Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QL9vsRUF_U5JXlbpF4KmJG7YZKQ.roa
File:                     QL9vsRUF_U5JXlbpF4KmJG7YZKQ.roa (raw, json)
Hash identifier:          nzy13bLgm/ePKxD1EnpmSFrHs0uVHDX7wZA5Az+pdJk=
Subject key identifier:   40:BF:6F:B1:15:05:FD:4E:49:5E:56:E9:17:82:A6:24:6E:D8:64:A4
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018242DE712E1AEC937A085F9542DD2C8A3C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QL9vsRUF_U5JXlbpF4KmJG7YZKQ.roa
Signing time:             Thu 28 Jul 2022 03:34:10 +0000
ROA not before:           Thu 28 Jul 2022 03:34:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203691
IP address blocks:        2a0e:b107:1c0::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:42:de:71:2e:1a:ec:93:7a:08:5f:95:42:dd:2c:8a:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jul 28 03:34:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=40bf6fb11505fd4e495e56e91782a6246ed864a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:09:09:2a:4b:11:a3:d1:7f:b6:69:e4:6f:a4:
                    73:d9:54:ea:a1:82:c7:46:3f:b0:51:34:ad:df:ea:
                    5e:42:bf:85:b2:92:d0:cb:cc:f7:9b:2f:44:9e:4f:
                    78:9e:62:59:a7:e2:ca:5f:e8:25:11:8f:b6:f2:43:
                    b9:0f:63:23:81:b6:34:92:a8:a8:19:d4:2b:e2:bb:
                    a7:24:93:23:fa:48:15:ee:9b:ee:5b:52:82:93:32:
                    b0:3c:4f:f5:b1:6b:f8:f8:1a:14:0a:46:13:fc:b3:
                    e9:cb:91:78:e4:d2:b1:c2:5a:7d:9c:92:97:2f:55:
                    61:69:6c:c7:8e:d8:57:c9:ab:ed:b1:32:86:47:51:
                    27:48:0f:b3:e7:1a:1e:9a:cb:2a:a4:6d:4b:b4:37:
                    46:47:ff:93:ee:08:87:cb:cf:10:fb:54:7f:4c:4a:
                    30:4e:0b:b5:cf:3f:72:c6:18:67:96:ec:c4:0b:95:
                    f6:70:f8:5d:e6:1f:fe:dc:44:c7:78:9f:94:bd:8c:
                    65:fc:a0:cb:aa:a2:ff:7e:5c:77:38:cf:2a:cb:48:
                    e9:18:32:4a:66:0d:72:02:df:79:6a:3e:e3:7f:23:
                    bf:b0:7e:fe:9e:d9:73:e1:44:5c:43:c4:09:ef:41:
                    bb:43:1e:87:2a:49:af:1f:f5:87:eb:89:c3:2c:eb:
                    4e:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:BF:6F:B1:15:05:FD:4E:49:5E:56:E9:17:82:A6:24:6E:D8:64:A4
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QL9vsRUF_U5JXlbpF4KmJG7YZKQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:1c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         92:3a:b7:aa:62:88:6e:44:6d:41:e6:c6:1a:3a:00:f7:76:fe:
         c1:36:8f:70:2e:86:45:1b:b1:da:75:5e:d0:12:7d:68:58:41:
         e0:91:38:51:7d:6c:8e:74:e1:9d:fe:4a:fa:36:0c:3e:08:52:
         12:76:81:11:5b:88:0d:31:1d:da:05:84:f4:33:8f:45:09:da:
         3f:7a:37:94:88:e8:de:bf:9d:fd:ca:92:36:a4:01:ab:f7:bc:
         04:d9:e9:1b:6e:b6:6a:67:89:8c:23:1a:17:a8:98:7d:e9:13:
         34:5a:93:1f:fc:69:f8:1a:a9:21:86:a1:2b:06:c6:9a:1c:92:
         80:9c:dd:58:04:aa:44:d1:ec:b7:44:18:5b:8c:fd:14:7b:84:
         63:32:d5:c4:c1:91:41:99:26:f6:fb:5b:7d:43:8b:c2:4e:cb:
         95:ae:6e:f7:1d:51:36:92:2e:63:56:ef:fd:be:21:ba:c5:83:
         59:ea:b1:ce:90:b8:8e:16:6f:49:86:cc:9d:bf:89:70:5c:7e:
         55:c7:45:db:0b:f5:f7:f0:41:14:63:75:ca:80:75:c8:a3:18:
         19:60:a7:45:a1:62:47:67:b9:ec:c2:9f:a3:56:16:bd:8c:53:
         b9:eb:c2:31:08:08:eb:00:15:3c:ba:de:15:90:20:bd:8e:e0:
         a9:96:4c:dd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYJC3nEuGuyTeghflULdLIo8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwNzI4MDMzNDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGJmNmZiMTE1MDVmZDRlNDk1ZTU2ZTkxNzgyYTYyNDZlZDg2NGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowkJKksRo9F/tmnkb6Rz2VTqoYLH
Rj+wUTSt3+peQr+FspLQy8z3my9Enk94nmJZp+LKX+glEY+28kO5D2MjgbY0kqio
GdQr4runJJMj+kgV7pvuW1KCkzKwPE/1sWv4+BoUCkYT/LPpy5F45NKxwlp9nJKX
L1VhaWzHjthXyavtsTKGR1EnSA+z5xoemssqpG1LtDdGR/+T7giHy88Q+1R/TEow
Tgu1zz9yxhhnluzEC5X2cPhd5h/+3ETHeJ+UvYxl/KDLqqL/flx3OM8qy0jpGDJK
Zg1yAt95aj7jfyO/sH7+ntlz4URcQ8QJ70G7Qx6HKkmvH/WH64nDLOtOiwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEC/b7EVBf1OSV5W6ReCpiRu2GSkMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUUw5dnNSVUZfVTVKWGxicEY0S21KRzdZWktRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBwHA
MA0GCSqGSIb3DQEBCwUAA4IBAQCSOreqYohuRG1B5sYaOgD3dv7BNo9wLoZFG7Ha
dV7QEn1oWEHgkThRfWyOdOGd/kr6Ngw+CFISdoERW4gNMR3aBYT0M49FCdo/ejeU
iOjev539ypI2pAGr97wE2ekbbrZqZ4mMIxoXqJh96RM0WpMf/Gn4GqkhhqErBsaa
HJKAnN1YBKpE0ey3RBhbjP0Ue4RjMtXEwZFBmSb2+1t9Q4vCTsuVrm73HVE2ki5j
Vu/9viG6xYNZ6rHOkLiOFm9Jhsydv4lwXH5Vx0XbC/X38EEUY3XKgHXIoxgZYKdF
oWJHZ7nswp+jVha9jFO568IxCAjrABU8ut4VkCC9juCplkzd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:02 2024 by rpki-client on console-ams.rpki-client.org