Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qcKxB0amuf0xMExcGAO4PZczleE.roa
File:                     qcKxB0amuf0xMExcGAO4PZczleE.roa (raw, json)
Hash identifier:          L701GprUI+ngbQj8eb0aqlHp+QWzugPy9gIMy34iq+0=
Subject key identifier:   A9:C2:B1:07:46:A6:B9:FD:31:30:4C:5C:18:03:B8:3D:97:33:95:E1
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01855D0A6AB3B253D2B9CF358465EC34D559
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qcKxB0amuf0xMExcGAO4PZczleE.roa
Signing time:             Thu 29 Dec 2022 08:40:41 +0000
ROA not before:           Thu 29 Dec 2022 08:40:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204843
IP address blocks:        81.5.191.0/24 maxlen: 24
                          82.153.242.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:5d:0a:6a:b3:b2:53:d2:b9:cf:35:84:65:ec:34:d5:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Dec 29 08:40:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a9c2b10746a6b9fd31304c5c1803b83d973395e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:7a:c9:46:70:2b:45:51:2a:af:97:59:20:ca:
                    75:55:21:6f:4a:7e:c7:4a:98:1d:c6:5c:0a:af:b4:
                    f2:53:d6:5e:16:60:c7:10:5c:f0:f1:09:f2:a7:b8:
                    70:17:69:6e:94:90:2b:79:2a:d1:6b:f7:b2:e9:12:
                    ef:fe:a8:79:9f:4d:8e:44:b7:29:24:fb:10:a7:0e:
                    f1:8e:d9:c9:cd:76:65:fc:bb:99:00:2a:ce:5e:46:
                    92:4c:de:09:2d:19:8c:09:19:ab:87:20:5b:96:6b:
                    88:3c:47:d9:fe:25:ec:da:a2:e0:11:f9:19:90:51:
                    3f:51:81:4f:14:c9:41:e9:5b:d5:d5:ad:87:b6:22:
                    82:37:2c:9d:73:37:1b:29:e6:69:45:b4:9a:da:c0:
                    ca:56:5a:a2:89:1c:71:8f:0c:c0:e1:0b:bf:b6:94:
                    7b:f0:19:ab:b4:66:4b:8e:cd:7e:7b:96:6a:3a:73:
                    03:9a:06:3b:e6:0f:60:11:85:9e:84:04:73:8f:a5:
                    2c:00:34:60:a0:24:b0:39:01:40:2c:75:3e:bf:2b:
                    0c:14:7d:5d:4e:b5:06:ce:7e:9b:32:fd:6b:86:f2:
                    06:11:fc:06:03:b0:c5:53:9c:ef:7e:8c:fe:2d:f7:
                    17:42:48:d3:d5:39:b7:da:61:9b:a2:0a:37:d5:18:
                    16:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:C2:B1:07:46:A6:B9:FD:31:30:4C:5C:18:03:B8:3D:97:33:95:E1
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qcKxB0amuf0xMExcGAO4PZczleE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.191.0/24
                  82.153.242.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:2e:63:4f:71:4a:99:4f:e3:fd:13:01:ba:a2:93:d7:6c:76:
         ca:40:23:38:06:94:0b:92:00:0a:0a:48:d9:c1:c6:9a:d3:5e:
         0a:d9:f9:ce:36:49:12:bf:e1:d3:ce:d7:df:27:dd:c2:b5:d9:
         d6:b9:19:34:dc:81:db:01:c4:e6:d7:6c:06:53:6a:5d:e3:9d:
         8a:95:b0:54:cf:45:74:9f:53:6f:1e:b2:90:a0:ca:59:57:69:
         92:63:2a:c8:27:72:f7:83:a6:46:89:3e:5d:dd:b4:4d:76:1e:
         3b:f2:80:1c:cb:0f:f5:fe:9b:c1:05:07:88:0f:c3:03:93:5b:
         2b:1e:1c:5b:ba:42:cd:8b:46:07:5d:fd:bc:b8:f9:63:17:10:
         25:d4:15:2b:8b:4e:0d:1a:5e:3b:e8:e1:fc:a8:28:27:33:2e:
         40:06:0d:05:f3:41:b3:fa:bc:36:ca:d7:40:df:9d:53:34:9a:
         ab:0c:af:c2:34:34:4e:86:95:6b:f7:3b:ec:af:63:90:25:b4:
         11:ff:66:7d:98:3e:e4:55:b9:31:00:ee:53:8a:1e:cf:3e:4f:
         7a:1f:e0:ce:04:42:e7:0a:92:e1:6d:0d:76:c6:6e:c8:7d:b9:
         63:2f:31:ea:63:ac:bc:b2:ba:39:fe:bc:f2:33:3f:76:41:ca:
         60:a0:1a:00
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVdCmqzslPSuc81hGXsNNVZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIxMjI5MDg0MDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWMyYjEwNzQ2YTZiOWZkMzEzMDRjNWMxODAzYjgzZDk3MzM5NWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknrJRnArRVEqr5dZIMp1VSFvSn7H
SpgdxlwKr7TyU9ZeFmDHEFzw8Qnyp7hwF2lulJAreSrRa/ey6RLv/qh5n02ORLcp
JPsQpw7xjtnJzXZl/LuZACrOXkaSTN4JLRmMCRmrhyBblmuIPEfZ/iXs2qLgEfkZ
kFE/UYFPFMlB6VvV1a2HtiKCNyydczcbKeZpRbSa2sDKVlqiiRxxjwzA4Qu/tpR7
8BmrtGZLjs1+e5ZqOnMDmgY75g9gEYWehARzj6UsADRgoCSwOQFALHU+vysMFH1d
TrUGzn6bMv1rhvIGEfwGA7DFU5zvfoz+LfcXQkjT1Tm32mGbogo31RgW3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKnCsQdGprn9MTBMXBgDuD2XM5XhMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcWNLeEIwYW11ZjB4TUV4Y0dBTzRQWmN6bGVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUQW/AwQA
UpnyMA0GCSqGSIb3DQEBCwUAA4IBAQAoLmNPcUqZT+P9EwG6opPXbHbKQCM4BpQL
kgAKCkjZwcaa014K2fnONkkSv+HTztffJ93CtdnWuRk03IHbAcTm12wGU2pd452K
lbBUz0V0n1NvHrKQoMpZV2mSYyrIJ3L3g6ZGiT5d3bRNdh478oAcyw/1/pvBBQeI
D8MDk1srHhxbukLNi0YHXf28uPljFxAl1BUri04NGl476OH8qCgnMy5ABg0F80Gz
+rw2ytdA351TNJqrDK/CNDROhpVr9zvsr2OQJbQR/2Z9mD7kVbkxAO5Tih7PPk96
H+DOBELnCpLhbQ12xm7IfbljLzHqY6y8sro5/rzyMz92QcpgoBoA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org