Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/wqGx1pZiXYE6X6QqvLEaoVlsFfI.roa
File:                     wqGx1pZiXYE6X6QqvLEaoVlsFfI.roa (raw, json)
Hash identifier:          ibb2GW0/XJCiuNwcYWCWdNwHb+BLYphCS27SMRJWKbY=
Subject key identifier:   C2:A1:B1:D6:96:62:5D:81:3A:5F:A4:2A:BC:B1:1A:A1:59:6C:15:F2
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       073B3B20
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/wqGx1pZiXYE6X6QqvLEaoVlsFfI.roa
Signing time:             Sun 23 Jan 2022 15:28:55 +0000
ROA not before:           Sun 23 Jan 2022 15:28:55 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205327
IP address blocks:        213.209.136.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 121322272 (0x73b3b20)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Jan 23 15:28:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c2a1b1d696625d813a5fa42abcb11aa1596c15f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:83:3c:09:19:70:d6:53:17:dd:fb:4c:38:c0:
                    f2:5e:95:e8:fd:14:09:62:6a:41:90:cf:d0:d7:b8:
                    74:04:bc:ef:0f:43:96:5e:4d:42:55:9a:a9:bc:66:
                    cc:e8:07:67:e0:5d:5a:ce:9e:1f:34:25:a6:30:c5:
                    75:df:5f:78:04:9b:c0:d4:aa:8f:8c:e9:cd:47:f6:
                    21:f0:c5:bc:c4:df:b8:fa:72:c0:55:3a:93:9e:ac:
                    1b:33:16:a0:14:ea:0e:a0:66:c7:04:88:67:3c:4f:
                    f9:41:86:9f:d8:f4:c9:fa:09:db:cd:99:d7:3e:98:
                    cc:97:3d:9c:f2:84:5f:a4:1f:0e:58:9f:b0:33:54:
                    25:80:7b:a0:5f:43:60:21:d2:a7:fb:9b:06:72:a4:
                    06:4b:df:be:a7:47:bd:a8:28:22:e3:d8:a8:41:dc:
                    f5:3e:79:61:57:85:b7:67:e3:f4:cc:f1:08:dd:b1:
                    62:a6:5c:ed:17:f1:18:83:8f:1e:04:45:6a:e3:1f:
                    0e:0e:5c:7f:f8:de:e8:51:b3:c2:f2:8e:02:36:f9:
                    11:e1:42:af:ac:9c:13:c3:9f:dc:91:4d:e7:8a:d3:
                    8c:b8:72:c6:02:ad:79:da:2f:5f:5c:b1:6a:86:69:
                    8d:84:05:b4:61:3f:60:c5:5f:79:52:42:4d:3f:3f:
                    95:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:A1:B1:D6:96:62:5D:81:3A:5F:A4:2A:BC:B1:1A:A1:59:6C:15:F2
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/wqGx1pZiXYE6X6QqvLEaoVlsFfI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.209.136.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:17:ff:ab:aa:c8:a9:5b:13:ad:ff:dc:7b:29:e1:35:81:bc:
         9e:a8:cc:dc:4c:43:64:05:dc:fc:63:2a:f0:98:7a:3b:ca:be:
         09:ac:bd:ef:80:7d:29:3f:79:52:98:50:01:28:5d:cf:19:e1:
         05:2b:31:82:55:82:d5:62:fc:79:d9:4a:41:e3:43:c0:fd:84:
         ca:4d:9d:93:f0:a6:06:c0:4a:8e:0c:8b:6e:1a:cf:eb:a0:a5:
         75:d5:ab:a2:ec:81:35:34:65:2a:02:cd:12:f3:7f:3f:18:47:
         de:48:85:ea:4f:30:42:d7:10:7c:2f:0c:72:11:61:47:66:a8:
         2f:63:d3:11:96:3e:8e:13:83:6b:10:79:14:a4:5f:99:af:d6:
         93:e5:ba:59:0a:71:71:74:e3:1f:8f:43:b1:89:d1:23:f6:1b:
         3e:47:b2:b3:37:e5:f3:82:92:ab:20:a7:8a:28:d7:af:26:a5:
         bc:16:de:5b:5e:ee:a1:9c:09:00:cf:4c:49:61:c9:b2:e5:de:
         fe:ab:01:52:10:aa:ad:8f:4d:34:0a:eb:07:fa:32:65:31:5a:
         44:68:e7:b2:85:a4:0f:e4:30:29:d0:b2:56:3d:5f:7f:1c:cc:
         2e:e4:78:8e:8f:13:39:f3:2e:a3:37:25:64:40:18:e2:ab:d4:
         7f:ed:04:8d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBzs7IDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDEy
MzE1Mjg1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzJhMWIxZDY5NjYy
NWQ4MTNhNWZhNDJhYmNiMTFhYTE1OTZjMTVmMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANmDPAkZcNZTF937TDjA8l6V6P0UCWJqQZDP0Ne4dAS87w9D
ll5NQlWaqbxmzOgHZ+BdWs6eHzQlpjDFdd9feASbwNSqj4zpzUf2IfDFvMTfuPpy
wFU6k56sGzMWoBTqDqBmxwSIZzxP+UGGn9j0yfoJ282Z1z6YzJc9nPKEX6QfDlif
sDNUJYB7oF9DYCHSp/ubBnKkBkvfvqdHvagoIuPYqEHc9T55YVeFt2fj9MzxCN2x
YqZc7RfxGIOPHgRFauMfDg5cf/je6FGzwvKOAjb5EeFCr6ycE8Of3JFN54rTjLhy
xgKtedovX1yxaoZpjYQFtGE/YMVfeVJCTT8/lcMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTCobHWlmJdgTpfpCq8sRqhWWwV8jAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L3dxR3gxcFppWFlFNlg2UXF2TEVhb1Zsc0ZmSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANXRiDANBgkqhkiG9w0BAQsFAAOC
AQEAixf/q6rIqVsTrf/ceynhNYG8nqjM3ExDZAXc/GMq8Jh6O8q+Cay974B9KT95
UphQAShdzxnhBSsxglWC1WL8edlKQeNDwP2Eyk2dk/CmBsBKjgyLbhrP66ClddWr
ouyBNTRlKgLNEvN/PxhH3kiF6k8wQtcQfC8MchFhR2aoL2PTEZY+jhODaxB5FKRf
ma/Wk+W6WQpxcXTjH49DsYnRI/YbPkeyszfl84KSqyCniijXryalvBbeW17uoZwJ
AM9MSWHJsuXe/qsBUhCqrY9NNArrB/oyZTFaRGjnsoWkD+QwKdCyVj1ffxzMLuR4
jo8TOfMuozclZEAY4qvUf+0EjQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:26 2024 by rpki-client on console-ams.rpki-client.org