Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Ws6VusuSl5soYlOqjUG9zeaU1Ag.roa
File:                     Ws6VusuSl5soYlOqjUG9zeaU1Ag.roa (raw, json)
Hash identifier:          SWnNHiGuK9/kNcs6ebSzUbGXOlFzGvUi63GNd37ZME0=
Subject key identifier:   5A:CE:95:BA:CB:92:97:9B:28:62:53:AA:8D:41:BD:CD:E6:94:D4:08
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01847FAE5C03CECA63CAD8DB6834B01D046C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Ws6VusuSl5soYlOqjUG9zeaU1Ag.roa
Signing time:             Wed 16 Nov 2022 09:04:04 +0000
ROA not before:           Wed 16 Nov 2022 09:04:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61135
IP address blocks:        82.153.246.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:7f:ae:5c:03:ce:ca:63:ca:d8:db:68:34:b0:1d:04:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Nov 16 09:04:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5ace95bacb92979b286253aa8d41bdcde694d408
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:18:0b:ee:bd:36:87:1f:13:b7:81:0b:2e:86:
                    51:4e:ce:15:bb:0a:90:a4:89:95:12:7a:f9:7b:a1:
                    3b:27:c0:e0:4b:78:93:2a:68:85:54:d1:49:68:ef:
                    2f:fb:27:3d:05:12:22:3a:83:77:86:99:38:ca:6f:
                    09:2e:ba:64:4b:71:65:22:84:5d:aa:7a:db:ed:72:
                    23:80:cd:73:02:b1:ad:de:6d:c6:22:bd:c6:17:a8:
                    c2:38:e7:f2:e2:a5:28:9c:44:d0:21:07:c5:49:88:
                    98:1b:2f:6e:a2:60:12:a6:50:6d:e2:57:fd:6f:ec:
                    02:5c:44:98:52:b4:1a:9c:bd:9c:b3:5e:40:20:47:
                    c9:7f:ef:c1:c9:46:8f:b3:bf:9a:b2:29:7e:15:84:
                    de:bf:93:f7:a2:20:30:c3:84:4d:77:dd:4f:80:3b:
                    b7:77:a7:2a:f7:5b:38:c6:76:14:00:da:4b:a7:05:
                    8c:db:41:1e:2c:d9:72:95:9f:ed:a4:b4:a1:d2:8e:
                    d1:81:c1:33:fd:d3:ac:56:19:8c:aa:f3:2a:12:05:
                    8d:cf:d4:72:7c:28:d7:ef:59:f6:0c:1b:da:fb:e4:
                    37:01:10:27:9e:a6:09:08:ec:b5:04:df:3d:7f:2a:
                    6f:fd:a3:d7:33:b8:42:2b:eb:bc:b8:13:e3:22:24:
                    98:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:CE:95:BA:CB:92:97:9B:28:62:53:AA:8D:41:BD:CD:E6:94:D4:08
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Ws6VusuSl5soYlOqjUG9zeaU1Ag.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.246.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:73:7a:0f:9d:b5:02:76:a2:18:1c:56:6d:15:0b:59:06:d4:
         4b:2f:c6:86:ac:d1:c8:30:b4:07:f2:8d:cd:d6:da:33:ce:d8:
         5b:9e:85:34:65:ef:00:d1:05:1a:d4:0b:ee:25:57:d4:f2:69:
         70:e1:d3:3f:96:ef:34:b3:93:02:f7:0f:14:1a:76:2f:df:dd:
         d3:9c:8b:25:03:58:ce:9d:92:8e:7a:72:26:77:80:2d:76:df:
         2a:95:19:7e:ee:c9:90:b2:d9:48:e5:d5:08:98:2d:b5:5c:4b:
         07:89:48:fd:74:59:46:c6:d1:3e:bb:23:40:cb:3c:c8:45:24:
         b7:42:3c:a6:2f:83:d0:93:92:f9:0d:e7:fb:21:5e:d5:25:9b:
         b8:a5:74:15:63:84:65:49:29:5a:13:52:0a:28:c1:b1:3e:c0:
         09:52:f9:1c:ae:3e:40:3f:4d:cc:b9:03:98:26:5f:de:79:69:
         88:02:b6:c0:39:a4:d9:a8:fb:23:f4:fd:46:64:c2:ce:88:89:
         b4:d8:a3:25:35:09:5e:9b:f8:b5:c9:03:4b:c7:dc:94:2d:61:
         d7:ba:91:a2:ed:c6:a7:14:38:4c:86:73:bd:89:19:16:8c:5b:
         97:70:c5:b4:48:d7:ec:88:3c:4d:d8:85:8b:0e:77:0a:ec:78:
         2a:1d:25:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR/rlwDzspjytjbaDSwHQRsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIxMTE2MDkwNDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWNlOTViYWNiOTI5NzliMjg2MjUzYWE4ZDQxYmRjZGU2OTRkNDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohgL7r02hx8Tt4ELLoZRTs4VuwqQ
pImVEnr5e6E7J8DgS3iTKmiFVNFJaO8v+yc9BRIiOoN3hpk4ym8JLrpkS3FlIoRd
qnrb7XIjgM1zArGt3m3GIr3GF6jCOOfy4qUonETQIQfFSYiYGy9uomASplBt4lf9
b+wCXESYUrQanL2cs15AIEfJf+/ByUaPs7+asil+FYTev5P3oiAww4RNd91PgDu3
d6cq91s4xnYUANpLpwWM20EeLNlylZ/tpLSh0o7RgcEz/dOsVhmMqvMqEgWNz9Ry
fCjX71n2DBva++Q3ARAnnqYJCOy1BN89fypv/aPXM7hCK+u8uBPjIiSYawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFrOlbrLkpebKGJTqo1Bvc3mlNQIMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvV3M2VnVzdVNsNXNvWWxPcWpVRzl6ZWFVMUFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpn2MA0G
CSqGSIb3DQEBCwUAA4IBAQASc3oPnbUCdqIYHFZtFQtZBtRLL8aGrNHIMLQH8o3N
1tozzthbnoU0Ze8A0QUa1AvuJVfU8mlw4dM/lu80s5MC9w8UGnYv393TnIslA1jO
nZKOenImd4Atdt8qlRl+7smQstlI5dUImC21XEsHiUj9dFlGxtE+uyNAyzzIRSS3
QjymL4PQk5L5Def7IV7VJZu4pXQVY4RlSSlaE1IKKMGxPsAJUvkcrj5AP03MuQOY
Jl/eeWmIArbAOaTZqPsj9P1GZMLOiIm02KMlNQlem/i1yQNLx9yULWHXupGi7can
FDhMhnO9iRkWjFuXcMW0SNfsiDxN2IWLDncK7HgqHSUW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org