Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/9VdwRAfe5askzvKbltZEpbMNOKw.roa
File:                     9VdwRAfe5askzvKbltZEpbMNOKw.roa (raw, json)
Hash identifier:          FDC/vY6yK/YnKDLQf3+nnUU/KPBBLSw3bYSMJpD/pRg=
Subject key identifier:   F5:57:70:44:07:DE:E5:AB:24:CE:F2:9B:96:D6:44:A5:B3:0D:38:AC
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018451597F0BC6056EACB021C5A20852B513
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/9VdwRAfe5askzvKbltZEpbMNOKw.roa
Signing time:             Mon 07 Nov 2022 09:08:50 +0000
ROA not before:           Mon 07 Nov 2022 09:08:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211415
IP address blocks:        82.153.66.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:51:59:7f:0b:c6:05:6e:ac:b0:21:c5:a2:08:52:b5:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Nov  7 09:08:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f557704407dee5ab24cef29b96d644a5b30d38ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:1b:71:4e:16:2e:eb:de:9d:16:60:23:98:c7:
                    9e:da:ab:8a:bd:2b:26:6a:0c:b4:8d:51:04:7c:fd:
                    26:93:cf:4d:3f:4f:1c:b8:d7:07:00:bd:7e:d3:20:
                    45:cb:0e:b5:c0:9d:4f:89:fb:99:3d:10:41:42:c3:
                    eb:bf:63:ea:3e:0f:85:79:6c:9f:c3:3b:6c:38:7c:
                    42:2c:c5:e7:de:e3:06:70:da:80:44:fc:f6:6d:6c:
                    68:f8:b6:b8:79:0e:99:56:ef:0e:04:cb:18:c4:5d:
                    bf:25:a6:52:03:64:e8:79:1f:7b:f4:ea:41:d8:0b:
                    5d:8b:33:24:bc:92:6b:24:de:c2:fc:90:92:0f:ee:
                    48:f8:7a:55:e4:ce:2e:29:ae:ca:a7:88:80:5b:52:
                    02:5c:e5:48:84:c9:97:94:33:ff:57:0b:bb:df:68:
                    eb:4c:cd:a7:65:26:d1:fe:ef:98:38:54:44:a4:65:
                    0b:02:83:45:2f:de:0b:8c:4f:2b:0f:2c:d0:d6:d0:
                    3b:ec:da:6f:ac:ba:d7:19:e5:7e:f6:87:7c:50:59:
                    93:14:80:81:77:89:ae:36:79:41:f0:65:98:3b:7d:
                    80:26:5b:58:de:6f:75:d2:4a:87:4b:1e:8d:c8:df:
                    b0:01:2c:98:1b:ea:b9:10:1d:d7:23:fb:65:b9:94:
                    be:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:57:70:44:07:DE:E5:AB:24:CE:F2:9B:96:D6:44:A5:B3:0D:38:AC
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/9VdwRAfe5askzvKbltZEpbMNOKw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.66.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:ed:cb:2c:4e:9f:74:85:fd:72:38:ae:1f:4d:c4:91:38:04:
         ba:d2:61:03:1b:1e:3b:4e:48:a7:56:65:94:0b:05:a5:c3:4b:
         59:7a:74:6f:5c:d0:09:4b:e7:2e:a3:2e:ea:5f:0d:0a:16:97:
         65:c4:23:b0:b7:c3:a0:a1:34:62:b8:8d:d3:c5:80:8e:d7:e4:
         f8:d7:ed:22:76:96:55:38:48:2d:c8:71:b3:db:a1:73:bd:9b:
         76:6e:47:24:b7:b0:04:cc:2e:e0:37:d2:a9:fd:af:d3:98:9c:
         64:2c:1f:7f:4d:62:3c:eb:f3:2e:8f:f2:cb:2e:a4:c1:ad:f7:
         fd:94:71:88:bc:e7:4c:e4:cd:b9:aa:00:08:0f:7c:f9:3c:bc:
         0d:ca:5b:61:51:21:c4:5f:d3:db:10:a0:b6:02:10:a1:b8:64:
         5e:49:e9:10:0d:47:65:e9:76:da:f0:39:9e:87:50:d4:bc:80:
         74:5c:21:7c:1f:bb:ca:a0:34:65:53:a4:d3:fa:f2:b0:76:83:
         f5:be:d6:78:ca:63:b1:5e:31:1c:f0:e9:9b:09:9a:24:ed:d5:
         dc:de:6d:f0:7d:66:54:f5:b3:9e:08:72:28:3d:0d:de:41:08:
         5d:4f:ae:72:3e:d5:4d:62:e2:fd:d9:56:c9:1c:a8:ba:a7:c6:
         a3:48:9a:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRRWX8LxgVurLAhxaIIUrUTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIxMTA3MDkwODUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTU3NzA0NDA3ZGVlNWFiMjRjZWYyOWI5NmQ2NDRhNWIzMGQzOGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRtxThYu696dFmAjmMee2quKvSsm
agy0jVEEfP0mk89NP08cuNcHAL1+0yBFyw61wJ1PifuZPRBBQsPrv2PqPg+FeWyf
wztsOHxCLMXn3uMGcNqARPz2bWxo+La4eQ6ZVu8OBMsYxF2/JaZSA2ToeR979OpB
2AtdizMkvJJrJN7C/JCSD+5I+HpV5M4uKa7Kp4iAW1ICXOVIhMmXlDP/Vwu732jr
TM2nZSbR/u+YOFREpGULAoNFL94LjE8rDyzQ1tA77NpvrLrXGeV+9od8UFmTFICB
d4muNnlB8GWYO32AJltY3m910kqHSx6NyN+wASyYG+q5EB3XI/tluZS+ZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPVXcEQH3uWrJM7ym5bWRKWzDTisMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvOVZkd1JBZmU1YXNrenZLYmx0WkVwYk1OT0t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUplCMA0G
CSqGSIb3DQEBCwUAA4IBAQCi7cssTp90hf1yOK4fTcSROAS60mEDGx47TkinVmWU
CwWlw0tZenRvXNAJS+cuoy7qXw0KFpdlxCOwt8OgoTRiuI3TxYCO1+T41+0idpZV
OEgtyHGz26FzvZt2bkckt7AEzC7gN9Kp/a/TmJxkLB9/TWI86/Muj/LLLqTBrff9
lHGIvOdM5M25qgAID3z5PLwNylthUSHEX9PbEKC2AhChuGReSekQDUdl6Xba8Dme
h1DUvIB0XCF8H7vKoDRlU6TT+vKwdoP1vtZ4ymOxXjEc8OmbCZok7dXc3m3wfWZU
9bOeCHIoPQ3eQQhdT65yPtVNYuL92VbJHKi6p8ajSJoK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org