Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RB0tMZ8zhLeKo11fSdTqwx1PUcM.roa
File:                     RB0tMZ8zhLeKo11fSdTqwx1PUcM.roa (raw, json)
Hash identifier:          fyeBYisRbeMj1ORmIXs7HL0yUTX7BDvLoUNRKP+Nt+o=
Subject key identifier:   44:1D:2D:31:9F:33:84:B7:8A:A3:5D:5F:49:D4:EA:C3:1D:4F:51:C3
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0183F48DDBAD0C67608EE7E195E8BE2A84F1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RB0tMZ8zhLeKo11fSdTqwx1PUcM.roa
Signing time:             Thu 20 Oct 2022 08:41:20 +0000
ROA not before:           Thu 20 Oct 2022 08:41:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        82.152.178.0/24 maxlen: 24
                          82.152.179.0/24 maxlen: 24
                          82.153.243.0/24 maxlen: 24
                          82.153.69.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:f4:8d:db:ad:0c:67:60:8e:e7:e1:95:e8:be:2a:84:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Oct 20 08:41:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=441d2d319f3384b78aa35d5f49d4eac31d4f51c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:63:34:16:31:a0:a8:ce:1f:1e:d0:42:d1:86:
                    7f:e9:6e:69:8a:99:08:9a:45:a5:e9:fa:d6:86:b2:
                    1c:0f:71:2a:5b:4d:09:f9:07:fc:06:a7:85:98:1b:
                    a3:fc:50:df:c6:89:ac:b6:ea:61:40:35:d8:38:b2:
                    64:ed:54:2b:17:1c:6a:58:60:23:38:0e:8f:44:91:
                    22:b0:f5:b6:9d:8f:52:5c:d5:22:1d:6a:ab:ad:a1:
                    cb:89:c3:da:d7:1c:e9:33:02:1b:56:0f:28:30:2f:
                    cb:54:09:0a:8e:e7:a4:3f:2b:c2:02:a2:0d:6b:06:
                    00:71:57:92:d6:e3:d4:5a:29:02:02:f5:5e:fe:3f:
                    71:b0:35:33:ca:15:ad:cf:33:ec:89:ab:05:0a:07:
                    92:38:c6:24:b4:cd:dc:26:64:a0:ad:ee:00:85:9c:
                    40:cd:cf:00:94:bf:46:13:b1:ec:71:63:cf:75:87:
                    d7:47:b9:39:aa:85:cd:63:f8:e4:e1:2d:c0:3d:19:
                    0b:99:b5:b3:2a:0e:ae:bc:d5:1d:7b:08:f8:ba:76:
                    89:a5:f4:86:14:28:9e:a3:44:11:99:9b:2a:a4:bb:
                    36:82:18:21:cf:79:a1:ef:21:0e:3a:93:c7:c7:c4:
                    80:19:40:11:3d:dc:2e:95:fc:f3:e8:21:3a:c1:8d:
                    00:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:1D:2D:31:9F:33:84:B7:8A:A3:5D:5F:49:D4:EA:C3:1D:4F:51:C3
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RB0tMZ8zhLeKo11fSdTqwx1PUcM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.178.0/23
                  82.153.69.0/24
                  82.153.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:06:fd:6a:4c:95:7e:23:be:6a:f5:fb:a9:e4:51:22:a5:1b:
         2b:ef:cd:41:57:47:0a:ee:7c:9e:15:54:a2:e5:31:02:04:aa:
         40:98:62:3b:7a:37:28:04:77:31:5d:04:b0:bc:46:c7:11:10:
         dc:34:32:11:0a:72:ab:33:6b:00:67:fe:7c:9e:c1:3c:82:0b:
         98:47:3d:f3:87:8f:2c:45:6b:c1:e6:f1:27:68:87:f8:fe:b5:
         83:3a:0f:ed:8b:f8:50:7e:99:d0:d9:9c:f7:d0:83:bd:50:17:
         bd:a2:fa:86:e9:73:45:e9:11:cc:e1:05:8b:a8:49:66:fc:8b:
         9b:45:6c:4f:83:e2:86:6f:bd:92:41:ef:da:b8:5f:6b:1f:20:
         c9:0b:fd:ac:ad:3c:e7:79:e9:41:30:f4:88:a2:1a:86:0e:6b:
         3a:4a:7b:42:90:79:89:9b:75:54:80:f7:a3:c4:7f:c5:5d:d7:
         13:b8:1c:3e:d7:8d:64:a1:d5:d1:81:56:eb:68:38:da:b9:82:
         ae:fd:93:f8:a4:c8:cc:db:29:5e:4b:b4:20:cd:4f:82:56:82:
         19:98:7c:b3:29:be:b7:24:e0:0c:41:01:d2:5b:8e:43:87:58:
         ae:94:9c:eb:a6:5c:fa:4b:a7:31:f6:a0:e6:b3:0a:a3:54:e3:
         1d:bd:77:1b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYP0jdutDGdgjufhlei+KoTxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIxMDIwMDg0MTIwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDFkMmQzMTlmMzM4NGI3OGFhMzVkNWY0OWQ0ZWFjMzFkNGY1MWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2M0FjGgqM4fHtBC0YZ/6W5pipkI
mkWl6frWhrIcD3EqW00J+Qf8BqeFmBuj/FDfxomstuphQDXYOLJk7VQrFxxqWGAj
OA6PRJEisPW2nY9SXNUiHWqrraHLicPa1xzpMwIbVg8oMC/LVAkKjuekPyvCAqIN
awYAcVeS1uPUWikCAvVe/j9xsDUzyhWtzzPsiasFCgeSOMYktM3cJmSgre4AhZxA
zc8AlL9GE7HscWPPdYfXR7k5qoXNY/jk4S3APRkLmbWzKg6uvNUdewj4unaJpfSG
FCieo0QRmZsqpLs2ghghz3mh7yEOOpPHx8SAGUARPdwulfzz6CE6wY0AuQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEQdLTGfM4S3iqNdX0nU6sMdT1HDMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUkIwdE1aOHpoTGVLbzExZlNkVHF3eDFQVWNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBUpiyAwQA
UplFAwQAUpnzMA0GCSqGSIb3DQEBCwUAA4IBAQCJBv1qTJV+I75q9fup5FEipRsr
781BV0cK7nyeFVSi5TECBKpAmGI7ejcoBHcxXQSwvEbHERDcNDIRCnKrM2sAZ/58
nsE8gguYRz3zh48sRWvB5vEnaIf4/rWDOg/ti/hQfpnQ2Zz30IO9UBe9ovqG6XNF
6RHM4QWLqElm/IubRWxPg+KGb72SQe/auF9rHyDJC/2srTzneelBMPSIohqGDms6
SntCkHmJm3VUgPejxH/FXdcTuBw+141kodXRgVbraDjauYKu/ZP4pMjM2yleS7Qg
zU+CVoIZmHyzKb63JOAMQQHSW45Dh1iulJzrplz6S6cx9qDmswqjVOMdvXcb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org