Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/qWn6wzAsComLCioDjPVRnQjYT1A.roa
File:                     qWn6wzAsComLCioDjPVRnQjYT1A.roa (raw, json)
Hash identifier:          wNETRw8+01OzOekIVt/h8chhmART5SN2KZqz2LTBkw0=
Subject key identifier:   A9:69:FA:C3:30:2C:0A:89:8B:0A:2A:03:8C:F5:51:9D:08:D8:4F:50
Certificate issuer:       /CN=fb987244611b5230536744b6a89f044f32f462ea
Certificate serial:       08723DE2
Authority key identifier: FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/qWn6wzAsComLCioDjPVRnQjYT1A.roa
Signing time:             Sat 01 Jan 2022 00:53:30 +0000
ROA not before:           Sat 01 Jan 2022 00:53:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49602
IP address blocks:        81.7.108.0/22 maxlen: 22
                          81.7.112.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 141704674 (0x8723de2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fb987244611b5230536744b6a89f044f32f462ea
        Validity
            Not Before: Jan  1 00:53:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a969fac3302c0a898b0a2a038cf5519d08d84f50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:a8:e1:e6:5a:10:13:db:e7:7d:b9:2c:75:b8:
                    8a:d6:35:a8:99:ce:c3:2a:9f:9a:b4:a6:d3:4a:be:
                    6f:42:6b:a0:94:1a:a8:54:f9:1f:25:8f:9e:36:d3:
                    f0:16:69:60:cf:0f:de:5c:1e:0f:a0:b3:47:98:a5:
                    98:17:1d:77:d2:d2:24:ca:43:86:4b:fe:ad:a2:87:
                    6c:66:a1:49:d0:63:22:d2:f5:58:12:49:e8:61:0d:
                    94:95:e3:b0:b5:35:28:eb:12:c9:21:6c:40:28:b8:
                    db:fc:db:1f:5c:31:e7:01:25:94:b4:10:57:a3:5f:
                    7d:dc:17:1a:7a:9d:0b:67:15:26:e8:7d:db:7d:47:
                    5d:9e:22:2e:33:4d:8c:62:79:73:db:32:0c:6f:18:
                    6c:d4:a2:7d:a2:b7:10:fc:97:89:b1:9e:67:e1:eb:
                    87:64:1b:1a:d3:a3:a1:a5:e9:24:8b:86:d4:01:6e:
                    58:d0:4a:5f:63:ec:4f:48:7d:1e:f0:5b:18:cd:6e:
                    ea:fc:65:1e:42:4a:5b:13:ce:b7:12:2a:51:50:aa:
                    9e:4e:94:f3:a4:82:34:7c:f0:88:67:c7:97:c6:12:
                    eb:69:b2:0d:e0:a9:ba:65:84:d1:71:7a:16:ea:6e:
                    f8:e2:06:bd:48:79:80:a3:59:c1:11:d7:d9:32:1c:
                    b2:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:69:FA:C3:30:2C:0A:89:8B:0A:2A:03:8C:F5:51:9D:08:D8:4F:50
            X509v3 Authority Key Identifier:
                keyid:FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/qWn6wzAsComLCioDjPVRnQjYT1A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.7.108.0-81.7.113.255

    Signature Algorithm: sha256WithRSAEncryption
         93:7d:69:d3:c2:98:6f:43:fa:d1:52:d8:20:3c:a0:40:1b:bc:
         21:a0:f4:be:59:a8:84:36:52:27:12:09:71:88:7c:0b:27:23:
         24:e1:a6:fa:42:90:71:c4:05:ed:bd:32:a2:98:0a:d9:73:26:
         9a:4b:52:d7:1b:bb:21:bf:76:8f:9e:8b:04:e0:61:7b:8f:73:
         b0:03:c2:86:ee:53:79:4d:c0:1c:38:7d:39:34:24:45:5b:9b:
         bb:bf:31:0c:f5:0b:8a:1a:6e:73:de:56:d6:d4:88:57:f2:75:
         29:5e:a9:08:14:c8:57:44:65:02:bb:94:91:e8:70:3f:d7:80:
         ee:0e:35:49:61:2e:eb:fb:18:89:04:dd:3e:cd:92:2d:b0:ff:
         c7:7b:bb:2a:dd:81:59:e8:30:0e:14:c9:1f:30:bb:28:bb:52:
         5a:02:26:5a:c7:06:f1:97:0b:55:16:39:32:b2:40:a0:d9:0a:
         d3:f7:e0:38:83:a4:ed:3d:08:e5:45:25:d6:84:e1:d9:bc:51:
         d8:19:be:51:d3:71:33:6c:42:b1:9c:d4:9c:11:1d:15:f9:ee:
         5c:1c:56:d7:90:4d:f5:25:35:95:5f:bb:81:0b:e8:6f:df:3c:
         d3:a6:9c:c1:89:8d:2b:3d:1d:f4:d9:42:69:5d:2f:90:12:27:
         35:19:9f:1b
-----BEGIN CERTIFICATE-----
MIIE+TCCA+GgAwIBAgIECHI94jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Yjk4NzI0NDYxMWI1MjMwNTM2NzQ0YjZhODlmMDQ0ZjMyZjQ2MmVhMB4XDTIyMDEw
MTAwNTMzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTk2OWZhYzMzMDJj
MGE4OThiMGEyYTAzOGNmNTUxOWQwOGQ4NGY1MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK6o4eZaEBPb5325LHW4itY1qJnOwyqfmrSm00q+b0JroJQa
qFT5HyWPnjbT8BZpYM8P3lweD6CzR5ilmBcdd9LSJMpDhkv+raKHbGahSdBjItL1
WBJJ6GENlJXjsLU1KOsSySFsQCi42/zbH1wx5wEllLQQV6NffdwXGnqdC2cVJuh9
231HXZ4iLjNNjGJ5c9syDG8YbNSifaK3EPyXibGeZ+Hrh2QbGtOjoaXpJIuG1AFu
WNBKX2PsT0h9HvBbGM1u6vxlHkJKWxPOtxIqUVCqnk6U86SCNHzwiGfHl8YS62my
DeCpumWE0XF6Fupu+OIGvUh5gKNZwRHX2TIcsmsCAwEAAaOCAhMwggIPMB0GA1Ud
DgQWBBSpafrDMCwKiYsKKgOM9VGdCNhPUDAfBgNVHSMEGDAWgBT7mHJEYRtSMFNn
RLaonwRPMvRi6jAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtNWh5UkdFYlVqQlRaMFMycUo4RVR6TDBZdW8uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzQ0LzMxOWQ3Yy03ZTc2LTQzMDgtYmMwMC1iZTU4MzJkNWY3YWEv
MS9xV242d3pBc0NvbUxDaW9EalBWUm5RallUMUEucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ0
LzMxOWQ3Yy03ZTc2LTQzMDgtYmMwMC1iZTU4MzJkNWY3YWEvMS8xLTVoeVJHRWJV
akJUWjBTMnFKOEVUekwwWXVvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJRB2wDBAFRB3AwDQYJKoZI
hvcNAQELBQADggEBAJN9adPCmG9D+tFS2CA8oEAbvCGg9L5ZqIQ2UicSCXGIfAsn
IyThpvpCkHHEBe29MqKYCtlzJppLUtcbuyG/do+eiwTgYXuPc7ADwobuU3lNwBw4
fTk0JEVbm7u/MQz1C4oabnPeVtbUiFfydSleqQgUyFdEZQK7lJHocD/XgO4ONUlh
Luv7GIkE3T7Nki2w/8d7uyrdgVnoMA4UyR8wuyi7UloCJlrHBvGXC1UWOTKyQKDZ
CtP34DiDpO09COVFJdaE4dm8UdgZvlHTcTNsQrGc1JwRHRX57lwcVteQTfUlNZVf
u4EL6G/fPNOmnMGJjSs9HfTZQmldL5ASJzUZnxs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:42 2024 by rpki-client on console-ams.rpki-client.org