Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xjRboQJGkNvCowdEK_HrnXa9HzM.roa
File:                     xjRboQJGkNvCowdEK_HrnXa9HzM.roa (raw, json)
Hash identifier:          6P0fMg5AM87lvszPEwB0kjEcc4ODTa50ME2GsFY8nis=
Subject key identifier:   C6:34:5B:A1:02:46:90:DB:C2:A3:07:44:2B:F1:EB:9D:76:BD:1F:33
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0184BD79E2A4B9EEB058C735264AE468584C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xjRboQJGkNvCowdEK_HrnXa9HzM.roa
Signing time:             Mon 28 Nov 2022 09:03:12 +0000
ROA not before:           Mon 28 Nov 2022 09:03:12 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        81.5.191.0/24 maxlen: 24
                          82.153.245.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:bd:79:e2:a4:b9:ee:b0:58:c7:35:26:4a:e4:68:58:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Nov 28 09:03:12 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c6345ba1024690dbc2a307442bf1eb9d76bd1f33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:50:e1:c6:a1:00:3e:b4:38:e8:8d:b9:9b:d6:
                    81:27:56:c0:45:38:ee:a2:02:58:6c:c4:cd:49:d2:
                    cc:41:f0:77:09:67:56:33:42:3b:c0:89:fa:00:7c:
                    d0:81:52:74:e5:bb:c3:f6:40:eb:c9:3c:fa:67:05:
                    14:bd:63:2c:3d:c8:19:91:de:b3:e9:b7:b4:a5:0e:
                    91:66:4d:13:d2:40:9a:ae:8e:2b:b1:50:68:7e:3e:
                    d6:26:8a:5c:09:70:ad:a4:56:25:25:aa:fa:51:1a:
                    09:9c:3d:b0:2e:8a:84:dc:e3:96:9c:5d:1d:01:a2:
                    37:0f:7c:03:ad:1d:67:d2:53:60:84:6d:57:09:5b:
                    c6:8a:98:fe:9c:7c:17:6e:92:5c:47:e1:d3:62:df:
                    e5:4b:52:dd:c0:a6:79:81:25:8b:97:27:bb:be:8e:
                    4e:25:5b:76:38:87:bd:f8:fc:3e:71:db:f8:4e:22:
                    5e:88:28:e4:a5:cb:81:36:e1:25:19:99:c0:55:cc:
                    61:1e:f9:98:8b:3c:96:51:43:6b:68:92:2d:f6:21:
                    78:af:c0:36:15:c2:c8:ad:da:72:16:a2:12:ef:84:
                    17:00:5b:a9:09:3c:12:80:da:58:32:e3:f0:32:81:
                    fa:26:c8:c4:68:69:2b:eb:9a:48:b3:95:a3:3c:47:
                    9e:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:34:5B:A1:02:46:90:DB:C2:A3:07:44:2B:F1:EB:9D:76:BD:1F:33
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xjRboQJGkNvCowdEK_HrnXa9HzM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.191.0/24
                  81.168.119.0/24
                  81.168.123.0/24
                  82.153.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:81:69:6d:b1:2f:3f:d5:22:05:c9:87:be:46:01:96:22:f6:
         67:3a:d7:ab:9a:25:6e:43:8a:58:07:bd:18:7b:31:23:fb:11:
         5c:bf:48:2b:1a:91:27:3c:75:2d:e8:6f:f3:d9:64:ac:17:8f:
         2b:f2:b8:22:11:56:f1:8e:8c:f8:54:a8:e5:90:83:47:e2:cc:
         02:58:d6:ad:43:c1:75:f1:0d:7e:54:2a:42:e1:2c:5d:b8:3a:
         92:72:90:7e:e3:01:c4:37:63:07:e5:0f:d6:d4:65:69:e9:7f:
         a5:2b:88:36:55:02:54:8a:3a:d2:26:aa:e1:8f:a6:b2:bb:2f:
         33:92:b3:b7:95:a1:35:b6:9f:2b:ec:03:7e:b8:af:5f:3e:26:
         b3:b9:51:ae:95:76:dc:de:28:05:b5:44:c4:6f:7b:dc:af:56:
         96:72:99:32:0f:fe:bd:f3:c5:23:f8:5a:a6:04:b9:90:10:dd:
         67:50:2b:ec:72:08:79:50:05:03:5a:5e:29:01:2c:f1:5d:65:
         50:06:2d:a5:b2:6c:4b:f4:df:31:7f:01:71:af:bc:2d:e4:b5:
         4d:23:13:d3:22:f3:63:27:c0:c5:fc:25:81:11:0c:76:09:cc:
         9a:8b:a5:ae:c6:fa:7f:7d:aa:b9:bc:f3:c4:46:f6:9a:ad:f5:
         fe:ac:4f:39
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYS9eeKkue6wWMc1JkrkaFhMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIxMTI4MDkwMzEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjM0NWJhMTAyNDY5MGRiYzJhMzA3NDQyYmYxZWI5ZDc2YmQxZjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1DhxqEAPrQ46I25m9aBJ1bARTju
ogJYbMTNSdLMQfB3CWdWM0I7wIn6AHzQgVJ05bvD9kDryTz6ZwUUvWMsPcgZkd6z
6be0pQ6RZk0T0kCaro4rsVBofj7WJopcCXCtpFYlJar6URoJnD2wLoqE3OOWnF0d
AaI3D3wDrR1n0lNghG1XCVvGipj+nHwXbpJcR+HTYt/lS1LdwKZ5gSWLlye7vo5O
JVt2OIe9+Pw+cdv4TiJeiCjkpcuBNuElGZnAVcxhHvmYizyWUUNraJIt9iF4r8A2
FcLIrdpyFqIS74QXAFupCTwSgNpYMuPwMoH6JsjEaGkr65pIs5WjPEeetQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMY0W6ECRpDbwqMHRCvx6512vR8zMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveGpSYm9RSkdrTnZDb3dkRUtfSHJuWGE5SHpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUQW/AwQA
Uah3AwQAUah7AwQAUpn1MA0GCSqGSIb3DQEBCwUAA4IBAQCTgWltsS8/1SIFyYe+
RgGWIvZnOtermiVuQ4pYB70YezEj+xFcv0grGpEnPHUt6G/z2WSsF48r8rgiEVbx
joz4VKjlkINH4swCWNatQ8F18Q1+VCpC4SxduDqScpB+4wHEN2MH5Q/W1GVp6X+l
K4g2VQJUijrSJqrhj6ayuy8zkrO3laE1tp8r7AN+uK9fPiazuVGulXbc3igFtUTE
b3vcr1aWcpkyD/6988Uj+FqmBLmQEN1nUCvscgh5UAUDWl4pASzxXWVQBi2lsmxL
9N8xfwFxr7wt5LVNIxPTIvNjJ8DF/CWBEQx2Ccyai6Wuxvp/faq5vPPERvaarfX+
rE85
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:32 2024 by rpki-client on console-ams.rpki-client.org