Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/QWn4YYpwEC231DTwtlnKPmZOIcw.roa
File:                     QWn4YYpwEC231DTwtlnKPmZOIcw.roa (raw, json)
Hash identifier:          YJxQZE6DXJOYNFJSNcYrSpOl+uieBpBhNcmfm4wzlI4=
Subject key identifier:   41:69:F8:61:8A:70:10:2D:B7:D4:34:F0:B6:59:CA:3E:66:4E:21:CC
Certificate issuer:       /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial:       2AF048A4
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/QWn4YYpwEC231DTwtlnKPmZOIcw.roa
Signing time:             Sat 01 Jan 2022 13:57:52 +0000
ROA not before:           Sat 01 Jan 2022 13:57:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34656
IP address blocks:        178.16.119.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 720390308 (0x2af048a4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
        Validity
            Not Before: Jan  1 13:57:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4169f8618a70102db7d434f0b659ca3e664e21cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:12:62:36:9f:ed:9c:65:37:7e:0f:e1:35:6f:
                    b1:12:67:92:47:25:61:dd:66:29:d5:ce:34:a7:d4:
                    52:0b:c8:2c:1b:33:8f:5a:0f:1b:e2:82:1f:bc:24:
                    88:c3:20:8a:2d:04:71:83:60:38:ff:f2:7d:8b:6e:
                    c1:00:9a:fd:db:14:d9:ef:5a:ab:17:81:85:8f:6d:
                    4e:4d:cc:16:3b:62:01:27:82:a3:a0:18:0a:71:4c:
                    cf:eb:d8:0a:2a:b3:64:fc:89:79:b8:1f:50:dd:54:
                    c4:eb:68:13:40:da:eb:a4:c9:d4:ca:e4:e7:f6:12:
                    80:10:db:4a:5e:71:1e:cb:3a:00:59:dc:a2:b9:d4:
                    81:ca:b1:10:5d:0b:e0:79:c0:bd:65:15:78:0b:7c:
                    81:d7:77:e8:d4:7d:ba:0c:70:49:b1:19:bc:dd:f5:
                    4a:bf:34:9b:8c:c4:e3:a2:e7:99:fb:47:19:3f:00:
                    3a:69:94:e3:67:0a:6f:1e:03:ff:e8:66:11:f6:d4:
                    97:a9:69:61:94:27:69:12:98:73:dd:a3:b1:b2:31:
                    5a:20:7b:b5:d6:cd:6e:23:8d:9f:6c:02:f8:d7:7b:
                    a1:26:85:bf:87:07:55:62:52:4e:f1:96:3b:92:6d:
                    c6:c1:09:ae:c8:a7:4d:37:5b:f9:0b:63:ae:96:aa:
                    a3:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:69:F8:61:8A:70:10:2D:B7:D4:34:F0:B6:59:CA:3E:66:4E:21:CC
            X509v3 Authority Key Identifier:
                keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/QWn4YYpwEC231DTwtlnKPmZOIcw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.16.119.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:1f:e8:52:1a:e7:01:ed:f1:c6:66:a5:12:9a:88:ea:ec:ff:
         a3:5a:d7:14:1d:06:66:1e:e0:74:f3:25:84:be:6a:7a:53:99:
         de:ef:df:0e:6d:a4:c1:6f:ba:20:ad:4b:7e:f2:1a:a5:5f:78:
         b9:cb:21:11:57:a7:e1:d6:7d:61:cb:7e:1e:24:23:fd:05:2d:
         a8:1a:b9:d4:7b:b8:60:24:2a:8c:bb:a2:b3:29:5f:8e:f7:1b:
         81:98:77:9c:8a:0c:fe:56:33:59:fe:86:81:99:fc:42:2c:bb:
         52:cd:4a:d2:e3:9e:f1:f4:e4:ea:2c:05:a1:9c:a3:59:b1:a8:
         b9:0a:63:d9:37:5f:94:e0:14:9e:bc:b3:b4:d7:78:54:e3:be:
         3b:e2:9d:58:60:8d:5e:66:bf:37:2f:94:07:8e:a7:95:42:de:
         7c:3e:bf:07:88:bc:b8:13:b1:71:a8:11:71:e3:54:bc:0f:91:
         58:0f:c3:49:b0:58:c6:37:57:d6:21:69:1f:64:90:c9:97:81:
         50:44:58:98:60:33:1f:6f:55:4c:9a:e0:6b:98:b0:e0:fb:7d:
         b3:ea:02:e9:0a:42:a8:22:0c:ff:32:ef:24:5f:f3:8b:3f:b1:
         3c:2e:1b:04:0c:20:fd:5b:f1:83:12:8e:ce:e4:0f:4d:f8:a7:
         5c:76:b4:ce
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKvBIpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OTk1NDQ5OTk3NzI3OGE3NTU3MGIzNDAzZjRkM2FhMDBiMWIzNmU4MB4XDTIyMDEw
MTEzNTc1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDE2OWY4NjE4YTcw
MTAyZGI3ZDQzNGYwYjY1OWNhM2U2NjRlMjFjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKESYjaf7ZxlN34P4TVvsRJnkkclYd1mKdXONKfUUgvILBsz
j1oPG+KCH7wkiMMgii0EcYNgOP/yfYtuwQCa/dsU2e9aqxeBhY9tTk3MFjtiASeC
o6AYCnFMz+vYCiqzZPyJebgfUN1UxOtoE0Da66TJ1Mrk5/YSgBDbSl5xHss6AFnc
ornUgcqxEF0L4HnAvWUVeAt8gdd36NR9ugxwSbEZvN31Sr80m4zE46LnmftHGT8A
OmmU42cKbx4D/+hmEfbUl6lpYZQnaRKYc92jsbIxWiB7tdbNbiONn2wC+Nd7oSaF
v4cHVWJSTvGWO5JtxsEJrsinTTdb+Qtjrpaqo58CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRBafhhinAQLbfUNPC2Wco+Zk4hzDAfBgNVHSMEGDAWgBS5lUSZl3J4p1Vw
s0A/TTqgCxs26DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VaVkVtWmR5ZUtkVmNMTkFQMDA2b0FzYk51Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDcvNzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0Ny8x
L1FXbjRZWXB3RUMyMzFEVHd0bG5LUG1aT0ljdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcv
Nzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0Ny8xL3VaVkVtWmR5ZUtk
VmNMTkFQMDA2b0FzYk51Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALIQdzANBgkqhkiG9w0BAQsFAAOC
AQEAVR/oUhrnAe3xxmalEpqI6uz/o1rXFB0GZh7gdPMlhL5qelOZ3u/fDm2kwW+6
IK1LfvIapV94ucshEVen4dZ9Yct+HiQj/QUtqBq51Hu4YCQqjLuisylfjvcbgZh3
nIoM/lYzWf6GgZn8Qiy7Us1K0uOe8fTk6iwFoZyjWbGouQpj2TdflOAUnryztNd4
VOO+O+KdWGCNXma/Ny+UB46nlULefD6/B4i8uBOxcagRceNUvA+RWA/DSbBYxjdX
1iFpH2SQyZeBUERYmGAzH29VTJrga5iw4Pt9s+oC6QpCqCIM/zLvJF/ziz+xPC4b
BAwg/VvxgxKOzuQPTfinXHa0zg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:47 2024 by rpki-client on console-fra.rpki-client.org