Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MFRtzPDWhIFLTNoGJKs0oOFh5UU.roa
File:                     MFRtzPDWhIFLTNoGJKs0oOFh5UU.roa (raw, json)
Hash identifier:          9pfEbRKhKB5CCeWmrSA7x+6HapsgSYyqvT5Q7Ao7JI4=
Subject key identifier:   30:54:6D:CC:F0:D6:84:81:4B:4C:DA:06:24:AB:34:A0:E1:61:E5:45
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018335E4CCCA01EBC9AB83538E4F21DC8A9A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MFRtzPDWhIFLTNoGJKs0oOFh5UU.roa
Signing time:             Tue 13 Sep 2022 08:08:50 +0000
ROA not before:           Tue 13 Sep 2022 08:08:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        82.153.243.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:35:e4:cc:ca:01:eb:c9:ab:83:53:8e:4f:21:dc:8a:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Sep 13 08:08:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=30546dccf0d684814b4cda0624ab34a0e161e545
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:e8:be:82:04:8b:4b:e4:31:c7:9b:4f:3c:0f:
                    2e:ff:1d:a6:5c:80:1f:7c:d1:9c:d0:aa:70:80:80:
                    32:0d:4d:26:2a:48:30:c3:bb:2c:c1:f0:03:a5:03:
                    9f:dc:b6:df:67:21:98:ad:0b:44:66:4b:db:07:9a:
                    64:71:ea:ae:b8:dc:7f:4c:be:a1:98:fa:27:a0:17:
                    ae:12:7d:41:51:22:81:83:71:ee:41:5d:c0:5f:6a:
                    b3:e7:98:72:c5:a0:05:a2:48:bd:a3:4f:ce:c6:7f:
                    b1:1b:1e:d7:0b:3e:a3:fb:cf:d9:3f:0e:c4:70:d2:
                    ce:6e:26:4c:29:74:9d:f7:bf:47:6e:37:5e:08:24:
                    3a:c9:9e:dc:92:09:9f:73:74:70:8c:fe:1a:77:58:
                    3d:87:ed:1c:74:b8:66:81:09:d2:71:f5:82:fa:d2:
                    86:7a:c9:c3:b3:36:bb:50:0d:b5:01:27:d0:da:1d:
                    a6:6f:42:0d:e7:3f:47:01:35:13:00:28:2a:55:f2:
                    8c:2a:50:7d:13:cd:93:f2:b4:3f:fb:0c:0f:14:9f:
                    fa:0b:15:52:b9:a6:5e:1b:fc:6f:1a:92:3b:34:ce:
                    03:b4:2d:e9:42:2a:8b:3b:01:35:3f:67:55:b7:9b:
                    7b:c1:9f:ed:b1:30:3d:0e:4b:77:7f:d4:f5:71:24:
                    3b:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:54:6D:CC:F0:D6:84:81:4B:4C:DA:06:24:AB:34:A0:E1:61:E5:45
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MFRtzPDWhIFLTNoGJKs0oOFh5UU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a6:2e:c0:94:3a:b8:93:16:a2:4a:ed:97:dd:76:4d:dd:d6:95:
         bc:95:b9:66:46:ce:14:ad:ec:03:29:fd:1e:5f:38:b6:00:0b:
         4e:d7:13:72:4c:e9:02:43:af:4d:80:ab:bd:64:5d:f2:14:d6:
         2b:c9:42:b3:a1:34:58:14:c8:9f:2e:82:0e:a2:09:10:80:c6:
         8d:60:26:1e:6d:fb:e3:11:88:3e:0c:68:6f:77:df:a8:05:b1:
         e7:0c:94:be:45:dc:78:5a:81:ad:bb:85:ef:72:ff:2f:f2:4f:
         23:63:ce:4f:b2:bb:46:fb:5e:0b:44:d6:8c:df:6d:fd:63:17:
         8e:a9:72:da:07:81:c9:bb:1f:31:15:13:d2:94:3b:10:5b:ba:
         7e:42:aa:3f:e8:73:7b:bf:30:66:67:81:59:86:27:5d:c0:02:
         2e:84:cf:20:92:e0:43:75:eb:82:08:e6:b3:b1:9b:84:c4:a9:
         ee:ce:d6:2e:10:71:c3:3e:67:b5:b9:9c:28:67:f6:9c:e9:ed:
         f3:99:29:dd:0c:ce:83:37:ba:8b:a6:40:2a:25:4e:7e:8a:f9:
         3a:70:9b:62:de:f5:1e:7e:70:98:fb:61:0a:7c:70:c9:ef:a2:
         8b:bf:7b:3e:f9:dc:24:e5:a7:08:f6:cb:a0:ec:b8:ab:a2:a8:
         f6:72:be:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYM15MzKAevJq4NTjk8h3IqaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIwOTEzMDgwODUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDU0NmRjY2YwZDY4NDgxNGI0Y2RhMDYyNGFiMzRhMGUxNjFlNTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArui+ggSLS+Qxx5tPPA8u/x2mXIAf
fNGc0KpwgIAyDU0mKkgww7sswfADpQOf3LbfZyGYrQtEZkvbB5pkcequuNx/TL6h
mPonoBeuEn1BUSKBg3HuQV3AX2qz55hyxaAFoki9o0/Oxn+xGx7XCz6j+8/ZPw7E
cNLObiZMKXSd979HbjdeCCQ6yZ7ckgmfc3RwjP4ad1g9h+0cdLhmgQnScfWC+tKG
esnDsza7UA21ASfQ2h2mb0IN5z9HATUTACgqVfKMKlB9E82T8rQ/+wwPFJ/6CxVS
uaZeG/xvGpI7NM4DtC3pQiqLOwE1P2dVt5t7wZ/tsTA9Dkt3f9T1cSQ7GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDBUbczw1oSBS0zaBiSrNKDhYeVFMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTUZSdHpQRFdoSUZMVE5vR0pLczBvT0ZoNVVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpnzMA0G
CSqGSIb3DQEBCwUAA4IBAQCmLsCUOriTFqJK7Zfddk3d1pW8lblmRs4UrewDKf0e
Xzi2AAtO1xNyTOkCQ69NgKu9ZF3yFNYryUKzoTRYFMifLoIOogkQgMaNYCYebfvj
EYg+DGhvd9+oBbHnDJS+Rdx4WoGtu4Xvcv8v8k8jY85PsrtG+14LRNaM3239YxeO
qXLaB4HJux8xFRPSlDsQW7p+Qqo/6HN7vzBmZ4FZhiddwAIuhM8gkuBDdeuCCOaz
sZuExKnuztYuEHHDPme1uZwoZ/ac6e3zmSndDM6DN7qLpkAqJU5+ivk6cJti3vUe
fnCY+2EKfHDJ76KLv3s++dwk5acI9sug7Liroqj2cr43
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org