Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/bb2bdb-747d-4855-8945-7f9a3e45256e/1/Qpn_385XQ2xAHSqlGJbfHmQoOJs.roa
File:                     Qpn_385XQ2xAHSqlGJbfHmQoOJs.roa (raw, json)
Hash identifier:          lI+xP62gwoTNPJphb3UE0qsgQg83G5wKRBvOIaUsNRY=
Subject key identifier:   42:99:FF:DF:CE:57:43:6C:40:1D:2A:A5:18:96:DF:1E:64:28:38:9B
Certificate issuer:       /CN=bc1e66efa005a6de53b1d0c91f37554bdf4676bd
Certificate serial:       012207
Authority key identifier: BC:1E:66:EF:A0:05:A6:DE:53:B1:D0:C9:1F:37:55:4B:DF:46:76:BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vB5m76AFpt5TsdDJHzdVS99Gdr0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/bb2bdb-747d-4855-8945-7f9a3e45256e/1/Qpn_385XQ2xAHSqlGJbfHmQoOJs.roa
Signing time:             Fri 21 Jan 2022 15:54:01 +0000
ROA not before:           Fri 21 Jan 2022 15:54:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39274
IP address blocks:        195.250.33.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 74247 (0x12207)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bc1e66efa005a6de53b1d0c91f37554bdf4676bd
        Validity
            Not Before: Jan 21 15:54:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4299ffdfce57436c401d2aa51896df1e6428389b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:8d:59:4b:74:be:1c:3f:58:64:75:5b:9d:ac:
                    69:b2:e3:fa:6e:a3:4e:b7:84:c3:64:d8:63:6d:10:
                    27:c0:f1:cc:02:cf:b1:be:5c:ff:f3:2e:04:cb:b3:
                    16:5d:8c:33:cb:83:dd:55:6b:19:13:32:6b:79:d6:
                    ac:fb:99:68:c8:1e:7b:ae:bb:9e:8c:d9:36:12:83:
                    08:1a:94:bd:39:ef:55:e7:4d:50:c9:99:32:03:ca:
                    82:6a:1e:00:d5:e0:57:8a:5b:74:97:cb:f0:e0:d0:
                    58:85:17:c5:3b:d4:fd:f4:33:58:9a:eb:9c:17:33:
                    81:4c:f3:24:af:07:de:42:90:99:80:a5:e2:24:e3:
                    c2:92:9f:6b:52:31:96:24:b4:23:27:80:10:78:b0:
                    41:45:03:91:2a:f2:fe:0c:18:4c:5f:7f:a7:b2:39:
                    9e:3b:16:99:6d:b8:5f:34:5f:3b:1a:6d:96:7f:46:
                    f7:18:ac:a6:43:79:7a:9b:ea:d7:f8:8a:87:a1:59:
                    34:8f:b9:64:7a:e5:14:a1:c2:9c:a5:e7:b2:d1:38:
                    14:98:83:e0:ee:d5:b0:8a:16:ba:b3:74:59:02:0c:
                    08:9d:09:f0:c4:b1:c5:11:e8:38:2e:be:ee:96:ea:
                    ef:a5:2c:6b:e1:7a:8c:b3:85:33:37:ea:38:ce:c2:
                    35:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:99:FF:DF:CE:57:43:6C:40:1D:2A:A5:18:96:DF:1E:64:28:38:9B
            X509v3 Authority Key Identifier:
                keyid:BC:1E:66:EF:A0:05:A6:DE:53:B1:D0:C9:1F:37:55:4B:DF:46:76:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vB5m76AFpt5TsdDJHzdVS99Gdr0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/bb2bdb-747d-4855-8945-7f9a3e45256e/1/Qpn_385XQ2xAHSqlGJbfHmQoOJs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/bb2bdb-747d-4855-8945-7f9a3e45256e/1/vB5m76AFpt5TsdDJHzdVS99Gdr0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.250.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:3a:91:55:09:ca:cf:d2:04:a1:4c:ae:2f:d2:6f:3e:19:ef:
         20:5b:71:fc:5e:77:2d:23:a2:9f:b6:59:36:f2:74:32:00:cd:
         76:b3:4b:21:e0:91:62:e7:10:6b:68:6c:9e:6d:ca:71:d6:5d:
         32:9d:68:1c:86:60:76:f2:50:62:5c:80:d3:2b:0e:8c:b7:39:
         84:1a:85:2e:16:b7:f4:52:e0:49:a0:66:f2:cb:3c:b8:55:06:
         4b:e5:94:53:19:7a:cd:43:83:18:11:cb:3b:89:9a:dc:46:b0:
         20:25:74:9c:5d:1c:d0:a1:a2:6b:fb:e9:a8:70:27:0b:f7:f8:
         83:ec:71:ba:89:5f:f7:6f:33:8f:bd:09:ed:9f:6a:b4:9f:48:
         f9:eb:a7:25:39:89:47:6b:85:44:48:8e:14:d0:20:10:35:c3:
         b1:ca:95:8a:1c:db:86:41:b6:cc:78:9a:72:40:06:20:cb:9e:
         65:4f:62:40:4d:b3:1d:4a:2b:4d:9b:62:3c:13:e7:11:31:87:
         b0:ca:10:5a:6f:f6:6a:d7:31:ac:b1:28:84:04:c2:88:d1:67:
         8b:17:4f:39:27:c1:08:37:8f:48:c3:5e:56:f4:52:4b:ce:db:
         f8:e6:bf:1f:ef:c0:f3:2d:a0:42:8f:a5:03:e4:7b:46:fb:e0:
         54:37:79:e0
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDASIHMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJj
MWU2NmVmYTAwNWE2ZGU1M2IxZDBjOTFmMzc1NTRiZGY0Njc2YmQwHhcNMjIwMTIx
MTU1NDAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0Mjk5ZmZkZmNlNTc0
MzZjNDAxZDJhYTUxODk2ZGYxZTY0MjgzODliMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA2o1ZS3S+HD9YZHVbnaxpsuP6bqNOt4TDZNhjbRAnwPHMAs+x
vlz/8y4Ey7MWXYwzy4PdVWsZEzJredas+5loyB57rruejNk2EoMIGpS9Oe9V501Q
yZkyA8qCah4A1eBXilt0l8vw4NBYhRfFO9T99DNYmuucFzOBTPMkrwfeQpCZgKXi
JOPCkp9rUjGWJLQjJ4AQeLBBRQORKvL+DBhMX3+nsjmeOxaZbbhfNF87Gm2Wf0b3
GKymQ3l6m+rX+IqHoVk0j7lkeuUUocKcpeey0TgUmIPg7tWwiha6s3RZAgwInQnw
xLHFEeg4Lr7ulurvpSxr4XqMs4UzN+o4zsI18QIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFEKZ/9/OV0NsQB0qpRiW3x5kKDibMB8GA1UdIwQYMBaAFLweZu+gBabeU7HQ
yR83VUvfRna9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
dkI1bTc2QUZwdDVUc2RESkh6ZFZTOTlHZHIwLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80Yy9iYjJiZGItNzQ3ZC00ODU1LTg5NDUtN2Y5YTNlNDUyNTZlLzEv
UXBuXzM4NVhRMnhBSFNxbEdKYmZIbVFvT0pzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9i
YjJiZGItNzQ3ZC00ODU1LTg5NDUtN2Y5YTNlNDUyNTZlLzEvdkI1bTc2QUZwdDVU
c2RESkh6ZFZTOTlHZHIwLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/ohMA0GCSqGSIb3DQEBCwUAA4IB
AQBFOpFVCcrP0gShTK4v0m8+Ge8gW3H8XnctI6Kftlk28nQyAM12s0sh4JFi5xBr
aGyebcpx1l0ynWgchmB28lBiXIDTKw6MtzmEGoUuFrf0UuBJoGbyyzy4VQZL5ZRT
GXrNQ4MYEcs7iZrcRrAgJXScXRzQoaJr++mocCcL9/iD7HG6iV/3bzOPvQntn2q0
n0j566clOYlHa4VESI4U0CAQNcOxypWKHNuGQbbMeJpyQAYgy55lT2JATbMdSitN
m2I8E+cRMYewyhBab/Zq1zGssSiEBMKI0WeLF085J8EIN49Iw15W9FJLztv45r8f
78DzLaBCj6UD5HtG++BUN3ng
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:54 2024 by rpki-client on console-ams.rpki-client.org