Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/QLVlKhCG_FGcQ2Szb_zxyVsuR6Y.roa
File:                     QLVlKhCG_FGcQ2Szb_zxyVsuR6Y.roa (raw, json)
Hash identifier:          03mKAtdfWVXx//7jxL5CoFsDgjmVuVEGrNSKVgNDkW4=
Subject key identifier:   40:B5:65:2A:10:86:FC:51:9C:43:64:B3:6F:FC:F1:C9:5B:2E:47:A6
Certificate issuer:       /CN=8817aafec61c3a6b024b6a9f54ffb764ca3df922
Certificate serial:       34FBE30B
Authority key identifier: 88:17:AA:FE:C6:1C:3A:6B:02:4B:6A:9F:54:FF:B7:64:CA:3D:F9:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/QLVlKhCG_FGcQ2Szb_zxyVsuR6Y.roa
Signing time:             Sat 01 Jan 2022 05:57:44 +0000
ROA not before:           Sat 01 Jan 2022 05:57:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3333
IP address blocks:        193.0.0.0/21 maxlen: 21
                          193.0.10.0/23 maxlen: 23
                          193.0.12.0/23 maxlen: 23
                          193.0.20.0/23 maxlen: 23
                          193.0.18.0/23 maxlen: 23
                          193.0.22.0/23 maxlen: 23
                          2001:67c:2e8::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 888922891 (0x34fbe30b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8817aafec61c3a6b024b6a9f54ffb764ca3df922
        Validity
            Not Before: Jan  1 05:57:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=40b5652a1086fc519c4364b36ffcf1c95b2e47a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:7d:5b:ef:2b:67:5c:19:c6:14:a6:2e:cd:de:
                    99:07:66:71:a4:d7:7e:7d:c0:31:3d:bb:89:a6:1c:
                    92:7b:a8:fc:82:13:3e:f5:bf:80:b1:24:b7:c9:99:
                    da:2b:9d:d1:83:3c:77:15:53:a9:d5:d9:ee:fc:ab:
                    16:97:1b:f3:ae:4f:36:97:9e:af:9f:76:1b:3d:c9:
                    17:07:ca:38:93:83:fa:4e:ea:ea:6a:90:17:ee:2e:
                    cf:8f:83:56:2a:9e:cd:22:38:a5:38:80:7c:65:62:
                    ac:7e:bf:7d:6f:95:8e:d0:b0:59:24:70:bf:39:2e:
                    14:09:6d:bc:9c:93:42:de:d7:ea:6e:22:3e:56:61:
                    df:eb:a4:df:62:b7:96:7e:2f:e8:ab:cd:fb:ad:a2:
                    44:a7:c5:b9:0f:ab:6e:56:96:17:b8:ca:81:65:bd:
                    b4:c5:e1:d2:7d:e7:e2:a8:b2:53:32:8e:e9:5c:fa:
                    cc:87:67:28:ef:50:34:d6:d6:15:d8:40:b8:dd:46:
                    f0:05:ab:3f:18:38:cc:22:b5:47:fd:db:3f:8c:99:
                    18:be:49:3e:03:ce:62:61:cc:01:3c:96:46:48:50:
                    34:be:68:20:70:cc:f3:4d:5c:47:78:b8:4c:88:fe:
                    88:7f:2a:db:a1:bb:1b:65:fc:9f:82:24:43:60:64:
                    58:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:B5:65:2A:10:86:FC:51:9C:43:64:B3:6F:FC:F1:C9:5B:2E:47:A6
            X509v3 Authority Key Identifier:
                keyid:88:17:AA:FE:C6:1C:3A:6B:02:4B:6A:9F:54:FF:B7:64:CA:3D:F9:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/QLVlKhCG_FGcQ2Szb_zxyVsuR6Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.0.0/21
                  193.0.10.0-193.0.13.255
                  193.0.18.0-193.0.23.255
                IPv6:
                  2001:67c:2e8::/48

    Signature Algorithm: sha256WithRSAEncryption
         aa:56:46:8c:c9:e3:3a:fe:81:46:fa:73:f4:fa:a4:e2:06:91:
         ac:dd:2c:44:de:d7:4a:7e:a2:0b:66:9b:b2:fc:10:dc:81:b7:
         89:f7:54:9d:80:9e:45:76:90:49:53:20:05:9d:09:37:0a:59:
         e7:ba:13:e3:56:55:00:6c:16:3e:88:85:c0:e4:42:f5:24:0c:
         d1:53:e3:14:30:3c:34:9f:31:9f:c4:7b:5a:99:ae:53:96:78:
         bd:f4:8c:06:0b:2a:f1:27:03:6a:fe:8c:af:10:6a:2f:93:96:
         8c:6c:fc:95:2d:e6:67:ad:c4:32:27:70:03:41:6a:2f:48:da:
         d5:d7:9a:de:47:da:57:8e:3c:20:45:ed:20:2e:32:ff:9f:4a:
         c2:ba:97:5f:9c:3a:f9:df:83:43:46:58:59:2e:0f:ab:c6:09:
         5c:61:bd:51:d3:f2:9e:c4:2d:dd:8c:fa:77:9a:02:aa:07:55:
         ff:9f:9c:dd:cd:56:7a:0c:82:2a:17:be:63:d7:ed:ae:fa:0a:
         88:60:7d:cf:80:dd:5d:15:14:1b:b1:09:02:6a:53:9e:e8:75:
         bb:c8:f8:2b:51:d5:0f:20:4f:b0:8a:56:cf:fb:a2:1b:2d:bd:
         99:3a:40:73:31:43:16:ad:1f:e7:cf:ef:7b:66:f6:4e:b4:e9:
         a9:9f:23:f2
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIENPvjCzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ODE3YWFmZWM2MWMzYTZiMDI0YjZhOWY1NGZmYjc2NGNhM2RmOTIyMB4XDTIyMDEw
MTA1NTc0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDBiNTY1MmExMDg2
ZmM1MTljNDM2NGIzNmZmY2YxYzk1YjJlNDdhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMd9W+8rZ1wZxhSmLs3emQdmcaTXfn3AMT27iaYcknuo/IIT
PvW/gLEkt8mZ2iud0YM8dxVTqdXZ7vyrFpcb865PNpeer592Gz3JFwfKOJOD+k7q
6mqQF+4uz4+DViqezSI4pTiAfGVirH6/fW+VjtCwWSRwvzkuFAltvJyTQt7X6m4i
PlZh3+uk32K3ln4v6KvN+62iRKfFuQ+rblaWF7jKgWW9tMXh0n3n4qiyUzKO6Vz6
zIdnKO9QNNbWFdhAuN1G8AWrPxg4zCK1R/3bP4yZGL5JPgPOYmHMATyWRkhQNL5o
IHDM801cR3i4TIj+iH8q26G7G2X8n4IkQ2BkWAsCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBRAtWUqEIb8UZxDZLNv/PHJWy5HpjAfBgNVHSMEGDAWgBSIF6r+xhw6awJL
ap9U/7dkyj35IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lCZXFfc1ljT21zQ1MycWZWUC0zWk1vOS1TSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzMvZmUyZDcyLWMyZGQtNDZjMS05NDI5LWU2NjM2OTY0OTQxMS8x
L1FMVmxLaENHX0ZHY1EyU3piX3p4eVZzdVI2WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzMv
ZmUyZDcyLWMyZGQtNDZjMS05NDI5LWU2NjM2OTY0OTQxMS8xL2lCZXFfc1ljT21z
Q1MycWZWUC0zWk1vOS1TSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKAQCAAEwIgMEA8EAADAMAwQBwQAKAwQBwQAMMAwD
BAHBABIDBAPBABAwDwQCAAIwCQMHACABBnwC6DANBgkqhkiG9w0BAQsFAAOCAQEA
qlZGjMnjOv6BRvpz9Pqk4gaRrN0sRN7XSn6iC2absvwQ3IG3ifdUnYCeRXaQSVMg
BZ0JNwpZ57oT41ZVAGwWPoiFwORC9SQM0VPjFDA8NJ8xn8R7WpmuU5Z4vfSMBgsq
8ScDav6MrxBqL5OWjGz8lS3mZ63EMidwA0FqL0ja1dea3kfaV448IEXtIC4y/59K
wrqXX5w6+d+DQ0ZYWS4Pq8YJXGG9UdPynsQt3Yz6d5oCqgdV/5+c3c1WegyCKhe+
Y9ftrvoKiGB9z4DdXRUUG7EJAmpTnuh1u8j4K1HVDyBPsIpWz/uiGy29mTpAczFD
Fq0f58/ve2b2TrTpqZ8j8g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:02 2024 by rpki-client on console-fra.rpki-client.org