Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/mJN0nWtUE50y2HNGaNiVDJnVS2Y.roa
File:                     mJN0nWtUE50y2HNGaNiVDJnVS2Y.roa (raw, json)
Hash identifier:          uAO0fcByi+MONIWDr7Y2F23HhkYTYUGHAn/dyJAqS1c=
Subject key identifier:   98:93:74:9D:6B:54:13:9D:32:D8:73:46:68:D8:95:0C:99:D5:4B:66
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0184376582B5E8FA69028D8A97F4824DB99E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/mJN0nWtUE50y2HNGaNiVDJnVS2Y.roa
Signing time:             Wed 02 Nov 2022 08:11:50 +0000
ROA not before:           Wed 02 Nov 2022 08:11:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49999
IP address blocks:        82.153.248.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:37:65:82:b5:e8:fa:69:02:8d:8a:97:f4:82:4d:b9:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Nov  2 08:11:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9893749d6b54139d32d8734668d8950c99d54b66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:2b:89:65:75:d5:f9:fc:df:98:f5:e1:a5:8e:
                    e7:0f:2d:99:a7:0c:1a:e5:40:de:1d:78:20:13:eb:
                    1f:72:29:03:75:dd:22:8d:46:08:05:a0:6c:cc:26:
                    e5:9a:7b:55:c9:73:6b:2d:3c:33:b8:f6:cf:fe:7e:
                    8a:cd:b2:a8:29:71:a1:03:bf:64:96:3b:63:2b:d4:
                    44:21:63:c2:4b:74:5a:7a:74:be:a5:88:16:14:f5:
                    5f:bd:dd:df:7b:a8:c2:8a:7a:b1:c0:d6:ff:42:3d:
                    b6:25:cf:d9:a9:75:29:51:1b:d6:14:d2:af:c0:6f:
                    dd:ac:21:8a:50:ac:c8:7b:b6:8a:10:9b:da:7b:38:
                    9e:b8:2f:5d:a5:c9:c6:0c:b2:2f:14:25:1b:99:86:
                    c4:12:3c:3b:f6:bc:73:6d:98:00:3f:d2:2f:6a:dd:
                    ea:4f:69:92:28:73:2f:ff:bf:bf:f6:0d:27:39:4c:
                    78:8f:76:08:fd:5b:a7:e7:2e:51:39:06:e2:22:e5:
                    19:f1:19:b0:64:11:4e:1c:90:81:d7:f9:b7:4f:14:
                    4e:9f:6d:53:43:d0:20:82:01:28:3d:d0:9f:1b:8a:
                    35:16:1a:15:72:b0:f3:d0:19:99:b7:23:e5:0d:91:
                    3d:fc:39:cb:ab:8d:0e:56:23:a8:b4:f0:62:e3:cb:
                    a4:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:93:74:9D:6B:54:13:9D:32:D8:73:46:68:D8:95:0C:99:D5:4B:66
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/mJN0nWtUE50y2HNGaNiVDJnVS2Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:b1:4f:8e:ac:a3:c5:cf:42:36:4a:e6:e1:fd:49:05:3f:5d:
         85:5d:b7:9b:0b:43:84:a3:82:06:85:73:be:da:5d:7a:56:3f:
         ba:91:e4:1f:17:c8:5c:f2:53:ef:a2:c2:8f:b5:5b:f7:35:08:
         d7:6d:a4:06:71:08:16:ed:c2:eb:ce:6a:97:42:ee:be:b7:9e:
         25:70:fe:ab:37:3d:53:80:53:bf:ca:8a:00:34:c9:f2:d8:32:
         9f:5d:2a:c7:d3:3f:54:a0:ac:2c:41:21:90:02:6e:84:c7:39:
         80:ab:27:cd:57:b9:bd:ac:29:f6:e5:58:df:a7:20:8d:20:fb:
         09:fa:22:41:30:05:a2:a6:af:80:a4:e9:ba:70:47:4f:06:dc:
         84:8b:c3:4f:2a:cd:0a:57:8a:20:e6:12:69:84:d1:1b:fc:0e:
         1e:f3:cf:d3:1e:b2:d4:44:13:6a:72:21:34:d5:f2:f9:57:11:
         7b:64:20:4f:54:76:8c:04:f5:dc:4f:9b:32:f5:14:d3:65:c6:
         27:0d:e9:78:fa:1a:5c:df:49:85:c1:f6:79:06:9e:e1:de:47:
         7c:aa:09:60:99:74:7c:eb:fb:71:97:64:34:67:e5:e3:9a:f3:
         a5:1f:ed:cc:63:2d:69:64:68:db:e2:a2:06:a6:a8:f8:fa:e5:
         e6:16:da:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQ3ZYK16PppAo2Kl/SCTbmeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIxMTAyMDgxMTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODkzNzQ5ZDZiNTQxMzlkMzJkODczNDY2OGQ4OTUwYzk5ZDU0YjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCuJZXXV+fzfmPXhpY7nDy2Zpwwa
5UDeHXggE+sfcikDdd0ijUYIBaBszCblmntVyXNrLTwzuPbP/n6KzbKoKXGhA79k
ljtjK9REIWPCS3RaenS+pYgWFPVfvd3fe6jCinqxwNb/Qj22Jc/ZqXUpURvWFNKv
wG/drCGKUKzIe7aKEJvaezieuC9dpcnGDLIvFCUbmYbEEjw79rxzbZgAP9Ivat3q
T2mSKHMv/7+/9g0nOUx4j3YI/Vun5y5ROQbiIuUZ8RmwZBFOHJCB1/m3TxROn21T
Q9AgggEoPdCfG4o1FhoVcrDz0BmZtyPlDZE9/DnLq40OViOotPBi48ukXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJiTdJ1rVBOdMthzRmjYlQyZ1UtmMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbUpOMG5XdFVFNTB5MkhOR2FOaVZESm5WUzJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpn4MA0G
CSqGSIb3DQEBCwUAA4IBAQAbsU+OrKPFz0I2Subh/UkFP12FXbebC0OEo4IGhXO+
2l16Vj+6keQfF8hc8lPvosKPtVv3NQjXbaQGcQgW7cLrzmqXQu6+t54lcP6rNz1T
gFO/yooANMny2DKfXSrH0z9UoKwsQSGQAm6ExzmAqyfNV7m9rCn25VjfpyCNIPsJ
+iJBMAWipq+ApOm6cEdPBtyEi8NPKs0KV4og5hJphNEb/A4e88/THrLURBNqciE0
1fL5VxF7ZCBPVHaMBPXcT5sy9RTTZcYnDel4+hpc30mFwfZ5Bp7h3kd8qglgmXR8
6/txl2Q0Z+XjmvOlH+3MYy1pZGjb4qIGpqj4+uXmFtqk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:31 2024 by rpki-client on console-ams.rpki-client.org