArSuqfS8UVAdtY+PIMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvc3VnaTdmcHNSSUN0SzZwOUx4UlVCMjFqNDhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBABU
IAgDBABUIAoDBABUIDADBABUIDIDBABUIDoDBABUIEcDBABUIFgDBABUIF0DBABU
IOIDBAFUIO4DBABUIPUDBABY2AMwDAMEAFjYFQMEAFjYFgMEAFjYIAMEAVjYLgME
AFjYXAMEAFjYhgMEAFjYxwMEAVjY0gMEAFjY3zANBgkqhkiG9w0BAQsFAAOCAQEA
ZEYhmkj6MlfIRNYfiGs8f6JHZJorKk8GdKabeHVbN1RH14ulyKEIH+YKiVhsq7Dm
CwYjoVBKfbUtxVpjEFW5Oj8fF0hIBLqxyl0ucvmnlLUpDDi+F1W0bE850Sn4CnVZ
1QE2lFgfsOChOgZrZoDswLgmJ56JOUyh30fuueeOheEZ0Zg/I9yun9BgkggVLsYt
XCyMUprk5bbzuk+qzjNC1v5vbYJ4++NxjXeFBOViSwPpz3n6z/NzyD0mDx7mNnBZ
F6E3sHJawY2PjmqkNCcfJNY/Fg7BOwAoVez/R6paZRHe7AGH899eQTr5/iHhk8R0
k4lpH8lMkHEZPMJuPzKImA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:32 2024 by rpki-client on console-ams.rpki-client.org