Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8T_JqdDVeR0Q6cCuJ67X16UG5Nk.roa
File:                     8T_JqdDVeR0Q6cCuJ67X16UG5Nk.roa (raw, json)
Hash identifier:          SPi2OirtDuAUW9/ZbXndtf8J9kbwUR8gj58ws7NSJ0I=
Subject key identifier:   F1:3F:C9:A9:D0:D5:79:1D:10:E9:C0:AE:27:AE:D7:D7:A5:06:E4:D9
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018317005D826337A5363D420EC537166D19
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8T_JqdDVeR0Q6cCuJ67X16UG5Nk.roa
Signing time:             Wed 07 Sep 2022 08:10:43 +0000
ROA not before:           Wed 07 Sep 2022 08:10:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     138687
IP address blocks:        81.168.117.0/24 maxlen: 24
                          81.5.156.0/24 maxlen: 24
                          82.153.224.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:17:00:5d:82:63:37:a5:36:3d:42:0e:c5:37:16:6d:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Sep  7 08:10:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f13fc9a9d0d5791d10e9c0ae27aed7d7a506e4d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:cd:62:e9:a5:f3:30:0a:21:59:2e:e2:0f:1a:
                    7a:ea:64:ed:b7:53:0b:fe:b8:b5:c0:d3:55:19:f0:
                    00:ce:e4:44:bb:e7:58:54:94:a5:05:dd:cf:90:65:
                    bc:7e:9e:db:08:f4:c2:4e:b8:2d:50:42:fa:eb:73:
                    cf:ba:42:47:3a:5c:44:77:8c:af:5d:2c:3c:55:61:
                    4c:2c:68:7e:cb:eb:52:b1:3a:c8:82:81:3c:bc:b7:
                    14:79:4f:cc:0e:f3:cf:f3:29:66:9f:6c:12:e7:19:
                    f8:1a:b3:d0:81:2f:46:68:ff:e2:df:f4:98:b2:ab:
                    f2:fe:94:cf:7a:0c:25:d8:8f:44:fc:29:f3:d6:69:
                    38:ef:05:cf:89:f7:08:6b:1b:06:5b:f6:9e:7b:39:
                    d9:ac:b3:4b:dd:92:6d:d2:5b:5e:64:d3:86:db:76:
                    3c:8c:d4:ab:ac:64:0b:35:5e:f0:15:06:1e:12:6f:
                    54:f3:c5:28:8a:05:0a:19:d4:9b:ff:9c:d9:37:07:
                    19:01:c4:4e:a3:33:3a:a9:08:2a:f2:32:2e:1a:15:
                    1b:3d:c0:c4:dc:66:9f:1c:76:64:1f:ad:0c:20:b6:
                    6c:84:bb:75:98:a5:c8:55:af:b4:ab:96:84:60:b6:
                    f8:6e:8b:6f:14:e7:82:b9:9d:12:8e:d3:fd:fe:3a:
                    a5:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:3F:C9:A9:D0:D5:79:1D:10:E9:C0:AE:27:AE:D7:D7:A5:06:E4:D9
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8T_JqdDVeR0Q6cCuJ67X16UG5Nk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.156.0/24
                  81.168.117.0/24
                  82.153.224.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:af:4e:f6:7f:52:bb:80:6a:4b:1f:35:d0:0b:a8:28:f2:4a:
         91:f0:4d:e2:a9:63:0a:ff:62:85:99:70:5b:33:25:02:dd:57:
         74:95:c4:a4:5d:b3:5b:e8:25:76:32:e1:b2:0e:f7:5e:33:d7:
         16:cc:65:cf:86:3f:7c:bd:b9:d7:5c:6f:75:b8:5a:4f:87:f7:
         5a:a6:33:e2:96:d8:3f:f7:b4:ef:e0:32:14:f7:c0:97:f2:c9:
         fb:13:c7:79:6b:73:d1:3a:9c:6a:00:5a:f6:7c:24:d3:c1:bd:
         5a:94:12:2b:ec:7d:0d:fd:04:a9:98:b9:3c:0a:14:97:58:e5:
         c6:5f:e8:be:8a:c5:06:0e:69:9c:74:87:ee:43:fc:cf:9f:b7:
         b4:41:9e:ae:e8:9e:2f:52:d8:52:24:bb:f2:7f:11:9c:da:66:
         e8:a1:9d:da:d8:b6:dd:86:eb:35:77:71:7b:88:7b:5f:c0:68:
         de:a4:da:a3:f8:aa:9d:3c:25:35:d0:c6:88:2b:07:c7:08:08:
         9a:22:eb:fa:11:2e:0c:96:d6:29:f8:74:9b:3e:df:1b:da:ff:
         43:bf:45:b5:43:99:56:ad:9e:b9:3f:9c:bd:c0:ed:08:8e:c0:
         70:24:73:a6:e2:32:2d:d7:c2:85:1d:19:2b:89:20:43:6f:a4:
         19:14:b2:db
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYMXAF2CYzelNj1CDsU3Fm0ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIwOTA3MDgxMDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTNmYzlhOWQwZDU3OTFkMTBlOWMwYWUyN2FlZDdkN2E1MDZlNGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmM1i6aXzMAohWS7iDxp66mTtt1ML
/ri1wNNVGfAAzuREu+dYVJSlBd3PkGW8fp7bCPTCTrgtUEL663PPukJHOlxEd4yv
XSw8VWFMLGh+y+tSsTrIgoE8vLcUeU/MDvPP8ylmn2wS5xn4GrPQgS9GaP/i3/SY
sqvy/pTPegwl2I9E/Cnz1mk47wXPifcIaxsGW/aeeznZrLNL3ZJt0lteZNOG23Y8
jNSrrGQLNV7wFQYeEm9U88UoigUKGdSb/5zZNwcZAcROozM6qQgq8jIuGhUbPcDE
3GafHHZkH60MILZshLt1mKXIVa+0q5aEYLb4botvFOeCuZ0SjtP9/jql8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPE/yanQ1XkdEOnArieu19elBuTZMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvOFRfSnFkRFZlUjBRNmNDdUo2N1gxNlVHNU5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUQWcAwQA
Uah1AwQAUpngMA0GCSqGSIb3DQEBCwUAA4IBAQBCr072f1K7gGpLHzXQC6go8kqR
8E3iqWMK/2KFmXBbMyUC3Vd0lcSkXbNb6CV2MuGyDvdeM9cWzGXPhj98vbnXXG91
uFpPh/dapjPiltg/97Tv4DIU98CX8sn7E8d5a3PROpxqAFr2fCTTwb1alBIr7H0N
/QSpmLk8ChSXWOXGX+i+isUGDmmcdIfuQ/zPn7e0QZ6u6J4vUthSJLvyfxGc2mbo
oZ3a2Lbdhus1d3F7iHtfwGjepNqj+KqdPCU10MaIKwfHCAiaIuv6ES4MltYp+HSb
Pt8b2v9Dv0W1Q5lWrZ65P5y9wO0IjsBwJHOm4jIt18KFHRkriSBDb6QZFLLb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:20 2024 by rpki-client on console-ams.rpki-client.org