Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/7SOmGrMqkR5FoRB-ZE6sMpsKats.roa
File:                     7SOmGrMqkR5FoRB-ZE6sMpsKats.roa (raw, json)
Hash identifier:          5WY+FWZoJgJw5r80epdyTFadLbYhG1blHL2Yga0Q3t8=
Subject key identifier:   ED:23:A6:1A:B3:2A:91:1E:45:A1:10:7E:64:4E:AC:32:9B:0A:6A:DB
Certificate issuer:       /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial:       01838D3CB1FC134A3AE9E4673C5F38E81981
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/7SOmGrMqkR5FoRB-ZE6sMpsKats.roa
Signing time:             Fri 30 Sep 2022 07:11:48 +0000
ROA not before:           Fri 30 Sep 2022 07:11:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     398343
IP address blocks:        81.29.150.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:8d:3c:b1:fc:13:4a:3a:e9:e4:67:3c:5f:38:e8:19:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
        Validity
            Not Before: Sep 30 07:11:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ed23a61ab32a911e45a1107e644eac329b0a6adb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:b4:ec:d0:19:4b:21:45:b0:15:13:2b:a5:c1:
                    47:02:44:66:bb:8a:a9:aa:91:25:a2:c7:07:34:13:
                    b6:78:33:d7:bf:54:cc:ed:e4:3c:6e:c7:43:c7:6c:
                    c1:6f:12:e2:35:06:7b:b1:93:2e:1c:68:f2:ac:e7:
                    80:eb:d1:6d:c6:a9:69:d6:7b:e0:73:78:94:34:87:
                    53:66:3f:14:bb:68:60:9f:1c:74:8d:89:4f:8e:63:
                    2d:a3:3b:c9:b7:01:9a:20:06:f2:eb:ce:b0:2c:9a:
                    6b:d1:d2:38:f7:ff:47:d7:d1:ad:ff:44:d1:f8:59:
                    da:13:cb:3e:17:1a:23:06:99:ea:5a:64:a7:4b:57:
                    d7:ed:16:88:56:91:15:7a:a5:a7:ff:27:27:44:c3:
                    53:b9:c7:67:8d:67:17:e9:ec:a9:d4:2b:ee:1e:61:
                    08:a2:ec:4b:14:b5:4e:be:53:7e:3f:cd:54:0d:cb:
                    31:81:db:de:e7:16:40:6c:79:10:f0:a5:d3:b8:c4:
                    18:c9:aa:c6:19:3a:cc:15:d3:4a:72:2c:1f:59:56:
                    fe:c0:08:5b:f3:a5:ea:41:07:7a:43:6f:35:b8:1d:
                    68:1a:8a:b4:bd:34:20:f2:f2:69:d6:05:f5:8a:e0:
                    fb:23:cc:87:1c:5b:a8:0b:53:8f:b3:2d:85:5b:5c:
                    2d:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:23:A6:1A:B3:2A:91:1E:45:A1:10:7E:64:4E:AC:32:9B:0A:6A:DB
            X509v3 Authority Key Identifier:
                keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/7SOmGrMqkR5FoRB-ZE6sMpsKats.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.29.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:31:11:31:bb:9d:38:21:0f:a0:15:a6:89:26:52:3a:a4:e4:
         10:7c:31:dd:50:76:02:7e:76:01:e3:a5:9b:b1:b9:a0:88:36:
         0d:6e:4b:22:fe:dc:c5:88:b7:d3:9e:4e:6c:88:0d:db:1d:44:
         89:e5:5b:99:45:c0:3f:af:ed:03:41:57:10:eb:6d:a8:50:6f:
         18:6b:9f:8d:ed:24:fc:48:e2:14:f5:dc:97:f2:51:4a:3d:85:
         75:df:05:d6:98:26:87:ec:a5:12:f4:ad:7a:66:53:07:d0:27:
         4e:17:b6:59:8e:95:b0:58:af:a8:3a:18:07:e2:9c:d9:8d:aa:
         96:a6:5a:36:56:4a:84:e6:a8:b2:a9:4d:ba:3c:8b:88:01:38:
         f4:7a:e6:14:0e:b2:f8:38:41:c2:9d:7c:cf:e7:b3:8d:4d:0d:
         b9:0e:99:7f:cb:0c:ff:a8:29:1b:65:ed:b6:0b:f9:3f:e9:0e:
         99:b0:04:4a:4e:50:eb:3d:17:d9:4d:ab:89:dc:e8:a3:63:a6:
         af:a9:5a:ef:44:bc:0f:cd:bc:7f:45:1e:91:a4:6c:59:a0:bf:
         c2:f4:ab:b6:6c:39:e2:11:05:52:62:90:13:e5:7b:3a:6e:b1:
         b6:f1:cb:c2:ca:5c:50:1d:54:7b:26:ef:dc:34:f6:a5:4e:d9:
         78:f9:54:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYONPLH8E0o66eRnPF846BmBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjIwOTMwMDcxMTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDIzYTYxYWIzMmE5MTFlNDVhMTEwN2U2NDRlYWMzMjliMGE2YWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbTs0BlLIUWwFRMrpcFHAkRmu4qp
qpEloscHNBO2eDPXv1TM7eQ8bsdDx2zBbxLiNQZ7sZMuHGjyrOeA69Ftxqlp1nvg
c3iUNIdTZj8Uu2hgnxx0jYlPjmMtozvJtwGaIAby686wLJpr0dI49/9H19Gt/0TR
+FnaE8s+FxojBpnqWmSnS1fX7RaIVpEVeqWn/ycnRMNTucdnjWcX6eyp1CvuHmEI
ouxLFLVOvlN+P81UDcsxgdve5xZAbHkQ8KXTuMQYyarGGTrMFdNKciwfWVb+wAhb
86XqQQd6Q281uB1oGoq0vTQg8vJp1gX1iuD7I8yHHFuoC1OPsy2FW1wt0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO0jphqzKpEeRaEQfmROrDKbCmrbMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvN1NPbUdyTXFrUjVGb1JCLVpFNnNNcHNLYXRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUR2WMA0G
CSqGSIb3DQEBCwUAA4IBAQBYMRExu504IQ+gFaaJJlI6pOQQfDHdUHYCfnYB46Wb
sbmgiDYNbksi/tzFiLfTnk5siA3bHUSJ5VuZRcA/r+0DQVcQ622oUG8Ya5+N7ST8
SOIU9dyX8lFKPYV13wXWmCaH7KUS9K16ZlMH0CdOF7ZZjpWwWK+oOhgH4pzZjaqW
plo2VkqE5qiyqU26PIuIATj0euYUDrL4OEHCnXzP57ONTQ25Dpl/ywz/qCkbZe22
C/k/6Q6ZsARKTlDrPRfZTauJ3OijY6avqVrvRLwPzbx/RR6RpGxZoL/C9Ku2bDni
EQVSYpAT5Xs6brG28cvCylxQHVR7Ju/cNPalTtl4+VSW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:39 2024 by rpki-client on console-fra.rpki-client.org