Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/NQDFiNtU29dqEWZLoQRWRYtTQRs.roa
File:                     NQDFiNtU29dqEWZLoQRWRYtTQRs.roa (raw, json)
Hash identifier:          3MRIPFQ14fkcuXSPzPn8AfHFlX26Zr5EY7Ds2xK29Xs=
Subject key identifier:   35:00:C5:88:DB:54:DB:D7:6A:11:66:4B:A1:04:56:45:8B:53:41:1B
Certificate issuer:       /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial:       08AB3599
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/NQDFiNtU29dqEWZLoQRWRYtTQRs.roa
Signing time:             Sat 01 Jan 2022 11:04:13 +0000
ROA not before:           Sat 01 Jan 2022 11:04:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     46450
IP address blocks:        162.218.95.0/24 maxlen: 24
                          63.246.150.0/24 maxlen: 24
                          94.154.177.0/24 maxlen: 24
                          94.154.183.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 145438105 (0x8ab3599)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
        Validity
            Not Before: Jan  1 11:04:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3500c588db54dbd76a11664ba10456458b53411b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:03:77:61:3d:3b:86:10:ff:96:4c:2d:49:80:
                    5f:bc:7a:f4:3c:e7:78:4b:fc:63:cc:26:93:10:1a:
                    46:b5:52:b0:41:3f:d8:71:e7:1d:3d:64:66:a5:ea:
                    64:a0:5c:6f:92:30:33:93:8b:14:64:95:f9:ea:bb:
                    77:5e:e9:72:5f:88:fc:2a:d8:49:6e:57:38:1d:20:
                    d7:9b:ba:f9:8e:45:d9:60:73:c8:bb:23:a2:58:3c:
                    db:1d:ed:24:98:d5:0f:b1:bd:8d:84:3e:f6:83:ee:
                    37:12:b3:15:5b:80:ac:e2:16:9e:bd:43:90:9a:20:
                    a9:03:fc:23:9f:07:c0:79:3b:de:4b:f7:a4:81:cc:
                    57:db:b2:6d:42:ad:0c:1c:49:e2:7a:a9:9b:b7:b0:
                    9e:5c:ad:d6:70:5d:c5:dd:dd:48:7e:31:b3:2f:b1:
                    c3:66:02:44:2d:28:03:8e:01:ed:59:19:8c:bd:66:
                    a9:c8:2e:2b:92:d6:f1:4b:df:73:8e:58:e6:b7:f4:
                    7d:91:cb:fc:23:30:2e:5a:3b:34:28:77:ed:f4:08:
                    8a:17:61:95:f0:c3:ae:ad:0d:08:ac:fc:b2:7b:82:
                    40:67:9c:21:60:be:f0:7b:17:25:90:ea:e0:ca:e3:
                    d3:48:6e:3c:1d:cc:4b:9f:54:2d:7b:e2:de:aa:75:
                    58:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:00:C5:88:DB:54:DB:D7:6A:11:66:4B:A1:04:56:45:8B:53:41:1B
            X509v3 Authority Key Identifier:
                keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/NQDFiNtU29dqEWZLoQRWRYtTQRs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  63.246.150.0/24
                  94.154.177.0/24
                  94.154.183.0/24
                  162.218.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:a6:f3:f2:3f:5f:1c:c2:ae:d0:fe:3a:40:1c:d1:65:b3:b5:
         bd:93:59:3b:3a:64:ac:0a:40:fb:28:01:bd:0a:e1:48:43:8c:
         72:7e:50:5d:71:d9:b3:66:05:ba:36:5f:fa:3c:26:bf:e8:ea:
         7a:91:fe:d4:09:b5:1c:6c:34:84:ba:a6:02:c1:48:94:a5:4d:
         2f:8d:19:4f:28:8e:bd:75:77:82:c6:60:7b:2d:f0:97:46:da:
         95:83:b4:a9:c9:64:97:f2:39:a5:35:74:3d:9b:4f:bb:64:95:
         93:03:92:3f:23:24:a1:2e:dc:3a:a0:69:9e:9e:01:d1:4b:a4:
         ad:4e:bf:83:c4:5c:b8:df:7a:06:d6:33:69:f7:83:55:e4:00:
         22:dc:5f:a6:55:02:ed:f4:92:2e:bc:a4:8f:91:73:35:3d:01:
         2b:93:5a:ad:c7:24:c8:77:5f:60:10:dd:0e:37:9e:ee:74:d9:
         ab:b6:be:0a:f8:92:ad:25:df:18:48:2c:93:7a:1f:19:09:ee:
         c7:88:34:4e:35:e5:ca:b5:ea:bb:15:7f:60:f1:cf:12:d5:de:
         66:9b:7b:05:8e:ff:80:c0:74:e0:da:e5:71:4b:97:db:a9:2e:
         d7:2b:a5:5b:9a:e4:9f:04:74:9c:60:2e:55:58:67:25:27:e4:
         64:06:f4:89
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIECKs1mTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MmI3OGY2NjgyZmMzOWM1NWI0MWQ0OGY4MGI4ODM4ZDVkMmRiZjA3MB4XDTIyMDEw
MTExMDQxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzUwMGM1ODhkYjU0
ZGJkNzZhMTE2NjRiYTEwNDU2NDU4YjUzNDExYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALMDd2E9O4YQ/5ZMLUmAX7x69DzneEv8Y8wmkxAaRrVSsEE/
2HHnHT1kZqXqZKBcb5IwM5OLFGSV+eq7d17pcl+I/CrYSW5XOB0g15u6+Y5F2WBz
yLsjolg82x3tJJjVD7G9jYQ+9oPuNxKzFVuArOIWnr1DkJogqQP8I58HwHk73kv3
pIHMV9uybUKtDBxJ4nqpm7ewnlyt1nBdxd3dSH4xsy+xw2YCRC0oA44B7VkZjL1m
qcguK5LW8Uvfc45Y5rf0fZHL/CMwLlo7NCh37fQIihdhlfDDrq0NCKz8snuCQGec
IWC+8HsXJZDq4Mrj00huPB3MS59ULXvi3qp1WN0CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQ1AMWI21Tb12oRZkuhBFZFi1NBGzAfBgNVHSMEGDAWgBRyt49mgvw5xVtB
1I+AuIONXS2/BzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NyZVBab0w4T2NWYlFkU1BnTGlEalYwdHZ3Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvM2M0YjhhLWJmYzctNDFlOS05OWUxLWYzZTUwNmFlYWEwMS8x
L05RREZpTnRVMjlkcUVXWkxvUVJXUll0VFFScy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
M2M0YjhhLWJmYzctNDFlOS05OWUxLWYzZTUwNmFlYWEwMS8xL2NyZVBab0w4T2NW
YlFkU1BnTGlEalYwdHZ3Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAD/2lgMEAF6asQMEAF6atwMEAKLa
XzANBgkqhkiG9w0BAQsFAAOCAQEAfKbz8j9fHMKu0P46QBzRZbO1vZNZOzpkrApA
+ygBvQrhSEOMcn5QXXHZs2YFujZf+jwmv+jqepH+1Am1HGw0hLqmAsFIlKVNL40Z
TyiOvXV3gsZgey3wl0balYO0qclkl/I5pTV0PZtPu2SVkwOSPyMkoS7cOqBpnp4B
0UukrU6/g8RcuN96BtYzafeDVeQAItxfplUC7fSSLrykj5FzNT0BK5NarcckyHdf
YBDdDjee7nTZq7a+CviSrSXfGEgsk3ofGQnux4g0TjXlyrXquxV/YPHPEtXeZpt7
BY7/gMB04NrlcUuX26ku1yulW5rknwR0nGAuVVhnJSfkZAb0iQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:16 2024 by rpki-client on console-ams.rpki-client.org