Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XDgYzzwRVEFxfdIBAYsKRWZaYkA.roa
File:                     XDgYzzwRVEFxfdIBAYsKRWZaYkA.roa (raw, json)
Hash identifier:          XViMsb79KP7N166AuF6MiTcR3LLg8eFKx+8DJo3cXXc=
Subject key identifier:   5C:38:18:CF:3C:11:54:41:71:7D:D2:01:01:8B:0A:45:66:5A:62:40
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018267EE40A437754C394EFACE956B4BCA40
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XDgYzzwRVEFxfdIBAYsKRWZaYkA.roa
Signing time:             Thu 04 Aug 2022 08:17:23 +0000
ROA not before:           Thu 04 Aug 2022 08:17:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210546
IP address blocks:        81.168.35.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:67:ee:40:a4:37:75:4c:39:4e:fa:ce:95:6b:4b:ca:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug  4 08:17:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5c3818cf3c115441717dd201018b0a45665a6240
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:ae:00:88:59:a9:82:8a:26:1c:22:a7:d8:a3:
                    6d:bf:89:26:c9:48:42:52:38:97:5c:52:75:e5:6e:
                    3f:23:98:a4:69:7b:a1:b4:4e:e6:c8:6f:42:d6:d7:
                    8b:a9:42:44:ed:4d:e1:55:dd:64:6d:08:aa:6a:e5:
                    8a:9e:33:81:4e:c7:97:ea:6f:5a:9a:f5:8c:1c:73:
                    16:86:38:56:b0:4e:8c:97:56:df:cd:9d:4b:b1:35:
                    a9:03:a6:22:48:a8:5e:ea:52:02:bb:49:3f:20:50:
                    f0:b3:39:39:04:a9:fd:5b:7f:35:80:b7:db:a2:68:
                    0c:98:83:04:48:28:14:f5:3c:2e:af:9f:ed:0a:f4:
                    eb:82:40:33:35:a7:82:53:45:7e:c9:dd:26:fa:c4:
                    15:8f:76:16:29:e2:59:63:20:d7:0b:fc:94:d0:1e:
                    1f:48:99:f2:46:b1:38:dc:03:79:a4:4b:b0:0e:7e:
                    97:eb:89:34:b8:a0:5a:57:29:27:e1:8a:0d:73:45:
                    5e:01:aa:23:93:12:ab:ff:66:01:81:5e:26:83:f0:
                    b2:29:7d:b1:80:0e:46:f0:cf:1f:c3:ad:a6:22:47:
                    1c:06:60:00:00:0f:87:44:26:14:fc:2a:b8:85:14:
                    a7:c5:f7:82:47:95:f1:11:27:5d:05:9c:0d:ff:33:
                    6e:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:38:18:CF:3C:11:54:41:71:7D:D2:01:01:8B:0A:45:66:5A:62:40
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XDgYzzwRVEFxfdIBAYsKRWZaYkA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.35.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:c7:a5:73:87:2e:57:fc:0c:d3:1c:8e:7e:86:30:20:04:f5:
         68:8e:90:24:c0:34:41:51:e2:fb:d8:4b:11:a5:85:5f:ca:ae:
         82:60:6a:11:ef:89:3e:52:58:56:e8:ac:bf:f3:f9:0f:dc:08:
         b2:a0:a4:34:93:34:da:c5:fa:4b:5a:83:ed:42:85:d1:c8:dd:
         bb:f0:da:38:5b:e9:c9:be:c5:5d:d7:7b:83:4a:91:c2:bd:c2:
         0d:3c:a2:00:8a:31:ba:51:d2:05:c7:85:9e:34:63:0c:29:1e:
         1f:65:24:8c:2a:63:0e:3f:ef:6b:d8:7c:e8:cc:53:a4:3c:25:
         8a:ab:dd:a4:be:c2:b3:1c:5c:d0:73:9c:88:68:a3:8f:b7:ce:
         32:30:5d:63:a4:80:44:8f:e3:69:47:67:eb:6d:9a:3f:75:c4:
         97:c8:73:b2:cd:c2:dc:ee:83:90:29:e7:d0:87:66:7e:f6:9f:
         c3:4a:b1:cd:d1:1c:3c:15:63:6c:5d:33:f6:f5:b1:e9:17:fd:
         a1:58:6f:d2:70:0c:27:e7:fc:6e:28:a1:75:9d:6f:5c:85:4c:
         3d:16:9f:f7:44:4e:5a:c5:cb:f2:0d:b5:99:b8:76:73:74:b0:
         df:11:4e:bb:da:55:8d:45:a1:2b:7f:06:8a:47:9f:16:98:f8:
         ce:4b:b6:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJn7kCkN3VMOU76zpVrS8pAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIwODA0MDgxNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzM4MThjZjNjMTE1NDQxNzE3ZGQyMDEwMThiMGE0NTY2NWE2MjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz64AiFmpgoomHCKn2KNtv4kmyUhC
UjiXXFJ15W4/I5ikaXuhtE7myG9C1teLqUJE7U3hVd1kbQiqauWKnjOBTseX6m9a
mvWMHHMWhjhWsE6Ml1bfzZ1LsTWpA6YiSKhe6lICu0k/IFDwszk5BKn9W381gLfb
omgMmIMESCgU9Twur5/tCvTrgkAzNaeCU0V+yd0m+sQVj3YWKeJZYyDXC/yU0B4f
SJnyRrE43AN5pEuwDn6X64k0uKBaVykn4YoNc0VeAaojkxKr/2YBgV4mg/CyKX2x
gA5G8M8fw62mIkccBmAAAA+HRCYU/Cq4hRSnxfeCR5XxESddBZwN/zNuLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFw4GM88EVRBcX3SAQGLCkVmWmJAMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWERnWXp6d1JWRUZ4ZmRJQkFZc0tSV1phWWtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUagjMA0G
CSqGSIb3DQEBCwUAA4IBAQBVx6Vzhy5X/AzTHI5+hjAgBPVojpAkwDRBUeL72EsR
pYVfyq6CYGoR74k+UlhW6Ky/8/kP3AiyoKQ0kzTaxfpLWoPtQoXRyN278No4W+nJ
vsVd13uDSpHCvcINPKIAijG6UdIFx4WeNGMMKR4fZSSMKmMOP+9r2HzozFOkPCWK
q92kvsKzHFzQc5yIaKOPt84yMF1jpIBEj+NpR2frbZo/dcSXyHOyzcLc7oOQKefQ
h2Z+9p/DSrHN0Rw8FWNsXTP29bHpF/2hWG/ScAwn5/xuKKF1nW9chUw9Fp/3RE5a
xcvyDbWZuHZzdLDfEU672lWNRaErfwaKR58WmPjOS7Yd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org