Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/fb1a6d-4138-4c4f-aed9-4544c6109729/1/qqxS4uewfUX_ZTfw9kZxFfwaO08.roa
File:                     qqxS4uewfUX_ZTfw9kZxFfwaO08.roa (raw, json)
Hash identifier:          43ZjjP1xvf8SkVeuBaSDCaMHsBcXPFaeqA57zbRaIHE=
Subject key identifier:   AA:AC:52:E2:E7:B0:7D:45:FF:65:37:F0:F6:46:71:15:FC:1A:3B:4F
Certificate issuer:       /CN=9241ad0e7fc22bfbab567be89f63d9805e5eb9aa
Certificate serial:       0183A4B803CDD1CAD7BC59631A59725CD333
Authority key identifier: 92:41:AD:0E:7F:C2:2B:FB:AB:56:7B:E8:9F:63:D9:80:5E:5E:B9:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kkGtDn_CK_urVnvon2PZgF5euao.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/fb1a6d-4138-4c4f-aed9-4544c6109729/1/qqxS4uewfUX_ZTfw9kZxFfwaO08.roa
Signing time:             Tue 04 Oct 2022 20:37:46 +0000
ROA not before:           Tue 04 Oct 2022 20:37:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202477
IP address blocks:        109.205.199.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:a4:b8:03:cd:d1:ca:d7:bc:59:63:1a:59:72:5c:d3:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9241ad0e7fc22bfbab567be89f63d9805e5eb9aa
        Validity
            Not Before: Oct  4 20:37:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=aaac52e2e7b07d45ff6537f0f6467115fc1a3b4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:45:ec:a4:43:b0:06:cf:b8:3d:6c:b8:9a:99:
                    ea:36:89:6f:0f:e0:27:bf:32:b7:4f:32:90:d8:ce:
                    15:e1:fe:19:7a:ce:12:20:eb:1d:bb:8f:0e:42:f1:
                    24:aa:02:8d:39:0b:d9:f0:78:fa:00:d1:35:74:5c:
                    32:be:d1:13:82:ae:1c:b3:4f:54:cd:e4:ea:25:91:
                    e8:33:20:0d:3c:84:eb:03:45:8a:f0:d5:e8:2a:97:
                    43:ab:1e:94:d4:d0:95:4b:7b:3d:c9:a7:d8:ef:dd:
                    08:d5:a3:bc:0b:85:92:58:14:a4:f8:6a:d3:23:f9:
                    b5:79:44:1a:2b:a6:50:f9:de:6b:1f:4e:0d:db:24:
                    47:64:37:36:3d:ff:ed:2e:4e:44:1e:af:e4:15:c0:
                    ad:74:61:89:40:58:ec:69:a0:84:b4:d7:c1:0a:c9:
                    68:1f:e1:00:7a:c3:38:90:f3:c9:34:3b:69:81:b9:
                    fc:4f:a7:b7:86:5d:48:f8:1d:3b:67:09:9b:2b:f0:
                    db:de:69:62:08:aa:cb:aa:28:71:12:6b:90:ed:e4:
                    15:e7:73:92:68:ac:25:43:63:d7:0c:34:f6:1e:25:
                    8d:aa:6c:e7:8d:34:9d:70:87:e5:c0:b5:41:df:08:
                    5b:d9:cd:10:87:14:23:25:11:58:8b:15:0b:6c:09:
                    e9:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:AC:52:E2:E7:B0:7D:45:FF:65:37:F0:F6:46:71:15:FC:1A:3B:4F
            X509v3 Authority Key Identifier:
                keyid:92:41:AD:0E:7F:C2:2B:FB:AB:56:7B:E8:9F:63:D9:80:5E:5E:B9:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kkGtDn_CK_urVnvon2PZgF5euao.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/fb1a6d-4138-4c4f-aed9-4544c6109729/1/qqxS4uewfUX_ZTfw9kZxFfwaO08.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/fb1a6d-4138-4c4f-aed9-4544c6109729/1/kkGtDn_CK_urVnvon2PZgF5euao.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.205.199.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:8a:1d:08:6c:97:ad:09:ad:ff:04:13:a4:ff:00:68:b0:dd:
         7f:ab:c8:ce:46:f3:49:30:25:88:16:d8:86:3f:23:d4:7f:fc:
         3d:ba:b7:c9:95:c1:38:62:54:98:ba:51:5d:c0:04:48:33:7e:
         07:e9:32:88:aa:3b:20:d4:da:20:21:56:de:65:21:83:f3:d9:
         fb:89:bf:08:8b:13:5b:57:c2:86:8d:12:10:d4:dd:92:ab:ac:
         c1:a4:59:ce:79:d4:fc:34:15:5b:49:6b:cb:51:4f:38:b4:52:
         59:a9:cb:47:04:36:53:a9:5a:18:92:ec:f0:22:b9:d2:39:2a:
         6a:2b:9b:1e:ea:b7:c2:79:51:34:76:8a:83:1e:b5:b1:d8:29:
         d7:ef:1b:cd:84:ae:a9:b0:51:2f:2f:8d:fc:1a:28:d1:22:af:
         74:63:c7:b6:45:23:22:f0:02:a6:ed:ec:b5:56:7f:ac:fd:98:
         65:97:8a:0f:41:e7:21:a4:68:1c:d9:62:c3:3e:f7:fe:cf:f8:
         ef:2d:47:19:49:4d:1b:ab:ea:83:ad:31:4d:cf:d3:30:d0:63:
         9c:e0:f7:79:43:1d:bc:56:6b:18:6d:7c:40:57:ea:59:6a:a5:
         16:6e:0e:f3:e5:e8:f6:82:00:a5:cc:24:0f:a6:9c:9a:cf:b7:
         4c:9d:96:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOkuAPN0crXvFljGllyXNMzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNDFhZDBlN2ZjMjJiZmJhYjU2N2JlODlmNjNkOTgwNWU1
ZWI5YWEwHhcNMjIxMDA0MjAzNzQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWFjNTJlMmU3YjA3ZDQ1ZmY2NTM3ZjBmNjQ2NzExNWZjMWEzYjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkXspEOwBs+4PWy4mpnqNolvD+An
vzK3TzKQ2M4V4f4Zes4SIOsdu48OQvEkqgKNOQvZ8Hj6ANE1dFwyvtETgq4cs09U
zeTqJZHoMyANPITrA0WK8NXoKpdDqx6U1NCVS3s9yafY790I1aO8C4WSWBSk+GrT
I/m1eUQaK6ZQ+d5rH04N2yRHZDc2Pf/tLk5EHq/kFcCtdGGJQFjsaaCEtNfBCslo
H+EAesM4kPPJNDtpgbn8T6e3hl1I+B07ZwmbK/Db3mliCKrLqihxEmuQ7eQV53OS
aKwlQ2PXDDT2HiWNqmznjTSdcIflwLVB3whb2c0QhxQjJRFYixULbAnpnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKqsUuLnsH1F/2U38PZGcRX8GjtPMB8GA1UdIwQY
MBaAFJJBrQ5/wiv7q1Z76J9j2YBeXrmqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2tHdERuX0NLX3VyVm52b24yUFpnRjVldWFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9mYjFhNmQtNDEzOC00YzRmLWFlZDkt
NDU0NGM2MTA5NzI5LzEvcXF4UzR1ZXdmVVhfWlRmdzlrWnhGZndhTzA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9mYjFhNmQtNDEzOC00YzRmLWFlZDktNDU0NGM2MTA5NzI5
LzEva2tHdERuX0NLX3VyVm52b24yUFpnRjVldWFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbc3HMA0G
CSqGSIb3DQEBCwUAA4IBAQAfih0IbJetCa3/BBOk/wBosN1/q8jORvNJMCWIFtiG
PyPUf/w9urfJlcE4YlSYulFdwARIM34H6TKIqjsg1NogIVbeZSGD89n7ib8IixNb
V8KGjRIQ1N2Sq6zBpFnOedT8NBVbSWvLUU84tFJZqctHBDZTqVoYkuzwIrnSOSpq
K5se6rfCeVE0doqDHrWx2CnX7xvNhK6psFEvL438GijRIq90Y8e2RSMi8AKm7ey1
Vn+s/Zhll4oPQechpGgc2WLDPvf+z/jvLUcZSU0bq+qDrTFNz9Mw0GOc4Pd5Qx28
VmsYbXxAV+pZaqUWbg7z5ej2ggClzCQPppyaz7dMnZaS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:20 2024 by rpki-client on console-ams.rpki-client.org