Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RpXAGOaYqo-LSHKgoYeDnfPwWHo.roa
File:                     RpXAGOaYqo-LSHKgoYeDnfPwWHo.roa (raw, json)
Hash identifier:          M6VliQGUN7jTDVly4aWCINJsO7iX+5FWS5GOwrfwyYI=
Subject key identifier:   46:95:C0:18:E6:98:AA:8F:8B:48:72:A0:A1:87:83:9D:F3:F0:58:7A
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018533FA6735B24F270DEFA1EE78AF7F7637
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RpXAGOaYqo-LSHKgoYeDnfPwWHo.roa
Signing time:             Wed 21 Dec 2022 09:18:46 +0000
ROA not before:           Wed 21 Dec 2022 09:18:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        82.153.240.0/24 maxlen: 24
                          82.152.176.0/24 maxlen: 24
                          82.152.179.0/24 maxlen: 24
                          82.153.243.0/24 maxlen: 24
                          82.153.68.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:33:fa:67:35:b2:4f:27:0d:ef:a1:ee:78:af:7f:76:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Dec 21 09:18:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4695c018e698aa8f8b4872a0a187839df3f0587a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:d1:e6:74:64:71:dc:74:82:d7:fa:72:e4:a2:
                    4f:e0:b4:ee:77:78:1f:48:79:f9:0c:fd:5b:ef:69:
                    cd:f9:54:1d:4c:65:5c:53:b8:a6:5a:44:11:0c:ef:
                    92:45:16:b0:64:49:4b:97:92:05:e9:f9:5c:d8:d0:
                    7f:f5:48:65:61:e4:a2:a3:e9:ce:55:2e:61:e8:5d:
                    ed:c2:92:56:36:28:04:9d:7c:53:a7:ff:4f:b7:bf:
                    36:d2:e8:20:1f:f5:b0:d3:09:c2:e2:e5:6c:9c:10:
                    8b:33:9f:83:ac:56:33:9e:d9:d1:eb:e5:d2:18:af:
                    6b:65:cf:bb:eb:26:f6:18:ed:95:0a:aa:ae:b7:7a:
                    c9:b3:48:3d:b9:fe:75:33:e6:6f:40:b5:91:7e:d7:
                    42:fe:0d:d3:2a:92:f8:73:3d:c9:39:d4:49:c4:52:
                    bb:ef:76:4f:c8:e1:a9:03:e9:3e:6e:23:d8:a5:52:
                    a3:6d:0b:13:25:48:76:20:49:3a:78:85:98:6c:4d:
                    7a:6a:07:46:78:d4:12:0b:4a:3f:fe:dc:83:c5:8e:
                    f4:7f:eb:c5:77:8a:01:a0:83:60:31:42:d6:9f:22:
                    05:a0:96:f4:c6:7a:88:6a:f3:ce:9e:ad:ab:58:f8:
                    3b:dd:ba:8e:c3:f5:5b:6d:38:dc:2b:8c:c6:c2:ea:
                    a4:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:95:C0:18:E6:98:AA:8F:8B:48:72:A0:A1:87:83:9D:F3:F0:58:7A
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RpXAGOaYqo-LSHKgoYeDnfPwWHo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.176.0/24
                  82.152.179.0/24
                  82.153.68.0/24
                  82.153.240.0/24
                  82.153.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:f0:de:8c:c1:90:ae:ed:c0:e8:77:18:c7:ab:9a:6e:24:65:
         0e:f3:36:53:fc:8c:46:f5:98:f9:b0:4b:ce:c2:8d:07:1f:75:
         8c:30:d4:df:18:af:20:59:e1:9c:18:52:0c:c2:7a:0d:95:26:
         f6:41:c3:b8:2d:83:73:f0:eb:9e:04:e0:a4:60:b8:4b:a9:ea:
         92:0d:71:23:7d:9e:66:cf:26:0a:b8:50:04:ae:3a:f6:28:81:
         b6:65:ae:95:28:82:21:6c:3a:75:a5:5a:19:21:79:c5:5e:88:
         3b:b8:5b:32:72:c5:64:e5:7c:eb:e3:f0:90:14:6e:44:da:54:
         3d:9e:e8:54:f5:78:56:33:69:53:92:e5:a9:94:c4:79:79:e1:
         38:6a:f8:af:d6:9d:81:b7:ea:29:46:68:2a:9a:a8:eb:64:82:
         0b:5c:2b:2f:f1:e0:94:b9:c7:c6:79:6d:ec:a2:3f:35:4e:3a:
         a1:d8:b2:7e:08:ba:d7:f8:61:50:1a:80:c3:ff:5b:82:07:86:
         d5:86:35:f2:b5:3c:e8:4d:d1:d8:d2:1b:46:55:05:aa:11:24:
         fe:5d:10:d5:76:de:09:85:21:87:ee:e1:7f:cb:c6:82:1b:30:
         9d:92:17:00:f9:63:3f:1a:9f:ee:8b:8c:4b:d4:bc:12:3e:de:
         8c:71:a2:ff
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYUz+mc1sk8nDe+h7nivf3Y3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIxMjIxMDkxODQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Njk1YzAxOGU2OThhYThmOGI0ODcyYTBhMTg3ODM5ZGYzZjA1ODdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA59HmdGRx3HSC1/py5KJP4LTud3gf
SHn5DP1b72nN+VQdTGVcU7imWkQRDO+SRRawZElLl5IF6flc2NB/9UhlYeSio+nO
VS5h6F3twpJWNigEnXxTp/9Pt7820uggH/Ww0wnC4uVsnBCLM5+DrFYzntnR6+XS
GK9rZc+76yb2GO2VCqqut3rJs0g9uf51M+ZvQLWRftdC/g3TKpL4cz3JOdRJxFK7
73ZPyOGpA+k+biPYpVKjbQsTJUh2IEk6eIWYbE16agdGeNQSC0o//tyDxY70f+vF
d4oBoINgMULWnyIFoJb0xnqIavPOnq2rWPg73bqOw/VbbTjcK4zGwuqkKQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEaVwBjmmKqPi0hyoKGHg53z8Fh6MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUnBYQUdPYVlxby1MU0hLZ29ZZURuZlB3V0hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUpiwAwQA
UpizAwQAUplEAwQAUpnwAwQAUpnzMA0GCSqGSIb3DQEBCwUAA4IBAQB/8N6MwZCu
7cDodxjHq5puJGUO8zZT/IxG9Zj5sEvOwo0HH3WMMNTfGK8gWeGcGFIMwnoNlSb2
QcO4LYNz8OueBOCkYLhLqeqSDXEjfZ5mzyYKuFAErjr2KIG2Za6VKIIhbDp1pVoZ
IXnFXog7uFsycsVk5Xzr4/CQFG5E2lQ9nuhU9XhWM2lTkuWplMR5eeE4aviv1p2B
t+opRmgqmqjrZIILXCsv8eCUucfGeW3soj81Tjqh2LJ+CLrX+GFQGoDD/1uCB4bV
hjXytTzoTdHY0htGVQWqEST+XRDVdt4JhSGH7uF/y8aCGzCdkhcA+WM/Gp/ui4xL
1LwSPt6McaL/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org