Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/QNISPP88RdR1gL42qYxIHuyA0J8.roa
File:                     QNISPP88RdR1gL42qYxIHuyA0J8.roa (raw, json)
Hash identifier:          Cwin9moJh7aR1GS8vMLpJz9gMht6zNBIwaCS1TISTIg=
Subject key identifier:   40:D2:12:3C:FF:3C:45:D4:75:80:BE:36:A9:8C:48:1E:EC:80:D0:9F
Certificate issuer:       /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial:       0B48FEF6
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/QNISPP88RdR1gL42qYxIHuyA0J8.roa
Signing time:             Sat 01 Jan 2022 13:04:59 +0000
ROA not before:           Sat 01 Jan 2022 13:04:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41494
IP address blocks:        185.1.36.0/24 maxlen: 24
                          185.86.67.0/24 maxlen: 24
                          195.95.178.0/24 maxlen: 24
                          2a05:b680:11::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 189333238 (0xb48fef6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
        Validity
            Not Before: Jan  1 13:04:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=40d2123cff3c45d47580be36a98c481eec80d09f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:2c:65:f2:e7:a7:f6:c5:3b:0f:ce:5a:b3:6a:
                    ce:25:f1:5b:ef:81:b2:a2:7d:28:9a:3d:5f:cb:10:
                    38:72:85:ab:e7:f7:df:5a:3d:2e:02:7d:62:3a:ac:
                    3d:d0:54:39:78:f4:12:ed:2e:0d:3e:3f:dd:bc:18:
                    9f:00:b0:fe:e9:5c:a6:95:2b:8e:a8:f4:f3:d5:94:
                    06:5b:c8:85:c3:44:47:a6:3a:7f:cb:2e:f4:1b:f2:
                    d1:0d:50:89:27:f9:bf:29:8c:0b:8a:86:ec:f8:15:
                    ef:ba:81:38:22:9f:a6:44:43:bd:4a:f1:e4:11:69:
                    f2:34:96:42:34:36:1b:73:ad:92:80:78:01:60:f2:
                    08:eb:d2:5b:a5:9d:d7:c4:aa:65:14:c1:ec:f2:77:
                    8d:28:a1:5a:b5:ac:54:a5:49:10:5b:70:ac:21:1f:
                    f8:b7:1f:25:d7:fb:55:a5:d5:bf:1a:01:fc:03:b8:
                    c7:67:a2:31:d4:91:6f:2e:8b:b2:e3:d1:7c:db:74:
                    4f:93:40:78:63:b4:a3:ad:fe:11:b1:9c:d6:cf:2e:
                    6b:1e:c3:ea:0b:ad:8e:f9:cd:7e:bc:d6:c2:ac:9b:
                    b8:34:ea:40:df:79:48:18:fe:ee:ae:03:0f:ed:7b:
                    be:18:38:d2:7f:13:4c:51:be:66:a5:ae:78:86:b6:
                    53:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:D2:12:3C:FF:3C:45:D4:75:80:BE:36:A9:8C:48:1E:EC:80:D0:9F
            X509v3 Authority Key Identifier:
                keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/QNISPP88RdR1gL42qYxIHuyA0J8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.1.36.0/24
                  185.86.67.0/24
                  195.95.178.0/24
                IPv6:
                  2a05:b680:11::/48

    Signature Algorithm: sha256WithRSAEncryption
         99:e8:e2:6f:3a:88:b0:25:c7:39:35:49:c1:54:63:97:e4:f8:
         9f:cc:c5:5f:c9:fd:21:c3:6a:88:5b:0c:75:ae:90:2d:58:69:
         fe:77:81:f4:a3:2a:a2:62:f4:72:90:0f:5f:a1:16:14:1c:0b:
         da:4f:4b:76:dc:9d:aa:31:18:f1:1b:48:06:d2:04:d9:5d:e3:
         83:80:c6:d4:c7:fe:57:2b:2c:1c:82:cf:6c:87:37:e5:95:10:
         92:09:65:23:6b:ba:ba:18:6c:69:78:63:f0:04:13:44:26:07:
         0f:03:23:75:ed:2c:ea:d7:f6:c6:24:1c:35:93:94:ed:79:68:
         12:e2:25:1f:c5:3e:65:b8:ff:47:fd:be:d6:ca:31:d1:02:39:
         d2:ae:03:77:db:e0:c0:ff:1c:14:97:d1:28:94:05:be:26:dd:
         82:ea:14:d4:31:e7:c6:52:a0:65:7a:c8:16:62:a5:f9:68:75:
         ea:17:e0:6b:68:63:5e:64:02:e7:d5:ab:9c:5c:cd:6f:2a:da:
         60:c2:fc:e3:82:35:75:39:78:a6:27:57:df:78:2a:01:f8:f1:
         14:2a:6f:3b:29:59:4f:e4:de:62:9a:44:92:20:5f:78:d0:5f:
         cb:13:8a:44:10:b7:24:3a:b0:ee:54:6a:52:8a:0b:c0:0e:20:
         57:71:49:a8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEC0j+9jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTU4OTUyZDM5MzkzNWYwZDNiY2U4MTRmZDkxNzhkMDQ2OTNhZWI5MB4XDTIyMDEw
MTEzMDQ1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDBkMjEyM2NmZjNj
NDVkNDc1ODBiZTM2YTk4YzQ4MWVlYzgwZDA5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKwsZfLnp/bFOw/OWrNqziXxW++BsqJ9KJo9X8sQOHKFq+f3
31o9LgJ9YjqsPdBUOXj0Eu0uDT4/3bwYnwCw/ulcppUrjqj089WUBlvIhcNER6Y6
f8su9Bvy0Q1QiSf5vymMC4qG7PgV77qBOCKfpkRDvUrx5BFp8jSWQjQ2G3OtkoB4
AWDyCOvSW6Wd18SqZRTB7PJ3jSihWrWsVKVJEFtwrCEf+LcfJdf7VaXVvxoB/AO4
x2eiMdSRby6LsuPRfNt0T5NAeGO0o63+EbGc1s8uax7D6gutjvnNfrzWwqybuDTq
QN95SBj+7q4DD+17vhg40n8TTFG+ZqWueIa2U3UCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBRA0hI8/zxF1HWAvjapjEge7IDQnzAfBgNVHSMEGDAWgBT+WJUtOTk18NO8
6BT9kXjQRpOuuTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19saVZMVGs1TmZEVHZPZ1VfWkY0MEVhVHJyay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvYjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8x
L1FOSVNQUDg4UmRSMWdMNDJxWXhJSHV5QTBKOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
YjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8xL19saVZMVGs1TmZE
VHZPZ1VfWkY0MEVhVHJyay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEALkBJAMEALlWQwMEAMNfsjAPBAIA
AjAJAwcAKgW2gAARMA0GCSqGSIb3DQEBCwUAA4IBAQCZ6OJvOoiwJcc5NUnBVGOX
5PifzMVfyf0hw2qIWwx1rpAtWGn+d4H0oyqiYvRykA9foRYUHAvaT0t23J2qMRjx
G0gG0gTZXeODgMbUx/5XKywcgs9shzfllRCSCWUja7q6GGxpeGPwBBNEJgcPAyN1
7Szq1/bGJBw1k5TteWgS4iUfxT5luP9H/b7WyjHRAjnSrgN32+DA/xwUl9EolAW+
Jt2C6hTUMefGUqBlesgWYqX5aHXqF+BraGNeZALn1aucXM1vKtpgwvzjgjV1OXim
J1ffeCoB+PEUKm87KVlP5N5imkSSIF940F/LE4pEELckOrDuVGpSigvADiBXcUmo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:38 2024 by rpki-client on console-ams.rpki-client.org