Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1n-FzyRQSaohloHLTPrg0Fgi8Rc.roa
File:                     1n-FzyRQSaohloHLTPrg0Fgi8Rc.roa (raw, json)
Hash identifier:          4HO0zUHTjmdguTC13Dv9pQ0w2qQ2em35A3kf/8Tn9c0=
Subject key identifier:   D6:7F:85:CF:24:50:49:AA:21:96:81:CB:4C:FA:E0:D0:58:22:F1:17
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01847A8F54C018CBA1AE83021440904A5B3E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1n-FzyRQSaohloHLTPrg0Fgi8Rc.roa
Signing time:             Tue 15 Nov 2022 09:12:04 +0000
ROA not before:           Tue 15 Nov 2022 09:12:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211439
IP address blocks:        82.153.249.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:7a:8f:54:c0:18:cb:a1:ae:83:02:14:40:90:4a:5b:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Nov 15 09:12:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d67f85cf245049aa219681cb4cfae0d05822f117
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:cf:88:05:56:2b:09:0a:1f:c7:f5:a3:b9:f5:
                    d1:a3:e6:30:f7:73:ee:4b:8c:9c:a5:e0:c7:62:e3:
                    d8:6f:d9:1b:21:b0:6a:a5:aa:22:3c:1c:6d:12:c2:
                    1d:35:d3:04:9b:c2:8d:3a:17:62:f7:b4:80:ea:30:
                    b1:49:57:e8:5b:30:32:6d:4e:83:20:bf:d9:62:d3:
                    8a:2d:71:ad:d6:9c:09:cd:5d:e6:02:d5:80:25:8a:
                    6b:05:eb:c6:1a:29:2c:3d:ad:d3:7e:57:8d:ba:29:
                    59:5e:4b:7c:8d:da:5a:5e:a9:6f:29:15:2c:5c:e5:
                    c8:c7:02:f4:54:b0:ee:75:51:2f:6c:39:df:95:f5:
                    e6:01:4e:55:47:f1:ea:d4:b5:27:e3:28:01:79:14:
                    72:98:12:fa:f0:cc:a9:0c:b7:7c:78:55:56:e7:3a:
                    ad:41:c8:36:a0:7c:49:cc:75:ed:21:76:ab:3f:c0:
                    99:cc:13:2d:9f:37:58:c3:ba:16:97:3d:6b:73:10:
                    83:ff:20:f2:b1:e5:bf:39:03:f8:9e:19:bb:b6:e1:
                    df:b7:e6:79:9d:f2:30:99:69:c2:69:1f:18:6d:a1:
                    4e:2b:a9:0c:77:7e:22:0b:3d:8b:e2:cb:78:6f:68:
                    50:8c:37:9d:52:80:01:65:76:10:7a:18:1b:20:55:
                    9b:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:7F:85:CF:24:50:49:AA:21:96:81:CB:4C:FA:E0:D0:58:22:F1:17
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1n-FzyRQSaohloHLTPrg0Fgi8Rc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:bc:48:37:1f:57:88:a7:b2:2f:2b:aa:a9:27:e3:dc:2f:ca:
         b9:e1:07:68:83:af:78:ed:af:ad:25:37:aa:72:0a:c3:16:49:
         45:13:7d:4d:91:24:bb:93:e7:7f:49:5a:13:fc:ad:bf:9c:73:
         cf:04:bc:cc:3d:ac:7d:77:f2:ce:ae:b8:a1:8d:d2:3e:68:c9:
         de:d3:b1:51:c7:c0:8a:a0:ed:1b:0f:02:8f:eb:73:56:76:e8:
         f1:5e:5a:9e:fe:2e:b8:cc:df:1a:93:f0:3e:26:0f:58:dd:83:
         ba:93:17:5c:04:40:63:ff:8a:e9:57:0d:71:ab:f9:56:9b:b0:
         be:71:0e:dc:dc:e7:75:bc:f0:73:48:ac:ed:92:6c:27:af:65:
         0e:87:d1:43:5d:02:9d:2f:66:c3:ec:46:3b:59:41:cb:56:73:
         b8:3e:87:1a:03:26:0b:4a:47:3a:b8:8d:1c:c6:e0:1d:47:a8:
         7f:71:e6:c9:9b:35:0f:00:42:29:80:77:5f:7c:67:9c:ab:04:
         d4:47:5f:8b:6d:df:ce:57:b0:5e:b3:45:b7:6b:cc:fe:6f:ea:
         39:9f:1f:7f:15:8f:71:ef:36:b2:5d:f0:21:a7:cc:09:4c:b1:
         bc:bb:6a:a9:67:05:12:32:80:b0:93:ba:4e:33:b0:85:ca:7b:
         5f:bd:85:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR6j1TAGMuhroMCFECQSls+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIxMTE1MDkxMjA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjdmODVjZjI0NTA0OWFhMjE5NjgxY2I0Y2ZhZTBkMDU4MjJmMTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqM+IBVYrCQofx/WjufXRo+Yw93Pu
S4ycpeDHYuPYb9kbIbBqpaoiPBxtEsIdNdMEm8KNOhdi97SA6jCxSVfoWzAybU6D
IL/ZYtOKLXGt1pwJzV3mAtWAJYprBevGGiksPa3TfleNuilZXkt8jdpaXqlvKRUs
XOXIxwL0VLDudVEvbDnflfXmAU5VR/Hq1LUn4ygBeRRymBL68MypDLd8eFVW5zqt
Qcg2oHxJzHXtIXarP8CZzBMtnzdYw7oWlz1rcxCD/yDyseW/OQP4nhm7tuHft+Z5
nfIwmWnCaR8YbaFOK6kMd34iCz2L4st4b2hQjDedUoABZXYQehgbIFWbMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNZ/hc8kUEmqIZaBy0z64NBYIvEXMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMW4tRnp5UlFTYW9obG9ITFRQcmcwRmdpOFJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpn5MA0G
CSqGSIb3DQEBCwUAA4IBAQAhvEg3H1eIp7IvK6qpJ+PcL8q54Qdog6947a+tJTeq
cgrDFklFE31NkSS7k+d/SVoT/K2/nHPPBLzMPax9d/LOrrihjdI+aMne07FRx8CK
oO0bDwKP63NWdujxXlqe/i64zN8ak/A+Jg9Y3YO6kxdcBEBj/4rpVw1xq/lWm7C+
cQ7c3Od1vPBzSKztkmwnr2UOh9FDXQKdL2bD7EY7WUHLVnO4PocaAyYLSkc6uI0c
xuAdR6h/cebJmzUPAEIpgHdffGecqwTUR1+Lbd/OV7Bes0W3a8z+b+o5nx9/FY9x
7zayXfAhp8wJTLG8u2qpZwUSMoCwk7pOM7CFyntfvYUm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:13 2024 by rpki-client on console-fra.rpki-client.org