Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QGPndotQRF4a1FZyAJ0hwhczXwA.roa
File:                     QGPndotQRF4a1FZyAJ0hwhczXwA.roa (raw, json)
Hash identifier:          3RtN5FRmoNbWHEd5V64Xe9Pz3SDbvzOvz7TBfMEbqaA=
Subject key identifier:   40:63:E7:76:8B:50:44:5E:1A:D4:56:72:00:9D:21:C2:17:33:5F:00
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       012E2D57
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QGPndotQRF4a1FZyAJ0hwhczXwA.roa
Signing time:             Tue 14 Jun 2022 13:06:44 +0000
ROA not before:           Tue 14 Jun 2022 13:06:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     834
IP address blocks:        163.5.127.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 19803479 (0x12e2d57)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jun 14 13:06:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4063e7768b50445e1ad45672009d21c217335f00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:93:7e:06:ef:22:0a:80:c0:43:f9:9f:d2:85:
                    00:2c:a8:b5:83:9e:ce:63:2d:88:a6:b7:a1:94:0a:
                    1e:72:9c:d2:cf:10:14:56:c0:f4:88:af:0b:02:99:
                    47:08:9a:27:c4:15:24:23:2f:52:1a:75:07:08:18:
                    8b:5c:b4:c1:08:e0:25:11:7d:d1:11:3c:8a:dd:95:
                    e8:c2:00:10:73:fa:6c:c0:80:f6:51:82:47:35:7b:
                    5b:3a:86:91:c0:c8:0d:59:93:db:13:70:c9:a6:28:
                    e1:48:69:4b:d9:ce:55:ea:d8:d9:89:cd:64:9a:bc:
                    a5:73:46:60:27:fd:ce:98:cd:a2:33:5d:9c:8d:5d:
                    a8:6a:0b:93:9a:c7:40:46:49:25:3a:a6:16:53:0a:
                    bd:08:8c:bd:fd:ab:85:f4:a5:23:1a:36:53:61:d7:
                    27:67:64:fd:f2:9b:a9:fc:39:ca:f2:c6:a5:3f:f8:
                    b9:8c:f5:55:a8:f5:e4:af:90:2a:b9:0a:6a:35:4e:
                    ec:4f:7c:61:b0:20:75:e0:e3:07:8f:4b:42:ef:51:
                    05:e5:74:76:82:f5:eb:7e:b3:6e:c4:8f:7e:74:7c:
                    2f:6d:70:89:52:ca:b2:43:bd:95:0e:5b:62:9e:a5:
                    89:d5:a3:b5:5c:b6:c1:f6:9e:dc:1b:12:e5:c8:86:
                    03:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:63:E7:76:8B:50:44:5E:1A:D4:56:72:00:9D:21:C2:17:33:5F:00
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QGPndotQRF4a1FZyAJ0hwhczXwA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.127.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:75:b6:62:87:62:48:76:23:97:37:57:e7:5e:5b:eb:e2:7d:
         02:74:78:3e:4c:bf:87:eb:63:d8:70:fe:9b:4f:41:72:1a:83:
         6e:ec:4c:16:82:f5:ee:30:b0:f5:c1:67:9b:b8:4c:60:23:96:
         3f:4d:86:00:d6:c1:d4:17:e8:1e:31:26:5a:50:65:2b:fd:bd:
         a9:15:8c:63:70:c8:c7:fe:eb:22:de:bd:dc:01:5c:13:c6:dc:
         39:b3:bc:20:ce:e5:a0:fb:48:9e:42:3d:4f:03:f3:8c:a5:82:
         5f:f7:78:de:6c:b3:58:9a:f7:76:0b:0e:94:ac:8c:14:bc:61:
         1a:f5:75:fe:b0:3e:94:f2:2d:ee:2d:54:8a:62:97:97:ee:99:
         a1:78:cb:1d:80:17:cb:7c:89:a0:a0:e3:e8:ac:42:82:48:22:
         29:b7:94:46:26:15:39:7f:32:ff:8f:ab:2c:52:bb:9e:55:55:
         c5:9d:05:d1:19:ad:76:fc:5f:c1:1d:b8:51:21:8e:5d:51:63:
         a1:18:67:fc:3d:3c:dd:cd:61:86:9a:4f:89:60:02:84:35:50:
         f6:e3:e6:1f:83:64:f0:85:42:bd:9b:c2:97:6b:b5:8c:86:18:
         79:47:20:0b:8d:05:98:de:6e:06:ff:c6:08:2a:14:54:b5:bd:
         92:50:cc:7c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAS4tVzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
Y2U4NTFiNmRkNWQzNjRlZTE5ZTBiMzgyMDFiM2U4ZGYyNjI0YmNiMB4XDTIyMDYx
NDEzMDY0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDA2M2U3NzY4YjUw
NDQ1ZTFhZDQ1NjcyMDA5ZDIxYzIxNzMzNWYwMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM6TfgbvIgqAwEP5n9KFACyotYOezmMtiKa3oZQKHnKc0s8Q
FFbA9IivCwKZRwiaJ8QVJCMvUhp1BwgYi1y0wQjgJRF90RE8it2V6MIAEHP6bMCA
9lGCRzV7WzqGkcDIDVmT2xNwyaYo4UhpS9nOVerY2YnNZJq8pXNGYCf9zpjNojNd
nI1dqGoLk5rHQEZJJTqmFlMKvQiMvf2rhfSlIxo2U2HXJ2dk/fKbqfw5yvLGpT/4
uYz1Vaj15K+QKrkKajVO7E98YbAgdeDjB49LQu9RBeV0doL1636zbsSPfnR8L21w
iVLKskO9lQ5bYp6lidWjtVy2wfae3BsS5ciGAy8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRAY+d2i1BEXhrUVnIAnSHCFzNfADAfBgNVHSMEGDAWgBQM6FG23V02TuGe
CzggGz6N8mJLyzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RPaFJ0dDFkTms3aG5nczRJQnMtamZKaVM4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTMvZDAyZGZiLTk2NzMtNDlhOC05NzFjLTlmZTk0MTA4ZmYwMS8x
L1FHUG5kb3RRUkY0YTFGWnlBSjBod2hjelh3QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTMv
ZDAyZGZiLTk2NzMtNDlhOC05NzFjLTlmZTk0MTA4ZmYwMS8xL0RPaFJ0dDFkTms3
aG5nczRJQnMtamZKaVM4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKMFfzANBgkqhkiG9w0BAQsFAAOC
AQEAWnW2YodiSHYjlzdX515b6+J9AnR4Pky/h+tj2HD+m09BchqDbuxMFoL17jCw
9cFnm7hMYCOWP02GANbB1BfoHjEmWlBlK/29qRWMY3DIx/7rIt693AFcE8bcObO8
IM7loPtInkI9TwPzjKWCX/d43myzWJr3dgsOlKyMFLxhGvV1/rA+lPIt7i1UimKX
l+6ZoXjLHYAXy3yJoKDj6KxCgkgiKbeURiYVOX8y/4+rLFK7nlVVxZ0F0Rmtdvxf
wR24USGOXVFjoRhn/D083c1hhppPiWAChDVQ9uPmH4Nk8IVCvZvCl2u1jIYYeUcg
C40FmN5uBv/GCCoUVLW9klDMfA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:05 2024 by rpki-client on console-fra.rpki-client.org