Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/00fe6e-1476-4288-8d15-9d4ae9d00c2e/1/QGrwLYUQKgl842zJALcIYb9BTy4.roa
File:                     QGrwLYUQKgl842zJALcIYb9BTy4.roa (raw, json)
Hash identifier:          5hNAamQkRxyB1V5Q7VNuAG2gJQT3na0Nf7qBmKdbr1I=
Subject key identifier:   40:6A:F0:2D:85:10:2A:09:7C:E3:6C:C9:00:B7:08:61:BF:41:4F:2E
Certificate issuer:       /CN=b6307b828ffc8515634ce97ae504f5a529cd2701
Certificate serial:       E664D7
Authority key identifier: B6:30:7B:82:8F:FC:85:15:63:4C:E9:7A:E5:04:F5:A5:29:CD:27:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tjB7go_8hRVjTOl65QT1pSnNJwE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/00fe6e-1476-4288-8d15-9d4ae9d00c2e/1/QGrwLYUQKgl842zJALcIYb9BTy4.roa
Signing time:             Sat 01 Jan 2022 03:57:14 +0000
ROA not before:           Sat 01 Jan 2022 03:57:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57844
IP address blocks:        213.232.236.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15099095 (0xe664d7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b6307b828ffc8515634ce97ae504f5a529cd2701
        Validity
            Not Before: Jan  1 03:57:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=406af02d85102a097ce36cc900b70861bf414f2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:c2:03:d4:42:50:fe:f7:dd:ef:ca:ef:a1:9c:
                    c3:05:f0:6d:b7:d8:03:41:cf:35:11:c8:c8:ff:30:
                    80:65:8a:ab:ef:eb:28:c3:cf:35:14:dc:0a:9c:85:
                    28:05:60:8d:8b:37:eb:20:e5:43:4a:11:86:35:6d:
                    0b:27:3f:f8:76:22:18:32:27:54:02:31:47:96:58:
                    c6:91:60:4d:95:4a:af:34:03:e2:38:52:a6:27:ab:
                    80:5e:32:da:38:f0:aa:50:84:86:43:0f:64:d6:75:
                    ea:c7:e7:05:c2:6e:c2:16:6d:cc:e2:0a:8f:67:13:
                    ba:5f:35:01:c4:f1:a7:f0:c9:cf:c1:9d:1b:25:ef:
                    7a:62:23:f0:67:ac:02:cd:a0:66:ac:77:76:61:9f:
                    9f:61:5f:2f:ba:64:d9:d2:96:ca:ca:b4:d7:b2:a6:
                    ac:c3:93:5d:9e:38:f2:3c:2f:40:81:ec:c6:81:75:
                    c9:bc:3f:9d:c3:76:4d:08:01:8b:2a:87:35:90:ef:
                    ae:43:e0:23:e0:96:86:af:2c:dc:ee:46:68:d8:2b:
                    72:37:27:63:13:a3:4f:53:82:d1:a4:35:9a:2f:3c:
                    de:9e:e9:84:16:b4:d6:c9:0f:78:78:c8:4b:8b:83:
                    ff:02:a7:06:b6:37:2b:f6:2c:df:06:b2:70:f8:1d:
                    5a:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:6A:F0:2D:85:10:2A:09:7C:E3:6C:C9:00:B7:08:61:BF:41:4F:2E
            X509v3 Authority Key Identifier:
                keyid:B6:30:7B:82:8F:FC:85:15:63:4C:E9:7A:E5:04:F5:A5:29:CD:27:01

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tjB7go_8hRVjTOl65QT1pSnNJwE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/00fe6e-1476-4288-8d15-9d4ae9d00c2e/1/QGrwLYUQKgl842zJALcIYb9BTy4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/00fe6e-1476-4288-8d15-9d4ae9d00c2e/1/tjB7go_8hRVjTOl65QT1pSnNJwE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.232.236.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:3c:d1:ef:7d:4a:57:d6:11:cd:93:3c:84:d7:fc:7c:d9:a4:
         0d:97:5d:96:d0:92:db:48:63:94:59:83:e9:ef:1c:3b:88:de:
         88:11:92:03:25:7e:ab:83:84:5d:38:e2:e2:6f:80:ce:8c:09:
         f4:c1:42:c3:df:a4:99:a0:83:de:37:6f:98:94:86:11:fa:3a:
         e7:d0:0d:71:f4:ea:fa:d1:af:7d:b0:63:3e:3d:52:ef:15:5a:
         8b:72:13:32:1f:80:80:fa:23:be:d9:43:dc:da:9f:14:26:5c:
         10:fa:34:3e:2f:ec:5c:dd:4e:8f:fb:d9:62:61:5d:87:34:22:
         bf:6e:d5:c4:09:5d:1a:07:7e:82:4d:f3:6a:9a:19:81:35:bf:
         63:5e:3c:2e:09:33:39:ce:c9:b2:b9:74:ac:3f:60:d2:c8:58:
         4c:50:21:d4:81:a8:64:b1:59:c9:75:ab:e4:36:ca:41:ba:f8:
         a5:88:de:d9:3d:b9:45:75:05:b8:b7:fb:c6:7a:0e:06:ba:10:
         23:52:2f:22:8e:45:bf:97:bf:57:c4:0a:33:1a:6c:80:02:a9:
         b7:30:81:84:ef:6d:38:a9:e1:cd:cb:1d:a4:c0:9b:e4:dc:af:
         6b:8f:40:df:bd:4e:b7:24:81:9c:95:31:9f:ec:b4:33:14:f6:
         f4:ae:74:48
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAOZk1zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NjMwN2I4MjhmZmM4NTE1NjM0Y2U5N2FlNTA0ZjVhNTI5Y2QyNzAxMB4XDTIyMDEw
MTAzNTcxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDA2YWYwMmQ4NTEw
MmEwOTdjZTM2Y2M5MDBiNzA4NjFiZjQxNGYyZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJvCA9RCUP733e/K76GcwwXwbbfYA0HPNRHIyP8wgGWKq+/r
KMPPNRTcCpyFKAVgjYs36yDlQ0oRhjVtCyc/+HYiGDInVAIxR5ZYxpFgTZVKrzQD
4jhSpiergF4y2jjwqlCEhkMPZNZ16sfnBcJuwhZtzOIKj2cTul81AcTxp/DJz8Gd
GyXvemIj8GesAs2gZqx3dmGfn2FfL7pk2dKWysq017KmrMOTXZ448jwvQIHsxoF1
ybw/ncN2TQgBiyqHNZDvrkPgI+CWhq8s3O5GaNgrcjcnYxOjT1OC0aQ1mi883p7p
hBa01skPeHjIS4uD/wKnBrY3K/Ys3waycPgdWsECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRAavAthRAqCXzjbMkAtwhhv0FPLjAfBgNVHSMEGDAWgBS2MHuCj/yFFWNM
6XrlBPWlKc0nATAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RqQjdnb184aFJWalRPbDY1UVQxcFNuTkp3RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvMDBmZTZlLTE0NzYtNDI4OC04ZDE1LTlkNGFlOWQwMGMyZS8x
L1FHcndMWVVRS2dsODQyekpBTGNJWWI5QlR5NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
MDBmZTZlLTE0NzYtNDI4OC04ZDE1LTlkNGFlOWQwMGMyZS8xL3RqQjdnb184aFJW
alRPbDY1UVQxcFNuTkp3RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANXo7DANBgkqhkiG9w0BAQsFAAOC
AQEAVTzR731KV9YRzZM8hNf8fNmkDZddltCS20hjlFmD6e8cO4jeiBGSAyV+q4OE
XTji4m+AzowJ9MFCw9+kmaCD3jdvmJSGEfo659ANcfTq+tGvfbBjPj1S7xVai3IT
Mh+AgPojvtlD3NqfFCZcEPo0Pi/sXN1Oj/vZYmFdhzQiv27VxAldGgd+gk3zapoZ
gTW/Y148LgkzOc7Jsrl0rD9g0shYTFAh1IGoZLFZyXWr5DbKQbr4pYje2T25RXUF
uLf7xnoOBroQI1IvIo5Fv5e/V8QKMxpsgAKptzCBhO9tOKnhzcsdpMCb5Nyva49A
371OtySBnJUxn+y0MxT29K50SA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:49 2023 by rpki-client on console-fra.rpki-client.org