Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/mt8_hSxDIjyIOJBFxltgMBaBuis.roa
File:                     mt8_hSxDIjyIOJBFxltgMBaBuis.roa (raw, json)
Hash identifier:          CFMdLHMsBA4kd83vRffM9PPEA742hIeWkhLHIif13M0=
Subject key identifier:   9A:DF:3F:85:2C:43:22:3C:88:38:90:45:C6:5B:60:30:16:81:BA:2B
Certificate issuer:       /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial:       01844E73EB914F718BF95D2368A52CF40856
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/mt8_hSxDIjyIOJBFxltgMBaBuis.roa
Signing time:             Sun 06 Nov 2022 19:38:50 +0000
ROA not before:           Sun 06 Nov 2022 19:38:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     398343
IP address blocks:        5.39.249.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:4e:73:eb:91:4f:71:8b:f9:5d:23:68:a5:2c:f4:08:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
        Validity
            Not Before: Nov  6 19:38:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9adf3f852c43223c88389045c65b60301681ba2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:62:03:09:da:04:b4:49:09:07:90:7a:0f:7f:
                    5a:4d:9b:1b:d6:c2:14:f0:fc:db:12:00:4a:a0:9e:
                    19:e9:74:1e:4b:77:77:40:40:87:4b:e2:b5:9d:29:
                    ba:b3:8c:a3:a9:d0:e3:5d:83:a1:0b:76:4d:06:35:
                    b9:71:ef:3f:3a:01:f5:74:f0:c3:d5:11:ce:07:dd:
                    75:db:68:4b:3e:ac:a9:d3:58:c1:10:1c:b6:77:65:
                    a7:49:e4:85:f7:67:b7:52:06:19:4a:5a:7e:c6:76:
                    a9:d3:6b:e5:22:82:86:79:52:60:94:3c:c0:4e:89:
                    8e:92:56:76:8c:11:6a:94:bd:e6:5f:35:60:02:e8:
                    19:8b:42:5b:76:b0:df:17:ea:b4:21:d7:70:82:4a:
                    61:b7:f0:4b:ea:d6:ca:94:f0:a7:83:82:4b:d7:49:
                    93:43:fa:f8:c9:55:55:96:b6:a3:69:e1:1f:b2:c3:
                    88:69:2b:65:90:26:85:f2:40:52:12:3d:23:83:77:
                    e4:d7:e8:ce:2a:54:38:85:46:82:23:b2:25:8b:ca:
                    f6:80:00:7b:57:af:52:7b:db:08:53:30:38:d1:0b:
                    5e:8f:16:56:19:c9:89:80:59:8a:5a:60:11:03:7b:
                    d0:50:1f:15:65:ed:de:f4:9f:d2:02:6b:86:fb:9a:
                    32:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:DF:3F:85:2C:43:22:3C:88:38:90:45:C6:5B:60:30:16:81:BA:2B
            X509v3 Authority Key Identifier:
                keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/mt8_hSxDIjyIOJBFxltgMBaBuis.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.39.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:01:69:4a:aa:72:3a:1b:13:fc:20:35:bf:85:c5:76:6c:3e:
         2e:a1:06:4f:46:97:b3:f8:40:91:fc:c3:a0:5a:83:1e:d4:e1:
         03:e3:25:9b:41:60:ba:59:da:9b:8c:4a:41:96:06:a8:bc:ed:
         36:37:df:56:99:fd:fd:5e:d4:7c:f5:0d:0c:5a:f1:2d:24:27:
         83:b9:a3:d4:c8:fa:0e:a0:21:d4:8a:b9:ed:61:ce:8b:b0:5b:
         97:fa:57:d5:c1:bc:73:46:b8:7c:6f:59:ce:be:b1:10:69:6d:
         20:09:44:d3:b1:c6:c2:2d:01:bb:81:18:bb:4f:92:38:b3:d6:
         cb:e0:8a:03:8f:5b:f4:9a:46:bf:ed:63:2b:0d:05:e0:6e:ef:
         c1:ea:cb:95:f0:14:32:83:ed:77:a7:7c:44:55:01:c5:8c:76:
         79:ff:4b:c5:bb:e6:4d:28:71:36:10:1e:79:29:fb:d7:a3:a9:
         06:80:d5:cc:b7:27:01:7a:bb:b8:0e:48:d4:b7:73:c1:0d:d4:
         d2:7b:d3:74:21:dd:5a:72:71:10:d1:c8:19:3c:37:8e:db:21:
         0d:36:a9:53:db:74:00:0f:58:85:b0:88:c3:7a:c6:ed:40:20:
         de:e6:18:18:70:34:bb:93:cd:09:ca:9b:67:81:b5:14:c0:59:
         10:e0:f7:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYROc+uRT3GL+V0jaKUs9AhWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjIxMTA2MTkzODUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWRmM2Y4NTJjNDMyMjNjODgzODkwNDVjNjViNjAzMDE2ODFiYTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmIDCdoEtEkJB5B6D39aTZsb1sIU
8PzbEgBKoJ4Z6XQeS3d3QECHS+K1nSm6s4yjqdDjXYOhC3ZNBjW5ce8/OgH1dPDD
1RHOB91122hLPqyp01jBEBy2d2WnSeSF92e3UgYZSlp+xnap02vlIoKGeVJglDzA
TomOklZ2jBFqlL3mXzVgAugZi0JbdrDfF+q0Iddwgkpht/BL6tbKlPCng4JL10mT
Q/r4yVVVlrajaeEfssOIaStlkCaF8kBSEj0jg3fk1+jOKlQ4hUaCI7Ili8r2gAB7
V69Se9sIUzA40QtejxZWGcmJgFmKWmARA3vQUB8VZe3e9J/SAmuG+5oyUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJrfP4UsQyI8iDiQRcZbYDAWgborMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvbXQ4X2hTeERJanlJT0pCRnhsdGdNQmFCdWlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSf5MA0G
CSqGSIb3DQEBCwUAA4IBAQB9AWlKqnI6GxP8IDW/hcV2bD4uoQZPRpez+ECR/MOg
WoMe1OED4yWbQWC6WdqbjEpBlgaovO02N99Wmf39XtR89Q0MWvEtJCeDuaPUyPoO
oCHUirntYc6LsFuX+lfVwbxzRrh8b1nOvrEQaW0gCUTTscbCLQG7gRi7T5I4s9bL
4IoDj1v0mka/7WMrDQXgbu/B6suV8BQyg+13p3xEVQHFjHZ5/0vFu+ZNKHE2EB55
KfvXo6kGgNXMtycBeru4DkjUt3PBDdTSe9N0Id1acnEQ0cgZPDeO2yENNqlT23QA
D1iFsIjDesbtQCDe5hgYcDS7k80JyptngbUUwFkQ4Pcm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:15 2024 by rpki-client on console-ams.rpki-client.org