Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/abb153-51b3-4849-8985-d30f9168f801/1/QFqvj_EP3v3hoR5jmK1d3E_k4Tk.roa
File:                     QFqvj_EP3v3hoR5jmK1d3E_k4Tk.roa (raw, json)
Hash identifier:          tJEToVdL1pf6adVMQU7QU24g0bpZ99VVDaqpR/1OzqY=
Subject key identifier:   40:5A:AF:8F:F1:0F:DE:FD:E1:A1:1E:63:98:AD:5D:DC:4F:E4:E1:39
Certificate issuer:       /CN=73b81640e1b64f51d2ba7d78f6777c056d1154bf
Certificate serial:       1A85210E
Authority key identifier: 73:B8:16:40:E1:B6:4F:51:D2:BA:7D:78:F6:77:7C:05:6D:11:54:BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c7gWQOG2T1HSun149nd8BW0RVL8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/abb153-51b3-4849-8985-d30f9168f801/1/QFqvj_EP3v3hoR5jmK1d3E_k4Tk.roa
Signing time:             Sat 01 Jan 2022 15:03:19 +0000
ROA not before:           Sat 01 Jan 2022 15:03:19 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61234
IP address blocks:        84.39.153.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 444932366 (0x1a85210e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73b81640e1b64f51d2ba7d78f6777c056d1154bf
        Validity
            Not Before: Jan  1 15:03:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=405aaf8ff10fdefde1a11e6398ad5ddc4fe4e139
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:c8:50:9e:9a:fd:3c:af:0a:e6:da:93:e5:d7:
                    aa:94:bd:46:e6:5e:95:77:4f:bc:f3:20:7e:52:0d:
                    0d:0c:d2:70:8d:a1:09:2d:8d:93:e9:b4:f9:7c:a1:
                    a7:db:f6:c4:6a:9d:70:1d:f6:eb:7a:e3:48:87:85:
                    c3:2c:e4:0b:60:c4:0a:90:7a:b4:91:48:46:bc:3f:
                    97:44:04:37:60:ea:16:1c:5b:6a:30:1c:2b:f0:00:
                    45:9a:17:8e:23:e7:c3:c8:6e:ca:a2:05:de:f6:77:
                    11:a0:2c:c0:20:c9:aa:6b:0f:97:4c:6d:7a:10:8a:
                    4f:bf:b0:43:9f:5a:42:26:7f:98:3c:ee:e2:ff:84:
                    cc:f8:71:55:18:5a:5f:80:4f:e7:f4:de:c0:dd:2f:
                    3a:fe:02:c8:a3:d5:d5:47:c6:bb:35:72:f7:e4:ee:
                    a8:0b:e5:02:28:58:39:93:7f:e9:65:fc:0e:6d:6b:
                    c9:81:e1:b7:2c:63:2e:10:6e:94:14:5e:da:6f:34:
                    a9:0c:16:e1:af:98:0c:cf:86:f8:a8:e4:7f:d1:5a:
                    46:57:bc:92:c2:ec:d8:25:bc:97:cc:f5:93:a1:12:
                    db:5e:df:7c:10:21:0e:52:8f:9b:cb:50:4c:ff:72:
                    d2:63:bd:7e:c7:18:0c:1d:22:93:f5:b4:f9:a7:f1:
                    f9:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:5A:AF:8F:F1:0F:DE:FD:E1:A1:1E:63:98:AD:5D:DC:4F:E4:E1:39
            X509v3 Authority Key Identifier:
                keyid:73:B8:16:40:E1:B6:4F:51:D2:BA:7D:78:F6:77:7C:05:6D:11:54:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7gWQOG2T1HSun149nd8BW0RVL8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/abb153-51b3-4849-8985-d30f9168f801/1/QFqvj_EP3v3hoR5jmK1d3E_k4Tk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/abb153-51b3-4849-8985-d30f9168f801/1/c7gWQOG2T1HSun149nd8BW0RVL8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.39.153.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:9a:dc:99:1c:ae:c0:c2:32:38:92:8a:90:ce:36:4c:c9:b1:
         70:7d:30:34:5a:13:8d:f9:c9:4d:f2:5f:c4:6a:65:c2:e6:e3:
         03:3b:ab:33:54:70:0a:85:07:9b:31:4a:51:e0:8b:40:47:03:
         2d:45:0f:b1:54:d8:3d:95:0e:13:2e:c1:57:27:8c:bb:c5:43:
         80:32:f0:82:6c:04:43:be:65:90:c5:3d:92:5e:f2:37:e7:35:
         21:3b:82:c8:3d:28:5c:54:8c:d5:f6:8c:cd:00:6a:f6:c0:c6:
         d0:a6:fc:42:e2:e5:d7:f5:c0:60:ed:38:86:7c:02:a3:8d:ef:
         86:42:54:f4:c8:48:8d:cd:5d:d3:d9:53:b8:b2:87:7a:6b:55:
         b5:f4:dc:ac:a6:6c:10:da:4c:61:b2:0a:99:c9:89:7a:5b:b9:
         61:f2:04:17:d3:b2:c4:40:23:5e:af:e8:08:74:cc:bd:6d:8e:
         e4:b3:91:b7:5c:32:ce:13:c9:3d:f9:ad:6d:9f:b7:ed:65:83:
         0e:8a:5b:f9:7e:25:1f:5b:8e:8d:df:e1:3f:10:3c:4e:b1:2c:
         f8:e8:8f:a7:c0:14:01:71:f9:d5:d9:16:de:20:4c:bb:b4:de:
         c8:1d:dc:21:65:d1:7c:10:fe:0f:fc:29:9d:bb:71:ff:88:e4:
         7b:9a:cc:a8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGoUhDjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
M2I4MTY0MGUxYjY0ZjUxZDJiYTdkNzhmNjc3N2MwNTZkMTE1NGJmMB4XDTIyMDEw
MTE1MDMxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDA1YWFmOGZmMTBm
ZGVmZGUxYTExZTYzOThhZDVkZGM0ZmU0ZTEzOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJHIUJ6a/TyvCubak+XXqpS9RuZelXdPvPMgflINDQzScI2h
CS2Nk+m0+Xyhp9v2xGqdcB3263rjSIeFwyzkC2DECpB6tJFIRrw/l0QEN2DqFhxb
ajAcK/AARZoXjiPnw8huyqIF3vZ3EaAswCDJqmsPl0xtehCKT7+wQ59aQiZ/mDzu
4v+EzPhxVRhaX4BP5/TewN0vOv4CyKPV1UfGuzVy9+TuqAvlAihYOZN/6WX8Dm1r
yYHhtyxjLhBulBRe2m80qQwW4a+YDM+G+Kjkf9FaRle8ksLs2CW8l8z1k6ES217f
fBAhDlKPm8tQTP9y0mO9fscYDB0ik/W0+afx+akCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRAWq+P8Q/e/eGhHmOYrV3cT+ThOTAfBgNVHSMEGDAWgBRzuBZA4bZPUdK6
fXj2d3wFbRFUvzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2M3Z1dRT0cyVDFIU3VuMTQ5bmQ4QlcwUlZMOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDEvYWJiMTUzLTUxYjMtNDg0OS04OTg1LWQzMGY5MTY4ZjgwMS8x
L1FGcXZqX0VQM3YzaG9SNWptSzFkM0VfazRUay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEv
YWJiMTUzLTUxYjMtNDg0OS04OTg1LWQzMGY5MTY4ZjgwMS8xL2M3Z1dRT0cyVDFI
U3VuMTQ5bmQ4QlcwUlZMOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFQnmTANBgkqhkiG9w0BAQsFAAOC
AQEAWZrcmRyuwMIyOJKKkM42TMmxcH0wNFoTjfnJTfJfxGplwubjAzurM1RwCoUH
mzFKUeCLQEcDLUUPsVTYPZUOEy7BVyeMu8VDgDLwgmwEQ75lkMU9kl7yN+c1ITuC
yD0oXFSM1faMzQBq9sDG0Kb8QuLl1/XAYO04hnwCo43vhkJU9MhIjc1d09lTuLKH
emtVtfTcrKZsENpMYbIKmcmJelu5YfIEF9OyxEAjXq/oCHTMvW2O5LORt1wyzhPJ
PfmtbZ+37WWDDopb+X4lH1uOjd/hPxA8TrEs+OiPp8AUAXH51dkW3iBMu7TeyB3c
IWXRfBD+D/wpnbtx/4jke5rMqA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:55 2024 by rpki-client on console-fra.rpki-client.org