Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/QK_qwgqzjdAtjXOm3yg0dhOGH-E.roa
File:                     QK_qwgqzjdAtjXOm3yg0dhOGH-E.roa (raw, json)
Hash identifier:          6/MhddfxxZFArQYqu4lsNlOp8g3omfdTrX/7keG4C98=
Subject key identifier:   40:AF:EA:C2:0A:B3:8D:D0:2D:8D:73:A6:DF:28:34:76:13:86:1F:E1
Certificate issuer:       /CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Certificate serial:       0182C46517ADFDC2AF9158F6E9EF3ACDF1B4
Authority key identifier: 0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/QK_qwgqzjdAtjXOm3yg0dhOGH-E.roa
Signing time:             Mon 22 Aug 2022 07:12:15 +0000
ROA not before:           Mon 22 Aug 2022 07:12:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     834
IP address blocks:        37.143.0.0/22 maxlen: 22
                          37.143.4.0/22 maxlen: 22
                          46.28.40.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:c4:65:17:ad:fd:c2:af:91:58:f6:e9:ef:3a:cd:f1:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f6363d428b7915c108825f09706004b8ea3d4b5
        Validity
            Not Before: Aug 22 07:12:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=40afeac20ab38dd02d8d73a6df28347613861fe1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:db:65:cc:b0:47:de:d1:0c:36:db:a2:f5:c6:
                    f6:f2:78:cb:da:23:a7:90:57:35:b7:b4:7f:14:44:
                    dd:4a:c1:93:11:33:e2:7c:a3:22:55:7f:ac:b3:d8:
                    8c:44:94:35:53:9f:04:0c:5b:b5:a6:88:94:2d:5f:
                    0e:15:b9:42:1b:15:c8:cc:e9:1e:43:64:2e:d9:da:
                    f7:93:d5:6a:78:31:e0:f7:b5:2b:0b:47:a8:c4:90:
                    69:df:4b:12:7f:3f:d8:e2:72:78:ab:f3:58:b5:79:
                    e0:66:02:03:b0:a8:a8:43:7d:e3:96:51:9f:d1:28:
                    b2:64:f3:2a:9b:93:ce:b5:7d:cb:de:93:cd:01:a5:
                    55:a6:d9:52:b7:c5:55:3d:fc:d3:b2:ed:53:db:38:
                    a4:06:6f:8a:d8:63:fc:18:6b:ef:93:98:8a:ba:04:
                    d4:db:5d:7d:80:05:cd:0b:f6:e7:9c:9c:03:cd:88:
                    3a:5c:56:f4:77:d3:cf:ba:26:f4:07:32:41:a8:f5:
                    55:92:0c:cd:6a:e2:6e:7f:ca:b4:27:03:66:b1:37:
                    c0:7f:81:7f:27:78:68:a8:41:ea:4e:81:a5:22:fd:
                    a3:cb:55:8b:f1:23:db:1f:c2:43:b8:03:4b:51:ca:
                    e1:8b:92:5a:76:18:ca:ec:4a:13:12:a3:ed:e3:dc:
                    09:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:AF:EA:C2:0A:B3:8D:D0:2D:8D:73:A6:DF:28:34:76:13:86:1F:E1
            X509v3 Authority Key Identifier:
                keyid:0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/QK_qwgqzjdAtjXOm3yg0dhOGH-E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.143.0.0/21
                  46.28.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         29:73:1b:04:3e:86:87:5f:ab:74:f1:40:c0:a9:6b:b2:42:bb:
         ac:cb:3c:5b:3c:8e:6c:44:17:62:2e:78:8a:6a:a9:9c:c7:b2:
         dc:51:6e:ee:0c:c6:2a:12:62:e5:b6:86:68:f4:3b:f7:d9:a6:
         97:c8:97:40:cc:52:85:95:0d:d9:5c:8a:1d:d7:5a:9f:2c:10:
         2f:3e:09:16:28:2b:3c:9e:3d:4e:98:75:4a:69:8b:f1:cc:e4:
         0d:d0:5c:37:dc:1a:cc:4a:43:f2:62:6f:59:d3:97:52:19:eb:
         12:6a:40:68:dd:ae:0c:2d:52:33:41:c4:9d:0d:6a:c5:f1:0f:
         10:cf:59:3d:7b:90:ba:d6:95:3c:52:92:79:15:a1:62:e9:bb:
         a8:29:b1:9d:af:a2:a7:fe:4d:3c:44:11:eb:f8:61:2c:a2:e5:
         47:af:9a:93:43:93:b6:bc:16:82:66:6e:2d:0e:7a:64:1a:64:
         ed:38:93:21:64:f0:0c:9e:e0:ad:f9:ad:a3:71:aa:92:ba:c2:
         28:37:d7:8f:de:5d:0e:4a:e7:c9:72:94:60:cc:0d:10:87:f2:
         ba:8f:fb:b8:c8:5a:76:4f:52:76:e1:dd:5d:4c:c7:4e:02:56:
         55:10:ad:86:b3:32:6a:00:f9:af:e0:5a:8b:c4:1c:c6:3d:d1:
         17:e6:6f:fb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYLEZRet/cKvkVj26e86zfG0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjM2M2Q0MjhiNzkxNWMxMDg4MjVmMDk3MDYwMDRiOGVh
M2Q0YjUwHhcNMjIwODIyMDcxMjE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGFmZWFjMjBhYjM4ZGQwMmQ4ZDczYTZkZjI4MzQ3NjEzODYxZmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdtlzLBH3tEMNtui9cb28njL2iOn
kFc1t7R/FETdSsGTETPifKMiVX+ss9iMRJQ1U58EDFu1poiULV8OFblCGxXIzOke
Q2Qu2dr3k9VqeDHg97UrC0eoxJBp30sSfz/Y4nJ4q/NYtXngZgIDsKioQ33jllGf
0SiyZPMqm5POtX3L3pPNAaVVptlSt8VVPfzTsu1T2zikBm+K2GP8GGvvk5iKugTU
2119gAXNC/bnnJwDzYg6XFb0d9PPuib0BzJBqPVVkgzNauJuf8q0JwNmsTfAf4F/
J3hoqEHqToGlIv2jy1WL8SPbH8JDuANLUcrhi5JadhjK7EoTEqPt49wJ0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFECv6sIKs43QLY1zpt8oNHYThh/hMB8GA1UdIwQY
MBaAFA9jY9Qot5FcEIgl8JcGAEuOo9S1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEt
MmUxYzBhZjRmYWE0LzEvUUtfcXdncXpqZEF0alhPbTN5ZzBkaE9HSC1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEtMmUxYzBhZjRmYWE0
LzEvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDJY8AAwQC
LhwoMA0GCSqGSIb3DQEBCwUAA4IBAQApcxsEPoaHX6t08UDAqWuyQrusyzxbPI5s
RBdiLniKaqmcx7LcUW7uDMYqEmLltoZo9Dv32aaXyJdAzFKFlQ3ZXIod11qfLBAv
PgkWKCs8nj1OmHVKaYvxzOQN0Fw33BrMSkPyYm9Z05dSGesSakBo3a4MLVIzQcSd
DWrF8Q8Qz1k9e5C61pU8UpJ5FaFi6buoKbGdr6Kn/k08RBHr+GEsouVHr5qTQ5O2
vBaCZm4tDnpkGmTtOJMhZPAMnuCt+a2jcaqSusIoN9eP3l0OSufJcpRgzA0Qh/K6
j/u4yFp2T1J24d1dTMdOAlZVEK2GszJqAPmv4FqLxBzGPdEX5m/7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:39 2024 by rpki-client on console-fra.rpki-client.org