Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Kio39rGQwFT-N7b-sUiVzJdyXlg.roa
File:                     Kio39rGQwFT-N7b-sUiVzJdyXlg.roa (raw, json)
Hash identifier:          0XJUJIUgAWn/EeRVRJR+USg2z1Gy5/8AcHPy5sp2QqU=
Subject key identifier:   2A:2A:37:F6:B1:90:C0:54:FE:37:B6:FE:B1:48:95:CC:97:72:5E:58
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01845BD3E37185F3652827C3DFCA9C1CE100
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Kio39rGQwFT-N7b-sUiVzJdyXlg.roa
Signing time:             Wed 09 Nov 2022 09:58:43 +0000
ROA not before:           Wed 09 Nov 2022 09:58:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211061
IP address blocks:        82.153.250.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:5b:d3:e3:71:85:f3:65:28:27:c3:df:ca:9c:1c:e1:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Nov  9 09:58:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2a2a37f6b190c054fe37b6feb14895cc97725e58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:a1:99:52:6a:ed:8e:c4:4b:43:8f:f5:15:e1:
                    62:7a:c4:af:d3:77:48:13:ea:cd:18:50:22:9e:ce:
                    d8:7c:bc:5f:16:0b:43:e1:df:88:09:45:81:9b:d3:
                    10:e7:2f:bb:e3:b3:3c:fe:30:f1:d9:bd:94:f3:93:
                    10:e1:8b:0f:6c:53:fd:88:63:87:9a:10:97:15:74:
                    4d:1f:89:08:4e:c0:cb:2c:59:2b:b9:a9:b2:3e:83:
                    83:6a:a9:12:d4:46:f0:04:1c:f5:e4:a0:a8:90:5f:
                    b2:54:b4:02:cb:5a:aa:11:c5:d6:5b:5a:99:3f:81:
                    8d:c5:ba:b0:73:c2:f0:48:05:d3:54:1a:73:45:24:
                    10:53:44:48:27:d2:3f:f5:06:e0:82:c6:3f:b1:f1:
                    b1:7e:89:ad:ea:85:09:8b:27:8b:98:5f:9f:44:f6:
                    07:d7:19:2e:5d:87:f5:0f:48:ec:d4:5f:1e:cb:f5:
                    a8:60:cc:af:81:30:af:28:11:5d:2d:fe:ef:83:c2:
                    fc:dd:6a:e7:b0:d6:63:5a:3e:20:02:29:79:fe:52:
                    5a:34:4b:44:94:8d:3a:57:9b:cc:4b:7d:91:75:bd:
                    10:9f:09:e8:43:88:ae:33:79:eb:f5:8e:66:c1:8a:
                    39:fc:52:1a:57:c3:60:4e:40:4d:b6:67:09:d6:19:
                    16:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:2A:37:F6:B1:90:C0:54:FE:37:B6:FE:B1:48:95:CC:97:72:5E:58
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Kio39rGQwFT-N7b-sUiVzJdyXlg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:cc:cd:a0:58:8f:96:59:c9:90:13:29:1e:79:04:9e:41:19:
         b9:8d:7b:70:43:67:f1:43:73:e2:ea:73:ba:3f:d6:9c:9f:64:
         4d:7b:39:21:92:14:3b:37:d4:5a:bf:96:d5:04:d7:da:c6:d4:
         3c:3b:27:3e:98:68:ae:7f:ff:ed:f0:fc:2b:ab:fd:d8:9d:a4:
         f0:28:10:a8:e5:bf:76:96:e7:e0:06:6a:4e:54:14:b0:3d:bb:
         a1:44:f7:54:ed:4d:c1:15:6f:14:77:51:62:5c:04:3b:c4:c6:
         26:be:65:a7:ba:a2:24:6e:bd:55:50:8a:ce:ff:20:26:f8:67:
         19:0c:5a:dc:3a:8e:be:16:9f:c5:a4:e3:e2:67:fd:94:dc:c1:
         6b:fe:6a:f7:a8:6b:0d:cd:0d:47:16:da:2e:b9:29:62:09:99:
         01:92:1d:00:be:69:46:dd:8c:b6:f1:bd:be:42:a4:d8:30:35:
         6e:74:c0:50:c9:21:04:db:d7:54:6a:24:cd:86:6a:13:73:a9:
         95:2a:64:5a:1a:d1:b7:4c:8c:45:bb:4f:8e:67:19:a0:d2:6e:
         6e:ef:92:51:dd:7d:83:3b:f8:68:74:30:50:cd:64:f3:57:8d:
         6e:0a:92:62:15:b8:d5:33:c6:82:6d:c0:2f:91:99:00:ea:ed:
         4c:bc:08:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRb0+NxhfNlKCfD38qcHOEAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIxMTA5MDk1ODQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTJhMzdmNmIxOTBjMDU0ZmUzN2I2ZmViMTQ4OTVjYzk3NzI1ZTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKGZUmrtjsRLQ4/1FeFiesSv03dI
E+rNGFAins7YfLxfFgtD4d+ICUWBm9MQ5y+747M8/jDx2b2U85MQ4YsPbFP9iGOH
mhCXFXRNH4kITsDLLFkruamyPoODaqkS1EbwBBz15KCokF+yVLQCy1qqEcXWW1qZ
P4GNxbqwc8LwSAXTVBpzRSQQU0RIJ9I/9QbggsY/sfGxfomt6oUJiyeLmF+fRPYH
1xkuXYf1D0js1F8ey/WoYMyvgTCvKBFdLf7vg8L83WrnsNZjWj4gAil5/lJaNEtE
lI06V5vMS32Rdb0QnwnoQ4iuM3nr9Y5mwYo5/FIaV8NgTkBNtmcJ1hkW+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCoqN/axkMBU/je2/rFIlcyXcl5YMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvS2lvMzlyR1F3RlQtTjdiLXNVaVZ6SmR5WGxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpn6MA0G
CSqGSIb3DQEBCwUAA4IBAQAUzM2gWI+WWcmQEykeeQSeQRm5jXtwQ2fxQ3Pi6nO6
P9acn2RNezkhkhQ7N9Rav5bVBNfaxtQ8Oyc+mGiuf//t8Pwrq/3YnaTwKBCo5b92
lufgBmpOVBSwPbuhRPdU7U3BFW8Ud1FiXAQ7xMYmvmWnuqIkbr1VUIrO/yAm+GcZ
DFrcOo6+Fp/FpOPiZ/2U3MFr/mr3qGsNzQ1HFtouuSliCZkBkh0AvmlG3Yy28b2+
QqTYMDVudMBQySEE29dUaiTNhmoTc6mVKmRaGtG3TIxFu0+OZxmg0m5u75JR3X2D
O/hodDBQzWTzV41uCpJiFbjVM8aCbcAvkZkA6u1MvAh9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org