Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/r1bUtNDA7gpcEsdP0OgAEOHnu0w.roa
File:                     r1bUtNDA7gpcEsdP0OgAEOHnu0w.roa (raw, json)
Hash identifier:          rwsYi2TWGBhY4mbpe9pEb0N8mlnffLTJvN1S6eGCaCI=
Subject key identifier:   AF:56:D4:B4:D0:C0:EE:0A:5C:12:C7:4F:D0:E8:00:10:E1:E7:BB:4C
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0183F9FC1B259A97530CA0A6C828746448C4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/r1bUtNDA7gpcEsdP0OgAEOHnu0w.roa
Signing time:             Fri 21 Oct 2022 09:59:52 +0000
ROA not before:           Fri 21 Oct 2022 09:59:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14445
IP address blocks:        82.153.4.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:f9:fc:1b:25:9a:97:53:0c:a0:a6:c8:28:74:64:48:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Oct 21 09:59:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=af56d4b4d0c0ee0a5c12c74fd0e80010e1e7bb4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:f2:70:bf:fb:ea:9a:70:e1:ad:ec:49:cc:be:
                    ad:3a:99:68:60:85:28:89:35:12:ff:1d:52:2b:50:
                    95:c1:50:ca:af:1c:75:5a:7b:b7:d8:66:a2:48:ec:
                    fb:e3:bc:1f:b8:d1:4c:cf:72:75:35:67:06:8e:8d:
                    d0:2c:f1:3e:d8:31:13:e4:1f:57:51:b4:4a:6b:3d:
                    06:dc:a5:e0:df:1e:e0:cd:1e:f6:22:df:17:f0:91:
                    43:6c:26:0a:b4:95:9a:f4:e9:6b:c8:5f:e1:57:45:
                    01:bd:b0:1f:fa:e5:d1:d6:6e:58:56:3b:eb:70:1a:
                    6c:55:ef:56:bc:87:a9:4e:d4:7b:9f:cc:78:bf:f9:
                    54:da:9a:df:ae:0c:9e:d1:a2:55:f4:91:e9:52:83:
                    bf:82:ee:57:50:bb:ad:34:89:61:a4:d5:10:cb:d7:
                    10:e8:5a:94:f9:ac:09:c5:75:87:46:c5:ba:48:1f:
                    2a:c7:33:10:5a:28:6c:eb:28:ea:da:7d:06:42:19:
                    b8:a8:47:6e:3c:9a:c0:bd:ef:aa:88:ee:4d:1c:27:
                    d9:c4:86:47:19:b1:51:b4:99:97:ea:f6:ac:8f:33:
                    b6:ad:74:a7:85:8a:27:45:8d:fc:40:fa:33:f7:aa:
                    40:10:bd:bd:f9:96:be:fc:35:9d:ac:d9:77:ca:a9:
                    fc:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:56:D4:B4:D0:C0:EE:0A:5C:12:C7:4F:D0:E8:00:10:E1:E7:BB:4C
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/r1bUtNDA7gpcEsdP0OgAEOHnu0w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:8d:9e:83:ed:9f:ad:7f:ba:d2:a4:0e:4e:c3:eb:47:8b:ee:
         4b:95:ab:1e:eb:65:bc:6e:52:8e:83:36:13:9d:e0:d7:ab:c9:
         97:d3:91:09:d0:36:62:7d:1c:d9:96:f2:6d:c1:69:99:39:73:
         7c:d7:a3:0e:d0:da:75:56:fe:82:5a:63:f7:a8:c1:69:dd:63:
         b3:c4:15:4b:22:e8:fb:8d:40:18:2e:42:44:83:e9:83:06:15:
         8e:93:9f:ba:e9:2e:0a:5d:3a:78:9e:12:fc:76:64:b8:4b:a6:
         09:15:ac:10:7a:4c:79:ac:30:0a:97:e0:96:bf:f6:3b:9e:38:
         d3:e7:f6:69:e0:67:75:37:0d:a1:57:6b:c4:80:7c:e3:a5:05:
         61:e0:71:dd:a8:5c:6d:0f:2e:0c:b0:c0:91:6a:49:19:5b:92:
         e8:7d:30:23:03:43:cb:a4:6f:69:47:98:e3:c2:68:a7:c3:a9:
         12:42:91:84:17:49:99:05:12:d6:7e:63:5a:9e:4e:c0:c8:0b:
         4c:8d:66:35:40:31:45:44:d8:64:83:47:78:ab:21:61:01:d3:
         1c:5d:17:53:00:24:ca:be:62:2e:cb:cd:cc:50:75:b7:d0:a6:
         43:c3:2e:45:af:16:ce:25:0c:a5:c4:03:28:5b:45:74:b6:9b:
         5d:67:b4:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYP5/BslmpdTDKCmyCh0ZEjEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIxMDIxMDk1OTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjU2ZDRiNGQwYzBlZTBhNWMxMmM3NGZkMGU4MDAxMGUxZTdiYjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvJwv/vqmnDhrexJzL6tOploYIUo
iTUS/x1SK1CVwVDKrxx1Wnu32GaiSOz747wfuNFMz3J1NWcGjo3QLPE+2DET5B9X
UbRKaz0G3KXg3x7gzR72It8X8JFDbCYKtJWa9OlryF/hV0UBvbAf+uXR1m5YVjvr
cBpsVe9WvIepTtR7n8x4v/lU2prfrgye0aJV9JHpUoO/gu5XULutNIlhpNUQy9cQ
6FqU+awJxXWHRsW6SB8qxzMQWihs6yjq2n0GQhm4qEduPJrAve+qiO5NHCfZxIZH
GbFRtJmX6vasjzO2rXSnhYonRY38QPoz96pAEL29+Za+/DWdrNl3yqn8owIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK9W1LTQwO4KXBLHT9DoABDh57tMMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcjFiVXROREE3Z3BjRXNkUDBPZ0FFT0hudTB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpkEMA0G
CSqGSIb3DQEBCwUAA4IBAQANjZ6D7Z+tf7rSpA5Ow+tHi+5Llase62W8blKOgzYT
neDXq8mX05EJ0DZifRzZlvJtwWmZOXN816MO0Np1Vv6CWmP3qMFp3WOzxBVLIuj7
jUAYLkJEg+mDBhWOk5+66S4KXTp4nhL8dmS4S6YJFawQekx5rDAKl+CWv/Y7njjT
5/Zp4Gd1Nw2hV2vEgHzjpQVh4HHdqFxtDy4MsMCRakkZW5LofTAjA0PLpG9pR5jj
wminw6kSQpGEF0mZBRLWfmNank7AyAtMjWY1QDFFRNhkg0d4qyFhAdMcXRdTACTK
vmIuy83MUHW30KZDwy5FrxbOJQylxAMoW0V0tptdZ7Qz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org