Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/qsqwa-3NJEagtxn5dVBjYrP8y3M.roa
File:                     qsqwa-3NJEagtxn5dVBjYrP8y3M.roa (raw, json)
Hash identifier:          6/XNhVs6nhTfl75TYfICZlh97+gNsNGSwhVbtmTCqHY=
Subject key identifier:   AA:CA:B0:6B:ED:CD:24:46:A0:B7:19:F9:75:50:63:62:B3:FC:CB:73
Certificate issuer:       /CN=668d2f64c337465ed38da5f7cc4584df87d4a744
Certificate serial:       03B7B285
Authority key identifier: 66:8D:2F:64:C3:37:46:5E:D3:8D:A5:F7:CC:45:84:DF:87:D4:A7:44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/qsqwa-3NJEagtxn5dVBjYrP8y3M.roa
Signing time:             Sat 01 Jan 2022 09:59:53 +0000
ROA not before:           Sat 01 Jan 2022 09:59:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     28918
IP address blocks:        188.95.0.0/21 maxlen: 24
                          194.59.172.0/22 maxlen: 24
                          185.55.232.0/22 maxlen: 24
                          194.147.133.0/24 maxlen: 24
                          193.28.96.0/21 maxlen: 24
                          2a00:b400::/29 maxlen: 36

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 62370437 (0x3b7b285)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=668d2f64c337465ed38da5f7cc4584df87d4a744
        Validity
            Not Before: Jan  1 09:59:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=aacab06bedcd2446a0b719f975506362b3fccb73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:45:e8:76:72:a3:af:b2:bf:1f:b2:65:93:8f:
                    ae:df:f9:5b:b2:5c:42:8d:c7:a5:ea:22:12:e4:9c:
                    33:e4:76:1b:25:d4:1d:d3:08:23:9f:7d:5b:2c:28:
                    0a:e5:8c:53:c0:0c:74:08:fc:5b:49:21:5c:9a:ff:
                    42:de:f1:7e:f1:91:6d:a6:05:2e:fc:0d:01:b8:11:
                    30:19:75:28:da:63:83:e2:d4:8d:2a:29:a8:c2:95:
                    81:03:52:e8:98:b4:d1:34:92:bd:a8:58:cc:eb:e0:
                    b2:b8:ed:36:88:31:7d:51:c1:6c:32:95:d7:90:d8:
                    ad:87:fb:ea:98:93:dc:aa:f6:ab:0e:1f:d9:33:c5:
                    6c:52:6c:25:d3:97:e6:9f:13:79:dd:c1:15:27:4a:
                    5a:f5:32:68:0c:55:11:62:30:3a:34:72:5f:3f:53:
                    87:8f:88:ba:2a:7b:f3:49:d9:e3:c3:8e:42:f7:a4:
                    90:fd:9b:82:10:9a:13:ce:9a:82:de:b8:0e:1e:89:
                    35:50:15:8e:94:ca:03:34:8b:b3:9f:40:71:c9:0c:
                    6a:bd:19:eb:e7:8f:f0:dd:a4:eb:99:fd:bb:23:ab:
                    43:11:45:4a:39:86:34:28:7e:24:55:06:ea:26:c3:
                    1f:46:93:05:0e:b4:f0:03:bc:4b:7d:42:8b:fd:f5:
                    05:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:CA:B0:6B:ED:CD:24:46:A0:B7:19:F9:75:50:63:62:B3:FC:CB:73
            X509v3 Authority Key Identifier:
                keyid:66:8D:2F:64:C3:37:46:5E:D3:8D:A5:F7:CC:45:84:DF:87:D4:A7:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/qsqwa-3NJEagtxn5dVBjYrP8y3M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.55.232.0/22
                  188.95.0.0/21
                  193.28.96.0/21
                  194.59.172.0/22
                  194.147.133.0/24
                IPv6:
                  2a00:b400::/29

    Signature Algorithm: sha256WithRSAEncryption
         99:38:b5:bd:4f:89:22:1f:94:0e:49:d6:09:df:08:3f:63:2c:
         fc:38:76:02:ca:36:c0:6e:72:dc:83:78:cc:96:05:81:5d:a0:
         75:ec:b5:52:5f:2c:93:03:6e:9f:f1:5a:f1:41:0a:91:ab:84:
         8f:c1:81:02:f5:34:7f:77:3e:6b:64:a7:8d:7d:b7:40:5d:62:
         70:56:60:6f:ad:35:6e:75:74:7f:9b:9f:e7:c3:f0:d7:e7:de:
         e3:8f:94:94:76:d9:34:47:29:9e:54:3d:94:ff:be:af:6a:a2:
         0c:0d:d1:78:5c:d6:b9:7a:73:8c:ec:31:d0:21:3e:fb:48:17:
         4c:56:fb:b4:74:a5:c8:83:05:c4:63:0e:ee:1e:db:e2:61:6d:
         2a:cd:e0:4f:0c:19:75:ab:0e:ea:d7:d6:b1:a1:73:f9:d6:e3:
         eb:90:ce:81:63:88:9a:50:13:e8:43:82:be:8a:57:1a:2c:d6:
         4e:7f:3b:e4:87:bf:e9:b8:d4:a7:18:89:fb:08:40:4b:f7:e1:
         16:27:33:d5:06:a3:99:a2:83:71:98:b8:f9:c1:56:2a:84:0a:
         f6:f4:4c:06:cc:3a:51:d1:64:a8:d8:78:12:1d:2d:b6:3a:e2:
         f3:1c:27:40:8f:45:75:b9:b4:4c:ea:c1:d1:a5:72:b8:4a:38:
         7c:cf:e7:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEA7eyhTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NjhkMmY2NGMzMzc0NjVlZDM4ZGE1ZjdjYzQ1ODRkZjg3ZDRhNzQ0MB4XDTIyMDEw
MTA5NTk1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWFjYWIwNmJlZGNk
MjQ0NmEwYjcxOWY5NzU1MDYzNjJiM2ZjY2I3MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALNF6HZyo6+yvx+yZZOPrt/5W7JcQo3HpeoiEuScM+R2GyXU
HdMII599WywoCuWMU8AMdAj8W0khXJr/Qt7xfvGRbaYFLvwNAbgRMBl1KNpjg+LU
jSopqMKVgQNS6Ji00TSSvahYzOvgsrjtNogxfVHBbDKV15DYrYf76piT3Kr2qw4f
2TPFbFJsJdOX5p8Ted3BFSdKWvUyaAxVEWIwOjRyXz9Th4+Iuip780nZ48OOQvek
kP2bghCaE86agt64Dh6JNVAVjpTKAzSLs59AcckMar0Z6+eP8N2k65n9uyOrQxFF
SjmGNCh+JFUG6ibDH0aTBQ608AO8S31Ci/31BVcCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBSqyrBr7c0kRqC3Gfl1UGNis/zLczAfBgNVHSMEGDAWgBRmjS9kwzdGXtON
pffMRYTfh9SnRDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pvMHZaTU0zUmw3VGphWDN6RVdFMzRmVXAwUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTUvODI4YjBmLTgwZTgtNDI3Yi05NzFkLTM4YmJjZmFlZTZjZS8x
L3FzcXdhLTNOSkVhZ3R4bjVkVkJqWXJQOHkzTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTUv
ODI4YjBmLTgwZTgtNDI3Yi05NzFkLTM4YmJjZmFlZTZjZS8xL1pvMHZaTU0zUmw3
VGphWDN6RVdFMzRmVXAwUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEArk36AMEA7xfAAMEA8EcYAMEAsI7
rAMEAMKThTANBAIAAjAHAwUDKgC0ADANBgkqhkiG9w0BAQsFAAOCAQEAmTi1vU+J
Ih+UDknWCd8IP2Ms/Dh2Aso2wG5y3IN4zJYFgV2gdey1Ul8skwNun/Fa8UEKkauE
j8GBAvU0f3c+a2SnjX23QF1icFZgb601bnV0f5uf58Pw1+fe44+UlHbZNEcpnlQ9
lP++r2qiDA3ReFzWuXpzjOwx0CE++0gXTFb7tHSlyIMFxGMO7h7b4mFtKs3gTwwZ
dasO6tfWsaFz+dbj65DOgWOImlAT6EOCvopXGizWTn875Ie/6bjUpxiJ+whAS/fh
Ficz1QajmaKDcZi4+cFWKoQK9vRMBsw6UdFkqNh4Eh0ttjri8xwnQI9Fdbm0TOrB
0aVyuEo4fM/n0w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:11 2024 by rpki-client on console-fra.rpki-client.org