Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/qpv-GdFkGkfq4p0x-EoT7uowpjE.roa
File:                     qpv-GdFkGkfq4p0x-EoT7uowpjE.roa (raw, json)
Hash identifier:          M2XPby5iwaCtkvMdy29oQOf8qkni0P2x17EJmHmg2eU=
Subject key identifier:   AA:9B:FE:19:D1:64:1A:47:EA:E2:9D:31:F8:4A:13:EE:EA:30:A6:31
Certificate issuer:       /CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Certificate serial:       01842CDD8B38B5249B6D04392EAB415162BE
Authority key identifier: 24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/qpv-GdFkGkfq4p0x-EoT7uowpjE.roa
Signing time:             Mon 31 Oct 2022 07:07:07 +0000
ROA not before:           Mon 31 Oct 2022 07:07:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     25098
IP address blocks:        212.30.44.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:2c:dd:8b:38:b5:24:9b:6d:04:39:2e:ab:41:51:62:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
        Validity
            Not Before: Oct 31 07:07:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=aa9bfe19d1641a47eae29d31f84a13eeea30a631
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:48:af:5a:5b:ec:61:63:50:3d:f1:72:3e:d1:
                    42:05:c2:f8:8f:e3:db:bb:38:27:07:05:49:37:f0:
                    6d:62:1e:c0:ec:7a:37:a9:13:f1:5c:8f:3f:55:f5:
                    3c:80:d9:2c:57:97:e7:f9:35:14:8c:e2:ee:3c:38:
                    e2:e0:6d:fa:77:28:94:81:60:c0:d8:7d:aa:0d:f7:
                    37:41:4b:82:47:c1:4f:19:a6:6f:17:d0:12:fc:1e:
                    f4:dc:4b:fc:c8:7d:73:22:a4:c1:64:3a:76:8e:47:
                    24:aa:06:c1:b9:73:d2:a2:50:d8:55:e9:11:a9:26:
                    b4:ee:3e:00:3a:1e:30:ff:f8:03:b9:ab:4d:84:25:
                    d6:ce:f1:07:d2:e3:23:f9:ca:7d:78:5a:d4:e3:00:
                    82:a2:fe:14:8e:c6:b3:c7:84:5c:ab:d0:85:1a:71:
                    96:12:f6:1e:e3:fe:d2:16:aa:cc:0d:a4:a9:52:1b:
                    9e:f5:b8:d9:e4:56:71:e7:46:bc:f2:10:83:36:cb:
                    07:97:f4:57:62:07:8a:32:4f:a3:8c:89:de:98:a1:
                    3d:59:cb:a5:b6:1b:b9:25:9f:da:b6:7c:85:b8:53:
                    4f:b7:df:94:d4:45:ae:93:d6:95:c4:07:ac:41:1d:
                    5e:5a:c5:8a:fc:73:d9:8c:be:23:b4:da:c1:5d:e4:
                    70:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:9B:FE:19:D1:64:1A:47:EA:E2:9D:31:F8:4A:13:EE:EA:30:A6:31
            X509v3 Authority Key Identifier:
                keyid:24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/qpv-GdFkGkfq4p0x-EoT7uowpjE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.30.44.0/22

    Signature Algorithm: sha256WithRSAEncryption
         21:a9:68:dd:e3:9b:a0:b4:d6:c3:d3:ff:79:82:15:8f:fc:fb:
         99:b6:c2:af:09:2a:17:4a:59:3c:7f:a2:d9:53:b0:41:ad:94:
         bd:a9:66:cd:a0:a6:2f:45:f4:0d:c9:6c:e6:32:57:b8:d9:f0:
         17:e8:d6:a8:05:80:15:fe:96:a9:4d:63:05:17:99:70:a5:97:
         78:63:fe:6b:49:5b:64:e0:71:e7:7f:4e:ef:58:fd:56:8b:f6:
         55:bb:5a:b6:76:09:63:27:d6:62:43:01:d7:75:44:82:6f:a5:
         d5:ad:54:81:9d:c7:ea:38:1a:35:44:6b:16:74:6e:21:c5:2d:
         4e:81:4e:1f:18:cc:04:3f:ea:44:07:fa:10:55:39:66:13:b9:
         6c:78:3d:7c:d0:c0:38:1c:b2:20:46:f5:11:4a:d6:be:3f:ce:
         7d:09:ab:09:48:8c:e7:48:24:40:bd:d7:18:99:36:87:25:50:
         70:ff:cd:3b:20:8a:fb:59:2d:c2:ff:7c:ef:59:4c:b4:90:96:
         96:5a:00:05:db:fb:5e:2b:a1:2a:f2:35:93:ba:12:44:3b:de:
         13:07:4d:e0:0f:ab:32:60:82:44:ef:9b:34:9a:c4:f0:d8:c2:
         ea:00:db:31:49:5f:11:15:50:6e:45:4f:3f:3a:f6:ac:44:1a:
         65:e6:4c:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQs3Ys4tSSbbQQ5LqtBUWK+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTVkN2ZlZTRhNDk5ZWNhZjExZDJkM2RhOGUzODlkZTMy
MzQxMmYwHhcNMjIxMDMxMDcwNzA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTliZmUxOWQxNjQxYTQ3ZWFlMjlkMzFmODRhMTNlZWVhMzBhNjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0ivWlvsYWNQPfFyPtFCBcL4j+Pb
uzgnBwVJN/BtYh7A7Ho3qRPxXI8/VfU8gNksV5fn+TUUjOLuPDji4G36dyiUgWDA
2H2qDfc3QUuCR8FPGaZvF9AS/B703Ev8yH1zIqTBZDp2jkckqgbBuXPSolDYVekR
qSa07j4AOh4w//gDuatNhCXWzvEH0uMj+cp9eFrU4wCCov4Ujsazx4Rcq9CFGnGW
EvYe4/7SFqrMDaSpUhue9bjZ5FZx50a88hCDNssHl/RXYgeKMk+jjInemKE9Wcul
thu5JZ/atnyFuFNPt9+U1EWuk9aVxAesQR1eWsWK/HPZjL4jtNrBXeRwPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKqb/hnRZBpH6uKdMfhKE+7qMKYxMB8GA1UdIwQY
MBaAFCRV1/7kpJnsrxHS09qOOJ3jI0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEt
MWUwNDY1NTEzYjYzLzEvcXB2LUdkRmtHa2ZxNHAweC1Fb1Q3dW93cGpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEtMWUwNDY1NTEzYjYz
LzEvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1B4sMA0G
CSqGSIb3DQEBCwUAA4IBAQAhqWjd45ugtNbD0/95ghWP/PuZtsKvCSoXSlk8f6LZ
U7BBrZS9qWbNoKYvRfQNyWzmMle42fAX6NaoBYAV/papTWMFF5lwpZd4Y/5rSVtk
4HHnf07vWP1Wi/ZVu1q2dgljJ9ZiQwHXdUSCb6XVrVSBncfqOBo1RGsWdG4hxS1O
gU4fGMwEP+pEB/oQVTlmE7lseD180MA4HLIgRvURSta+P859CasJSIznSCRAvdcY
mTaHJVBw/807IIr7WS3C/3zvWUy0kJaWWgAF2/teK6Eq8jWTuhJEO94TB03gD6sy
YIJE75s0msTw2MLqANsxSV8RFVBuRU8/OvasRBpl5kxl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:36 2024 by rpki-client on console-fra.rpki-client.org