Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/bade34-0ac1-421f-8934-bb1fc4547033/1/q2uU36hyuOS25jYGelzDiLa04ls.roa
File:                     q2uU36hyuOS25jYGelzDiLa04ls.roa (raw, json)
Hash identifier:          wAwsgGdiNdojeQwDVRtRnxXVsawa0yhf+FvDnC1z7+4=
Subject key identifier:   AB:6B:94:DF:A8:72:B8:E4:B6:E6:36:06:7A:5C:C3:88:B6:B4:E2:5B
Certificate issuer:       /CN=41da10d665c10e1cb6ec6c2150e3e6024045b9da
Certificate serial:       0182B3283FC5E74A5D100A14C7AA899F6BF2
Authority key identifier: 41:DA:10:D6:65:C1:0E:1C:B6:EC:6C:21:50:E3:E6:02:40:45:B9:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QdoQ1mXBDhy27GwhUOPmAkBFudo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/bade34-0ac1-421f-8934-bb1fc4547033/1/q2uU36hyuOS25jYGelzDiLa04ls.roa
Signing time:             Thu 18 Aug 2022 22:52:15 +0000
ROA not before:           Thu 18 Aug 2022 22:52:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34917
IP address blocks:        83.143.144.0/21 maxlen: 21
                          62.182.112.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:b3:28:3f:c5:e7:4a:5d:10:0a:14:c7:aa:89:9f:6b:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41da10d665c10e1cb6ec6c2150e3e6024045b9da
        Validity
            Not Before: Aug 18 22:52:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ab6b94dfa872b8e4b6e636067a5cc388b6b4e25b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:f8:30:e2:29:f5:12:dd:0c:54:9a:6c:9e:7f:
                    98:3a:17:70:14:51:f9:3f:8f:4a:ec:95:56:33:bb:
                    a8:99:5e:a3:db:1f:54:d9:1c:e9:eb:97:16:ab:25:
                    97:3d:a1:46:70:f2:a1:05:e1:bb:cf:b5:e7:e3:b0:
                    2c:7d:42:56:09:a2:0f:b2:02:89:01:02:59:81:8f:
                    48:19:fa:b0:9f:da:f3:61:64:01:40:19:7b:ea:76:
                    5a:1a:d4:aa:b5:6a:23:d0:ce:0b:4c:69:3b:43:1a:
                    9d:f8:da:a5:6b:c8:e0:13:9e:af:ae:a1:98:64:89:
                    d5:de:f0:21:f8:23:56:55:fe:ef:d7:20:22:dc:cb:
                    a0:c8:ff:84:48:bb:c5:31:03:12:5e:eb:b2:bc:93:
                    8d:36:84:dc:9f:bf:5e:ee:39:22:ca:28:88:02:a2:
                    95:3f:da:5e:7b:5b:1d:86:03:f8:4b:74:ac:40:80:
                    a6:c7:3d:d8:5c:97:03:36:74:82:85:1e:d2:8f:d7:
                    fb:c1:5b:7f:dd:4c:d8:da:e0:fd:af:f3:8b:48:48:
                    3f:0d:58:d7:1f:5a:5b:d0:b3:d2:7a:5c:59:fc:e6:
                    3c:7b:6b:0f:17:ee:8e:5b:ba:ec:6c:23:5a:9b:42:
                    2f:08:02:50:46:00:70:f2:5a:f4:a6:2e:45:34:6a:
                    19:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:6B:94:DF:A8:72:B8:E4:B6:E6:36:06:7A:5C:C3:88:B6:B4:E2:5B
            X509v3 Authority Key Identifier:
                keyid:41:DA:10:D6:65:C1:0E:1C:B6:EC:6C:21:50:E3:E6:02:40:45:B9:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QdoQ1mXBDhy27GwhUOPmAkBFudo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/bade34-0ac1-421f-8934-bb1fc4547033/1/q2uU36hyuOS25jYGelzDiLa04ls.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/bade34-0ac1-421f-8934-bb1fc4547033/1/QdoQ1mXBDhy27GwhUOPmAkBFudo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.182.112.0/21
                  83.143.144.0/21

    Signature Algorithm: sha256WithRSAEncryption
         20:1c:b4:71:c8:f8:8c:7e:87:5f:f8:a6:ea:81:ec:8a:86:5c:
         0f:fd:4d:b1:11:78:d8:a0:e2:16:ca:1b:ce:61:ee:44:27:01:
         ff:f3:69:72:ca:b0:5a:75:e8:32:03:b5:12:a6:d4:d1:4e:ef:
         5e:d1:cd:32:37:14:4e:07:2c:77:e7:08:1e:b5:16:66:eb:b4:
         48:f0:36:e0:75:f6:57:cf:da:bd:97:5d:0d:f6:64:f4:37:dc:
         69:94:17:5d:65:9a:68:f2:5c:72:9e:b7:34:38:58:68:07:23:
         e3:06:42:94:a2:01:27:d2:51:7c:9b:3f:4a:00:3a:a1:aa:3e:
         5d:e3:23:01:66:e6:91:90:a6:20:d9:df:1b:0a:98:31:6f:bb:
         71:37:34:93:9b:df:af:d2:24:c4:bd:54:7e:a4:06:7e:0b:43:
         e9:72:1f:0e:ec:5d:b3:63:73:f5:96:a7:0c:7f:03:e3:7f:ef:
         57:de:80:75:c1:e8:56:f1:d4:31:33:c3:8a:b8:3d:39:ec:7b:
         0e:79:b1:48:40:8d:f3:cd:08:8c:d0:8b:27:41:42:04:62:5c:
         49:fe:4b:dc:f4:86:08:b2:85:fa:e8:91:9a:29:d5:d1:ad:90:
         3a:c5:d1:8e:a8:b0:de:5d:92:3e:01:84:f1:56:a0:c4:ee:43:
         30:54:72:0d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYKzKD/F50pdEAoUx6qJn2vyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZGExMGQ2NjVjMTBlMWNiNmVjNmMyMTUwZTNlNjAyNDA0
NWI5ZGEwHhcNMjIwODE4MjI1MjE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjZiOTRkZmE4NzJiOGU0YjZlNjM2MDY3YTVjYzM4OGI2YjRlMjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvgw4in1Et0MVJpsnn+YOhdwFFH5
P49K7JVWM7uomV6j2x9U2Rzp65cWqyWXPaFGcPKhBeG7z7Xn47AsfUJWCaIPsgKJ
AQJZgY9IGfqwn9rzYWQBQBl76nZaGtSqtWoj0M4LTGk7Qxqd+Nqla8jgE56vrqGY
ZInV3vAh+CNWVf7v1yAi3MugyP+ESLvFMQMSXuuyvJONNoTcn79e7jkiyiiIAqKV
P9pee1sdhgP4S3SsQICmxz3YXJcDNnSChR7Sj9f7wVt/3UzY2uD9r/OLSEg/DVjX
H1pb0LPSelxZ/OY8e2sPF+6OW7rsbCNam0IvCAJQRgBw8lr0pi5FNGoZRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKtrlN+ocrjktuY2Bnpcw4i2tOJbMB8GA1UdIwQY
MBaAFEHaENZlwQ4ctuxsIVDj5gJARbnaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWRvUTFtWEJEaHkyN0d3aFVPUG1Ba0JGdWRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9iYWRlMzQtMGFjMS00MjFmLTg5MzQt
YmIxZmM0NTQ3MDMzLzEvcTJ1VTM2aHl1T1MyNWpZR2VsekRpTGEwNGxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9iYWRlMzQtMGFjMS00MjFmLTg5MzQtYmIxZmM0NTQ3MDMz
LzEvUWRvUTFtWEJEaHkyN0d3aFVPUG1Ba0JGdWRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDPrZwAwQD
U4+QMA0GCSqGSIb3DQEBCwUAA4IBAQAgHLRxyPiMfodf+KbqgeyKhlwP/U2xEXjY
oOIWyhvOYe5EJwH/82lyyrBadegyA7USptTRTu9e0c0yNxROByx35wgetRZm67RI
8DbgdfZXz9q9l10N9mT0N9xplBddZZpo8lxynrc0OFhoByPjBkKUogEn0lF8mz9K
ADqhqj5d4yMBZuaRkKYg2d8bCpgxb7txNzSTm9+v0iTEvVR+pAZ+C0Ppch8O7F2z
Y3P1lqcMfwPjf+9X3oB1wehW8dQxM8OKuD057HsOebFIQI3zzQiM0IsnQUIEYlxJ
/kvc9IYIsoX66JGaKdXRrZA6xdGOqLDeXZI+AYTxVqDE7kMwVHIN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:57 2024 by rpki-client on console-fra.rpki-client.org