Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/31f8a0-7e95-4fe2-8809-f78bdb6f60c2/1/QpkDhnvYyUJmegGXEE1Zaeo49Kg.roa
File:                     QpkDhnvYyUJmegGXEE1Zaeo49Kg.roa (raw, json)
Hash identifier:          rOvFWQZ2AowtFm5YcSwgUjOg03oFe7rVvDKKFuj5VpU=
Subject key identifier:   42:99:03:86:7B:D8:C9:42:66:7A:01:97:10:4D:59:69:EA:38:F4:A8
Certificate issuer:       /CN=80ebaf2cba8359438e434123dda7a5a396f5f519
Certificate serial:       35387A9B
Authority key identifier: 80:EB:AF:2C:BA:83:59:43:8E:43:41:23:DD:A7:A5:A3:96:F5:F5:19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gOuvLLqDWUOOQ0Ej3aelo5b19Rk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/31f8a0-7e95-4fe2-8809-f78bdb6f60c2/1/QpkDhnvYyUJmegGXEE1Zaeo49Kg.roa
Signing time:             Fri 20 May 2022 10:16:29 +0000
ROA not before:           Fri 20 May 2022 10:16:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211225
IP address blocks:        37.205.3.0/24 maxlen: 24
                          37.205.6.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 892893851 (0x35387a9b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80ebaf2cba8359438e434123dda7a5a396f5f519
        Validity
            Not Before: May 20 10:16:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=429903867bd8c942667a0197104d5969ea38f4a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:b1:4f:1e:12:ad:f0:9a:a9:a4:4a:c1:fe:b1:
                    56:cb:65:35:94:31:60:06:fd:d1:63:e4:b9:d4:ca:
                    4e:84:f5:08:7f:4b:9d:b5:ce:1c:c7:39:75:2d:16:
                    80:cb:5d:8d:54:0a:67:d0:3c:91:b7:47:46:5f:75:
                    27:c6:28:1e:31:59:bf:bd:89:b4:be:4f:f3:9e:85:
                    3c:4d:aa:b6:81:05:9f:9e:d7:1b:84:e5:75:5e:e6:
                    98:df:13:a7:98:84:c4:9b:a4:c2:da:01:e5:6f:e2:
                    ec:5c:f4:b3:83:ec:08:0a:80:4f:8c:bc:9e:f6:9e:
                    00:23:68:05:93:40:16:dc:05:f2:31:98:88:1d:fa:
                    70:df:38:ee:30:c0:33:c8:89:36:f4:21:cb:32:0d:
                    c4:e8:ce:09:ba:2e:07:22:e2:fe:08:98:9c:88:cf:
                    59:b0:99:96:db:a5:8e:6b:7b:1b:b5:95:f9:3a:0c:
                    14:16:f3:7b:5c:18:50:20:08:d2:ac:a5:8e:9e:36:
                    94:74:71:db:47:17:50:2a:71:79:db:98:f8:d8:d6:
                    bb:e0:30:01:72:8f:c0:2a:9f:0e:f5:9b:4e:97:ee:
                    be:1d:a8:03:54:4d:d4:17:12:c8:85:58:15:bf:24:
                    80:2d:11:f1:51:17:4e:d3:80:79:47:9c:21:07:c8:
                    eb:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:99:03:86:7B:D8:C9:42:66:7A:01:97:10:4D:59:69:EA:38:F4:A8
            X509v3 Authority Key Identifier:
                keyid:80:EB:AF:2C:BA:83:59:43:8E:43:41:23:DD:A7:A5:A3:96:F5:F5:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gOuvLLqDWUOOQ0Ej3aelo5b19Rk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/31f8a0-7e95-4fe2-8809-f78bdb6f60c2/1/QpkDhnvYyUJmegGXEE1Zaeo49Kg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/31f8a0-7e95-4fe2-8809-f78bdb6f60c2/1/gOuvLLqDWUOOQ0Ej3aelo5b19Rk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.205.3.0/24
                  37.205.6.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:80:0b:9f:66:0c:cf:f5:07:d9:69:a3:9b:41:dc:9d:a5:dc:
         5f:8b:57:96:ed:da:7a:96:8d:0f:9e:a8:49:08:5b:e3:47:be:
         c0:76:0d:25:47:46:dc:3b:27:3b:4a:c2:b9:6b:26:98:47:11:
         04:a7:12:aa:08:3c:4f:46:1c:2b:f7:e2:66:65:5d:04:0d:e2:
         83:5e:c0:e7:a5:1c:4e:78:eb:1a:be:51:8a:e6:2d:db:2e:18:
         e5:b9:12:ce:d6:ed:ed:e9:07:2c:3e:56:62:bf:8c:dc:b2:5b:
         da:1e:08:07:39:2b:3f:d7:a8:d4:fe:9e:28:b2:83:bc:95:1f:
         f1:db:b9:74:0d:a2:49:20:65:93:68:8f:bd:2b:a0:3d:29:6b:
         a5:ec:7c:79:78:54:38:3d:12:2b:fb:ba:a6:03:8c:a9:3a:b4:
         3f:25:07:06:ee:ac:d3:70:0b:8f:e9:e8:f2:5f:ef:a3:39:98:
         c4:75:49:5f:b6:20:0d:d4:2d:3f:16:4d:15:3a:25:39:13:c9:
         78:bd:51:d9:f7:39:8b:cd:96:bb:dd:5c:fe:e7:6d:48:27:ef:
         bb:9f:06:c5:46:7a:70:f5:d0:e2:22:b9:46:79:0f:23:63:e0:
         24:64:23:a5:ae:9b:61:85:75:c6:47:05:87:1a:12:ae:82:54:
         9c:83:b2:3a
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIENTh6mzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MGViYWYyY2JhODM1OTQzOGU0MzQxMjNkZGE3YTVhMzk2ZjVmNTE5MB4XDTIyMDUy
MDEwMTYyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDI5OTAzODY3YmQ4
Yzk0MjY2N2EwMTk3MTA0ZDU5NjllYTM4ZjRhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMOxTx4SrfCaqaRKwf6xVstlNZQxYAb90WPkudTKToT1CH9L
nbXOHMc5dS0WgMtdjVQKZ9A8kbdHRl91J8YoHjFZv72JtL5P856FPE2qtoEFn57X
G4TldV7mmN8Tp5iExJukwtoB5W/i7Fz0s4PsCAqAT4y8nvaeACNoBZNAFtwF8jGY
iB36cN847jDAM8iJNvQhyzINxOjOCbouByLi/giYnIjPWbCZltuljmt7G7WV+ToM
FBbze1wYUCAI0qyljp42lHRx20cXUCpxeduY+NjWu+AwAXKPwCqfDvWbTpfuvh2o
A1RN1BcSyIVYFb8kgC0R8VEXTtOAeUecIQfI668CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRCmQOGe9jJQmZ6AZcQTVlp6jj0qDAfBgNVHSMEGDAWgBSA668suoNZQ45D
QSPdp6WjlvX1GTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dPdXZMTHFEV1VPT1EwRWozYWVsbzViMTlSay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvMzFmOGEwLTdlOTUtNGZlMi04ODA5LWY3OGJkYjZmNjBjMi8x
L1Fwa0RobnZZeVVKbWVnR1hFRTFaYWVvNDlLZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
MzFmOGEwLTdlOTUtNGZlMi04ODA5LWY3OGJkYjZmNjBjMi8xL2dPdXZMTHFEV1VP
T1EwRWozYWVsbzViMTlSay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEACXNAwMEACXNBjANBgkqhkiG9w0B
AQsFAAOCAQEALIALn2YMz/UH2Wmjm0HcnaXcX4tXlu3aepaND56oSQhb40e+wHYN
JUdG3DsnO0rCuWsmmEcRBKcSqgg8T0YcK/fiZmVdBA3ig17A56UcTnjrGr5RiuYt
2y4Y5bkSztbt7ekHLD5WYr+M3LJb2h4IBzkrP9eo1P6eKLKDvJUf8du5dA2iSSBl
k2iPvSugPSlrpex8eXhUOD0SK/u6pgOMqTq0PyUHBu6s03ALj+no8l/vozmYxHVJ
X7YgDdQtPxZNFTolORPJeL1R2fc5i82Wu91c/udtSCfvu58GxUZ6cPXQ4iK5RnkP
I2PgJGQjpa6bYYV1xkcFhxoSroJUnIOyOg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:39 2024 by rpki-client on console-fra.rpki-client.org