Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/nqr369IsoxcCmFufQjsBJ_kp830.roa
File:                     nqr369IsoxcCmFufQjsBJ_kp830.roa (raw, json)
Hash identifier:          Vw5VPGuV2SbOUQGsRYqzoMDmpgqqqfzi+GTx7zo5sSk=
Subject key identifier:   9E:AA:F7:EB:D2:2C:A3:17:02:98:5B:9F:42:3B:01:27:F9:29:F3:7D
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       1C823C29
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/nqr369IsoxcCmFufQjsBJ_kp830.roa
Signing time:             Sat 01 Jan 2022 01:02:47 +0000
ROA not before:           Sat 01 Jan 2022 01:02:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200033
IP address blocks:        94.156.134.0/24 maxlen: 24
                          94.156.135.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 478297129 (0x1c823c29)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan  1 01:02:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9eaaf7ebd22ca31702985b9f423b0127f929f37d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:be:c4:6e:f3:6b:a6:22:d0:b2:b5:cf:77:2c:
                    90:29:37:9e:df:b0:fe:9d:21:b4:e5:72:d4:c6:61:
                    d6:e0:7a:22:6b:8c:ba:7a:85:f5:35:7d:cb:0f:68:
                    ba:de:43:7f:1c:75:8e:2c:27:a3:da:43:78:0a:37:
                    0a:7f:8f:d2:68:10:0c:d2:54:a7:8c:c4:bb:12:e2:
                    dc:dc:2c:b8:00:20:e1:60:7b:63:66:9a:83:70:cb:
                    72:ce:4c:07:b5:6a:48:31:5a:c9:40:da:33:8f:10:
                    b4:42:1d:1f:f1:b1:18:ca:aa:4c:2b:73:63:57:b9:
                    aa:ae:19:a1:57:5b:02:84:eb:9a:e4:0b:72:fb:b3:
                    36:61:28:f5:8e:3a:21:28:57:21:c7:7a:c6:b0:a7:
                    98:64:da:9a:99:37:ce:c3:57:09:a0:44:53:28:91:
                    cf:f1:8d:f9:81:a5:ef:b7:7f:d5:97:0a:aa:e6:e1:
                    c5:f7:b3:6e:aa:df:5b:36:40:02:47:a3:55:96:58:
                    5d:4a:a3:3b:12:76:ca:db:65:63:94:01:c1:17:1e:
                    52:64:4d:95:48:61:ec:d6:6d:46:d3:b7:d3:0c:98:
                    ee:f8:c0:93:30:fa:cc:64:d5:0d:94:97:44:04:c0:
                    ed:a3:00:be:df:e2:1c:ea:65:08:41:4b:60:ba:20:
                    5e:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:AA:F7:EB:D2:2C:A3:17:02:98:5B:9F:42:3B:01:27:F9:29:F3:7D
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/nqr369IsoxcCmFufQjsBJ_kp830.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.156.134.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2d:01:0b:7a:42:e2:21:43:45:e0:3d:0f:93:cc:ef:20:d3:e6:
         01:63:d5:93:94:fc:96:8e:e2:00:99:c4:53:1c:0a:4f:17:69:
         35:24:76:cb:4b:14:2c:9c:24:4b:c5:9e:3c:b2:2a:8a:16:91:
         fc:28:bb:fb:f6:27:da:4f:a6:99:d6:c9:b7:95:be:45:fa:f3:
         f8:0d:51:ec:82:42:ee:a6:47:0f:c2:78:c3:cb:c7:0b:5b:0b:
         15:47:a8:cd:93:88:f3:9a:3f:13:cd:ef:4b:85:d2:5e:1f:29:
         ba:dc:9d:f5:8d:4b:c5:24:2c:3f:23:4e:11:2e:66:9d:22:30:
         8f:5f:ef:62:85:3b:e6:8f:ab:99:d9:0d:b2:f2:6a:23:f0:3e:
         04:e1:a0:87:e8:20:1f:7b:52:ad:47:db:08:52:47:42:ba:0e:
         8b:a9:ab:f9:89:31:61:01:96:25:5d:67:b3:66:85:5c:93:2e:
         e6:75:86:d6:3a:0c:44:9a:cf:08:75:0f:ab:36:91:bb:ff:8e:
         dc:95:13:b9:12:08:71:0b:fa:76:cc:38:8c:00:17:4b:bc:4f:
         b3:97:10:be:fd:29:c6:48:66:f7:56:7a:dd:75:3f:2f:b3:83:
         3c:d1:ee:fe:e0:e0:fb:1b:ae:a3:cd:3d:b4:6e:6a:35:8c:cf:
         6c:0b:fd:77
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEHII8KTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDEw
MTAxMDI0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWVhYWY3ZWJkMjJj
YTMxNzAyOTg1YjlmNDIzYjAxMjdmOTI5ZjM3ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKO+xG7za6Yi0LK1z3cskCk3nt+w/p0htOVy1MZh1uB6ImuM
unqF9TV9yw9out5Dfxx1jiwno9pDeAo3Cn+P0mgQDNJUp4zEuxLi3NwsuAAg4WB7
Y2aag3DLcs5MB7VqSDFayUDaM48QtEIdH/GxGMqqTCtzY1e5qq4ZoVdbAoTrmuQL
cvuzNmEo9Y46IShXIcd6xrCnmGTampk3zsNXCaBEUyiRz/GN+YGl77d/1ZcKqubh
xfezbqrfWzZAAkejVZZYXUqjOxJ2yttlY5QBwRceUmRNlUhh7NZtRtO30wyY7vjA
kzD6zGTVDZSXRATA7aMAvt/iHOplCEFLYLogXpMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSeqvfr0iyjFwKYW59COwEn+SnzfTAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L25xcjM2OUlzb3hjQ21GdWZRanNCSl9rcDgzMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAV6chjANBgkqhkiG9w0BAQsFAAOC
AQEALQELekLiIUNF4D0Pk8zvINPmAWPVk5T8lo7iAJnEUxwKTxdpNSR2y0sULJwk
S8WePLIqihaR/Ci7+/Yn2k+mmdbJt5W+Rfrz+A1R7IJC7qZHD8J4w8vHC1sLFUeo
zZOI85o/E83vS4XSXh8putyd9Y1LxSQsPyNOES5mnSIwj1/vYoU75o+rmdkNsvJq
I/A+BOGgh+ggH3tSrUfbCFJHQroOi6mr+YkxYQGWJV1ns2aFXJMu5nWG1joMRJrP
CHUPqzaRu/+O3JUTuRIIcQv6dsw4jAAXS7xPs5cQvv0pxkhm91Z63XU/L7ODPNHu
/uDg+xuuo809tG5qNYzPbAv9dw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:43 2024 by rpki-client on console-ams.rpki-client.org