Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Cuqxz04IDgmYPQ-57nxGVjti6BA.roa
File:                     Cuqxz04IDgmYPQ-57nxGVjti6BA.roa (raw, json)
Hash identifier:          vIgHhNw1d76fH/Y7NeaDrfcml571ddFAs5KQki4TKIw=
Subject key identifier:   0A:EA:B1:CF:4E:08:0E:09:98:3D:0F:B9:EE:7C:46:56:3B:62:E8:10
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01842D3F43A8BF04AAEF43CB3FC6F557083A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Cuqxz04IDgmYPQ-57nxGVjti6BA.roa
Signing time:             Mon 31 Oct 2022 08:53:51 +0000
ROA not before:           Mon 31 Oct 2022 08:53:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14445
IP address blocks:        82.153.132.0/24 maxlen: 24
                          82.153.245.0/24 maxlen: 24
                          82.153.4.0/24 maxlen: 24
                          82.153.1.0/24 maxlen: 24
                          82.153.10.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:2d:3f:43:a8:bf:04:aa:ef:43:cb:3f:c6:f5:57:08:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Oct 31 08:53:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0aeab1cf4e080e09983d0fb9ee7c46563b62e810
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:b8:49:4d:04:1c:fa:4e:c6:f9:ac:c1:bd:4b:
                    63:71:dd:12:e7:d3:7b:43:83:3d:c3:d0:d6:ee:7d:
                    ea:0b:a1:6d:df:a4:a0:94:73:6e:a6:93:8c:13:c2:
                    a8:e5:fa:fb:0e:2b:09:80:5d:90:55:1e:8f:bc:4f:
                    47:57:e6:62:c9:dd:83:e5:ae:ce:b7:01:d1:d4:31:
                    8f:34:31:fd:09:58:51:dd:5c:50:e6:60:88:9d:33:
                    d2:1d:74:61:56:d3:cc:11:d4:80:15:3e:3b:ee:41:
                    53:8d:98:15:64:99:47:12:3c:03:d0:cc:a1:99:de:
                    e1:03:30:bc:de:b3:1b:ca:a5:75:14:79:d0:11:a5:
                    5d:01:dc:2c:f7:4d:fe:3f:61:52:c8:75:78:08:10:
                    ba:6b:5f:91:db:bb:58:83:f4:a8:a9:22:32:1b:5a:
                    a6:09:74:8b:07:7e:14:33:09:e8:02:68:df:8d:c1:
                    bc:aa:89:19:59:af:02:89:33:3b:8d:9e:f7:16:d4:
                    b5:ce:28:0e:85:62:42:fa:cf:69:95:4b:2c:4a:59:
                    28:a1:0d:e2:f5:37:77:ea:c6:f6:ae:fa:fc:b7:69:
                    9c:b8:04:e6:5d:b8:f3:2d:36:dc:c0:0a:e0:13:9b:
                    cf:31:27:b4:fd:c9:02:e7:08:35:51:7f:1b:1b:46:
                    b8:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:EA:B1:CF:4E:08:0E:09:98:3D:0F:B9:EE:7C:46:56:3B:62:E8:10
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Cuqxz04IDgmYPQ-57nxGVjti6BA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.1.0/24
                  82.153.4.0/24
                  82.153.10.0/24
                  82.153.132.0/24
                  82.153.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:60:65:8f:d2:33:ce:23:b9:14:b7:c8:fe:0c:a9:16:66:f7:
         ce:a6:f9:e9:b5:cf:57:1d:7c:8a:d7:62:b7:05:40:ad:93:7b:
         37:fa:e5:e0:f3:cd:38:ca:c2:21:42:53:3d:72:a8:bf:30:82:
         2e:3a:5a:95:f0:98:c7:ef:13:19:7b:01:eb:6c:7f:24:dd:35:
         12:01:2d:b0:e3:7c:5a:41:75:c3:30:43:1a:53:c2:7e:27:e9:
         e5:06:e8:6d:ae:b7:27:58:ac:0f:9a:d3:de:e7:3c:4a:94:8f:
         e0:ff:92:39:58:47:4b:53:77:fe:2b:20:a4:b1:b8:12:b2:31:
         8a:07:eb:c8:3d:fb:fb:66:a4:f5:3b:db:7f:67:91:c6:0a:00:
         29:d5:c5:ff:ca:e4:f5:1d:7d:56:10:0f:4f:3a:f4:28:55:7d:
         6d:02:b7:41:68:25:25:e3:bb:80:57:21:b0:1f:84:83:ac:6f:
         3d:4c:96:41:9c:0f:4c:c8:3a:ae:f0:75:b4:95:52:79:c4:6f:
         76:dc:46:6c:ba:f4:51:78:eb:65:75:6d:16:d8:ee:9e:55:ce:
         34:49:ca:31:e8:25:6b:c1:4a:6f:1a:e9:8f:ed:4f:4b:c4:87:
         de:6c:09:6c:50:18:cc:97:c6:ac:dd:eb:28:d0:15:86:fb:bb:
         ae:93:62:d2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYQtP0OovwSq70PLP8b1Vwg6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIxMDMxMDg1MzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWVhYjFjZjRlMDgwZTA5OTgzZDBmYjllZTdjNDY1NjNiNjJlODEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbhJTQQc+k7G+azBvUtjcd0S59N7
Q4M9w9DW7n3qC6Ft36SglHNuppOME8Ko5fr7DisJgF2QVR6PvE9HV+Ziyd2D5a7O
twHR1DGPNDH9CVhR3VxQ5mCInTPSHXRhVtPMEdSAFT477kFTjZgVZJlHEjwD0Myh
md7hAzC83rMbyqV1FHnQEaVdAdws903+P2FSyHV4CBC6a1+R27tYg/SoqSIyG1qm
CXSLB34UMwnoAmjfjcG8qokZWa8CiTM7jZ73FtS1zigOhWJC+s9plUssSlkooQ3i
9Td36sb2rvr8t2mcuATmXbjzLTbcwArgE5vPMSe0/ckC5wg1UX8bG0a44wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFArqsc9OCA4JmD0Pue58RlY7YugQMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQ3VxeHowNElEZ21ZUFEtNTdueEdWanRpNkJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUpkBAwQA
UpkEAwQAUpkKAwQAUpmEAwQAUpn1MA0GCSqGSIb3DQEBCwUAA4IBAQALYGWP0jPO
I7kUt8j+DKkWZvfOpvnptc9XHXyK12K3BUCtk3s3+uXg8804ysIhQlM9cqi/MIIu
OlqV8JjH7xMZewHrbH8k3TUSAS2w43xaQXXDMEMaU8J+J+nlBuhtrrcnWKwPmtPe
5zxKlI/g/5I5WEdLU3f+KyCksbgSsjGKB+vIPfv7ZqT1O9t/Z5HGCgAp1cX/yuT1
HX1WEA9POvQoVX1tArdBaCUl47uAVyGwH4SDrG89TJZBnA9MyDqu8HW0lVJ5xG92
3EZsuvRReOtldW0W2O6eVc40Scox6CVrwUpvGumP7U9LxIfebAlsUBjMl8as3eso
0BWG+7uuk2LS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:21 2024 by rpki-client on console-ams.rpki-client.org