Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/QkCa67q4XphdsTcRLtqWHTZcbRI.roa
File:                     QkCa67q4XphdsTcRLtqWHTZcbRI.roa (raw, json)
Hash identifier:          jVIg58Za+lgfTYpSbLFWGpGpsvcqw+3M3PMPA/66QUk=
Subject key identifier:   42:40:9A:EB:BA:B8:5E:98:5D:B1:37:11:2E:DA:96:1D:36:5C:6D:12
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       090F6375
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/QkCa67q4XphdsTcRLtqWHTZcbRI.roa
Signing time:             Wed 11 May 2022 19:45:02 +0000
ROA not before:           Wed 11 May 2022 19:45:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12695
IP address blocks:        77.90.189.0/24 maxlen: 24
                          77.90.145.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 152003445 (0x90f6375)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: May 11 19:45:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=42409aebbab85e985db137112eda961d365c6d12
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:8e:01:13:1a:23:66:9f:df:8d:5a:82:7c:b4:
                    d8:ac:10:df:a5:6f:ba:f1:0d:d9:dc:e2:31:0a:fe:
                    d0:e5:e7:2f:ee:be:09:e0:35:6f:9f:2d:46:1a:07:
                    15:fd:fc:fc:bb:ee:34:ea:30:6c:2a:34:b4:3d:32:
                    12:6c:a5:95:35:9b:c3:cf:66:12:a9:0d:a3:84:c6:
                    1e:4f:63:35:dc:07:06:cc:c4:5f:cd:8b:18:89:08:
                    bc:cf:b3:4b:e6:1f:ac:c5:d8:6d:ef:5f:a2:03:9d:
                    8d:67:da:aa:5a:38:f7:ef:3f:3f:11:83:98:bc:1c:
                    16:ac:cb:96:43:fc:a5:bf:85:60:7e:1a:16:f2:9b:
                    77:3c:ad:e8:88:2e:42:e5:bc:ba:05:e0:16:0a:fe:
                    7a:64:ed:d2:be:6a:a3:3c:e3:72:6c:09:06:60:f4:
                    ed:9c:14:f0:4e:8f:2e:c7:52:e3:d8:0b:1e:9b:6b:
                    84:1c:6e:d3:34:f2:93:56:b5:b8:80:43:d0:a1:83:
                    57:e1:c1:8f:44:66:b3:3f:ee:a8:76:70:03:af:6f:
                    19:39:23:e9:5c:5d:89:d7:8b:29:bc:f8:d1:f5:76:
                    03:a4:07:7b:97:a0:02:ae:c1:52:a7:a1:79:16:5f:
                    35:ff:56:05:89:9e:85:6c:bf:49:15:b6:2e:54:0d:
                    98:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:40:9A:EB:BA:B8:5E:98:5D:B1:37:11:2E:DA:96:1D:36:5C:6D:12
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/QkCa67q4XphdsTcRLtqWHTZcbRI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.145.0/24
                  77.90.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:e8:0b:c2:79:36:34:61:2a:cc:be:b8:91:7a:64:1c:2d:8b:
         ee:2e:a9:83:9a:1d:9f:2b:b8:e1:39:f4:32:35:44:e4:99:18:
         06:e9:4c:7c:45:58:1a:86:61:58:b0:31:df:e5:fd:aa:c5:b7:
         61:82:e2:52:81:03:65:8c:a4:e2:cc:f2:d7:49:f8:16:39:5b:
         b9:7a:ac:46:52:4c:c4:14:57:13:e5:19:00:c8:9a:37:84:f1:
         bc:85:10:e4:49:5f:39:1b:31:7f:9c:a2:d4:a9:e4:8e:6a:cb:
         48:6a:4d:d0:83:5a:48:bd:b7:be:80:a4:8e:72:1d:e3:46:e6:
         0e:09:a0:7b:cf:b7:df:f4:bc:a4:e5:b8:2c:d6:f0:cd:f7:f5:
         ad:f2:24:03:9f:33:c7:fc:22:26:8e:b3:49:8d:29:6a:52:0e:
         df:e6:54:17:f5:69:26:42:f2:0b:87:f7:65:8e:d6:bb:1e:bf:
         a9:9f:52:7b:a4:ac:29:1b:f1:a6:d2:f7:b9:5d:87:e0:b7:0c:
         68:dd:b1:a3:4a:e3:1a:55:aa:32:87:67:5b:89:3c:45:b2:50:
         d2:32:0d:63:37:04:02:3b:df:ee:b7:e1:94:99:3f:45:a0:4a:
         e0:e3:e5:88:d3:a7:4c:6f:f5:9a:b7:c2:a7:10:dc:54:e9:76:
         47:1a:2b:a2
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECQ9jdTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDUx
MTE5NDUwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDI0MDlhZWJiYWI4
NWU5ODVkYjEzNzExMmVkYTk2MWQzNjVjNmQxMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK+OARMaI2af341agny02KwQ36VvuvEN2dziMQr+0OXnL+6+
CeA1b58tRhoHFf38/LvuNOowbCo0tD0yEmyllTWbw89mEqkNo4TGHk9jNdwHBszE
X82LGIkIvM+zS+YfrMXYbe9fogOdjWfaqlo49+8/PxGDmLwcFqzLlkP8pb+FYH4a
FvKbdzyt6IguQuW8ugXgFgr+emTt0r5qozzjcmwJBmD07ZwU8E6PLsdS49gLHptr
hBxu0zTyk1a1uIBD0KGDV+HBj0Rmsz/uqHZwA69vGTkj6VxdideLKbz40fV2A6QH
e5egAq7BUqeheRZfNf9WBYmehWy/SRW2LlQNmOECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRCQJrrurhemF2xNxEu2pYdNlxtEjAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L1FrQ2E2N3E0WHBoZHNUY1JMdHFXSFRaY2JSSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAE1akQMEAE1avTANBgkqhkiG9w0B
AQsFAAOCAQEARegLwnk2NGEqzL64kXpkHC2L7i6pg5odnyu44Tn0MjVE5JkYBulM
fEVYGoZhWLAx3+X9qsW3YYLiUoEDZYyk4szy10n4FjlbuXqsRlJMxBRXE+UZAMia
N4TxvIUQ5ElfORsxf5yi1KnkjmrLSGpN0INaSL23voCkjnId40bmDgmge8+33/S8
pOW4LNbwzff1rfIkA58zx/wiJo6zSY0palIO3+ZUF/VpJkLyC4f3ZY7Wux6/qZ9S
e6SsKRvxptL3uV2H4LcMaN2xo0rjGlWqModnW4k8RbJQ0jINYzcEAjvf7rfhlJk/
RaBK4OPliNOnTG/1mrfCpxDcVOl2Rxorog==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org