Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/QwFnMEVYpaiYF7o8ZabAF_lS_rw.roa
File:                     QwFnMEVYpaiYF7o8ZabAF_lS_rw.roa (raw, json)
Hash identifier:          tD6rRrY0H9YTIgqLzWE8x9tgEBhSmRD2Vp37BYd35fw=
Subject key identifier:   43:01:67:30:45:58:A5:A8:98:17:BA:3C:65:A6:C0:17:F9:52:FE:BC
Certificate issuer:       /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial:       49744531
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/QwFnMEVYpaiYF7o8ZabAF_lS_rw.roa
Signing time:             Thu 07 Apr 2022 05:03:46 +0000
ROA not before:           Thu 07 Apr 2022 05:03:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212496
IP address blocks:        146.185.239.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1232356657 (0x49744531)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
        Validity
            Not Before: Apr  7 05:03:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=430167304558a5a89817ba3c65a6c017f952febc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:5e:f7:d2:a6:7b:0b:9d:30:84:15:93:f2:c8:
                    e2:d4:5b:9c:89:f0:c9:12:3b:fd:79:ed:54:5f:fa:
                    b5:0e:eb:e9:d3:a5:4e:49:68:50:fd:70:15:0d:83:
                    5c:d6:0f:b2:6a:1a:42:3b:09:43:ed:f2:5b:3a:03:
                    a0:fb:17:6b:ec:42:8b:7e:22:e8:2c:f4:43:e6:4a:
                    06:20:ca:9b:85:aa:e5:3f:4d:da:a9:5b:d8:51:79:
                    e5:14:04:0c:93:88:ed:05:e8:3a:27:e5:21:0c:d4:
                    ca:64:6d:14:e4:a7:35:16:80:ec:75:0a:c2:d0:1b:
                    7e:4a:c2:c8:80:f4:6b:c1:65:2b:16:29:c2:45:f2:
                    a7:cb:ec:12:18:c8:ad:1e:ae:45:47:c3:9f:4a:44:
                    a8:84:89:ff:76:84:42:d8:e5:aa:c6:95:c4:ac:f5:
                    35:0f:42:fe:2c:6e:18:be:73:b1:70:c9:1f:3a:3c:
                    02:7d:59:76:35:47:b7:db:a0:e0:36:85:da:db:88:
                    c1:c0:22:c8:34:29:72:e9:21:33:e6:ac:e8:8a:ff:
                    24:33:93:fb:ce:b8:44:3b:84:f9:a9:47:ac:c8:1d:
                    f4:03:2c:9b:56:ed:54:c5:4b:26:92:1f:1b:72:e2:
                    38:e1:94:ca:27:a9:c6:9f:7c:94:4f:29:95:2e:ae:
                    fe:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:01:67:30:45:58:A5:A8:98:17:BA:3C:65:A6:C0:17:F9:52:FE:BC
            X509v3 Authority Key Identifier:
                keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/QwFnMEVYpaiYF7o8ZabAF_lS_rw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.185.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:0c:ae:3f:1f:74:c4:41:5a:bc:00:e9:6e:ae:f6:c3:80:b9:
         92:04:35:fa:32:6d:e6:40:4f:ae:c6:76:6f:1b:45:35:98:d6:
         f8:9e:d0:67:09:33:ad:73:9f:1a:1d:24:22:78:9a:cf:2e:5f:
         b8:b4:16:b7:22:c8:05:05:e5:91:16:89:94:11:63:e5:31:33:
         29:4a:67:7a:92:3e:bf:2e:73:50:61:1b:84:73:09:06:8c:aa:
         a9:7c:1c:8d:88:22:65:c2:bf:a2:a9:7c:da:3b:14:a5:f6:88:
         90:47:65:8e:63:0c:f1:90:07:18:8f:39:64:33:07:6f:96:b6:
         7d:f6:90:5c:f2:53:a8:71:ba:55:a0:a1:2c:0f:94:b7:de:dc:
         45:5a:16:b0:ae:f8:50:f2:87:a9:31:2e:a3:cf:8d:7b:66:70:
         fb:25:5d:8e:b8:b3:18:a9:1f:df:fa:4e:f5:51:de:e5:b6:52:
         3e:72:20:7e:f1:01:89:9c:a4:4e:5b:92:4b:fd:fc:45:db:c7:
         b4:48:2e:6a:26:b0:43:a2:99:c8:37:58:25:4d:e8:aa:c0:d7:
         69:19:76:24:65:72:86:28:e1:23:31:7d:3d:5b:1b:df:46:37:
         c2:64:d6:9d:c6:60:75:14:5c:a7:eb:f0:1b:73:a9:af:5c:e5:
         b3:c2:b7:75
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIESXRFMTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YWFhOGEwYTVmZGZkNjk4ZTEwNGJlMzZhMmFlZWM4MTNhZWNhMDcxMB4XDTIyMDQw
NzA1MDM0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDMwMTY3MzA0NTU4
YTVhODk4MTdiYTNjNjVhNmMwMTdmOTUyZmViYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOle99KmewudMIQVk/LI4tRbnInwyRI7/XntVF/6tQ7r6dOl
TkloUP1wFQ2DXNYPsmoaQjsJQ+3yWzoDoPsXa+xCi34i6Cz0Q+ZKBiDKm4Wq5T9N
2qlb2FF55RQEDJOI7QXoOiflIQzUymRtFOSnNRaA7HUKwtAbfkrCyID0a8FlKxYp
wkXyp8vsEhjIrR6uRUfDn0pEqISJ/3aEQtjlqsaVxKz1NQ9C/ixuGL5zsXDJHzo8
An1ZdjVHt9ug4DaF2tuIwcAiyDQpcukhM+as6Ir/JDOT+864RDuE+alHrMgd9AMs
m1btVMVLJpIfG3LiOOGUyiepxp98lE8plS6u/vsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRDAWcwRVilqJgXujxlpsAX+VL+vDAfBgNVHSMEGDAWgBTqqooKX9/WmOEE
vjairuyBOuygcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZxcUtDbF9mMXBqaEJMNDJvcTdzZ1Ryc29IRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvMjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8x
L1F3Rm5NRVZZcGFpWUY3bzhaYWJBRl9sU19ydy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
MjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8xLzZxcUtDbF9mMXBq
aEJMNDJvcTdzZ1Ryc29IRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJK57zANBgkqhkiG9w0BAQsFAAOC
AQEAYgyuPx90xEFavADpbq72w4C5kgQ1+jJt5kBPrsZ2bxtFNZjW+J7QZwkzrXOf
Gh0kIniazy5fuLQWtyLIBQXlkRaJlBFj5TEzKUpnepI+vy5zUGEbhHMJBoyqqXwc
jYgiZcK/oql82jsUpfaIkEdljmMM8ZAHGI85ZDMHb5a2ffaQXPJTqHG6VaChLA+U
t97cRVoWsK74UPKHqTEuo8+Ne2Zw+yVdjrizGKkf3/pO9VHe5bZSPnIgfvEBiZyk
TluSS/38RdvHtEguaiawQ6KZyDdYJU3oqsDXaRl2JGVyhijhIzF9PVsb30Y3wmTW
ncZgdRRcp+vwG3Opr1zls8K3dQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:29 2024 by rpki-client on console-fra.rpki-client.org