Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/qHk_KlzBgAdQxJWtPwdxQsF7Abs.roa
File:                     qHk_KlzBgAdQxJWtPwdxQsF7Abs.roa (raw, json)
Hash identifier:          wiFw920/sOciYnFiPmdyGkk1yvRCZm/UPghV24ReYqo=
Subject key identifier:   A8:79:3F:2A:5C:C1:80:07:50:C4:95:AD:3F:07:71:42:C1:7B:01:BB
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       19D2BE3F
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/qHk_KlzBgAdQxJWtPwdxQsF7Abs.roa
Signing time:             Sat 01 Jan 2022 15:56:40 +0000
ROA not before:           Sat 01 Jan 2022 15:56:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     18450
IP address blocks:        136.144.33.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 433241663 (0x19d2be3f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Jan  1 15:56:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a8793f2a5cc1800750c495ad3f077142c17b01bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:0a:24:05:a2:06:b4:93:31:57:3d:c9:61:0e:
                    2b:44:d2:97:f3:c9:0b:1a:50:3f:1b:aa:ac:99:ea:
                    54:ed:24:b2:5a:64:04:e3:56:ff:52:9f:02:0d:46:
                    f3:eb:6d:34:57:d3:2a:6b:08:b9:42:09:38:b2:bf:
                    3b:78:a1:92:c8:f5:d3:aa:5b:3f:5c:92:dc:52:6b:
                    fd:49:06:85:d5:6b:83:07:be:5e:5b:f5:8b:ac:65:
                    68:19:86:41:2f:81:92:b4:66:0f:80:eb:33:db:80:
                    94:5f:66:35:7f:f5:08:e5:f8:4c:51:22:1e:6e:2d:
                    57:ad:36:40:e7:ef:1d:0b:c2:f7:37:5e:e7:a9:04:
                    03:84:bf:a3:84:53:97:5d:ae:87:2c:f1:7d:35:f6:
                    22:cf:4c:84:4e:9b:86:13:28:d5:27:64:02:8f:75:
                    4b:f4:3c:07:31:5c:f4:9f:30:98:2d:f9:76:59:01:
                    67:71:8d:fc:87:bd:7a:95:eb:65:d5:8e:5a:81:a3:
                    20:40:5e:7f:bd:2b:2c:bc:bf:42:1d:76:fb:e4:85:
                    e0:de:90:e1:38:54:41:ec:b0:b5:ef:d9:7d:c3:2d:
                    93:f8:d2:30:1f:ca:72:08:4a:5c:5e:a6:20:92:6a:
                    d1:62:c0:51:34:56:f1:94:d8:4c:8a:61:8c:e9:a9:
                    d2:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:79:3F:2A:5C:C1:80:07:50:C4:95:AD:3F:07:71:42:C1:7B:01:BB
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/qHk_KlzBgAdQxJWtPwdxQsF7Abs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  136.144.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a0:51:56:c7:d1:5e:ab:63:48:41:44:da:80:3b:73:38:7e:96:
         1f:e8:ee:df:da:d0:2d:06:18:b6:a6:6e:30:6e:a5:ac:d0:44:
         f8:c3:bb:1b:1d:0c:aa:ee:df:85:0e:7f:61:8d:49:5e:b4:cf:
         63:09:a4:ae:7b:51:bf:c6:03:66:0c:4b:da:83:24:7a:05:2a:
         bd:75:fc:c1:6d:e5:99:71:3b:d8:d6:b2:93:d8:00:77:fc:c2:
         36:14:c6:9b:35:07:22:49:d2:22:e5:25:d7:58:c9:b3:6f:54:
         86:35:10:df:db:cc:e9:c5:59:15:b4:b4:9c:da:38:05:69:34:
         3b:f0:4a:2d:05:d6:9c:14:18:04:86:bd:65:c8:3d:9e:ba:ac:
         f2:a0:ad:ca:af:24:39:a5:50:51:99:25:da:32:1a:3a:fe:50:
         e5:cd:2e:c9:57:f0:f6:12:f6:32:e9:eb:e8:d4:5d:d0:7d:69:
         18:9e:8c:35:41:3f:26:0c:a1:54:a4:8c:e6:d4:60:49:e9:b4:
         8f:4a:a3:7d:b7:03:d1:d4:cf:2d:fd:37:d5:80:46:9c:ad:e9:
         54:fd:e2:e6:79:3f:b7:42:e8:61:54:de:87:96:1b:31:ab:4b:
         d7:31:fd:3c:91:dd:32:82:92:37:de:41:fd:bb:11:d0:8f:69:
         6a:2a:4e:9c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGdK+PzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MTU1MDA5YzNkZTQyMWNjNGU2N2I5YTlhZTQyM2JiMzVkZTBiOTI2MB4XDTIyMDEw
MTE1NTY0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTg3OTNmMmE1Y2Mx
ODAwNzUwYzQ5NWFkM2YwNzcxNDJjMTdiMDFiYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALoKJAWiBrSTMVc9yWEOK0TSl/PJCxpQPxuqrJnqVO0kslpk
BONW/1KfAg1G8+ttNFfTKmsIuUIJOLK/O3ihksj106pbP1yS3FJr/UkGhdVrgwe+
Xlv1i6xlaBmGQS+BkrRmD4DrM9uAlF9mNX/1COX4TFEiHm4tV602QOfvHQvC9zde
56kEA4S/o4RTl12uhyzxfTX2Is9MhE6bhhMo1SdkAo91S/Q8BzFc9J8wmC35dlkB
Z3GN/Ie9epXrZdWOWoGjIEBef70rLLy/Qh12++SF4N6Q4ThUQeywte/ZfcMtk/jS
MB/KcghKXF6mIJJq0WLAUTRW8ZTYTIphjOmp0j0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSoeT8qXMGAB1DEla0/B3FCwXsBuzAfBgNVHSMEGDAWgBSxVQCcPeQhzE5n
uamuQjuzXeC5JjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NWVUFuRDNrSWN4T1o3bXBya0k3czEzZ3VTWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8x
L3FIa19LbHpCZ0FkUXhKV3RQd2R4UXNGN0Ficy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
ZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8xL3NWVUFuRDNrSWN4
T1o3bXBya0k3czEzZ3VTWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIiQITANBgkqhkiG9w0BAQsFAAOC
AQEAoFFWx9Feq2NIQUTagDtzOH6WH+ju39rQLQYYtqZuMG6lrNBE+MO7Gx0Mqu7f
hQ5/YY1JXrTPYwmkrntRv8YDZgxL2oMkegUqvXX8wW3lmXE72Nayk9gAd/zCNhTG
mzUHIknSIuUl11jJs29UhjUQ39vM6cVZFbS0nNo4BWk0O/BKLQXWnBQYBIa9Zcg9
nrqs8qCtyq8kOaVQUZkl2jIaOv5Q5c0uyVfw9hL2Munr6NRd0H1pGJ6MNUE/Jgyh
VKSM5tRgSem0j0qjfbcD0dTPLf031YBGnK3pVP3i5nk/t0LoYVTeh5YbMatL1zH9
PJHdMoKSN95B/bsR0I9paipOnA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org