Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/uQ9-WVquoEUPSgih7ssif_xC1Qg.roa
File:                     uQ9-WVquoEUPSgih7ssif_xC1Qg.roa (raw, json)
Hash identifier:          MtINrP3ypEZwslGJ2fsuFUtyUx0CDVLgFmxuWIC77S8=
Subject key identifier:   B9:0F:7E:59:5A:AE:A0:45:0F:4A:08:A1:EE:CB:22:7F:FC:42:D5:08
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       01841080E28D452765C5B700FD6335BD525E
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/uQ9-WVquoEUPSgih7ssif_xC1Qg.roa
Signing time:             Tue 25 Oct 2022 18:56:32 +0000
ROA not before:           Tue 25 Oct 2022 18:56:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3320
IP address blocks:        88.216.208.0/24 maxlen: 24
                          84.32.20.0/22 maxlen: 24
                          84.32.48.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:10:80:e2:8d:45:27:65:c5:b7:00:fd:63:35:bd:52:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Oct 25 18:56:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b90f7e595aaea0450f4a08a1eecb227ffc42d508
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:e2:00:52:05:b4:a9:f2:8c:7c:dd:28:f3:dc:
                    fd:45:b5:a8:b1:ee:00:ed:86:3f:49:87:af:99:47:
                    00:3f:d6:5b:b3:cc:32:15:ed:a4:37:fc:4c:37:4c:
                    46:71:ae:a1:b9:c2:fb:94:83:31:9f:f7:85:90:bb:
                    f2:ed:fe:a6:ff:11:3a:78:c2:c1:f4:f9:d4:af:ac:
                    76:c5:a1:ca:be:6b:82:44:b9:32:10:6b:d2:e3:5a:
                    45:d3:ac:3c:b9:49:3d:d5:17:9c:da:1e:9a:3c:2f:
                    b1:5a:de:9b:e7:06:de:bd:9f:38:62:29:fd:b2:8c:
                    61:b8:a8:4d:d2:3a:9d:04:fc:9d:54:9e:a2:a6:a7:
                    ef:43:5c:e9:0c:66:56:99:d2:df:02:f4:81:f3:9c:
                    29:a6:2a:96:e0:90:e4:3d:65:9f:41:ee:c8:52:79:
                    03:e6:28:01:44:e2:26:84:9c:9d:15:ef:a4:29:39:
                    5f:8f:03:b2:b6:7d:c9:f7:7f:b6:e8:7f:4f:16:2e:
                    94:3f:c6:bf:f5:b2:a2:c1:94:1d:08:21:1c:0b:15:
                    56:2f:bb:ce:6a:e0:a6:8c:57:5f:07:d0:bb:4f:fe:
                    75:6c:1b:05:4f:b7:4d:a1:4b:2c:a7:57:3f:c1:18:
                    57:8b:fb:2b:c2:a4:79:9c:35:21:97:d6:77:ac:bc:
                    c7:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:0F:7E:59:5A:AE:A0:45:0F:4A:08:A1:EE:CB:22:7F:FC:42:D5:08
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/uQ9-WVquoEUPSgih7ssif_xC1Qg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.20.0/22
                  84.32.48.0/22
                  88.216.208.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:d6:9c:aa:3b:ef:0f:d2:9a:e3:8b:7e:0d:cb:9d:87:72:f8:
         dc:b8:c3:c0:21:03:b1:b3:d6:6c:cd:8a:74:32:8e:df:4a:2c:
         df:c6:fe:da:d8:a2:cf:ac:22:dc:3e:9e:41:d6:81:1b:58:c2:
         aa:05:cb:48:d9:9e:7a:c4:23:1d:0a:11:97:2c:97:d6:b2:ec:
         89:e7:eb:f7:e8:f5:bd:11:9f:ea:de:a2:19:e1:78:a5:a8:99:
         be:5e:b2:2f:e5:3d:77:33:af:42:3c:e9:f6:5e:4b:ea:c1:f4:
         27:ce:1c:ef:81:d5:12:f6:c8:25:6e:98:a9:9a:4a:fa:16:44:
         c9:ab:2b:9a:8a:81:a5:99:38:42:9d:29:6c:d3:4b:5d:18:64:
         ba:53:ea:43:3b:6a:5d:34:c3:d9:4f:64:4a:96:3c:1a:b3:e6:
         f9:0f:e2:06:03:fe:35:7c:b3:27:a1:aa:c4:1a:ed:95:6a:35:
         a5:a8:98:9b:4e:ae:7d:d6:c9:d7:4c:b9:e6:a6:74:35:7c:dd:
         63:07:12:3e:78:7c:12:29:9e:2b:b5:47:1a:1a:3c:4d:f4:52:
         a4:18:d6:05:31:76:70:3a:56:96:49:6f:fe:f6:d8:b5:10:d1:
         10:1c:61:c6:07:96:02:c0:d8:92:5a:48:07:d6:94:20:0b:8c:
         cd:a3:90:a2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYQQgOKNRSdlxbcA/WM1vVJeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMDI1MTg1NjMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTBmN2U1OTVhYWVhMDQ1MGY0YTA4YTFlZWNiMjI3ZmZjNDJkNTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuIAUgW0qfKMfN0o89z9RbWose4A
7YY/SYevmUcAP9Zbs8wyFe2kN/xMN0xGca6hucL7lIMxn/eFkLvy7f6m/xE6eMLB
9PnUr6x2xaHKvmuCRLkyEGvS41pF06w8uUk91Rec2h6aPC+xWt6b5wbevZ84Yin9
soxhuKhN0jqdBPydVJ6ipqfvQ1zpDGZWmdLfAvSB85wppiqW4JDkPWWfQe7IUnkD
5igBROImhJydFe+kKTlfjwOytn3J93+26H9PFi6UP8a/9bKiwZQdCCEcCxVWL7vO
auCmjFdfB9C7T/51bBsFT7dNoUssp1c/wRhXi/srwqR5nDUhl9Z3rLzH6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLkPfllarqBFD0oIoe7LIn/8QtUIMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvdVE5LVdWcXVvRVVQU2dpaDdzc2lmX3hDMVFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCVCAUAwQC
VCAwAwQAWNjQMA0GCSqGSIb3DQEBCwUAA4IBAQAH1pyqO+8P0prji34Ny52Hcvjc
uMPAIQOxs9ZszYp0Mo7fSizfxv7a2KLPrCLcPp5B1oEbWMKqBctI2Z56xCMdChGX
LJfWsuyJ5+v36PW9EZ/q3qIZ4XilqJm+XrIv5T13M69CPOn2XkvqwfQnzhzvgdUS
9sglbpipmkr6FkTJqyuaioGlmThCnSls00tdGGS6U+pDO2pdNMPZT2RKljwas+b5
D+IGA/41fLMnoarEGu2VajWlqJibTq591snXTLnmpnQ1fN1jBxI+eHwSKZ4rtUca
GjxN9FKkGNYFMXZwOlaWSW/+9ti1ENEQHGHGB5YCwNiSWkgH1pQgC4zNo5Ci
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:36 2024 by rpki-client on console-fra.rpki-client.org