Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/L4kVu9BQgeMcfdgkfZODTNSwdNk.roa
File:                     L4kVu9BQgeMcfdgkfZODTNSwdNk.roa (raw, json)
Hash identifier:          GdoZDpiJ+mCZZiXBYTfvscJrqKkFzXgt6GvRR36bSCA=
Subject key identifier:   2F:89:15:BB:D0:50:81:E3:1C:7D:D8:24:7D:93:83:4C:D4:B0:74:D9
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0184C80374ABA4E33E1EC5C7501D1E8F9E81
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/L4kVu9BQgeMcfdgkfZODTNSwdNk.roa
Signing time:             Wed 30 Nov 2022 10:09:40 +0000
ROA not before:           Wed 30 Nov 2022 10:09:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     63023
IP address blocks:        82.153.245.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:c8:03:74:ab:a4:e3:3e:1e:c5:c7:50:1d:1e:8f:9e:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Nov 30 10:09:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2f8915bbd05081e31c7dd8247d93834cd4b074d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:54:e0:ac:37:93:29:b9:d8:3d:ce:9c:7d:45:
                    1f:a1:42:79:75:ad:fa:0e:1b:b9:2c:bc:8d:43:e6:
                    00:44:d7:bf:bb:48:87:53:2a:e0:b3:56:ae:24:4f:
                    35:d3:17:ca:de:ef:6a:ac:1e:9d:1e:89:19:5f:09:
                    7b:b5:c1:9d:75:a7:bf:9f:c3:e4:10:4d:5c:3e:6c:
                    58:20:f0:aa:89:9f:8b:00:91:b1:47:16:4f:50:e2:
                    55:fe:cd:b7:89:30:09:3a:fd:ab:83:27:7a:a6:55:
                    49:4b:4c:60:b0:3d:bf:15:97:89:1b:8f:0d:b2:28:
                    b5:f7:2d:23:92:9e:9f:71:2c:e8:2a:cd:24:e1:a3:
                    2d:ac:00:1c:90:7e:96:78:ff:a2:2b:3d:98:8a:a9:
                    ba:56:a1:91:41:b1:bf:69:2b:53:73:dd:1b:72:05:
                    d2:cb:76:1a:cb:77:6e:c3:9c:e2:bb:0f:6b:56:8d:
                    3a:84:68:e0:83:04:76:01:c3:af:c1:6a:9d:ce:8f:
                    36:6c:ed:6c:16:3e:ae:ef:65:f6:6b:29:e7:85:8d:
                    ca:f6:7e:35:fa:30:07:77:5d:11:03:c4:fd:78:31:
                    88:6a:dd:04:3a:2a:cf:f1:25:56:a7:89:7b:ab:b3:
                    be:a6:68:9f:e1:0c:76:9f:8e:de:74:aa:48:6e:5a:
                    25:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:89:15:BB:D0:50:81:E3:1C:7D:D8:24:7D:93:83:4C:D4:B0:74:D9
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/L4kVu9BQgeMcfdgkfZODTNSwdNk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.123.0/24
                  82.153.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:80:a5:d1:a7:c8:94:f2:19:f4:3a:1f:25:ec:f8:05:84:6e:
         2e:77:39:82:1f:0a:3a:1b:84:48:62:ce:e4:cc:22:86:4e:46:
         76:ac:a0:a9:33:f4:cc:8b:a5:ac:49:d4:fa:bb:d3:56:3f:29:
         2d:ff:0d:8c:8e:17:cd:05:d1:d7:52:89:be:64:91:e4:69:d9:
         2f:f7:81:bd:73:40:72:15:40:5e:7a:fe:22:5c:5f:be:eb:ae:
         f2:3c:02:62:bf:25:9c:93:34:b0:f5:d7:89:53:75:d8:22:03:
         d1:e3:30:28:19:a6:ad:5e:5a:28:b6:91:f5:d1:2a:0d:fb:25:
         df:c8:aa:05:a5:c3:e4:d5:37:9a:d6:44:21:67:a6:d1:b1:c6:
         55:7e:40:6a:40:97:a7:3d:5a:cf:f3:ac:08:b0:bd:24:d8:13:
         78:21:2f:3d:dc:a3:ce:b0:9d:27:d9:c2:0d:e2:c6:e8:2a:51:
         fa:35:85:cf:3b:6a:ca:d6:1b:75:ce:df:35:09:90:ef:35:25:
         72:93:b6:26:4f:f6:08:0f:95:b3:7d:34:74:c3:12:a9:6f:c8:
         03:3c:69:dc:07:93:bd:9b:fe:f3:f7:39:26:b2:65:b8:51:1d:
         34:d4:54:7c:56:7d:90:4f:c7:58:7e:d5:b9:21:97:e4:7e:fb:
         1c:22:d3:75
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYTIA3SrpOM+HsXHUB0ej56BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIxMTMwMTAwOTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjg5MTViYmQwNTA4MWUzMWM3ZGQ4MjQ3ZDkzODM0Y2Q0YjA3NGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFTgrDeTKbnYPc6cfUUfoUJ5da36
Dhu5LLyNQ+YARNe/u0iHUyrgs1auJE810xfK3u9qrB6dHokZXwl7tcGddae/n8Pk
EE1cPmxYIPCqiZ+LAJGxRxZPUOJV/s23iTAJOv2rgyd6plVJS0xgsD2/FZeJG48N
sii19y0jkp6fcSzoKs0k4aMtrAAckH6WeP+iKz2Yiqm6VqGRQbG/aStTc90bcgXS
y3Yay3duw5ziuw9rVo06hGjggwR2AcOvwWqdzo82bO1sFj6u72X2aynnhY3K9n41
+jAHd10RA8T9eDGIat0EOirP8SVWp4l7q7O+pmif4Qx2n47edKpIblol5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC+JFbvQUIHjHH3YJH2Tg0zUsHTZMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTDRrVnU5QlFnZU1jZmRna2ZaT0RUTlN3ZE5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUah7AwQA
Upn1MA0GCSqGSIb3DQEBCwUAA4IBAQAdgKXRp8iU8hn0Oh8l7PgFhG4udzmCHwo6
G4RIYs7kzCKGTkZ2rKCpM/TMi6WsSdT6u9NWPykt/w2MjhfNBdHXUom+ZJHkadkv
94G9c0ByFUBeev4iXF++667yPAJivyWckzSw9deJU3XYIgPR4zAoGaatXlootpH1
0SoN+yXfyKoFpcPk1Tea1kQhZ6bRscZVfkBqQJenPVrP86wIsL0k2BN4IS893KPO
sJ0n2cIN4sboKlH6NYXPO2rK1ht1zt81CZDvNSVyk7YmT/YID5WzfTR0wxKpb8gD
PGncB5O9m/7z9zkmsmW4UR001FR8Vn2QT8dYftW5IZfkfvscItN1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org