Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/E36TBR0DVX8qpvtK6Ylz4lpLcdw.roa
File:                     E36TBR0DVX8qpvtK6Ylz4lpLcdw.roa (raw, json)
Hash identifier:          JzMeeekyMB7bJuNyDHOmyRjZLUstBZJHrYlsCxjc6B4=
Subject key identifier:   13:7E:93:05:1D:03:55:7F:2A:A6:FB:4A:E9:89:73:E2:5A:4B:71:DC
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018359B92D16E552BB065A2F44248A674664
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/E36TBR0DVX8qpvtK6Ylz4lpLcdw.roa
Signing time:             Tue 20 Sep 2022 07:07:31 +0000
ROA not before:           Tue 20 Sep 2022 07:07:31 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     63023
IP address blocks:        81.168.123.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:59:b9:2d:16:e5:52:bb:06:5a:2f:44:24:8a:67:46:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Sep 20 07:07:31 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=137e93051d03557f2aa6fb4ae98973e25a4b71dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:9e:c7:45:59:01:2f:f8:37:f1:ea:1a:06:d9:
                    62:1f:01:5d:7a:32:3f:3c:8d:d2:b2:eb:b7:d3:7a:
                    d0:e5:43:51:74:5f:5a:40:a9:f2:08:ac:60:df:f6:
                    fa:c0:7a:b0:c9:b5:26:b8:5d:61:a9:d2:fc:a3:84:
                    2d:fc:aa:ef:ef:46:52:5e:b9:7c:53:11:fa:ab:c0:
                    5f:9a:0a:9f:69:74:c9:c4:57:36:68:e0:d6:62:bf:
                    09:8b:b7:fd:36:20:a6:e9:1d:0f:05:5e:71:82:d9:
                    6d:75:53:27:fb:c6:aa:b3:6b:9f:68:d0:d7:d1:9e:
                    50:f0:e4:07:be:20:19:19:58:e1:28:03:10:72:03:
                    c8:ef:b0:cd:f0:bb:01:d5:5f:9b:5b:61:04:a5:be:
                    d0:66:84:6b:1e:b7:c2:28:2e:57:16:a7:08:14:d4:
                    d4:1b:02:08:98:b5:6b:45:52:b9:dc:31:f4:58:22:
                    43:9a:d3:02:1d:d9:69:f1:e6:e4:93:22:96:a6:e1:
                    aa:f1:79:7c:c5:9e:4f:57:f3:62:5f:2a:53:ad:b3:
                    9b:d8:cd:07:7e:04:2b:f3:6c:eb:f2:0a:8a:50:5c:
                    c1:c1:08:74:21:60:71:17:ad:d4:47:ba:fe:ad:f0:
                    fe:f3:f3:51:d1:b6:13:5c:12:b6:35:49:6d:46:ab:
                    01:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:7E:93:05:1D:03:55:7F:2A:A6:FB:4A:E9:89:73:E2:5A:4B:71:DC
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/E36TBR0DVX8qpvtK6Ylz4lpLcdw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.123.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:ff:da:be:4e:fe:c5:2e:cc:11:6e:7b:69:9a:ef:16:1e:d2:
         85:29:ac:e1:4f:77:a1:15:93:09:57:42:0b:dc:71:0f:de:ca:
         a8:af:0f:5b:8b:17:20:e5:28:b0:6f:d2:36:9e:ea:e6:a6:59:
         64:05:e9:9a:6d:09:93:0c:5a:8a:93:da:7c:e8:aa:05:43:52:
         b0:e9:ac:49:8a:c3:95:10:fd:78:1b:52:12:e2:89:a9:fc:12:
         e5:54:9b:b6:c1:c7:87:f7:5d:9c:f5:63:78:1c:c5:36:c6:c0:
         08:d9:9d:2d:29:b1:80:70:c0:15:35:f0:fa:f6:81:ea:5e:3c:
         e8:98:f2:55:c7:de:3f:62:9b:c0:63:ec:cf:7b:48:df:62:c3:
         d2:72:e2:6e:9e:37:59:ee:84:8b:a2:a6:0b:1a:6d:6d:1c:19:
         5e:f6:1e:98:8b:79:ae:85:82:3a:26:9b:18:3d:0a:52:74:57:
         b2:e2:25:a2:ae:27:a5:7c:0a:fc:c6:0b:3f:69:02:33:b1:96:
         db:8c:61:e3:e9:dd:36:0f:13:dc:36:07:eb:c2:80:b3:18:70:
         3f:0f:f5:03:0a:c3:4f:55:5e:c7:d3:b7:82:ac:c1:50:6b:ea:
         bb:f7:87:7e:b6:16:db:e2:f3:16:02:28:67:fd:b7:8f:44:42:
         b7:f5:32:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNZuS0W5VK7BlovRCSKZ0ZkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIwOTIwMDcwNzMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzdlOTMwNTFkMDM1NTdmMmFhNmZiNGFlOTg5NzNlMjVhNGI3MWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw57HRVkBL/g38eoaBtliHwFdejI/
PI3Ssuu303rQ5UNRdF9aQKnyCKxg3/b6wHqwybUmuF1hqdL8o4Qt/Krv70ZSXrl8
UxH6q8BfmgqfaXTJxFc2aODWYr8Ji7f9NiCm6R0PBV5xgtltdVMn+8aqs2ufaNDX
0Z5Q8OQHviAZGVjhKAMQcgPI77DN8LsB1V+bW2EEpb7QZoRrHrfCKC5XFqcIFNTU
GwIImLVrRVK53DH0WCJDmtMCHdlp8ebkkyKWpuGq8Xl8xZ5PV/NiXypTrbOb2M0H
fgQr82zr8gqKUFzBwQh0IWBxF63UR7r+rfD+8/NR0bYTXBK2NUltRqsBQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBN+kwUdA1V/Kqb7SumJc+JaS3HcMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRTM2VEJSMERWWDhxcHZ0SzZZbHo0bHBMY2R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUah7MA0G
CSqGSIb3DQEBCwUAA4IBAQCW/9q+Tv7FLswRbntpmu8WHtKFKazhT3ehFZMJV0IL
3HEP3sqorw9bixcg5Siwb9I2nurmpllkBemabQmTDFqKk9p86KoFQ1Kw6axJisOV
EP14G1IS4omp/BLlVJu2wceH912c9WN4HMU2xsAI2Z0tKbGAcMAVNfD69oHqXjzo
mPJVx94/YpvAY+zPe0jfYsPScuJunjdZ7oSLoqYLGm1tHBle9h6Yi3muhYI6JpsY
PQpSdFey4iWirielfAr8xgs/aQIzsZbbjGHj6d02DxPcNgfrwoCzGHA/D/UDCsNP
VV7H07eCrMFQa+q794d+thbb4vMWAihn/bePREK39TJV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:21 2024 by rpki-client on console-ams.rpki-client.org