Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/ZuUngM-OOreqWDQSEpJ-6G01Yzo.roa
File:                     ZuUngM-OOreqWDQSEpJ-6G01Yzo.roa (raw, json)
Hash identifier:          xcPn4Sdlh9/piUlB8x7f4qtXE6UWMCJC6me1cWzn4wQ=
Subject key identifier:   66:E5:27:80:CF:8E:3A:B7:AA:58:34:12:12:92:7E:E8:6D:35:63:3A
Certificate issuer:       /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial:       01839C7617D676F3D13FB1B847DBBF95539C
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/ZuUngM-OOreqWDQSEpJ-6G01Yzo.roa
Signing time:             Mon 03 Oct 2022 06:08:48 +0000
ROA not before:           Mon 03 Oct 2022 06:08:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     46573
IP address blocks:        81.29.152.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:9c:76:17:d6:76:f3:d1:3f:b1:b8:47:db:bf:95:53:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
        Validity
            Not Before: Oct  3 06:08:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=66e52780cf8e3ab7aa58341212927ee86d35633a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:5f:2c:14:fa:09:01:5b:52:11:92:d1:77:70:
                    38:30:54:f5:e4:59:4c:af:d9:e7:e2:65:64:80:ce:
                    a2:99:11:59:7e:c6:b5:ec:14:0b:3a:62:d4:60:da:
                    05:5c:a5:0c:73:a2:f9:ca:90:96:69:9e:e9:68:d9:
                    c3:3d:dd:db:7f:eb:0f:fa:cd:dc:52:77:4d:4d:59:
                    e7:83:a3:f8:d7:01:f1:72:28:36:0a:86:5c:01:e0:
                    71:ce:68:05:e8:8d:03:b1:67:ca:90:ec:48:1b:60:
                    38:cb:94:cb:83:8b:1c:57:2e:2e:8a:95:a9:04:c1:
                    79:8a:8b:88:92:5e:b4:63:b5:da:39:a4:cc:bf:6f:
                    da:c1:20:4e:84:4d:ec:f1:d4:46:bf:b5:bb:6e:5e:
                    94:76:d1:43:43:ba:12:8a:32:d9:86:ea:02:b3:29:
                    80:5c:ee:c7:1c:ee:f1:78:33:d5:6e:5c:82:ff:82:
                    3c:be:7a:24:fe:71:85:62:39:83:e2:cb:d8:8f:6e:
                    65:f3:b5:fb:fb:34:98:33:fa:45:83:8b:e9:03:bd:
                    1f:61:c9:a2:df:cc:70:90:62:08:6c:63:9e:45:ec:
                    e9:d0:70:04:3a:b7:64:f5:f2:7a:c8:ae:e4:36:2d:
                    6e:ae:93:7d:eb:36:4a:54:a7:48:e2:e8:61:fb:4b:
                    58:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:E5:27:80:CF:8E:3A:B7:AA:58:34:12:12:92:7E:E8:6D:35:63:3A
            X509v3 Authority Key Identifier:
                keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/ZuUngM-OOreqWDQSEpJ-6G01Yzo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.29.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:b4:cc:fe:37:65:34:ec:4d:48:a9:7a:56:45:a3:e3:99:bf:
         09:62:22:73:0e:3a:fe:cb:c3:53:7c:57:ed:be:63:c7:2f:d5:
         3e:d6:2b:45:f9:e9:11:3e:81:92:6a:44:53:ec:1d:ef:c5:5c:
         3a:95:2c:1b:37:f8:b9:3c:ed:3c:9f:ba:73:6c:ca:c3:68:43:
         bb:0c:7f:1b:36:6d:68:6a:1f:aa:82:c4:ff:27:0b:26:63:11:
         b0:4d:c5:fe:77:f1:c1:e1:7c:73:1a:74:dd:e6:b8:94:d1:e5:
         13:46:9c:6a:31:82:de:ca:f7:5d:c5:ae:94:7f:e1:2d:d8:c3:
         dc:49:2f:a2:f2:01:0b:10:86:17:aa:84:f9:f0:2f:73:b9:5d:
         30:bd:bb:40:13:0a:ad:80:93:08:5f:2d:31:71:bb:af:e1:92:
         74:50:4f:fb:b4:c4:aa:9d:29:8c:a8:3b:33:3a:09:67:44:42:
         a2:6c:28:90:2f:d9:0c:e9:99:a5:69:c9:b3:b0:87:d3:4e:d9:
         11:ff:ed:ae:1f:d9:e2:d4:43:fc:44:b6:49:35:16:db:ea:76:
         8c:6e:9e:bd:f0:2a:23:ee:cd:29:d7:da:e2:38:eb:ee:e3:02:
         d2:fb:c7:9a:e7:d4:43:4c:19:eb:11:ef:b4:df:ea:96:cd:80:
         c8:21:00:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOcdhfWdvPRP7G4R9u/lVOcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjIxMDAzMDYwODQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmU1Mjc4MGNmOGUzYWI3YWE1ODM0MTIxMjkyN2VlODZkMzU2MzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkF8sFPoJAVtSEZLRd3A4MFT15FlM
r9nn4mVkgM6imRFZfsa17BQLOmLUYNoFXKUMc6L5ypCWaZ7paNnDPd3bf+sP+s3c
UndNTVnng6P41wHxcig2CoZcAeBxzmgF6I0DsWfKkOxIG2A4y5TLg4scVy4uipWp
BMF5iouIkl60Y7XaOaTMv2/awSBOhE3s8dRGv7W7bl6UdtFDQ7oSijLZhuoCsymA
XO7HHO7xeDPVblyC/4I8vnok/nGFYjmD4svYj25l87X7+zSYM/pFg4vpA70fYcmi
38xwkGIIbGOeRezp0HAEOrdk9fJ6yK7kNi1urpN96zZKVKdI4uhh+0tYFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGblJ4DPjjq3qlg0EhKSfuhtNWM6MB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvWnVVbmdNLU9PcmVxV0RRU0VwSi02RzAxWXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUR2YMA0G
CSqGSIb3DQEBCwUAA4IBAQCGtMz+N2U07E1IqXpWRaPjmb8JYiJzDjr+y8NTfFft
vmPHL9U+1itF+ekRPoGSakRT7B3vxVw6lSwbN/i5PO08n7pzbMrDaEO7DH8bNm1o
ah+qgsT/JwsmYxGwTcX+d/HB4XxzGnTd5riU0eUTRpxqMYLeyvddxa6Uf+Et2MPc
SS+i8gELEIYXqoT58C9zuV0wvbtAEwqtgJMIXy0xcbuv4ZJ0UE/7tMSqnSmMqDsz
OglnREKibCiQL9kM6ZmlacmzsIfTTtkR/+2uH9ni1EP8RLZJNRbb6naMbp698Coj
7s0p19riOOvu4wLS+8ea59RDTBnrEe+03+qWzYDIIQCl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:35 2024 by rpki-client on console-ams.rpki-client.org