Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/3d4731-8cf3-4327-ae6a-51387d160ba9/1/Pk0Yexo4j9IrVNSCer8HVVngcbI.roa
File:                     Pk0Yexo4j9IrVNSCer8HVVngcbI.roa (raw, json)
Hash identifier:          PtzW+iE/soaf1DsNJiO0hTlWoi3HeEKYWGOiRz9CoEw=
Subject key identifier:   3E:4D:18:7B:1A:38:8F:D2:2B:54:D4:82:7A:BF:07:55:59:E0:71:B2
Certificate issuer:       /CN=dc41411e93e25d5ec65099569b1b5c5fadc1ae3d
Certificate serial:       018412AE6E67BD6A344C205C95794ED9743D
Authority key identifier: DC:41:41:1E:93:E2:5D:5E:C6:50:99:56:9B:1B:5C:5F:AD:C1:AE:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3EFBHpPiXV7GUJlWmxtcX63Brj0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/3d4731-8cf3-4327-ae6a-51387d160ba9/1/Pk0Yexo4j9IrVNSCer8HVVngcbI.roa
Signing time:             Wed 26 Oct 2022 05:05:32 +0000
ROA not before:           Wed 26 Oct 2022 05:05:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        185.248.49.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:12:ae:6e:67:bd:6a:34:4c:20:5c:95:79:4e:d9:74:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc41411e93e25d5ec65099569b1b5c5fadc1ae3d
        Validity
            Not Before: Oct 26 05:05:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3e4d187b1a388fd22b54d4827abf075559e071b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:75:bc:ba:a7:a8:d2:7e:b6:b3:ec:c3:fd:19:
                    59:9a:5e:6d:b4:64:99:70:b5:2d:13:2b:8e:fe:9e:
                    66:9d:82:3e:d7:1a:20:a2:dd:9d:71:19:77:d4:b7:
                    b4:14:11:93:ab:99:39:2d:ab:78:cf:76:8f:4d:7e:
                    25:e3:1f:97:b5:54:65:bd:0e:3a:31:86:2c:44:e7:
                    df:4f:14:3b:05:1c:a9:09:c6:64:fd:7b:ab:74:50:
                    83:37:07:be:8a:10:61:11:69:89:92:f8:96:86:ae:
                    fd:ed:94:3a:51:44:a7:6d:cb:02:e8:b1:a7:d4:f0:
                    64:21:63:eb:c4:d5:71:8e:f7:48:d3:04:64:9b:d7:
                    fa:6c:c8:a2:02:dc:3d:ae:b2:5b:7d:08:cb:a3:a3:
                    15:02:d2:d9:ba:dd:40:3d:3a:71:02:4d:ed:c4:f7:
                    02:4a:94:f5:b5:89:cd:e9:bb:50:e0:8c:8d:44:14:
                    e1:37:f3:ea:eb:1b:5e:e3:26:45:13:28:3a:3a:e1:
                    84:e2:14:f8:db:2b:b9:03:b6:c4:11:33:e5:4e:29:
                    e6:a6:d0:d1:0e:e0:20:51:d7:7b:fe:37:d2:7e:d7:
                    2b:7c:4b:94:7a:ad:8a:d2:d8:2d:94:4f:88:fc:f8:
                    41:f8:ce:36:5f:b1:af:1b:6f:99:91:61:45:cf:e6:
                    80:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:4D:18:7B:1A:38:8F:D2:2B:54:D4:82:7A:BF:07:55:59:E0:71:B2
            X509v3 Authority Key Identifier:
                keyid:DC:41:41:1E:93:E2:5D:5E:C6:50:99:56:9B:1B:5C:5F:AD:C1:AE:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3EFBHpPiXV7GUJlWmxtcX63Brj0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3d4731-8cf3-4327-ae6a-51387d160ba9/1/Pk0Yexo4j9IrVNSCer8HVVngcbI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3d4731-8cf3-4327-ae6a-51387d160ba9/1/3EFBHpPiXV7GUJlWmxtcX63Brj0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.248.49.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:b0:0e:5d:5a:f4:6d:ac:88:2f:e3:60:c9:d5:7c:37:a0:3b:
         66:5f:11:6e:c5:7b:98:42:2c:f5:ae:6c:a1:98:cd:c9:0d:b5:
         99:37:d2:09:9a:7f:33:fe:18:10:fe:80:7a:ea:a8:fe:6a:99:
         a4:d5:64:4e:26:64:b2:c9:ea:42:ec:39:6f:52:e6:3f:ca:f5:
         13:9e:59:6f:b8:ca:fa:c0:10:22:97:b8:9c:43:56:98:4e:cd:
         29:69:b6:a8:8f:ee:da:3a:fc:78:9a:46:09:c9:44:47:57:6d:
         ea:a6:76:76:cc:95:fc:1e:6d:9d:48:b8:e2:03:e8:f3:db:44:
         b7:c4:99:1c:52:c7:b6:4e:ba:d7:58:58:df:6a:20:31:2b:e7:
         0e:eb:bb:4c:61:b1:3e:8f:91:c2:68:bd:5f:a5:3c:db:97:10:
         9e:71:7b:23:27:ae:04:d7:0a:f3:d8:07:85:8f:f4:81:39:3a:
         4a:3f:e1:06:61:30:32:ad:cc:88:6c:15:81:2c:c4:5c:eb:99:
         cb:6a:2f:65:ba:35:2c:54:cf:5a:4d:77:2d:35:4b:a2:55:ec:
         dc:0c:bf:d0:8d:c5:96:93:1c:5f:35:8a:d6:eb:78:11:d3:94:
         37:25:e1:ac:e8:ce:63:84:c4:49:ee:02:d5:25:0c:44:76:0c:
         bc:4a:fe:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQSrm5nvWo0TCBclXlO2XQ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNDE0MTFlOTNlMjVkNWVjNjUwOTk1NjliMWI1YzVmYWRj
MWFlM2QwHhcNMjIxMDI2MDUwNTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTRkMTg3YjFhMzg4ZmQyMmI1NGQ0ODI3YWJmMDc1NTU5ZTA3MWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXW8uqeo0n62s+zD/RlZml5ttGSZ
cLUtEyuO/p5mnYI+1xogot2dcRl31Le0FBGTq5k5Lat4z3aPTX4l4x+XtVRlvQ46
MYYsROffTxQ7BRypCcZk/XurdFCDNwe+ihBhEWmJkviWhq797ZQ6UUSnbcsC6LGn
1PBkIWPrxNVxjvdI0wRkm9f6bMiiAtw9rrJbfQjLo6MVAtLZut1APTpxAk3txPcC
SpT1tYnN6btQ4IyNRBThN/Pq6xte4yZFEyg6OuGE4hT42yu5A7bEETPlTinmptDR
DuAgUdd7/jfSftcrfEuUeq2K0tgtlE+I/PhB+M42X7GvG2+ZkWFFz+aAnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD5NGHsaOI/SK1TUgnq/B1VZ4HGyMB8GA1UdIwQY
MBaAFNxBQR6T4l1exlCZVpsbXF+twa49MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0VGQkhwUGlYVjdHVUpsV214dGNYNjNCcmowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8zZDQ3MzEtOGNmMy00MzI3LWFlNmEt
NTEzODdkMTYwYmE5LzEvUGswWWV4bzRqOUlyVk5TQ2VyOEhWVm5nY2JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8zZDQ3MzEtOGNmMy00MzI3LWFlNmEtNTEzODdkMTYwYmE5
LzEvM0VGQkhwUGlYVjdHVUpsV214dGNYNjNCcmowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufgxMA0G
CSqGSIb3DQEBCwUAA4IBAQA0sA5dWvRtrIgv42DJ1Xw3oDtmXxFuxXuYQiz1rmyh
mM3JDbWZN9IJmn8z/hgQ/oB66qj+apmk1WROJmSyyepC7DlvUuY/yvUTnllvuMr6
wBAil7icQ1aYTs0pabaoj+7aOvx4mkYJyURHV23qpnZ2zJX8Hm2dSLjiA+jz20S3
xJkcUse2TrrXWFjfaiAxK+cO67tMYbE+j5HCaL1fpTzblxCecXsjJ64E1wrz2AeF
j/SBOTpKP+EGYTAyrcyIbBWBLMRc65nLai9lujUsVM9aTXctNUuiVezcDL/QjcWW
kxxfNYrW63gR05Q3JeGs6M5jhMRJ7gLVJQxEdgy8Sv7I
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:43 2024 by rpki-client on console-fra.rpki-client.org