Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/z315IikZ-1AdqextgNsq_QHuo9A.roa
File:                     z315IikZ-1AdqextgNsq_QHuo9A.roa (raw, json)
Hash identifier:          Z2KaIdzHGOzGjhNk2hjhZ4BmdSVIZRVafRyWnUDG6Hc=
Subject key identifier:   CF:7D:79:22:29:19:FB:50:1D:A9:EC:6D:80:DB:2A:FD:01:EE:A3:D0
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       018507A380BF9671781A318E50108A65567A
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/z315IikZ-1AdqextgNsq_QHuo9A.roa
Signing time:             Mon 12 Dec 2022 18:40:33 +0000
ROA not before:           Mon 12 Dec 2022 18:40:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210441
IP address blocks:        88.216.186.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:07:a3:80:bf:96:71:78:1a:31:8e:50:10:8a:65:56:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Dec 12 18:40:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cf7d79222919fb501da9ec6d80db2afd01eea3d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:68:6a:a8:05:72:1f:4a:42:29:15:27:58:11:
                    cf:e6:a4:e2:50:93:16:24:ea:84:f4:3e:7e:b3:cc:
                    b0:ed:e3:ea:58:07:b0:3b:80:79:c6:f9:ba:6d:88:
                    63:0a:3d:f3:2c:c3:55:93:32:29:26:77:b5:1e:d5:
                    7d:01:81:1e:77:10:75:a1:3b:86:7e:8f:f5:d1:10:
                    f3:76:f4:f7:68:f6:95:7f:f8:66:6c:e7:e0:47:1e:
                    88:1f:cd:e1:e4:6c:d9:07:f7:4d:b5:3a:08:bf:c9:
                    fb:46:bf:f3:d7:4e:35:45:e9:bc:80:15:ae:48:13:
                    ba:f1:b4:d7:10:21:66:e1:ca:eb:0b:1e:45:36:dc:
                    57:d1:a5:54:05:59:01:e9:e9:0c:3f:e2:89:7e:4a:
                    89:17:32:a3:f9:4c:48:73:39:51:be:33:a2:ca:29:
                    ec:1c:bb:1d:d2:6f:a4:8c:2e:b9:0b:47:8b:50:b3:
                    db:c3:af:3e:4d:b9:e4:bc:5a:bb:72:53:8a:58:b7:
                    58:55:65:a8:24:93:f5:f1:20:c4:88:d5:4b:f7:7f:
                    44:4f:45:38:40:96:21:e8:a2:88:6b:51:0c:17:34:
                    78:ac:f6:41:0c:19:14:fc:e4:81:4a:31:8e:86:0d:
                    9c:9e:2d:7d:b4:87:e5:c4:61:af:ef:c6:ba:52:68:
                    87:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:7D:79:22:29:19:FB:50:1D:A9:EC:6D:80:DB:2A:FD:01:EE:A3:D0
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/z315IikZ-1AdqextgNsq_QHuo9A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.216.186.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8b:57:01:61:7b:82:7c:18:a7:ce:44:8b:fd:64:6c:b2:17:24:
         d4:ef:ce:d1:98:78:0b:38:3d:65:4f:14:98:f9:81:aa:37:9a:
         e0:c9:de:2c:6c:a8:ce:d1:80:e2:a5:14:ab:3f:6e:c8:df:96:
         b3:52:df:3f:18:9b:89:15:e9:dc:f4:22:0e:a1:b1:2e:14:a1:
         01:3b:bb:2d:f3:08:39:05:03:7b:19:c4:30:82:ae:ae:96:86:
         17:19:95:2e:0e:b7:be:3c:38:7f:80:de:69:bc:ea:e4:6d:52:
         68:ea:13:f2:6d:08:77:53:2a:9e:1f:37:4b:b5:5d:69:f7:f0:
         2d:db:a4:71:30:d8:5d:0b:44:16:c6:c1:c5:66:84:18:7a:b5:
         04:fc:b7:60:6b:9d:f2:73:b6:56:0e:d9:ed:b2:98:17:1d:a3:
         6d:19:8b:39:e8:b4:d2:c6:83:85:48:f9:6b:b9:04:b7:96:28:
         de:0c:c8:a7:f8:1f:e8:23:4e:6b:ca:9e:bf:a0:90:7b:d1:fb:
         2c:59:6d:b9:ef:9e:d3:96:96:36:a7:37:cf:6d:06:c3:d1:52:
         f6:ba:12:3b:56:75:cf:99:21:54:c2:56:2d:d9:16:f2:03:6d:
         c0:ec:ed:b6:aa:4b:04:49:ac:ed:89:6d:fb:c6:98:17:d9:06:
         fa:e9:6a:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUHo4C/lnF4GjGOUBCKZVZ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjEyMTg0MDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjdkNzkyMjI5MTlmYjUwMWRhOWVjNmQ4MGRiMmFmZDAxZWVhM2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmhqqAVyH0pCKRUnWBHP5qTiUJMW
JOqE9D5+s8yw7ePqWAewO4B5xvm6bYhjCj3zLMNVkzIpJne1HtV9AYEedxB1oTuG
fo/10RDzdvT3aPaVf/hmbOfgRx6IH83h5GzZB/dNtToIv8n7Rr/z1041Rem8gBWu
SBO68bTXECFm4crrCx5FNtxX0aVUBVkB6ekMP+KJfkqJFzKj+UxIczlRvjOiyins
HLsd0m+kjC65C0eLULPbw68+TbnkvFq7clOKWLdYVWWoJJP18SDEiNVL939ET0U4
QJYh6KKIa1EMFzR4rPZBDBkU/OSBSjGOhg2cni19tIflxGGv78a6UmiHGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM99eSIpGftQHansbYDbKv0B7qPQMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvejMxNUlpa1otMUFkcWV4dGdOc3FfUUh1bzlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWNi6MA0G
CSqGSIb3DQEBCwUAA4IBAQCLVwFhe4J8GKfORIv9ZGyyFyTU787RmHgLOD1lTxSY
+YGqN5rgyd4sbKjO0YDipRSrP27I35azUt8/GJuJFenc9CIOobEuFKEBO7st8wg5
BQN7GcQwgq6uloYXGZUuDre+PDh/gN5pvOrkbVJo6hPybQh3UyqeHzdLtV1p9/At
26RxMNhdC0QWxsHFZoQYerUE/Ldga53yc7ZWDtntspgXHaNtGYs56LTSxoOFSPlr
uQS3lijeDMin+B/oI05ryp6/oJB70fssWW25757TlpY2pzfPbQbD0VL2uhI7VnXP
mSFUwlYt2RbyA23A7O22qksESaztiW37xpgX2Qb66WpI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:33 2024 by rpki-client on console-ams.rpki-client.org