Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/waJnTDOwQaqD1lrqaMaUpJTcHM4.roa
File:                     waJnTDOwQaqD1lrqaMaUpJTcHM4.roa (raw, json)
Hash identifier:          6rECkKEJdZ2QugV4wyKxt5ceTtJZSGdDBFOH+Qj/2As=
Subject key identifier:   C1:A2:67:4C:33:B0:41:AA:83:D6:5A:EA:68:C6:94:A4:94:DC:1C:CE
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       0184E2299C0F423A3F3087859A8B801B1B17
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/waJnTDOwQaqD1lrqaMaUpJTcHM4.roa
Signing time:             Mon 05 Dec 2022 12:01:28 +0000
ROA not before:           Mon 05 Dec 2022 12:01:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211237
IP address blocks:        84.32.58.0/24 maxlen: 24
                          84.32.71.0/24 maxlen: 24
                          88.216.199.0/24 maxlen: 24
                          84.32.88.0/24 maxlen: 24
                          84.32.93.0/24 maxlen: 24
                          88.216.211.0/24 maxlen: 24
                          88.216.210.0/24 maxlen: 24
                          84.32.226.0/24 maxlen: 24
                          84.32.239.0/24 maxlen: 24
                          84.32.238.0/24 maxlen: 24
                          84.32.245.0/24 maxlen: 24
                          88.216.134.0/24 maxlen: 24
                          84.32.48.0/24 maxlen: 24
                          84.32.50.0/24 maxlen: 24
                          88.216.92.0/24 maxlen: 24
                          88.216.3.0/24 maxlen: 24
                          88.216.223.0/24 maxlen: 24
                          88.216.21.0/24 maxlen: 24
                          88.216.22.0/24 maxlen: 24
                          88.216.32.0/24 maxlen: 24
                          88.216.47.0/24 maxlen: 24
                          88.216.46.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:e2:29:9c:0f:42:3a:3f:30:87:85:9a:8b:80:1b:1b:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Dec  5 12:01:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c1a2674c33b041aa83d65aea68c694a494dc1cce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:01:b6:05:7f:ef:67:b7:4d:1a:69:f8:d3:c3:
                    1b:78:0d:95:a0:cf:fe:50:05:6b:bf:78:c6:21:11:
                    db:92:27:4f:52:09:da:03:66:0b:8d:9a:c5:6e:83:
                    e4:6c:c0:9b:7f:13:a5:61:4a:c5:35:9c:bf:16:06:
                    dd:c5:41:42:de:b9:1d:63:4d:7d:2f:55:17:be:ba:
                    53:3f:01:bb:6d:61:01:e0:9f:ba:97:6b:4e:f8:47:
                    a8:73:a5:5c:84:ce:65:1d:ea:c6:3e:99:a3:4f:34:
                    c0:2c:56:d8:b7:1b:ff:a1:08:e5:79:d7:a6:a0:30:
                    05:a6:02:70:77:9e:ff:6c:63:8c:b5:73:e9:ae:2c:
                    b4:0d:77:63:54:7e:95:62:43:15:8e:68:8b:bf:2e:
                    2a:99:92:24:9b:0b:3a:0c:42:75:dc:a3:91:c2:6f:
                    56:1b:a1:2f:cf:ce:2f:d0:02:d3:14:ca:27:81:0c:
                    25:59:70:5b:47:aa:e4:df:5e:ae:34:66:69:c4:f5:
                    0f:3e:74:d7:24:06:c9:01:ab:4e:18:e4:9c:d2:d4:
                    06:d0:21:66:e8:34:6a:78:ec:be:27:d1:5d:00:46:
                    00:d1:bd:fd:05:18:5d:21:1e:ab:7f:b5:16:c3:02:
                    0a:23:60:29:48:cb:67:86:1f:c5:a2:ba:e6:50:cb:
                    9c:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:A2:67:4C:33:B0:41:AA:83:D6:5A:EA:68:C6:94:A4:94:DC:1C:CE
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/waJnTDOwQaqD1lrqaMaUpJTcHM4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.48.0/24
                  84.32.50.0/24
                  84.32.58.0/24
                  84.32.71.0/24
                  84.32.88.0/24
                  84.32.93.0/24
                  84.32.226.0/24
                  84.32.238.0/23
                  84.32.245.0/24
                  88.216.3.0/24
                  88.216.21.0-88.216.22.255
                  88.216.32.0/24
                  88.216.46.0/23
                  88.216.92.0/24
                  88.216.134.0/24
                  88.216.199.0/24
                  88.216.210.0/23
                  88.216.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:03:ad:46:b6:4c:d0:db:18:51:7a:7e:e7:6a:75:8d:dd:98:
         4e:55:47:d8:d5:01:fc:62:50:e3:a5:8a:4c:26:6e:0f:60:7f:
         04:1d:f5:0b:43:05:3a:3e:7e:9e:af:e3:7d:de:b8:20:1f:8f:
         b8:77:4d:42:a4:9b:66:dc:0b:18:75:49:70:e9:02:30:dc:fb:
         24:59:82:c7:fe:a1:f1:04:e4:f0:50:9a:19:db:03:e9:4b:1b:
         c5:8e:19:8d:9a:73:92:2a:16:9a:31:5f:18:df:ba:5c:af:1b:
         c3:2d:b6:28:6d:c0:e8:ec:0e:67:b8:5d:00:09:a1:6f:07:cc:
         62:de:2a:2f:e5:ef:d9:fe:ba:62:82:bc:4d:86:b9:30:b1:fb:
         67:95:8f:10:77:c8:f4:e1:6d:68:8c:94:61:02:69:0b:2f:d4:
         8b:11:41:74:7c:96:78:ff:88:28:3d:3e:b7:22:4a:ce:ae:12:
         8d:83:57:76:ea:60:42:19:16:55:22:93:31:10:aa:79:59:2f:
         58:ee:bf:d2:8c:81:9c:20:93:76:8a:d5:08:31:d8:d8:19:23:
         f8:0e:55:2c:a4:a1:c1:58:be:9a:a7:ba:21:e4:25:ad:18:61:
         86:7a:c1:12:10:be:a8:4f:cf:ae:cf:bd:64:26:72:a6:49:06:
         f9:4d:df:ad
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAYTiKZwPQjo/MIeFmouAGxsXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjA1MTIwMTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWEyNjc0YzMzYjA0MWFhODNkNjVhZWE2OGM2OTRhNDk0ZGMxY2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwG2BX/vZ7dNGmn408MbeA2VoM/+
UAVrv3jGIRHbkidPUgnaA2YLjZrFboPkbMCbfxOlYUrFNZy/FgbdxUFC3rkdY019
L1UXvrpTPwG7bWEB4J+6l2tO+Eeoc6VchM5lHerGPpmjTzTALFbYtxv/oQjledem
oDAFpgJwd57/bGOMtXPpriy0DXdjVH6VYkMVjmiLvy4qmZIkmws6DEJ13KORwm9W
G6Evz84v0ALTFMongQwlWXBbR6rk316uNGZpxPUPPnTXJAbJAatOGOSc0tQG0CFm
6DRqeOy+J9FdAEYA0b39BRhdIR6rf7UWwwIKI2ApSMtnhh/ForrmUMucBQIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFMGiZ0wzsEGqg9Za6mjGlKSU3BzOMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvd2FKblRET3dRYXFEMWxycWFNYVVwSlRjSE00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAFQgMAME
AFQgMgMEAFQgOgMEAFQgRwMEAFQgWAMEAFQgXQMEAFQg4gMEAVQg7gMEAFQg9QME
AFjYAzAMAwQAWNgVAwQAWNgWAwQAWNggAwQBWNguAwQAWNhcAwQAWNiGAwQAWNjH
AwQBWNjSAwQAWNjfMA0GCSqGSIb3DQEBCwUAA4IBAQAMA61GtkzQ2xhRen7nanWN
3ZhOVUfY1QH8YlDjpYpMJm4PYH8EHfULQwU6Pn6er+N93rggH4+4d01CpJtm3AsY
dUlw6QIw3PskWYLH/qHxBOTwUJoZ2wPpSxvFjhmNmnOSKhaaMV8Y37pcrxvDLbYo
bcDo7A5nuF0ACaFvB8xi3iov5e/Z/rpigrxNhrkwsftnlY8Qd8j04W1ojJRhAmkL
L9SLEUF0fJZ4/4goPT63IkrOrhKNg1d26mBCGRZVIpMxEKp5WS9Y7r/SjIGcIJN2
itUIMdjYGSP4DlUspKHBWL6ap7oh5CWtGGGGesESEL6oT8+uz71kJnKmSQb5Td+t
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:36 2024 by rpki-client on console-fra.rpki-client.org