Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/tBKj4Kbo_LJdGK-P52MXBJ0_pag.roa
File:                     tBKj4Kbo_LJdGK-P52MXBJ0_pag.roa (raw, json)
Hash identifier:          sMkKu75a2VxXFIv6KySMpA6AR5CW60NXNGWvNrAtYSo=
Subject key identifier:   B4:12:A3:E0:A6:E8:FC:B2:5D:18:AF:8F:E7:63:17:04:9D:3F:A5:A8
Certificate issuer:       /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial:       0182F477C13D07C4947E86E74E3EE2AF36FE
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/tBKj4Kbo_LJdGK-P52MXBJ0_pag.roa
Signing time:             Wed 31 Aug 2022 15:14:25 +0000
ROA not before:           Wed 31 Aug 2022 15:14:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205307
IP address blocks:        82.150.146.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:f4:77:c1:3d:07:c4:94:7e:86:e7:4e:3e:e2:af:36:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
        Validity
            Not Before: Aug 31 15:14:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b412a3e0a6e8fcb25d18af8fe76317049d3fa5a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:43:79:81:00:c3:7e:28:6e:95:df:59:c8:b6:
                    c5:ab:92:bd:19:48:0f:30:48:47:a3:cb:e2:b6:75:
                    1f:0d:50:9a:7e:3d:6c:73:c7:03:0b:02:20:76:49:
                    c6:70:1f:6e:ac:0d:1a:72:8b:9c:92:d3:a4:a8:b7:
                    58:26:eb:67:8c:6a:4e:5b:ce:00:59:e4:b1:c3:24:
                    b3:44:4e:5a:19:9c:5d:61:40:79:19:5c:a5:29:a4:
                    8c:15:34:df:0f:99:4e:1f:4a:0d:fb:c9:4e:57:e4:
                    a0:c8:f2:92:47:82:16:ca:54:da:7d:28:84:f1:28:
                    5b:aa:35:77:4d:c1:3e:d3:63:f3:55:f0:2c:a9:95:
                    dd:7a:6d:ad:7c:11:d8:5b:35:5c:70:6a:6e:84:34:
                    f3:eb:b5:d3:c1:d6:e9:45:63:12:8e:6e:27:1c:d3:
                    5a:5e:08:82:56:f3:52:bf:e6:ef:d7:f4:22:c3:70:
                    9f:02:48:4f:4c:38:ab:79:b9:b8:b0:1d:22:5d:74:
                    e7:80:be:1b:42:ad:8d:0a:95:da:e0:68:9c:63:f7:
                    dc:42:88:e9:dd:f0:2f:f3:8d:14:c8:6d:bd:c5:78:
                    e8:13:6e:f3:cd:f1:33:ea:44:9b:3a:28:f7:5a:5c:
                    8b:3e:ce:7c:20:a7:d3:8b:a8:9c:35:b9:6c:e7:04:
                    0c:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:12:A3:E0:A6:E8:FC:B2:5D:18:AF:8F:E7:63:17:04:9D:3F:A5:A8
            X509v3 Authority Key Identifier:
                keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/tBKj4Kbo_LJdGK-P52MXBJ0_pag.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.150.146.0/24

    Signature Algorithm: sha256WithRSAEncryption
         52:e5:65:00:13:82:7b:f7:b6:f4:1f:3a:48:5f:b1:72:ad:24:
         e3:a6:94:0e:b3:8d:d4:35:e7:e4:2e:17:6a:8c:e4:b0:41:e1:
         75:4b:b7:f7:46:f2:d0:5a:1f:6f:4e:77:91:50:5a:14:cb:d4:
         17:ae:fa:58:f4:59:7f:4b:4e:ed:a6:65:91:ae:4e:5e:d7:e7:
         d2:f7:ff:7f:94:c9:f5:1c:ca:1e:5c:4e:01:14:1f:f6:75:08:
         42:ae:c1:cf:c4:b1:9e:46:8b:fb:eb:8a:2d:23:15:24:b3:5f:
         5d:ff:6b:10:09:5f:94:9d:18:e8:cb:9e:a9:cf:c9:4f:c6:37:
         62:18:7f:11:63:38:a6:16:55:2e:1d:82:8e:d4:15:91:ea:c7:
         2c:85:57:69:24:c2:dc:f8:57:95:32:75:fb:1a:ba:c7:ca:7d:
         94:19:05:4a:96:78:ce:3e:64:cb:6f:db:6c:c5:f6:8f:71:20:
         a8:84:3a:1d:49:54:b5:22:7d:c7:6d:f3:b3:3c:f4:39:a5:d8:
         8a:30:f6:47:72:ac:bb:1d:91:7a:88:5a:dd:81:54:7a:a3:b1:
         a0:59:5a:69:9e:59:6d:f0:48:44:27:04:e2:70:83:77:f1:43:
         bc:32:a6:60:55:06:b4:a9:9a:3e:5f:f8:27:a1:a5:72:79:e0:
         e8:35:31:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYL0d8E9B8SUfobnTj7irzb+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj
YTU3NWMwHhcNMjIwODMxMTUxNDI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDEyYTNlMGE2ZThmY2IyNWQxOGFmOGZlNzYzMTcwNDlkM2ZhNWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUN5gQDDfihuld9ZyLbFq5K9GUgP
MEhHo8vitnUfDVCafj1sc8cDCwIgdknGcB9urA0acoucktOkqLdYJutnjGpOW84A
WeSxwySzRE5aGZxdYUB5GVylKaSMFTTfD5lOH0oN+8lOV+SgyPKSR4IWylTafSiE
8ShbqjV3TcE+02PzVfAsqZXdem2tfBHYWzVccGpuhDTz67XTwdbpRWMSjm4nHNNa
XgiCVvNSv+bv1/Qiw3CfAkhPTDirebm4sB0iXXTngL4bQq2NCpXa4GicY/fcQojp
3fAv840UyG29xXjoE27zzfEz6kSbOij3WlyLPs58IKfTi6icNbls5wQMYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLQSo+Cm6PyyXRivj+djFwSdP6WoMB8GA1UdIwQY
MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt
ZmMxMjFjODAwYjMwLzEvdEJLajRLYm9fTEpkR0stUDUyTVhCSjBfcGFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw
LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpaSMA0G
CSqGSIb3DQEBCwUAA4IBAQBS5WUAE4J797b0HzpIX7FyrSTjppQOs43UNefkLhdq
jOSwQeF1S7f3RvLQWh9vTneRUFoUy9QXrvpY9Fl/S07tpmWRrk5e1+fS9/9/lMn1
HMoeXE4BFB/2dQhCrsHPxLGeRov764otIxUks19d/2sQCV+UnRjoy56pz8lPxjdi
GH8RYzimFlUuHYKO1BWR6scshVdpJMLc+FeVMnX7GrrHyn2UGQVKlnjOPmTLb9ts
xfaPcSCohDodSVS1In3HbfOzPPQ5pdiKMPZHcqy7HZF6iFrdgVR6o7GgWVppnllt
8EhEJwTicIN38UO8MqZgVQa0qZo+X/gnoaVyeeDoNTF8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:36 2024 by rpki-client on console-ams.rpki-client.org