Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6f-ZdbU4NB6iBMfk69QLe9CGTHc.roa
File:                     6f-ZdbU4NB6iBMfk69QLe9CGTHc.roa (raw, json)
Hash identifier:          06Og2WvOuKyY3m/OF+ULnOGkTnCmJnIo2z9WQcLCW7k=
Subject key identifier:   E9:FF:99:75:B5:38:34:1E:A2:04:C7:E4:EB:D4:0B:7B:D0:86:4C:77
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0182CEE7D3B5CF4FFBC041D270950C438950
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6f-ZdbU4NB6iBMfk69QLe9CGTHc.roa
Signing time:             Wed 24 Aug 2022 08:11:15 +0000
ROA not before:           Wed 24 Aug 2022 08:11:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     138687
IP address blocks:        82.153.224.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:ce:e7:d3:b5:cf:4f:fb:c0:41:d2:70:95:0c:43:89:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug 24 08:11:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e9ff9975b538341ea204c7e4ebd40b7bd0864c77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:ce:b2:cf:77:0f:6a:ce:55:4d:25:a5:51:1b:
                    d1:15:2f:dd:3a:40:e3:f5:e8:c3:62:95:b3:70:c8:
                    f7:57:7d:7f:58:ad:e7:65:bc:e9:fb:85:5b:81:88:
                    c2:d3:33:62:d0:7d:03:d3:1a:ca:c6:e3:82:c8:b6:
                    f7:64:64:f2:f0:3f:74:c4:ae:d2:dd:4e:a0:4e:20:
                    bf:2c:e8:6b:23:02:80:4b:48:38:e1:2c:b7:90:35:
                    2c:e7:4f:3f:14:5e:f3:fa:30:a3:35:d7:44:50:fa:
                    25:70:de:d9:c5:86:bc:60:3f:9a:30:01:43:62:ee:
                    48:04:df:de:28:93:f6:06:38:2f:be:62:f9:06:ec:
                    08:84:7c:90:30:61:a4:af:93:18:cc:ee:9c:d8:3a:
                    a9:17:a1:e0:4d:53:3b:90:17:19:6f:13:5a:07:b6:
                    c5:62:62:7b:16:72:7d:e6:8b:27:12:fe:73:af:dc:
                    cc:e4:cf:8d:f6:45:31:2c:c9:f3:b5:08:07:2f:02:
                    09:69:2c:bc:dc:55:56:fb:15:7b:86:57:50:ed:00:
                    d2:9b:f0:54:f7:0d:1f:13:a9:9c:2f:f7:64:c7:3a:
                    d7:e1:ef:09:b2:cd:07:d4:fd:67:d7:01:19:9b:ab:
                    6e:7a:ff:e7:f1:b4:e6:94:50:b3:e3:ad:d6:fb:3f:
                    37:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:FF:99:75:B5:38:34:1E:A2:04:C7:E4:EB:D4:0B:7B:D0:86:4C:77
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6f-ZdbU4NB6iBMfk69QLe9CGTHc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.224.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:ae:f5:e2:28:b6:92:94:86:ec:54:50:ea:5b:c3:ea:cc:b2:
         7c:ee:48:ec:bd:46:7b:3d:f9:08:f0:67:55:0a:bc:a1:e0:8c:
         0e:2f:5d:aa:e2:f3:a3:69:13:1c:b2:74:ec:2d:42:06:0e:ca:
         c5:20:5e:bb:06:a0:6a:1c:b7:4e:d2:3c:28:1d:c9:bc:64:49:
         a1:9e:75:51:0e:89:ee:29:00:b9:78:93:12:d2:54:86:57:8b:
         c6:e4:24:05:9b:93:b8:23:dc:9b:f3:1b:02:db:de:b3:f2:9a:
         00:1e:7c:12:58:cc:af:85:5f:6d:45:1a:11:f0:66:79:76:d8:
         50:f8:9d:33:17:f3:97:90:10:e9:53:27:3b:ef:c9:d4:cb:b2:
         16:1c:95:5a:d2:de:4f:cd:cb:40:f7:ad:74:6c:0e:7e:f3:6b:
         47:cb:e8:d3:72:6c:54:0b:bd:ff:63:cb:ea:40:53:53:7f:73:
         7e:8f:8c:33:26:7d:da:c5:90:56:12:0d:c8:4d:04:18:2a:c2:
         1f:9a:bc:86:48:fd:3f:84:87:83:eb:cc:db:6f:d4:34:c8:e6:
         76:9f:ca:b5:12:14:ba:eb:0e:5f:ae:d6:18:26:e6:7f:f9:f0:
         29:1c:d0:de:1c:f2:b6:18:69:0b:f4:3f:57:1a:24:f9:62:6d:
         9e:e5:24:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLO59O1z0/7wEHScJUMQ4lQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIwODI0MDgxMTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWZmOTk3NWI1MzgzNDFlYTIwNGM3ZTRlYmQ0MGI3YmQwODY0Yzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvs6yz3cPas5VTSWlURvRFS/dOkDj
9ejDYpWzcMj3V31/WK3nZbzp+4VbgYjC0zNi0H0D0xrKxuOCyLb3ZGTy8D90xK7S
3U6gTiC/LOhrIwKAS0g44Sy3kDUs508/FF7z+jCjNddEUPolcN7ZxYa8YD+aMAFD
Yu5IBN/eKJP2BjgvvmL5BuwIhHyQMGGkr5MYzO6c2DqpF6HgTVM7kBcZbxNaB7bF
YmJ7FnJ95osnEv5zr9zM5M+N9kUxLMnztQgHLwIJaSy83FVW+xV7hldQ7QDSm/BU
9w0fE6mcL/dkxzrX4e8Jss0H1P1n1wEZm6tuev/n8bTmlFCz463W+z83OwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOn/mXW1ODQeogTH5OvUC3vQhkx3MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNmYtWmRiVTROQjZpQk1mazY5UUxlOUNHVEhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpngMA0G
CSqGSIb3DQEBCwUAA4IBAQAkrvXiKLaSlIbsVFDqW8PqzLJ87kjsvUZ7PfkI8GdV
Cryh4IwOL12q4vOjaRMcsnTsLUIGDsrFIF67BqBqHLdO0jwoHcm8ZEmhnnVRDonu
KQC5eJMS0lSGV4vG5CQFm5O4I9yb8xsC296z8poAHnwSWMyvhV9tRRoR8GZ5dthQ
+J0zF/OXkBDpUyc778nUy7IWHJVa0t5PzctA9610bA5+82tHy+jTcmxUC73/Y8vq
QFNTf3N+j4wzJn3axZBWEg3ITQQYKsIfmryGSP0/hIeD68zbb9Q0yOZ2n8q1EhS6
6w5frtYYJuZ/+fApHNDeHPK2GGkL9D9XGiT5Ym2e5SQq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:20 2024 by rpki-client on console-ams.rpki-client.org