Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ulvRegiSqLLXHtHivy3Y_g5Ht9M.roa
File:                     ulvRegiSqLLXHtHivy3Y_g5Ht9M.roa (raw, json)
Hash identifier:          6UHSK9I3nB0HJ03ldGmRVCeT8MS8XwpeY17QnTWACwo=
Subject key identifier:   BA:5B:D1:7A:08:92:A8:B2:D7:1E:D1:E2:BF:2D:D8:FE:0E:47:B7:D3
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0182AB4B0A5B5364FE92DC15D11A08ABC2F9
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ulvRegiSqLLXHtHivy3Y_g5Ht9M.roa
Signing time:             Wed 17 Aug 2022 10:13:17 +0000
ROA not before:           Wed 17 Aug 2022 10:13:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:ab:4b:0a:5b:53:64:fe:92:dc:15:d1:1a:08:ab:c2:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Aug 17 10:13:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ba5bd17a0892a8b2d71ed1e2bf2dd8fe0e47b7d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:98:11:49:4a:c6:49:41:f2:eb:a4:16:41:3d:
                    41:bc:90:29:29:e1:0a:11:f4:9c:9c:03:bd:bb:1e:
                    51:b8:82:66:b8:b8:40:59:a8:90:27:8c:c7:49:b0:
                    96:49:42:d6:a2:9d:0a:2e:b1:f5:d3:5a:a0:d1:8b:
                    71:5f:ef:ae:7b:ce:60:31:eb:1b:49:8f:8b:c7:74:
                    74:4a:4f:64:b5:22:62:bf:c8:73:89:fd:11:45:d2:
                    4a:f5:2c:1b:97:42:1a:6d:0f:81:2a:97:a3:7b:3d:
                    bb:d0:20:87:04:a0:a4:e9:96:7c:7e:8e:b6:e6:bf:
                    a6:9f:4e:10:3e:46:59:28:3a:12:f2:2c:fa:fa:5b:
                    aa:d4:6b:8b:52:8f:e8:16:c0:27:de:65:ac:07:2d:
                    b7:cb:27:f6:05:e9:9c:90:8f:f4:93:fa:4c:90:9d:
                    13:9c:6e:a6:b2:fe:c4:5a:b0:38:5e:b1:3d:ab:36:
                    8f:f6:da:22:e3:7c:00:1a:50:40:5d:24:ea:68:98:
                    f8:78:54:b7:14:dd:22:d5:f8:4c:24:0c:58:84:7a:
                    4e:aa:cd:39:dd:ba:30:6a:8e:a9:8f:8f:db:d7:0b:
                    c5:9b:1e:d5:a0:25:8f:a0:d6:6a:1b:34:8a:e4:9f:
                    fa:4b:52:34:b0:37:9b:ca:d3:d8:c3:fc:13:3a:d0:
                    54:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:5B:D1:7A:08:92:A8:B2:D7:1E:D1:E2:BF:2D:D8:FE:0E:47:B7:D3
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ulvRegiSqLLXHtHivy3Y_g5Ht9M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.119.0/24
                  81.168.123.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:81:c6:78:ac:d6:ec:3c:fd:cf:41:52:52:09:13:b0:94:f8:
         a1:f2:02:a7:3e:bb:6a:c7:7a:3a:d7:05:f8:fe:03:c6:92:a2:
         10:b2:e2:08:c4:49:00:e9:6c:45:8e:6f:63:66:f3:49:5e:bc:
         f0:bc:66:38:86:2d:27:62:1e:1d:e7:c3:96:61:1f:fc:a0:69:
         fc:1e:4c:67:3d:b6:97:03:29:99:0c:5b:27:0b:33:b2:f8:30:
         dd:88:cb:40:11:e7:71:eb:ae:ca:7d:fb:23:d9:25:83:20:76:
         62:70:b7:c6:f7:fd:9c:11:9e:98:52:86:d9:78:23:9a:0a:24:
         b8:fe:bb:4d:0f:00:8e:6a:52:56:ad:6c:44:54:db:65:a1:30:
         ff:26:5b:8d:9b:b3:fa:a6:c4:f5:f5:e7:dc:ac:c4:32:b6:65:
         cd:b8:24:82:75:b6:49:54:28:74:82:0c:69:68:b8:a5:01:d5:
         bb:5a:df:56:3d:06:d2:de:34:3b:06:6d:ab:b1:e6:66:fc:96:
         01:4a:03:2a:27:88:dc:9b:e3:55:07:6e:4a:ac:42:58:f2:31:
         13:57:37:cc:05:c1:e4:67:b9:cc:ac:12:f1:78:bb:d8:2d:9d:
         58:45:be:05:d2:89:a9:59:bf:f8:a8:db:fc:0b:53:f3:94:0a:
         09:79:27:a0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYKrSwpbU2T+ktwV0RoIq8L5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIwODE3MTAxMzE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTViZDE3YTA4OTJhOGIyZDcxZWQxZTJiZjJkZDhmZTBlNDdiN2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5gRSUrGSUHy66QWQT1BvJApKeEK
EfScnAO9ux5RuIJmuLhAWaiQJ4zHSbCWSULWop0KLrH101qg0YtxX++ue85gMesb
SY+Lx3R0Sk9ktSJiv8hzif0RRdJK9Swbl0IabQ+BKpejez270CCHBKCk6ZZ8fo62
5r+mn04QPkZZKDoS8iz6+luq1GuLUo/oFsAn3mWsBy23yyf2BemckI/0k/pMkJ0T
nG6msv7EWrA4XrE9qzaP9toi43wAGlBAXSTqaJj4eFS3FN0i1fhMJAxYhHpOqs05
3bowao6pj4/b1wvFmx7VoCWPoNZqGzSK5J/6S1I0sDebytPYw/wTOtBUpQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLpb0XoIkqiy1x7R4r8t2P4OR7fTMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdWx2UmVnaVNxTExYSHRIaXZ5M1lfZzVIdDlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUah3AwQA
Uah7MA0GCSqGSIb3DQEBCwUAA4IBAQBUgcZ4rNbsPP3PQVJSCROwlPih8gKnPrtq
x3o61wX4/gPGkqIQsuIIxEkA6WxFjm9jZvNJXrzwvGY4hi0nYh4d58OWYR/8oGn8
HkxnPbaXAymZDFsnCzOy+DDdiMtAEedx667Kffsj2SWDIHZicLfG9/2cEZ6YUobZ
eCOaCiS4/rtNDwCOalJWrWxEVNtloTD/JluNm7P6psT19efcrMQytmXNuCSCdbZJ
VCh0ggxpaLilAdW7Wt9WPQbS3jQ7Bm2rseZm/JYBSgMqJ4jcm+NVB25KrEJY8jET
VzfMBcHkZ7nMrBLxeLvYLZ1YRb4F0ompWb/4qNv8C1PzlAoJeSeg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org