Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/be9a00-e0b1-4541-9c0f-13858da85f53/1/QzTT2a-BYSXXatMAvjOfASUrGfk.roa
File:                     QzTT2a-BYSXXatMAvjOfASUrGfk.roa (raw, json)
Hash identifier:          fkDOpzMA4CdqYe8IrgP6u16vFM3/qmsYrsxaXoC6d3w=
Subject key identifier:   43:34:D3:D9:AF:81:61:25:D7:6A:D3:00:BE:33:9F:01:25:2B:19:F9
Certificate issuer:       /CN=5a955ca458468c5776b8d9936dfe9b0b2668731c
Certificate serial:       0182D0743FB8CF67D62CD217DD934F1929F9
Authority key identifier: 5A:95:5C:A4:58:46:8C:57:76:B8:D9:93:6D:FE:9B:0B:26:68:73:1C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WpVcpFhGjFd2uNmTbf6bCyZocxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/be9a00-e0b1-4541-9c0f-13858da85f53/1/QzTT2a-BYSXXatMAvjOfASUrGfk.roa
Signing time:             Wed 24 Aug 2022 15:24:15 +0000
ROA not before:           Wed 24 Aug 2022 15:24:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8399
IP address blocks:        87.247.224.0/24 maxlen: 24
                          185.197.100.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:d0:74:3f:b8:cf:67:d6:2c:d2:17:dd:93:4f:19:29:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5a955ca458468c5776b8d9936dfe9b0b2668731c
        Validity
            Not Before: Aug 24 15:24:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4334d3d9af816125d76ad300be339f01252b19f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:96:6e:eb:08:82:da:65:2e:3b:06:ff:5f:ad:
                    30:ef:5d:f6:fa:86:cd:b1:86:56:76:15:70:e9:e7:
                    5c:ee:e3:e7:65:14:3e:f2:27:15:2b:9d:f1:8d:55:
                    15:58:10:17:5f:56:16:fb:dd:d5:57:35:73:e7:b5:
                    1c:39:47:a9:24:33:93:2d:78:e4:97:e7:ea:bf:e8:
                    b1:cf:29:c2:1c:a1:a0:16:4f:2c:9f:c1:15:2d:25:
                    42:b8:2e:41:18:64:05:a2:30:67:4d:fd:90:6c:03:
                    1e:d4:cb:ef:e7:b5:43:86:ba:a2:31:b1:50:60:58:
                    af:d0:ae:f3:78:1d:51:a8:16:51:ca:e9:a4:80:59:
                    a3:54:e4:59:ee:0a:4b:97:6d:d1:3e:bd:e9:b3:bf:
                    ba:33:32:e8:a3:e0:f4:b1:82:11:7f:4b:2f:3c:51:
                    af:6c:7f:1b:ec:bc:f0:5c:7e:73:19:8b:4e:e6:94:
                    27:ec:fe:39:e2:07:d1:19:ed:2b:76:b4:a5:6d:2a:
                    b3:17:c7:ba:49:76:17:74:fd:e7:08:26:77:0b:24:
                    97:31:a3:39:bf:32:79:63:d5:41:bc:1a:f4:84:2e:
                    9b:05:c9:be:a8:75:d6:b3:2a:f0:4b:01:02:87:dd:
                    b5:6d:27:41:fb:ee:12:45:19:d4:d8:33:96:b6:5a:
                    61:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:34:D3:D9:AF:81:61:25:D7:6A:D3:00:BE:33:9F:01:25:2B:19:F9
            X509v3 Authority Key Identifier:
                keyid:5A:95:5C:A4:58:46:8C:57:76:B8:D9:93:6D:FE:9B:0B:26:68:73:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WpVcpFhGjFd2uNmTbf6bCyZocxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/be9a00-e0b1-4541-9c0f-13858da85f53/1/QzTT2a-BYSXXatMAvjOfASUrGfk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/be9a00-e0b1-4541-9c0f-13858da85f53/1/WpVcpFhGjFd2uNmTbf6bCyZocxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.247.224.0/24
                  185.197.100.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:ee:c6:8a:e5:f6:59:b3:7c:83:40:ae:d4:5f:a2:b6:0e:de:
         b6:78:17:ac:29:b2:f4:e6:79:69:1e:27:90:66:9c:85:62:20:
         c2:6a:93:cd:34:c4:9a:94:e3:f4:87:d5:d5:d0:0c:95:a9:cd:
         97:11:39:33:af:af:1c:3e:f2:17:05:a3:fb:c2:05:76:f4:80:
         e2:b9:e9:f7:26:a0:86:78:0b:ee:15:98:14:4f:38:4a:2d:e0:
         e2:8a:ab:ed:f5:2f:f3:05:c3:3e:61:04:3d:8d:7c:98:c2:ec:
         bd:5c:14:7e:3a:e1:f7:64:a7:66:a5:fc:7c:f6:63:2c:b8:07:
         ec:61:aa:bb:62:2b:ef:4c:e0:15:b4:70:33:ae:e4:a6:1c:c2:
         66:46:ce:96:78:8f:ca:a5:a3:d8:32:31:35:4d:35:81:23:a7:
         3d:c1:d0:e8:68:de:58:c7:c7:78:ad:ed:0f:6e:19:43:23:46:
         98:aa:19:45:4b:db:8d:9c:31:7e:d5:f3:a3:7b:e9:8d:2a:bc:
         72:31:bb:c9:33:dd:f9:9b:60:ce:97:bd:b0:5b:1b:2e:f4:fa:
         16:64:15:74:bc:2f:fc:94:cf:aa:8e:4c:02:7e:c5:83:c9:43:
         d4:a8:91:a8:a2:17:5a:3d:ab:7f:58:55:5d:2b:92:5d:c1:4a:
         ad:29:8e:05
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYLQdD+4z2fWLNIX3ZNPGSn5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhOTU1Y2E0NTg0NjhjNTc3NmI4ZDk5MzZkZmU5YjBiMjY2
ODczMWMwHhcNMjIwODI0MTUyNDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzM0ZDNkOWFmODE2MTI1ZDc2YWQzMDBiZTMzOWYwMTI1MmIxOWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZZu6wiC2mUuOwb/X60w7132+obN
sYZWdhVw6edc7uPnZRQ+8icVK53xjVUVWBAXX1YW+93VVzVz57UcOUepJDOTLXjk
l+fqv+ixzynCHKGgFk8sn8EVLSVCuC5BGGQFojBnTf2QbAMe1Mvv57VDhrqiMbFQ
YFiv0K7zeB1RqBZRyumkgFmjVORZ7gpLl23RPr3ps7+6MzLoo+D0sYIRf0svPFGv
bH8b7LzwXH5zGYtO5pQn7P454gfRGe0rdrSlbSqzF8e6SXYXdP3nCCZ3CySXMaM5
vzJ5Y9VBvBr0hC6bBcm+qHXWsyrwSwECh921bSdB++4SRRnU2DOWtlphhwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEM009mvgWEl12rTAL4znwElKxn5MB8GA1UdIwQY
MBaAFFqVXKRYRoxXdrjZk23+mwsmaHMcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3BWY3BGaEdqRmQydU5tVGJmNmJDeVpvY3h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9iZTlhMDAtZTBiMS00NTQxLTljMGYt
MTM4NThkYTg1ZjUzLzEvUXpUVDJhLUJZU1hYYXRNQXZqT2ZBU1VyR2ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9iZTlhMDAtZTBiMS00NTQxLTljMGYtMTM4NThkYTg1ZjUz
LzEvV3BWY3BGaEdqRmQydU5tVGJmNmJDeVpvY3h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV/fgAwQA
ucVkMA0GCSqGSIb3DQEBCwUAA4IBAQBu7saK5fZZs3yDQK7UX6K2Dt62eBesKbL0
5nlpHieQZpyFYiDCapPNNMSalOP0h9XV0AyVqc2XETkzr68cPvIXBaP7wgV29IDi
uen3JqCGeAvuFZgUTzhKLeDiiqvt9S/zBcM+YQQ9jXyYwuy9XBR+OuH3ZKdmpfx8
9mMsuAfsYaq7YivvTOAVtHAzruSmHMJmRs6WeI/KpaPYMjE1TTWBI6c9wdDoaN5Y
x8d4re0PbhlDI0aYqhlFS9uNnDF+1fOje+mNKrxyMbvJM935m2DOl72wWxsu9PoW
ZBV0vC/8lM+qjkwCfsWDyUPUqJGoohdaPat/WFVdK5JdwUqtKY4F
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:23 2024 by rpki-client on console-ams.rpki-client.org