Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1jQQkfvXYCzAz8Yi-klMxQLpGyc.roa
File:                     1jQQkfvXYCzAz8Yi-klMxQLpGyc.roa (raw, json)
Hash identifier:          Pcf/aU2nDjWxLgNfwHokrt2UQtLdHqUUONsOU2tL8f0=
Subject key identifier:   D6:34:10:91:FB:D7:60:2C:C0:CF:C6:22:FA:49:4C:C5:02:E9:1B:27
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0183834609EDCD80A93700110A0DCB83B2C6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1jQQkfvXYCzAz8Yi-klMxQLpGyc.roa
Signing time:             Wed 28 Sep 2022 08:45:48 +0000
ROA not before:           Wed 28 Sep 2022 08:45:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        82.152.179.0/24 maxlen: 24
                          82.153.243.0/24 maxlen: 24
                          82.153.69.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:83:46:09:ed:cd:80:a9:37:00:11:0a:0d:cb:83:b2:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Sep 28 08:45:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d6341091fbd7602cc0cfc622fa494cc502e91b27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:74:3f:e6:58:7f:db:7b:87:a5:7c:61:87:be:
                    bd:bf:71:29:27:5d:b1:0c:88:08:0b:50:cb:0a:e9:
                    58:54:de:09:38:80:06:1c:cf:b7:80:7e:e1:78:b8:
                    86:e6:a2:c9:a1:99:9f:33:53:25:60:08:f2:b7:b7:
                    d3:8f:7e:75:4e:0d:b7:11:8c:24:8b:2c:c8:24:f0:
                    72:03:ca:3c:4e:94:e7:6c:43:b1:1b:60:47:10:ca:
                    fb:7b:04:c1:1f:1c:9f:10:79:29:01:cb:e6:31:46:
                    8c:9a:5f:ab:a6:b5:e6:a1:67:d3:d6:4c:4d:38:7a:
                    c1:db:56:2a:43:d5:31:aa:83:c4:27:4a:b0:19:3b:
                    5e:18:cf:ad:65:13:ba:6c:f8:79:09:62:6e:78:5e:
                    ef:01:3e:ff:ae:bc:5b:ba:d5:4b:d7:90:d2:8a:de:
                    e9:f0:3a:cc:26:33:28:ba:69:0b:4f:a8:65:b9:67:
                    7e:ba:ec:a8:71:fe:dc:e2:05:f0:91:44:28:b9:33:
                    29:68:d3:1e:86:ad:dd:07:ea:92:a3:79:52:a6:46:
                    89:f1:d5:48:c5:46:92:2e:8f:82:10:34:5c:9b:a3:
                    ea:92:a3:62:0d:50:86:e8:59:52:ed:01:ca:bf:43:
                    39:7e:8f:56:e5:03:1b:67:51:62:02:d7:e9:20:dd:
                    25:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:34:10:91:FB:D7:60:2C:C0:CF:C6:22:FA:49:4C:C5:02:E9:1B:27
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1jQQkfvXYCzAz8Yi-klMxQLpGyc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.179.0/24
                  82.153.69.0/24
                  82.153.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:df:25:0e:80:72:3d:9d:d4:3a:9c:77:70:c2:e0:62:ed:48:
         c2:bd:c1:1e:50:a4:b7:00:0f:90:51:c3:ca:71:d6:e5:fe:f4:
         44:52:15:d5:f9:be:1e:c8:0d:7b:92:2e:2b:78:97:82:28:c1:
         69:30:2f:a8:d1:30:46:91:b5:a5:ca:5e:5f:7c:08:e9:6e:26:
         23:c9:cc:4d:62:8b:85:0b:7c:d0:a4:7d:10:76:65:35:08:ad:
         64:e4:de:bf:d9:fe:04:a5:76:c5:86:bc:a8:fa:ec:cc:67:4c:
         1d:a3:f2:39:5d:bc:39:d3:51:65:1c:8f:17:6e:95:b1:ad:d1:
         e9:2a:7b:b5:8f:a4:8e:6a:17:df:e4:5e:69:87:be:b2:1f:c4:
         d4:68:6f:83:b9:ec:65:92:38:81:c0:0d:50:5d:08:91:df:1a:
         4a:8a:11:a9:1f:61:0e:21:45:6d:76:a7:77:e7:ad:7f:45:17:
         3b:dc:8d:3e:63:ca:64:30:83:a5:82:03:11:71:c7:c2:47:d4:
         a8:f5:d8:3e:55:bc:7d:0f:ad:a1:71:66:dc:11:3a:a5:4d:9e:
         98:cf:06:01:53:d6:d2:f3:d5:3b:2f:49:c7:de:f7:2d:5d:9b:
         e4:1d:53:e1:8f:1d:56:83:f4:05:87:11:b4:c8:12:85:f3:45:
         0b:8c:df:b2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYODRgntzYCpNwARCg3Lg7LGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIwOTI4MDg0NTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjM0MTA5MWZiZDc2MDJjYzBjZmM2MjJmYTQ5NGNjNTAyZTkxYjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnQ/5lh/23uHpXxhh769v3EpJ12x
DIgIC1DLCulYVN4JOIAGHM+3gH7heLiG5qLJoZmfM1MlYAjyt7fTj351Tg23EYwk
iyzIJPByA8o8TpTnbEOxG2BHEMr7ewTBHxyfEHkpAcvmMUaMml+rprXmoWfT1kxN
OHrB21YqQ9UxqoPEJ0qwGTteGM+tZRO6bPh5CWJueF7vAT7/rrxbutVL15DSit7p
8DrMJjMoumkLT6hluWd+uuyocf7c4gXwkUQouTMpaNMehq3dB+qSo3lSpkaJ8dVI
xUaSLo+CEDRcm6PqkqNiDVCG6FlS7QHKv0M5fo9W5QMbZ1FiAtfpIN0l1QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNY0EJH712AswM/GIvpJTMUC6RsnMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMWpRUWtmdlhZQ3pBejhZaS1rbE14UUxwR3ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpizAwQA
UplFAwQAUpnzMA0GCSqGSIb3DQEBCwUAA4IBAQAr3yUOgHI9ndQ6nHdwwuBi7UjC
vcEeUKS3AA+QUcPKcdbl/vREUhXV+b4eyA17ki4reJeCKMFpMC+o0TBGkbWlyl5f
fAjpbiYjycxNYouFC3zQpH0QdmU1CK1k5N6/2f4EpXbFhryo+uzMZ0wdo/I5Xbw5
01FlHI8XbpWxrdHpKnu1j6SOahff5F5ph76yH8TUaG+DuexlkjiBwA1QXQiR3xpK
ihGpH2EOIUVtdqd3561/RRc73I0+Y8pkMIOlggMRccfCR9So9dg+Vbx9D62hcWbc
ETqlTZ6YzwYBU9bS89U7L0nH3vctXZvkHVPhjx1Wg/QFhxG0yBKF80ULjN+y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:13 2024 by rpki-client on console-fra.rpki-client.org