Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/QG-wgLLuQMU-Jg0d6X-a5kgt21s.roa
File:                     QG-wgLLuQMU-Jg0d6X-a5kgt21s.roa (raw, json)
Hash identifier:          9P7PJZVgiSiZJin/TjkO7n5AJbjLbAVW1FsgSVAWIFU=
Subject key identifier:   40:6F:B0:80:B2:EE:40:C5:3E:26:0D:1D:E9:7F:9A:E6:48:2D:DB:5B
Certificate issuer:       /CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Certificate serial:       0B6B5DFB
Authority key identifier: 56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/QG-wgLLuQMU-Jg0d6X-a5kgt21s.roa
Signing time:             Sat 01 Jan 2022 08:58:46 +0000
ROA not before:           Sat 01 Jan 2022 08:58:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     65595
IP address blocks:        46.234.9.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 191585787 (0xb6b5dfb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
        Validity
            Not Before: Jan  1 08:58:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=406fb080b2ee40c53e260d1de97f9ae6482ddb5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:2e:13:52:a8:34:1a:3f:b6:c7:5e:b9:da:6a:
                    2a:bd:db:99:01:1e:41:cc:dd:6c:af:d7:c3:50:c5:
                    9e:56:79:e5:a8:26:9d:a6:51:72:07:81:db:84:31:
                    06:a0:67:2e:ed:20:86:7e:36:29:73:5f:d6:fd:15:
                    ed:aa:78:48:28:95:8e:25:5d:e8:fa:a7:ba:00:86:
                    6a:e8:d5:20:a0:76:df:6e:e5:66:47:3f:11:25:2e:
                    f7:b3:9d:ab:04:7b:af:0f:4f:7f:97:52:00:74:17:
                    a7:1e:08:f2:79:4d:73:96:23:3d:3d:b2:31:e0:ff:
                    31:f2:64:74:25:c3:64:d3:b4:ad:1b:44:a7:e8:da:
                    59:38:49:84:1a:25:e2:3a:69:39:f5:b8:40:8b:35:
                    29:2c:f9:bd:e2:d0:12:5f:02:dc:e4:cb:d8:f3:b9:
                    30:01:a2:7f:ba:92:72:bb:3d:e4:ed:7a:8b:d8:b2:
                    2d:47:60:9d:4a:c9:48:c9:a3:56:f1:c7:4b:0f:4b:
                    e6:fb:b0:a1:2e:51:ce:25:19:77:61:74:79:20:ea:
                    2f:b3:62:6a:ef:f3:73:97:a7:c2:6a:60:50:b4:d9:
                    e5:28:3a:f2:a1:c6:31:1e:05:9d:6d:76:66:a8:08:
                    c7:4b:2c:b6:19:2a:b9:ad:d9:c7:33:96:98:b6:b7:
                    2d:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:6F:B0:80:B2:EE:40:C5:3E:26:0D:1D:E9:7F:9A:E6:48:2D:DB:5B
            X509v3 Authority Key Identifier:
                keyid:56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/QG-wgLLuQMU-Jg0d6X-a5kgt21s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.234.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:61:1e:c4:c8:79:4b:cc:bd:d3:20:90:29:35:af:0a:3e:d1:
         03:0c:f9:d5:3a:2f:1a:cb:c3:00:04:fb:02:02:8e:a9:8b:88:
         f0:6f:8f:73:cd:cc:d1:27:21:14:aa:3b:0d:9e:d0:f2:f9:9f:
         a5:dc:e4:53:29:fa:a1:2d:9c:98:2b:94:1e:0c:08:4f:66:dc:
         12:d4:b2:69:b5:b9:a9:ff:46:26:9e:c8:56:29:af:53:b7:a5:
         85:23:5a:c8:dc:8b:73:f5:fa:97:31:01:2d:60:75:48:1b:1c:
         54:06:8b:92:c9:81:bf:8b:c2:ad:d6:66:0a:10:4b:30:fb:ee:
         fd:fd:8c:e4:4d:17:d2:09:a0:af:9b:4e:3e:bb:20:c5:4d:c4:
         2b:c8:56:71:9b:f4:12:b1:d1:ed:16:14:b7:0b:e0:51:6a:08:
         79:0c:9d:69:fb:93:37:82:66:38:2d:77:d4:27:2c:2e:67:00:
         2c:1b:9f:ab:56:6f:ec:f6:95:d4:4a:44:e9:70:50:00:78:a9:
         37:27:47:86:b1:a3:19:59:0a:90:c0:f7:3c:45:1b:4f:25:0a:
         18:39:0c:d7:22:8d:c3:63:e3:46:5d:64:84:b4:11:6a:62:e4:
         e4:75:b1:41:3b:6c:34:a6:eb:08:a9:99:2c:b0:a2:d3:21:2c:
         06:93:bc:5a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC2td+zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NjhmZTM1Y2M5NjI2MzNhMjc1N2FmMTBhMGU2ZThhYjZkMDFmNGM5MB4XDTIyMDEw
MTA4NTg0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDA2ZmIwODBiMmVl
NDBjNTNlMjYwZDFkZTk3ZjlhZTY0ODJkZGI1YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALkuE1KoNBo/tsdeudpqKr3bmQEeQczdbK/Xw1DFnlZ55agm
naZRcgeB24QxBqBnLu0ghn42KXNf1v0V7ap4SCiVjiVd6PqnugCGaujVIKB2327l
Zkc/ESUu97OdqwR7rw9Pf5dSAHQXpx4I8nlNc5YjPT2yMeD/MfJkdCXDZNO0rRtE
p+jaWThJhBol4jppOfW4QIs1KSz5veLQEl8C3OTL2PO5MAGif7qScrs95O16i9iy
LUdgnUrJSMmjVvHHSw9L5vuwoS5RziUZd2F0eSDqL7Niau/zc5enwmpgULTZ5Sg6
8qHGMR4FnW12ZqgIx0ssthkqua3ZxzOWmLa3LScCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRAb7CAsu5AxT4mDR3pf5rmSC3bWzAfBgNVHSMEGDAWgBRWj+NcyWJjOidX
rxCg5uirbQH0yTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZvX2pYTWxpWXpvblY2OFFvT2JvcTIwQjlNay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvMzdlYmU2LThiZmUtNGMxZi1hMTgzLTgzZDY0OGY3OTc0Ni8x
L1FHLXdnTEx1UU1VLUpnMGQ2WC1hNWtndDIxcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
MzdlYmU2LThiZmUtNGMxZi1hMTgzLTgzZDY0OGY3OTc0Ni8xL1ZvX2pYTWxpWXpv
blY2OFFvT2JvcTIwQjlNay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC7qCTANBgkqhkiG9w0BAQsFAAOC
AQEAo2EexMh5S8y90yCQKTWvCj7RAwz51TovGsvDAAT7AgKOqYuI8G+Pc83M0Sch
FKo7DZ7Q8vmfpdzkUyn6oS2cmCuUHgwIT2bcEtSyabW5qf9GJp7IVimvU7elhSNa
yNyLc/X6lzEBLWB1SBscVAaLksmBv4vCrdZmChBLMPvu/f2M5E0X0gmgr5tOPrsg
xU3EK8hWcZv0ErHR7RYUtwvgUWoIeQydafuTN4JmOC131CcsLmcALBufq1Zv7PaV
1EpE6XBQAHipNydHhrGjGVkKkMD3PEUbTyUKGDkM1yKNw2PjRl1khLQRamLk5HWx
QTtsNKbrCKmZLLCi0yEsBpO8Wg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:56 2024 by rpki-client on console-fra.rpki-client.org