Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5DYxDbzFNwN03Xbt2ItKB20f0cE.roa
File:                     5DYxDbzFNwN03Xbt2ItKB20f0cE.roa (raw, json)
Hash identifier:          kKf23Jn6xEtEse/HIzjAGF8WooVdVNGoOGzzOAiOfGc=
Subject key identifier:   E4:36:31:0D:BC:C5:37:03:74:DD:76:ED:D8:8B:4A:07:6D:1F:D1:C1
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0183AC5D84852CE9BE2139C66E14476A9BF0
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5DYxDbzFNwN03Xbt2ItKB20f0cE.roa
Signing time:             Thu 06 Oct 2022 08:15:53 +0000
ROA not before:           Thu 06 Oct 2022 08:15:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     150303
IP address blocks:        82.153.66.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:ac:5d:84:85:2c:e9:be:21:39:c6:6e:14:47:6a:9b:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Oct  6 08:15:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e436310dbcc5370374dd76edd88b4a076d1fd1c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:5e:b8:9c:2d:43:bd:ad:95:d8:03:24:31:72:
                    18:a8:73:38:a0:55:f9:36:8d:8e:a6:f1:a6:5c:89:
                    07:85:72:33:eb:31:da:48:4b:8c:29:43:5b:6a:de:
                    7a:17:60:e3:ea:ed:d5:93:67:1d:6b:51:8f:c7:05:
                    8d:63:0c:4e:2e:12:07:ba:0a:5c:de:0d:27:2f:33:
                    4b:b6:aa:b1:33:f9:8e:15:28:d4:93:2b:fc:a2:ab:
                    e1:4b:bd:87:6b:95:b6:ad:10:bf:e0:85:71:93:81:
                    95:da:27:82:6e:d3:7c:ef:85:3a:83:af:bd:7b:01:
                    87:19:2e:8f:d2:43:b8:68:a4:50:02:3a:ca:f9:04:
                    72:a7:d6:99:58:94:b5:59:5d:f8:fd:df:ac:a3:91:
                    29:de:de:84:21:ec:5d:1d:66:d7:44:88:48:59:8f:
                    27:15:86:98:15:c0:45:f0:be:32:19:e6:5e:5b:92:
                    7d:68:33:e3:13:d4:82:5b:98:1b:bb:41:b3:86:ae:
                    5c:02:6e:f9:cf:70:e1:1b:cc:c7:51:d4:ed:ec:b8:
                    79:d2:d2:51:77:c0:56:51:33:ee:4f:26:cc:58:df:
                    02:17:3e:a3:fd:09:d3:4d:c2:9e:7e:97:fc:35:a8:
                    83:4b:ac:57:54:01:23:8a:4a:fa:19:73:d0:8a:0b:
                    79:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:36:31:0D:BC:C5:37:03:74:DD:76:ED:D8:8B:4A:07:6D:1F:D1:C1
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5DYxDbzFNwN03Xbt2ItKB20f0cE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.66.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:50:7e:b2:1e:bd:c5:dd:87:3d:90:31:25:a9:09:ff:4f:35:
         58:15:84:3c:ae:2e:8a:68:46:e3:d8:1b:d0:fe:be:ea:05:43:
         b7:b1:17:5a:fe:6c:fa:bc:c8:c2:58:17:7d:f2:97:be:72:1e:
         47:9d:45:f5:6b:ee:ea:59:45:2d:e0:5a:d6:83:76:32:45:12:
         0e:75:33:85:9d:a3:0f:e1:60:8b:98:fd:57:89:ef:4b:1c:39:
         ac:4e:77:ec:e6:81:6d:1b:66:64:b5:77:01:ee:e3:1f:42:cf:
         26:0a:66:7f:db:23:50:6a:d1:c3:b8:6b:57:60:4f:5b:3f:be:
         4f:26:c0:c2:77:0b:14:f6:10:30:aa:b3:f1:1d:50:a3:45:f0:
         d8:3e:5f:86:07:bc:6e:d2:57:a0:71:77:f1:e9:20:8c:72:00:
         7c:eb:b2:b6:d5:71:00:b1:ae:3f:c2:97:2d:d8:54:b5:aa:fd:
         a3:6c:a5:2c:85:15:dc:e4:c5:68:7e:b1:03:63:5e:f3:18:88:
         34:a7:60:95:19:c2:5e:bc:cd:82:76:4d:ff:05:72:4e:00:0e:
         7e:3b:91:62:88:64:b5:23:9b:fc:2b:f3:20:57:a8:b2:12:1d:
         cf:e5:c3:b3:6e:58:56:6f:29:c2:ec:00:16:2f:5b:a8:1a:5e:
         2e:94:f3:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOsXYSFLOm+ITnGbhRHapvwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIxMDA2MDgxNTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDM2MzEwZGJjYzUzNzAzNzRkZDc2ZWRkODhiNGEwNzZkMWZkMWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi164nC1Dva2V2AMkMXIYqHM4oFX5
No2OpvGmXIkHhXIz6zHaSEuMKUNbat56F2Dj6u3Vk2cda1GPxwWNYwxOLhIHugpc
3g0nLzNLtqqxM/mOFSjUkyv8oqvhS72Ha5W2rRC/4IVxk4GV2ieCbtN874U6g6+9
ewGHGS6P0kO4aKRQAjrK+QRyp9aZWJS1WV34/d+so5Ep3t6EIexdHWbXRIhIWY8n
FYaYFcBF8L4yGeZeW5J9aDPjE9SCW5gbu0Gzhq5cAm75z3DhG8zHUdTt7Lh50tJR
d8BWUTPuTybMWN8CFz6j/QnTTcKefpf8NaiDS6xXVAEjikr6GXPQigt5vwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOQ2MQ28xTcDdN127diLSgdtH9HBMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNURZeERiekZOd04wM1hidDJJdEtCMjBmMGNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUplCMA0G
CSqGSIb3DQEBCwUAA4IBAQBXUH6yHr3F3Yc9kDElqQn/TzVYFYQ8ri6KaEbj2BvQ
/r7qBUO3sRda/mz6vMjCWBd98pe+ch5HnUX1a+7qWUUt4FrWg3YyRRIOdTOFnaMP
4WCLmP1Xie9LHDmsTnfs5oFtG2ZktXcB7uMfQs8mCmZ/2yNQatHDuGtXYE9bP75P
JsDCdwsU9hAwqrPxHVCjRfDYPl+GB7xu0legcXfx6SCMcgB867K21XEAsa4/wpct
2FS1qv2jbKUshRXc5MVofrEDY17zGIg0p2CVGcJevM2Cdk3/BXJOAA5+O5FiiGS1
I5v8K/MgV6iyEh3P5cOzblhWbynC7AAWL1uoGl4ulPOb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:13 2024 by rpki-client on console-fra.rpki-client.org