Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/192bba-1a74-4ba4-90d6-72c4c4b804a7/1/qQoAYpb4Mf7MkXSRniJpzlgVydQ.roa
File:                     qQoAYpb4Mf7MkXSRniJpzlgVydQ.roa (raw, json)
Hash identifier:          AjXQIEDM2JqGLMWiEC2mPFSlmSxokpySosvt1QSm2Rk=
Subject key identifier:   A9:0A:00:62:96:F8:31:FE:CC:91:74:91:9E:22:69:CE:58:15:C9:D4
Certificate issuer:       /CN=83375b43ae8a53d48c888671e67fc17bf27f2b7e
Certificate serial:       06D41788
Authority key identifier: 83:37:5B:43:AE:8A:53:D4:8C:88:86:71:E6:7F:C1:7B:F2:7F:2B:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gzdbQ66KU9SMiIZx5n_Be_J_K34.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/192bba-1a74-4ba4-90d6-72c4c4b804a7/1/qQoAYpb4Mf7MkXSRniJpzlgVydQ.roa
Signing time:             Sat 01 Jan 2022 08:02:25 +0000
ROA not before:           Sat 01 Jan 2022 08:02:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8395
IP address blocks:        195.170.32.0/19 maxlen: 19
                          2a04:dbc0::/30 maxlen: 30

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 114562952 (0x6d41788)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=83375b43ae8a53d48c888671e67fc17bf27f2b7e
        Validity
            Not Before: Jan  1 08:02:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a90a006296f831fecc9174919e2269ce5815c9d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:30:6a:9a:cc:76:11:70:4f:17:ca:45:28:57:
                    cf:dd:4f:de:3d:fc:1f:e2:96:53:d8:30:77:7c:e3:
                    d9:8c:fa:94:d8:5f:75:4e:9e:36:5b:8b:8f:f1:18:
                    12:cc:7a:e8:f0:6d:1b:89:c8:e0:94:74:32:b6:0b:
                    56:ab:86:02:63:f5:cd:a9:05:34:1a:1f:23:b3:ba:
                    cb:8f:10:b5:73:93:fe:db:de:25:4d:68:49:98:75:
                    99:71:2c:57:e5:c9:ae:af:1a:52:bc:a3:1e:81:b5:
                    76:7a:0f:31:a8:c6:ec:f2:fe:8c:7f:c1:80:7e:59:
                    40:fe:0f:d8:9c:04:8f:55:f3:64:f6:4d:fb:78:31:
                    ad:91:d0:fa:b2:cd:bb:ed:14:7e:13:45:d3:59:3a:
                    d3:d5:3e:01:3a:0e:67:f2:93:4c:e5:02:8e:3f:84:
                    68:84:61:49:2c:57:39:9c:dd:ec:b2:3e:9f:0f:b0:
                    85:33:f5:fa:85:5e:f4:5a:24:e1:25:71:75:1a:db:
                    3c:f2:06:c6:27:f5:59:b2:8b:39:b8:5d:46:aa:a7:
                    63:f8:ee:eb:19:90:b6:bb:4b:f5:63:70:8a:dc:f1:
                    0b:08:cf:5c:31:84:9c:e8:07:8d:02:e9:40:88:36:
                    8c:86:be:82:d9:2d:6e:72:ec:02:ca:ec:46:8a:6a:
                    0e:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:0A:00:62:96:F8:31:FE:CC:91:74:91:9E:22:69:CE:58:15:C9:D4
            X509v3 Authority Key Identifier:
                keyid:83:37:5B:43:AE:8A:53:D4:8C:88:86:71:E6:7F:C1:7B:F2:7F:2B:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzdbQ66KU9SMiIZx5n_Be_J_K34.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/192bba-1a74-4ba4-90d6-72c4c4b804a7/1/qQoAYpb4Mf7MkXSRniJpzlgVydQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/192bba-1a74-4ba4-90d6-72c4c4b804a7/1/gzdbQ66KU9SMiIZx5n_Be_J_K34.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.170.32.0/19
                IPv6:
                  2a04:dbc0::/30

    Signature Algorithm: sha256WithRSAEncryption
         64:e9:b4:e6:95:61:01:c3:08:e3:19:e4:37:d2:ef:cf:b8:69:
         7e:ab:38:ee:55:06:a5:d2:18:da:cb:16:b6:4a:16:09:e1:5e:
         d0:f6:3f:19:44:3f:59:07:56:cd:6d:02:b5:7b:a2:d9:d0:86:
         f5:dc:5d:8f:cb:5d:c9:4d:86:c1:70:80:90:6e:10:0d:6b:dc:
         24:29:79:f2:43:3d:f8:7f:ad:5b:fa:ed:ef:91:c1:62:a0:02:
         26:28:6f:fb:26:21:d3:04:68:34:1c:e4:b5:3c:9a:df:f6:3d:
         69:af:bd:40:f8:85:96:45:7e:a0:fd:13:65:b9:a9:b5:76:06:
         db:ab:4c:dc:20:d2:ef:70:71:dd:ad:8e:54:7b:8d:b4:79:00:
         68:8e:4d:27:54:41:8a:48:59:fd:91:e6:1e:60:03:1e:6d:13:
         39:5a:0d:25:04:18:76:07:9b:4b:9b:4d:f0:4c:82:b6:c0:36:
         55:9d:9f:48:69:58:6d:12:12:30:67:ad:5e:e5:83:9f:5d:56:
         11:27:a8:03:b9:b7:ef:84:0b:47:cd:4e:50:47:e4:9a:67:9d:
         98:cb:50:20:7d:e7:e8:64:c5:d9:16:a7:ad:39:b1:df:d7:cf:
         ac:68:c7:7e:24:36:dc:32:2e:e1:35:84:80:d9:6d:6e:e5:d3:
         2f:31:15:33
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBtQXiDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MzM3NWI0M2FlOGE1M2Q0OGM4ODg2NzFlNjdmYzE3YmYyN2YyYjdlMB4XDTIyMDEw
MTA4MDIyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTkwYTAwNjI5NmY4
MzFmZWNjOTE3NDkxOWUyMjY5Y2U1ODE1YzlkNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO4waprMdhFwTxfKRShXz91P3j38H+KWU9gwd3zj2Yz6lNhf
dU6eNluLj/EYEsx66PBtG4nI4JR0MrYLVquGAmP1zakFNBofI7O6y48QtXOT/tve
JU1oSZh1mXEsV+XJrq8aUryjHoG1dnoPMajG7PL+jH/BgH5ZQP4P2JwEj1XzZPZN
+3gxrZHQ+rLNu+0UfhNF01k609U+AToOZ/KTTOUCjj+EaIRhSSxXOZzd7LI+nw+w
hTP1+oVe9Fok4SVxdRrbPPIGxif1WbKLObhdRqqnY/ju6xmQtrtL9WNwitzxCwjP
XDGEnOgHjQLpQIg2jIa+gtktbnLsAsrsRopqDg0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSpCgBilvgx/syRdJGeImnOWBXJ1DAfBgNVHSMEGDAWgBSDN1tDropT1IyI
hnHmf8F78n8rfjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2d6ZGJRNjZLVTlTTWlJWng1bl9CZV9KX0szNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjQvMTkyYmJhLTFhNzQtNGJhNC05MGQ2LTcyYzRjNGI4MDRhNy8x
L3FRb0FZcGI0TWY3TWtYU1JuaUpwemxnVnlkUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQv
MTkyYmJhLTFhNzQtNGJhNC05MGQ2LTcyYzRjNGI4MDRhNy8xL2d6ZGJRNjZLVTlT
TWlJWng1bl9CZV9KX0szNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBcOqIDANBAIAAjAHAwUCKgTbwDAN
BgkqhkiG9w0BAQsFAAOCAQEAZOm05pVhAcMI4xnkN9Lvz7hpfqs47lUGpdIY2ssW
tkoWCeFe0PY/GUQ/WQdWzW0CtXui2dCG9dxdj8tdyU2GwXCAkG4QDWvcJCl58kM9
+H+tW/rt75HBYqACJihv+yYh0wRoNBzktTya3/Y9aa+9QPiFlkV+oP0TZbmptXYG
26tM3CDS73Bx3a2OVHuNtHkAaI5NJ1RBikhZ/ZHmHmADHm0TOVoNJQQYdgebS5tN
8EyCtsA2VZ2fSGlYbRISMGetXuWDn11WESeoA7m374QLR81OUEfkmmedmMtQIH3n
6GTF2RanrTmx39fPrGjHfiQ23DIu4TWEgNltbuXTLzEVMw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:46 2024 by rpki-client on console-fra.rpki-client.org