Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/sy8iK629OTDO2Nht3h135TbPj8o.roa
File:                     sy8iK629OTDO2Nht3h135TbPj8o.roa (raw, json)
Hash identifier:          t6o6RlgW71arbqt1s1NfX+ujeedD2ljXb/D0VGun3eo=
Subject key identifier:   B3:2F:22:2B:AD:BD:39:30:CE:D8:D8:6D:DE:1D:77:E5:36:CF:8F:CA
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       0184C48F120389575E2ED850D6E1805C5805
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/sy8iK629OTDO2Nht3h135TbPj8o.roa
Signing time:             Tue 29 Nov 2022 18:03:41 +0000
ROA not before:           Tue 29 Nov 2022 18:03:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14445
IP address blocks:        88.216.0.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:c4:8f:12:03:89:57:5e:2e:d8:50:d6:e1:80:5c:58:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Nov 29 18:03:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b32f222badbd3930ced8d86dde1d77e536cf8fca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:e0:ca:62:2d:6f:f3:bc:03:dc:ef:a3:0a:36:
                    5a:8f:28:cc:c2:e8:35:1f:d4:82:7a:78:51:05:c8:
                    6f:db:11:b1:f2:09:90:1b:d2:92:94:b1:ab:2b:51:
                    60:04:64:4f:df:0b:b2:51:65:6c:34:e7:90:66:1f:
                    db:07:a5:18:d8:2c:69:bb:42:1c:ee:01:2f:39:93:
                    0b:c6:21:01:e1:11:cc:aa:c2:f5:22:a6:bb:44:08:
                    88:bf:a4:a8:92:2f:98:99:78:03:81:fa:19:ec:e8:
                    70:6e:37:ea:2a:1d:86:47:94:12:14:4f:2b:33:65:
                    c8:b3:50:4d:89:71:8a:6c:6e:ab:1d:80:8b:c2:6f:
                    15:2c:dc:c9:70:1d:cc:5f:c2:34:1a:16:60:a0:cf:
                    19:1f:24:74:f5:83:da:12:0d:1a:de:36:38:a3:ec:
                    68:a8:b3:d2:c7:dc:c9:2b:c1:43:d7:f7:0f:1b:ca:
                    41:83:bb:11:4a:b0:8a:15:96:2e:ef:30:f8:11:ea:
                    63:78:0c:c4:fe:e9:9c:d0:61:7b:8b:c6:84:0e:ba:
                    90:f0:ed:35:9e:17:84:a0:52:99:03:cd:03:ae:f8:
                    39:f6:39:2c:c3:4b:f6:f3:a3:02:2e:bd:be:62:70:
                    75:d0:61:27:4b:53:d6:c6:34:66:75:a0:f7:11:07:
                    95:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:2F:22:2B:AD:BD:39:30:CE:D8:D8:6D:DE:1D:77:E5:36:CF:8F:CA
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/sy8iK629OTDO2Nht3h135TbPj8o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.216.0.0/24

    Signature Algorithm: sha256WithRSAEncryption
         68:ca:38:d5:0e:64:1b:31:a6:75:47:80:06:e6:9f:f4:f3:ae:
         cc:69:a4:f5:bd:69:e9:a1:e6:60:ad:ba:9e:de:84:3a:f4:54:
         61:54:d1:69:b7:5e:63:0a:67:97:b9:4b:0b:2c:d8:25:e3:1e:
         7c:a1:d3:f2:a4:7e:87:26:7f:16:7d:b4:7e:e3:d3:81:c4:b8:
         e7:a3:f3:16:b7:53:9e:b1:72:2f:ec:1f:7d:42:5c:a8:df:87:
         4e:c4:4e:4c:b2:da:3f:b5:35:bf:27:41:d2:73:44:3a:20:6e:
         74:91:f0:ec:60:66:7d:06:2f:0c:29:5e:dd:0e:44:f5:78:5a:
         c8:3d:4e:af:64:84:7e:84:de:56:b7:ed:0f:66:56:9f:93:0d:
         83:a6:47:9c:ac:dc:29:cc:64:ef:43:d0:36:35:29:ab:7b:cc:
         22:d9:e8:89:fa:ac:29:b7:43:ed:ba:18:25:1c:c3:62:8d:ef:
         a0:3b:40:f0:d8:45:9f:b1:21:11:a5:85:c6:33:1b:03:6e:5e:
         8a:2b:53:49:01:d2:5f:97:92:90:11:0b:1b:b9:79:eb:91:c9:
         94:ee:c6:9d:fd:5f:4f:ab:f4:15:38:dd:e3:ce:b1:f0:41:21:
         24:f0:f0:4c:1c:0a:6d:b3:60:b9:b0:9a:a7:73:a9:74:f8:1c:
         a2:8d:b1:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTEjxIDiVdeLthQ1uGAXFgFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTI5MTgwMzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzJmMjIyYmFkYmQzOTMwY2VkOGQ4NmRkZTFkNzdlNTM2Y2Y4ZmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwODKYi1v87wD3O+jCjZajyjMwug1
H9SCenhRBchv2xGx8gmQG9KSlLGrK1FgBGRP3wuyUWVsNOeQZh/bB6UY2Cxpu0Ic
7gEvOZMLxiEB4RHMqsL1Iqa7RAiIv6Soki+YmXgDgfoZ7OhwbjfqKh2GR5QSFE8r
M2XIs1BNiXGKbG6rHYCLwm8VLNzJcB3MX8I0GhZgoM8ZHyR09YPaEg0a3jY4o+xo
qLPSx9zJK8FD1/cPG8pBg7sRSrCKFZYu7zD4EepjeAzE/umc0GF7i8aEDrqQ8O01
nheEoFKZA80Drvg59jksw0v286MCLr2+YnB10GEnS1PWxjRmdaD3EQeVewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLMvIiutvTkwztjYbd4dd+U2z4/KMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvc3k4aUs2MjlPVERPMk5odDNoMTM1VGJQajhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNgAMA0G
CSqGSIb3DQEBCwUAA4IBAQBoyjjVDmQbMaZ1R4AG5p/0867MaaT1vWnpoeZgrbqe
3oQ69FRhVNFpt15jCmeXuUsLLNgl4x58odPypH6HJn8WfbR+49OBxLjno/MWt1Oe
sXIv7B99Qlyo34dOxE5Msto/tTW/J0HSc0Q6IG50kfDsYGZ9Bi8MKV7dDkT1eFrI
PU6vZIR+hN5Wt+0PZlafkw2DpkecrNwpzGTvQ9A2NSmre8wi2eiJ+qwpt0Ptuhgl
HMNije+gO0Dw2EWfsSERpYXGMxsDbl6KK1NJAdJfl5KQEQsbuXnrkcmU7sad/V9P
q/QVON3jzrHwQSEk8PBMHApts2C5sJqnc6l0+ByijbGx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:32 2024 by rpki-client on console-ams.rpki-client.org