Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pVO8yHrysvLTo9nIFIDEDixd6Ak.roa
File:                     pVO8yHrysvLTo9nIFIDEDixd6Ak.roa (raw, json)
Hash identifier:          0nzDPbr+LPGcfPYxKD0UJ+miSC988/A4SjYm0Gve3r8=
Subject key identifier:   A5:53:BC:C8:7A:F2:B2:F2:D3:A3:D9:C8:14:80:C4:0E:2C:5D:E8:09
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01851C8548C3B7BF8BABAD9BDBBBCEFDD623
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pVO8yHrysvLTo9nIFIDEDixd6Ak.roa
Signing time:             Fri 16 Dec 2022 19:59:35 +0000
ROA not before:           Fri 16 Dec 2022 19:59:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        82.153.240.0/24 maxlen: 24
                          82.152.176.0/24 maxlen: 24
                          82.152.178.0/24 maxlen: 24
                          82.152.179.0/24 maxlen: 24
                          82.153.243.0/24 maxlen: 24
                          82.153.68.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:1c:85:48:c3:b7:bf:8b:ab:ad:9b:db:bb:ce:fd:d6:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Dec 16 19:59:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a553bcc87af2b2f2d3a3d9c81480c40e2c5de809
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:31:2a:dc:3f:23:2d:91:32:02:27:b3:7b:37:
                    3d:5d:3c:61:77:23:b2:3a:3e:4e:14:be:7d:02:ba:
                    8d:2b:64:fc:a4:0c:f0:8e:8f:e7:2c:09:41:98:dd:
                    e0:89:a5:58:f2:74:3e:38:e3:ab:44:cc:7a:6e:eb:
                    b8:f5:36:2f:ed:79:98:f1:62:4a:0c:c9:80:d0:4b:
                    04:78:9b:f5:72:3f:49:2c:70:4b:fa:67:ff:a0:9c:
                    b8:76:dc:53:ac:f9:91:b9:f5:95:31:5d:e5:46:c9:
                    76:ae:2d:8f:49:e6:ff:eb:37:41:34:5c:ba:f9:a5:
                    c2:d3:93:11:8f:29:e5:aa:e8:0c:17:c0:3b:99:a3:
                    da:64:03:1f:10:dd:6d:3b:a2:2b:dc:3b:d7:d4:50:
                    64:fa:f0:c7:cf:8f:76:17:5e:3d:8f:2c:ba:d5:df:
                    dd:21:b4:ed:19:60:87:d0:c1:03:14:14:a9:c4:56:
                    2d:78:f4:b6:65:dd:c6:36:48:32:9f:fa:14:22:6c:
                    50:40:72:8e:30:7e:94:fa:99:ef:eb:35:93:d7:ed:
                    f0:5d:1e:c2:8b:05:5e:75:39:69:8e:d1:dc:89:f5:
                    69:4a:6e:1d:81:3f:c7:3a:47:48:13:38:0f:d7:cc:
                    c9:25:05:72:6d:4f:57:3b:f8:88:41:c5:0d:12:5c:
                    9c:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:53:BC:C8:7A:F2:B2:F2:D3:A3:D9:C8:14:80:C4:0E:2C:5D:E8:09
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pVO8yHrysvLTo9nIFIDEDixd6Ak.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.152.176.0/24
                  82.152.178.0/23
                  82.153.68.0/24
                  82.153.240.0/24
                  82.153.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:44:b8:75:41:05:ed:d0:9a:5f:2e:61:bf:b6:f5:ae:61:17:
         5e:8c:af:2a:c3:4b:8f:8a:a3:82:f8:15:75:d7:de:83:fc:8e:
         30:5f:41:65:98:45:32:98:04:96:79:2c:1d:f1:a0:69:4f:92:
         4c:a6:b5:14:2a:d0:88:47:05:5b:d7:45:93:d4:85:f9:c4:21:
         03:48:cc:08:58:76:5c:37:84:cd:81:32:cd:3d:59:42:0b:23:
         9d:b1:59:bd:43:d1:22:23:4c:83:0f:a7:ea:bb:4c:0c:43:af:
         11:bc:fb:12:56:11:22:c3:00:57:df:cb:be:da:f8:66:70:1b:
         2e:4f:f8:f5:ac:4b:0d:32:e8:0f:f3:ce:16:70:89:be:13:15:
         7d:6e:db:9e:a0:db:8d:cc:c3:93:4e:08:3f:89:0a:bc:19:7a:
         5d:a2:77:cf:3a:f6:9a:1b:96:7a:3d:56:b9:5f:e8:c7:24:51:
         4b:c0:8f:fe:95:91:24:fe:8a:11:c5:cd:b3:83:00:12:49:23:
         3f:d8:8d:f9:b3:e5:cc:be:e7:4c:41:2a:92:d6:2b:b5:c9:60:
         31:f1:54:e0:95:ad:3e:14:07:97:d2:d8:2d:09:6b:54:95:69:
         c7:f2:e1:4e:7b:f2:67:ca:ed:f5:e0:04:3a:e5:74:17:c2:76:
         6f:3e:61:75
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYUchUjDt7+Lq62b27vO/dYjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIxMjE2MTk1OTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTUzYmNjODdhZjJiMmYyZDNhM2Q5YzgxNDgwYzQwZTJjNWRlODA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDEq3D8jLZEyAiezezc9XTxhdyOy
Oj5OFL59ArqNK2T8pAzwjo/nLAlBmN3giaVY8nQ+OOOrRMx6buu49TYv7XmY8WJK
DMmA0EsEeJv1cj9JLHBL+mf/oJy4dtxTrPmRufWVMV3lRsl2ri2PSeb/6zdBNFy6
+aXC05MRjynlqugMF8A7maPaZAMfEN1tO6Ir3DvX1FBk+vDHz492F149jyy61d/d
IbTtGWCH0MEDFBSpxFYtePS2Zd3GNkgyn/oUImxQQHKOMH6U+pnv6zWT1+3wXR7C
iwVedTlpjtHcifVpSm4dgT/HOkdIEzgP18zJJQVybU9XO/iIQcUNElyckwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKVTvMh68rLy06PZyBSAxA4sXegJMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcFZPOHlIcnlzdkxUbzluSUZJREVEaXhkNkFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUpiwAwQB
UpiyAwQAUplEAwQAUpnwAwQAUpnzMA0GCSqGSIb3DQEBCwUAA4IBAQBNRLh1QQXt
0JpfLmG/tvWuYRdejK8qw0uPiqOC+BV1196D/I4wX0FlmEUymASWeSwd8aBpT5JM
prUUKtCIRwVb10WT1IX5xCEDSMwIWHZcN4TNgTLNPVlCCyOdsVm9Q9EiI0yDD6fq
u0wMQ68RvPsSVhEiwwBX38u+2vhmcBsuT/j1rEsNMugP884WcIm+ExV9btueoNuN
zMOTTgg/iQq8GXpdonfPOvaaG5Z6PVa5X+jHJFFLwI/+lZEk/ooRxc2zgwASSSM/
2I35s+XMvudMQSqS1iu1yWAx8VTgla0+FAeX0tgtCWtUlWnH8uFOe/Jnyu314AQ6
5XQXwnZvPmF1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org