Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/9445a9-3f7f-4f4a-80b8-5b910157271b/1/qP-NnlSVQlpR3HI3I9EFTVVaZ20.roa
File:                     qP-NnlSVQlpR3HI3I9EFTVVaZ20.roa (raw, json)
Hash identifier:          WOmzVVnF9uzw0rTxB1MHOpyZi+dk2wrjWQaD1e2B3nU=
Subject key identifier:   A8:FF:8D:9E:54:95:42:5A:51:DC:72:37:23:D1:05:4D:55:5A:67:6D
Certificate issuer:       /CN=0d1e3fd5040bb9fb9126e5119e5ff7c074da5bbc
Certificate serial:       0183B52766DDA010443FC5E50EC9BA08AE8E
Authority key identifier: 0D:1E:3F:D5:04:0B:B9:FB:91:26:E5:11:9E:5F:F7:C0:74:DA:5B:BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DR4_1QQLufuRJuURnl_3wHTaW7w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/9445a9-3f7f-4f4a-80b8-5b910157271b/1/qP-NnlSVQlpR3HI3I9EFTVVaZ20.roa
Signing time:             Sat 08 Oct 2022 01:13:21 +0000
ROA not before:           Sat 08 Oct 2022 01:13:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203081
IP address blocks:        185.145.4.0/22 maxlen: 22
                          2a07:44c0::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:b5:27:66:dd:a0:10:44:3f:c5:e5:0e:c9:ba:08:ae:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d1e3fd5040bb9fb9126e5119e5ff7c074da5bbc
        Validity
            Not Before: Oct  8 01:13:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a8ff8d9e5495425a51dc723723d1054d555a676d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:a7:39:c1:ec:15:c5:d1:25:f2:57:84:38:ee:
                    93:2a:61:63:6b:fd:08:56:0e:cb:96:19:e0:0c:ee:
                    c9:1f:8e:78:f1:64:b4:3f:9a:f0:06:cb:0c:c3:97:
                    1d:3f:6f:43:0d:e2:b2:30:de:11:d4:db:8f:d8:2f:
                    49:59:8f:54:5a:c4:6a:19:fe:c8:86:e4:a2:16:63:
                    e6:53:16:7e:e1:d7:ab:7d:2d:44:5b:39:0c:41:94:
                    73:93:49:6b:44:cd:2c:bb:dd:e2:e1:51:91:02:91:
                    88:23:07:2b:e4:a3:5f:08:f6:67:72:7a:e8:e2:64:
                    dd:a8:8b:32:77:c1:7f:ad:d7:78:00:7f:3c:75:df:
                    f0:00:a4:3e:09:3a:88:3a:1d:f4:82:f8:3c:b9:6b:
                    ea:c9:11:0a:23:15:93:6f:da:18:ae:e1:fb:eb:b1:
                    92:f1:42:59:a5:02:a6:9c:5d:41:ca:65:08:11:33:
                    f7:22:58:25:b4:b6:ed:6c:55:fd:2c:b1:5e:29:8c:
                    83:e3:54:77:dd:93:9e:5e:08:cf:0a:25:86:ca:24:
                    9a:25:7f:ae:c0:44:ba:32:7a:d3:c7:d0:83:16:ee:
                    61:55:00:48:44:41:38:63:67:e3:2f:8c:7b:77:48:
                    d6:cd:01:c9:61:bc:65:4f:c9:cd:f2:12:77:07:bb:
                    25:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:FF:8D:9E:54:95:42:5A:51:DC:72:37:23:D1:05:4D:55:5A:67:6D
            X509v3 Authority Key Identifier:
                keyid:0D:1E:3F:D5:04:0B:B9:FB:91:26:E5:11:9E:5F:F7:C0:74:DA:5B:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DR4_1QQLufuRJuURnl_3wHTaW7w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9445a9-3f7f-4f4a-80b8-5b910157271b/1/qP-NnlSVQlpR3HI3I9EFTVVaZ20.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9445a9-3f7f-4f4a-80b8-5b910157271b/1/DR4_1QQLufuRJuURnl_3wHTaW7w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.145.4.0/22
                IPv6:
                  2a07:44c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         31:56:70:22:2a:1d:8c:2e:ec:08:aa:6c:a0:a6:0e:e3:ef:58:
         8b:de:d1:ff:bc:3d:2f:f2:8e:aa:c1:b0:5b:68:6a:bf:97:d3:
         89:8b:22:98:51:f6:39:70:0f:d9:73:50:01:6a:42:31:c7:1a:
         e0:41:f7:a6:4a:20:a7:0e:0d:68:ce:df:b8:9c:37:87:9d:74:
         d3:b2:76:c4:92:b5:66:f6:d8:17:c7:21:0b:41:42:f3:8a:02:
         17:a3:1c:bf:bb:0d:e7:82:5a:9e:bc:b3:6f:99:7e:47:06:db:
         cb:b3:01:7b:94:58:c0:6e:59:d4:9c:ff:9f:c2:03:6d:ad:d9:
         eb:89:dd:4c:a4:d4:06:e1:1b:c3:bc:21:5f:0c:ed:5f:92:7c:
         46:07:da:76:7f:d3:23:90:a7:94:f0:92:2b:53:05:be:53:70:
         e1:69:81:46:08:e3:73:6c:d3:fa:ed:2d:2e:82:8f:59:5f:e8:
         e6:e2:01:30:7a:2c:e5:e5:6d:3f:57:46:b3:24:0f:97:a0:1a:
         12:f7:ae:32:4b:98:dc:0f:00:98:ea:09:bb:c3:68:75:e0:2b:
         db:a9:77:98:a3:85:94:ce:c0:67:f5:45:42:a1:57:15:3d:01:
         a9:d0:e6:d9:89:7e:e5:20:4c:6b:ac:9a:a1:4d:cb:f8:9d:c2:
         a0:af:ce:04
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYO1J2bdoBBEP8XlDsm6CK6OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMWUzZmQ1MDQwYmI5ZmI5MTI2ZTUxMTllNWZmN2MwNzRk
YTViYmMwHhcNMjIxMDA4MDExMzIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGZmOGQ5ZTU0OTU0MjVhNTFkYzcyMzcyM2QxMDU0ZDU1NWE2NzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqc5wewVxdEl8leEOO6TKmFja/0I
Vg7LlhngDO7JH4548WS0P5rwBssMw5cdP29DDeKyMN4R1NuP2C9JWY9UWsRqGf7I
huSiFmPmUxZ+4derfS1EWzkMQZRzk0lrRM0su93i4VGRApGIIwcr5KNfCPZncnro
4mTdqIsyd8F/rdd4AH88dd/wAKQ+CTqIOh30gvg8uWvqyREKIxWTb9oYruH767GS
8UJZpQKmnF1BymUIETP3IlgltLbtbFX9LLFeKYyD41R33ZOeXgjPCiWGyiSaJX+u
wES6MnrTx9CDFu5hVQBIREE4Y2fjL4x7d0jWzQHJYbxlT8nN8hJ3B7slJwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKj/jZ5UlUJaUdxyNyPRBU1VWmdtMB8GA1UdIwQY
MBaAFA0eP9UEC7n7kSblEZ5f98B02lu8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFI0XzFRUUx1ZnVSSnVVUm5sXzN3SFRhVzd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NDQ1YTktM2Y3Zi00ZjRhLTgwYjgt
NWI5MTAxNTcyNzFiLzEvcVAtTm5sU1ZRbHBSM0hJM0k5RUZUVlZhWjIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NDQ1YTktM2Y3Zi00ZjRhLTgwYjgtNWI5MTAxNTcyNzFi
LzEvRFI0XzFRUUx1ZnVSSnVVUm5sXzN3SFRhVzd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZEEMA0E
AgACMAcDBQMqB0TAMA0GCSqGSIb3DQEBCwUAA4IBAQAxVnAiKh2MLuwIqmygpg7j
71iL3tH/vD0v8o6qwbBbaGq/l9OJiyKYUfY5cA/Zc1ABakIxxxrgQfemSiCnDg1o
zt+4nDeHnXTTsnbEkrVm9tgXxyELQULzigIXoxy/uw3nglqevLNvmX5HBtvLswF7
lFjAblnUnP+fwgNtrdnrid1MpNQG4RvDvCFfDO1fknxGB9p2f9MjkKeU8JIrUwW+
U3DhaYFGCONzbNP67S0ugo9ZX+jm4gEweizl5W0/V0azJA+XoBoS964yS5jcDwCY
6gm7w2h14CvbqXeYo4WUzsBn9UVCoVcVPQGp0ObZiX7lIExrrJqhTcv4ncKgr84E
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:05 2024 by rpki-client on console-fra.rpki-client.org