Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/QQXV7EsBrYoSD2FyA4m3prQPabo.roa
File:                     QQXV7EsBrYoSD2FyA4m3prQPabo.roa (raw, json)
Hash identifier:          OV3Ph6dAIruwcW99Dt0IGGiJqJmDpwmZJExi9blSbAE=
Subject key identifier:   41:05:D5:EC:4B:01:AD:8A:12:0F:61:72:03:89:B7:A6:B4:0F:69:BA
Certificate issuer:       /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial:       0C539D54
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/QQXV7EsBrYoSD2FyA4m3prQPabo.roa
Signing time:             Thu 10 Feb 2022 18:55:45 +0000
ROA not before:           Thu 10 Feb 2022 18:55:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     213385
IP address blocks:        2a0c:9a40:81a0::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 206806356 (0xc539d54)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
        Validity
            Not Before: Feb 10 18:55:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4105d5ec4b01ad8a120f61720389b7a6b40f69ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:c9:b2:90:1b:e4:88:7d:6c:8e:c7:ff:c8:c8:
                    ca:a8:ef:2d:07:e0:ab:27:95:42:59:a2:7a:71:77:
                    e1:24:4d:25:80:05:df:c1:7a:36:b6:79:be:f2:ca:
                    cd:69:3e:2c:28:38:1f:44:27:39:75:36:b8:3f:53:
                    68:6f:52:40:57:77:ce:f1:0f:d6:84:86:3e:d7:41:
                    26:cd:f1:2f:42:3f:e0:37:f4:79:e3:9e:d3:ff:3f:
                    35:af:f6:36:cf:50:cd:53:8e:29:c3:95:34:99:c6:
                    19:46:10:62:0d:8f:79:b2:da:87:89:1f:a6:44:9f:
                    f7:c4:9b:ca:93:4d:fe:36:0d:ee:1a:b5:39:85:c8:
                    0c:22:94:fd:ce:28:95:dd:75:3f:4d:13:50:42:2d:
                    68:be:30:bb:ff:24:19:43:c1:18:86:8f:17:57:1f:
                    cb:97:bc:b7:96:79:8c:64:c5:ad:63:fd:53:11:97:
                    78:a6:34:6e:d7:51:b5:af:92:01:4e:fe:f2:4f:1c:
                    2d:7a:1c:59:a0:91:22:d5:d8:48:90:2e:c5:12:34:
                    be:02:90:74:60:4a:bc:97:c1:2d:4b:ae:13:a8:f9:
                    d5:36:c0:04:fe:48:ae:d0:e1:7a:bb:7e:cd:fa:84:
                    61:1e:b4:2a:d4:54:06:8a:b4:e8:ee:21:5a:29:ac:
                    93:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:05:D5:EC:4B:01:AD:8A:12:0F:61:72:03:89:B7:A6:B4:0F:69:BA
            X509v3 Authority Key Identifier:
                keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/QQXV7EsBrYoSD2FyA4m3prQPabo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:9a40:81a0::/48

    Signature Algorithm: sha256WithRSAEncryption
         5d:46:39:6c:07:78:7b:b1:87:51:d9:2c:af:f2:4b:12:cc:a9:
         91:cc:52:75:0d:69:16:be:6e:46:ce:9a:24:d3:36:81:97:03:
         db:07:e5:66:34:d1:20:6c:d1:c4:f0:53:7a:90:47:2e:dd:f7:
         74:54:f9:a5:25:69:91:e1:c5:8e:39:16:c1:10:cd:25:41:bb:
         50:72:dd:d3:de:5e:c0:f8:f1:3d:e1:77:5a:49:a4:1e:e3:b9:
         d8:83:8a:97:d6:bd:03:7a:54:1e:da:c3:a3:ac:44:88:e3:87:
         4e:8a:a7:97:70:98:f7:77:9c:2f:e6:55:cd:fd:48:1a:b5:85:
         89:da:81:6e:bf:95:6d:0e:fb:6e:35:c1:83:23:e7:89:6a:69:
         9c:6e:b3:43:56:7a:17:db:7a:75:e5:37:9c:6f:87:b9:d4:44:
         30:ed:3c:be:47:d7:85:c7:0a:98:e9:9b:54:46:4a:d9:07:78:
         7d:81:68:06:1d:78:b4:47:8d:30:41:67:a9:5d:de:15:79:f3:
         57:d6:46:17:31:98:7e:a3:23:65:d3:0a:66:a2:46:e7:eb:ec:
         62:b8:27:ec:ac:93:a8:b8:36:87:10:7a:e8:4a:55:95:56:e2:
         98:da:21:66:1e:b3:22:9d:9a:8a:84:da:a1:34:69:1b:a9:b6:
         c2:03:e5:88
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEDFOdVDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTk1YTM2MWZlMmIyYzUyOTI2MjZiYTRjNTZhNjVhODE0ZTQ4MDA4MB4XDTIyMDIx
MDE4NTU0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDEwNWQ1ZWM0YjAx
YWQ4YTEyMGY2MTcyMDM4OWI3YTZiNDBmNjliYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL7JspAb5Ih9bI7H/8jIyqjvLQfgqyeVQlmienF34SRNJYAF
38F6NrZ5vvLKzWk+LCg4H0QnOXU2uD9TaG9SQFd3zvEP1oSGPtdBJs3xL0I/4Df0
eeOe0/8/Na/2Ns9QzVOOKcOVNJnGGUYQYg2PebLah4kfpkSf98SbypNN/jYN7hq1
OYXIDCKU/c4old11P00TUEItaL4wu/8kGUPBGIaPF1cfy5e8t5Z5jGTFrWP9UxGX
eKY0btdRta+SAU7+8k8cLXocWaCRItXYSJAuxRI0vgKQdGBKvJfBLUuuE6j51TbA
BP5IrtDhert+zfqEYR60KtRUBoq06O4hWimskzkCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRBBdXsSwGtihIPYXIDibemtA9pujAfBgNVHSMEGDAWgBSelaNh/issUpJi
a6TFamWoFOSACDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25wV2pZZjRyTEZLU1ltdWt4V3BscUJUa2dBZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDIvZjk2ZjczLTY2ODYtNDE2NC1iMjNmLWJmNGU1MjdiOWZhOC8x
L1FRWFY3RXNCcllvU0QyRnlBNG0zcHJRUGFiby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDIv
Zjk2ZjczLTY2ODYtNDE2NC1iMjNmLWJmNGU1MjdiOWZhOC8xL25wV2pZZjRyTEZL
U1ltdWt4V3BscUJUa2dBZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoMmkCBoDANBgkqhkiG9w0BAQsF
AAOCAQEAXUY5bAd4e7GHUdksr/JLEsypkcxSdQ1pFr5uRs6aJNM2gZcD2wflZjTR
IGzRxPBTepBHLt33dFT5pSVpkeHFjjkWwRDNJUG7UHLd095ewPjxPeF3WkmkHuO5
2IOKl9a9A3pUHtrDo6xEiOOHToqnl3CY93ecL+ZVzf1IGrWFidqBbr+VbQ77bjXB
gyPniWppnG6zQ1Z6F9t6deU3nG+HudREMO08vkfXhccKmOmbVEZK2Qd4fYFoBh14
tEeNMEFnqV3eFXnzV9ZGFzGYfqMjZdMKZqJG5+vsYrgn7KyTqLg2hxB66EpVlVbi
mNohZh6zIp2aioTaoTRpG6m2wgPliA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:50 2024 by rpki-client on console-fra.rpki-client.org