Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/qiRP_9nFtRFrRUGMnvVd1LmeCDA.roa
File:                     qiRP_9nFtRFrRUGMnvVd1LmeCDA.roa (raw, json)
Hash identifier:          tg38dGDEiDgr87azAMDUcj2IWfMcuhAs/mPIYNyDdOs=
Subject key identifier:   AA:24:4F:FF:D9:C5:B5:11:6B:45:41:8C:9E:F5:5D:D4:B9:9E:08:30
Certificate issuer:       /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial:       018271DC569009DC0C45525CD407A2875691
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/qiRP_9nFtRFrRUGMnvVd1LmeCDA.roa
Signing time:             Sat 06 Aug 2022 06:34:01 +0000
ROA not before:           Sat 06 Aug 2022 06:34:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203528
IP address blocks:        2a0e:8f02:21d0::/44 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:71:dc:56:90:09:dc:0c:45:52:5c:d4:07:a2:87:56:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
        Validity
            Not Before: Aug  6 06:34:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=aa244fffd9c5b5116b45418c9ef55dd4b99e0830
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:88:ec:05:ed:61:7b:42:e2:bd:95:f6:a0:95:
                    1a:39:e7:e6:91:5f:9b:50:4b:ec:a2:39:41:fc:12:
                    9b:0a:7b:e3:b2:64:ef:84:63:cc:86:a0:77:21:6f:
                    10:44:7b:9c:02:d3:0d:c1:1b:d5:8b:84:e8:7b:89:
                    46:01:0b:58:62:ce:93:45:7a:40:10:ca:90:cf:3e:
                    34:89:db:1b:00:73:43:0e:96:0a:89:a6:9c:e5:01:
                    3e:3e:43:8c:1c:b9:37:c9:aa:9c:47:b1:3b:69:fb:
                    1b:06:5c:15:0a:0d:f2:31:57:bc:44:c5:b5:49:e0:
                    26:83:99:02:a0:35:d3:5b:bb:ee:91:8d:c9:18:15:
                    b1:a0:8a:10:8f:f3:20:bd:c9:c9:85:54:5d:bb:f2:
                    d6:b7:8b:99:bf:4a:a7:22:df:c1:b6:2f:a8:73:d8:
                    db:8f:36:5a:03:59:69:90:8d:36:90:af:a1:fb:3c:
                    d4:b8:9f:bd:4f:4c:3a:ae:6e:9e:a5:b1:7f:7c:ec:
                    34:30:f5:53:03:9a:a0:b0:4a:74:0a:b4:a1:46:93:
                    15:98:a7:26:0a:c5:16:00:55:e7:d6:9a:64:f4:4a:
                    a3:4f:6c:7b:84:f9:60:db:93:18:d3:e1:62:65:2f:
                    fd:74:e5:07:7f:9e:45:4f:cc:76:59:d3:b2:f0:45:
                    d2:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:24:4F:FF:D9:C5:B5:11:6B:45:41:8C:9E:F5:5D:D4:B9:9E:08:30
            X509v3 Authority Key Identifier:
                keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/qiRP_9nFtRFrRUGMnvVd1LmeCDA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:8f02:21d0::/44

    Signature Algorithm: sha256WithRSAEncryption
         2a:ec:69:0c:b4:43:af:93:af:c0:10:bb:a5:1a:bf:5a:d7:d8:
         ff:b7:f7:f0:d7:ba:23:2e:ad:fa:c8:b0:07:4e:79:e4:e2:59:
         9a:81:30:3c:34:1f:b7:36:70:db:30:93:d6:27:01:f9:3e:32:
         92:41:b3:f1:2f:7f:75:00:2e:41:2c:e7:22:e9:1d:26:af:1d:
         87:ff:0c:49:67:ce:87:4a:c8:2d:5d:71:61:16:aa:8d:85:da:
         3b:c5:dc:6a:1f:16:ac:d5:56:03:9d:52:94:38:26:3b:eb:01:
         9c:46:29:be:21:bd:c0:8c:80:2d:d8:aa:89:ad:b1:13:00:6b:
         f4:01:03:92:6d:f3:be:3f:ae:e8:a2:31:16:fd:f5:1f:d9:83:
         a5:d0:28:24:70:36:ef:74:35:ca:65:57:27:d7:7f:e2:23:dc:
         4b:69:e8:e8:e1:d2:42:af:65:84:09:48:74:86:42:ac:c6:9a:
         ec:e8:b7:20:97:ac:34:a5:1c:cf:1d:9d:54:8b:85:51:3d:aa:
         e1:db:37:23:96:ac:bd:31:ce:a4:93:46:fe:05:78:2f:49:95:
         59:48:cb:2f:16:04:81:b6:aa:22:8c:f6:8e:f4:9a:18:75:f9:
         d5:dd:06:82:a2:d4:fb:2b:81:ec:72:93:64:e8:6b:5a:0b:9b:
         5c:34:a9:86
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYJx3FaQCdwMRVJc1Aeih1aRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjIwODA2MDYzNDAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTI0NGZmZmQ5YzViNTExNmI0NTQxOGM5ZWY1NWRkNGI5OWUwODMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYjsBe1he0LivZX2oJUaOefmkV+b
UEvsojlB/BKbCnvjsmTvhGPMhqB3IW8QRHucAtMNwRvVi4Toe4lGAQtYYs6TRXpA
EMqQzz40idsbAHNDDpYKiaac5QE+PkOMHLk3yaqcR7E7afsbBlwVCg3yMVe8RMW1
SeAmg5kCoDXTW7vukY3JGBWxoIoQj/MgvcnJhVRdu/LWt4uZv0qnIt/Bti+oc9jb
jzZaA1lpkI02kK+h+zzUuJ+9T0w6rm6epbF/fOw0MPVTA5qgsEp0CrShRpMVmKcm
CsUWAFXn1ppk9EqjT2x7hPlg25MY0+FiZS/9dOUHf55FT8x2WdOy8EXSKQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKokT//ZxbURa0VBjJ71XdS5nggwMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvcWlSUF85bkZ0UkZyUlVHTW52VmQxTG1lQ0RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6PAiHQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAq7GkMtEOvk6/AELulGr9a19j/t/fw17ojLq36
yLAHTnnk4lmagTA8NB+3NnDbMJPWJwH5PjKSQbPxL391AC5BLOci6R0mrx2H/wxJ
Z86HSsgtXXFhFqqNhdo7xdxqHxas1VYDnVKUOCY76wGcRim+Ib3AjIAt2KqJrbET
AGv0AQOSbfO+P67oojEW/fUf2YOl0CgkcDbvdDXKZVcn13/iI9xLaejo4dJCr2WE
CUh0hkKsxprs6Lcgl6w0pRzPHZ1Ui4VRParh2zcjlqy9Mc6kk0b+BXgvSZVZSMsv
FgSBtqoijPaO9JoYdfnV3QaCotT7K4HscpNk6GtaC5tcNKmG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:41 2024 by rpki-client on console-fra.rpki-client.org