Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tKrXZqruslB-r67qjXcTeiNKiIU.roa
File:                     tKrXZqruslB-r67qjXcTeiNKiIU.roa (raw, json)
Hash identifier:          pGNmWrOIEdZ75iTzOlgVGUtD/HlYW/jkQjh54ez6Uu0=
Subject key identifier:   B4:AA:D7:66:AA:EE:B2:50:7E:AF:AE:EA:8D:77:13:7A:23:4A:88:85
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0182C4977313FBB33994E7ECA8A3EF3CC637
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tKrXZqruslB-r67qjXcTeiNKiIU.roa
Signing time:             Mon 22 Aug 2022 08:07:15 +0000
ROA not before:           Mon 22 Aug 2022 08:07:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207459
IP address blocks:        82.153.249.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:c4:97:73:13:fb:b3:39:94:e7:ec:a8:a3:ef:3c:c6:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug 22 08:07:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b4aad766aaeeb2507eafaeea8d77137a234a8885
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:b5:00:12:5d:c8:1a:44:74:c4:e9:1d:00:03:
                    7f:59:97:10:ac:75:cb:fd:87:0b:ad:2c:26:06:40:
                    fa:fe:ef:b7:ba:f3:e0:f5:69:ab:e6:ce:46:eb:eb:
                    d4:03:09:98:7b:c9:9a:0a:d6:87:9a:e3:85:e4:67:
                    12:2f:d8:65:20:c3:12:8e:f5:72:2b:03:59:36:27:
                    7c:5c:55:80:d1:66:08:ca:29:70:6b:35:88:d1:25:
                    5a:2b:c2:9d:b2:7b:2f:98:84:33:19:71:eb:1a:8a:
                    3f:28:ca:18:29:cd:78:e0:68:65:c0:dd:c0:f9:0c:
                    76:ce:d8:7f:6a:d1:c4:6f:9d:15:07:ae:d7:80:02:
                    12:bd:8d:b5:8d:9f:e4:0f:48:36:82:84:b5:e5:a1:
                    b0:3f:4c:2f:6c:b3:7e:9e:f1:cb:21:ef:bc:dd:81:
                    cd:61:a2:de:6e:39:6d:57:aa:a3:f8:f3:6a:8b:66:
                    c7:81:21:bf:dc:13:d3:f5:1b:41:3d:4f:ec:3e:de:
                    ce:5b:3f:83:2f:d2:65:6c:98:4f:ce:9a:79:27:23:
                    44:43:35:60:36:73:39:b4:be:79:f1:a5:f9:e0:4d:
                    bc:29:8a:e8:d3:a4:3e:5a:24:5e:8f:ff:ec:7b:ed:
                    2c:b9:e9:21:ee:dc:00:36:55:a9:fc:ae:65:11:e0:
                    d5:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:AA:D7:66:AA:EE:B2:50:7E:AF:AE:EA:8D:77:13:7A:23:4A:88:85
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tKrXZqruslB-r67qjXcTeiNKiIU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:8e:09:5d:8b:0c:8a:d1:fa:c7:14:a7:3a:c6:37:e2:d7:8b:
         5e:07:51:81:f5:bd:f3:f2:12:c0:b9:c1:d6:1d:72:7d:6a:59:
         fe:53:44:ad:20:a1:1a:7c:3e:24:4f:78:d0:35:cb:07:00:a1:
         df:12:37:99:54:b6:4f:a0:10:d9:ca:8d:86:5a:ed:6f:6b:82:
         4c:95:aa:b4:64:e0:0e:73:49:ef:13:5d:f1:9b:75:f9:3b:90:
         f2:f5:f9:e5:b2:b9:83:04:12:3b:7e:d7:31:82:eb:38:c2:11:
         71:d9:bd:22:c5:63:a0:b5:a1:eb:6b:7b:50:02:42:f1:2b:cd:
         2e:37:50:e3:e7:a4:c6:75:5e:7b:ac:5c:6f:81:7d:42:f5:ed:
         ae:e3:3b:e3:60:62:ef:bf:91:85:5a:12:65:c0:97:d0:c1:13:
         64:1e:7f:78:01:ed:57:c0:d9:2b:e3:a8:ac:09:55:ed:13:04:
         e1:ea:43:76:0d:00:ae:ba:29:94:de:c0:cc:06:44:f9:70:b7:
         fc:3f:99:6b:1b:24:a2:4a:e7:ae:8c:a5:14:23:26:14:d3:f8:
         5e:31:02:16:a3:a1:23:e7:b7:da:d4:76:e3:27:cc:5d:00:f9:
         a6:cd:a1:22:5d:28:84:5e:a3:a5:8c:4c:d8:49:4a:ab:f6:a9:
         08:eb:20:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLEl3MT+7M5lOfsqKPvPMY3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIwODIyMDgwNzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGFhZDc2NmFhZWViMjUwN2VhZmFlZWE4ZDc3MTM3YTIzNGE4ODg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLUAEl3IGkR0xOkdAAN/WZcQrHXL
/YcLrSwmBkD6/u+3uvPg9Wmr5s5G6+vUAwmYe8maCtaHmuOF5GcSL9hlIMMSjvVy
KwNZNid8XFWA0WYIyilwazWI0SVaK8KdsnsvmIQzGXHrGoo/KMoYKc144GhlwN3A
+Qx2zth/atHEb50VB67XgAISvY21jZ/kD0g2goS15aGwP0wvbLN+nvHLIe+83YHN
YaLebjltV6qj+PNqi2bHgSG/3BPT9RtBPU/sPt7OWz+DL9JlbJhPzpp5JyNEQzVg
NnM5tL558aX54E28KYro06Q+WiRej//se+0suekh7twANlWp/K5lEeDVyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLSq12aq7rJQfq+u6o13E3ojSoiFMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdEtyWFpxcnVzbEItcjY3cWpYY1RlaU5LaUlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpn5MA0G
CSqGSIb3DQEBCwUAA4IBAQAqjgldiwyK0frHFKc6xjfi14teB1GB9b3z8hLAucHW
HXJ9aln+U0StIKEafD4kT3jQNcsHAKHfEjeZVLZPoBDZyo2GWu1va4JMlaq0ZOAO
c0nvE13xm3X5O5Dy9fnlsrmDBBI7ftcxgus4whFx2b0ixWOgtaHra3tQAkLxK80u
N1Dj56TGdV57rFxvgX1C9e2u4zvjYGLvv5GFWhJlwJfQwRNkHn94Ae1XwNkr46is
CVXtEwTh6kN2DQCuuimU3sDMBkT5cLf8P5lrGySiSueujKUUIyYU0/heMQIWo6Ej
57fa1HbjJ8xdAPmmzaEiXSiEXqOljEzYSUqr9qkI6yBE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org