Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/qpYKPfYx368Tumo32ykeZAh_HJQ.roa
File:                     qpYKPfYx368Tumo32ykeZAh_HJQ.roa (raw, json)
Hash identifier:          Q6y8atPNTuVoihnh/Wtchh9w0QEzpVONPIXjNmq+CMQ=
Subject key identifier:   AA:96:0A:3D:F6:31:DF:AF:13:BA:6A:37:DB:29:1E:64:08:7F:1C:94
Certificate issuer:       /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial:       05617318
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/qpYKPfYx368Tumo32ykeZAh_HJQ.roa
Signing time:             Tue 11 Jan 2022 18:14:26 +0000
ROA not before:           Tue 11 Jan 2022 18:14:26 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208737
IP address blocks:        78.159.130.0/24 maxlen: 24
                          91.92.54.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 90272536 (0x5617318)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
        Validity
            Not Before: Jan 11 18:14:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=aa960a3df631dfaf13ba6a37db291e64087f1c94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:7f:cd:d4:09:75:6f:79:3f:a7:a9:57:17:28:
                    5c:15:92:05:db:f5:f6:10:db:93:bc:1c:61:72:b5:
                    0a:c6:1b:a7:53:66:fc:eb:33:35:03:ab:99:33:39:
                    aa:30:93:70:a2:c9:88:d7:6b:a7:29:80:73:83:df:
                    70:4a:60:95:dd:65:12:ad:31:1e:ab:f8:ca:3c:65:
                    d0:a2:41:bf:80:eb:26:2c:6a:9d:28:0f:1c:40:36:
                    fc:48:4b:73:d1:72:03:30:b7:97:74:78:5d:6b:97:
                    69:0b:d6:f8:7d:4f:f1:2d:44:f7:5d:ed:f1:03:01:
                    bd:b1:49:eb:3e:73:28:3d:27:c4:fc:41:f7:70:7c:
                    c8:16:0c:e0:47:5e:2a:8c:f0:b7:db:3d:5d:f4:fc:
                    b4:ad:9d:3f:eb:74:72:c6:9d:0b:30:6c:1d:dd:18:
                    3b:a5:35:15:39:8b:d4:f7:a7:ca:41:68:3e:97:59:
                    d0:7c:8f:08:3e:c1:5e:ae:10:20:98:62:86:35:9a:
                    1e:14:f0:02:4c:ad:db:13:61:a6:ab:8e:71:48:0e:
                    c0:9e:bd:35:08:22:d8:6a:39:a0:cc:9b:a4:ac:ae:
                    15:08:8d:71:82:e9:ea:c3:30:78:44:af:ca:93:d6:
                    2c:ff:2e:9f:9a:69:3a:e9:41:28:50:9c:bc:61:1d:
                    b5:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:96:0A:3D:F6:31:DF:AF:13:BA:6A:37:DB:29:1E:64:08:7F:1C:94
            X509v3 Authority Key Identifier:
                keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/qpYKPfYx368Tumo32ykeZAh_HJQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.159.130.0/24
                  91.92.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:b8:99:6c:84:81:11:5c:46:fd:50:87:b1:3b:aa:ab:5e:07:
         70:5f:8f:63:6d:31:60:22:f6:4a:c4:a7:1d:1c:a7:4a:b2:7e:
         fb:a1:b8:19:4e:33:fd:91:d8:c7:5b:dc:c5:cd:ff:17:4b:ea:
         77:fd:b3:7b:13:1e:57:0a:c0:14:5c:10:cc:04:a0:d3:29:6b:
         ab:1c:65:1b:c6:96:0a:be:cd:de:cd:bd:12:45:cb:25:49:4a:
         8d:bb:67:af:3e:42:53:20:0b:7d:2c:c9:5c:c3:c9:6a:d9:d5:
         ad:7a:3a:71:51:ad:e1:e0:48:6c:4f:4a:6c:91:87:a2:3e:45:
         6c:9e:c0:c5:de:81:4f:f8:6e:68:f9:92:3f:f4:be:b7:c1:47:
         74:bd:ae:21:66:43:41:d9:a0:08:4f:da:97:93:0b:cc:ec:dc:
         31:00:52:0f:c1:9c:43:ba:d4:12:71:4b:57:78:d5:c7:8d:3d:
         43:08:7a:f9:d2:38:0c:58:51:3e:65:db:a3:36:ad:bd:89:64:
         da:c2:7f:b3:5a:96:d8:ea:02:b8:e7:47:b7:90:8c:79:27:e6:
         fd:dc:ed:d0:c6:3d:19:29:93:ce:00:da:5a:6e:4b:c8:a7:bd:
         57:0a:75:87:5b:ef:90:93:fb:ac:94:58:a1:9b:bc:35:0a:30:
         71:a4:46:7b
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBWFzGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZDFjYWE2OTM1OGY4Yzk4ZjdhNzE5ZjI1OTdkNWRhZGRiZDAwMThjMB4XDTIyMDEx
MTE4MTQyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWE5NjBhM2RmNjMx
ZGZhZjEzYmE2YTM3ZGIyOTFlNjQwODdmMWM5NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALN/zdQJdW95P6epVxcoXBWSBdv19hDbk7wcYXK1CsYbp1Nm
/OszNQOrmTM5qjCTcKLJiNdrpymAc4PfcEpgld1lEq0xHqv4yjxl0KJBv4DrJixq
nSgPHEA2/EhLc9FyAzC3l3R4XWuXaQvW+H1P8S1E913t8QMBvbFJ6z5zKD0nxPxB
93B8yBYM4EdeKozwt9s9XfT8tK2dP+t0csadCzBsHd0YO6U1FTmL1PenykFoPpdZ
0HyPCD7BXq4QIJhihjWaHhTwAkyt2xNhpquOcUgOwJ69NQgi2Go5oMybpKyuFQiN
cYLp6sMweESvypPWLP8un5ppOulBKFCcvGEdtf0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSqlgo99jHfrxO6ajfbKR5kCH8clDAfBgNVHSMEGDAWgBQtHKppNY+MmPen
GfJZfV2t29ABjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xSeXFhVFdQakpqM3B4bnlXWDFkcmR2UUFZdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvYTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8x
L3FwWUtQZll4MzY4VHVtbzMyeWtlWkFoX0hKUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
YTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8xL0xSeXFhVFdQakpq
M3B4bnlXWDFkcmR2UUFZdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAE6fggMEAFtcNjANBgkqhkiG9w0B
AQsFAAOCAQEAALiZbISBEVxG/VCHsTuqq14HcF+PY20xYCL2SsSnHRynSrJ++6G4
GU4z/ZHYx1vcxc3/F0vqd/2zexMeVwrAFFwQzASg0ylrqxxlG8aWCr7N3s29EkXL
JUlKjbtnrz5CUyALfSzJXMPJatnVrXo6cVGt4eBIbE9KbJGHoj5FbJ7Axd6BT/hu
aPmSP/S+t8FHdL2uIWZDQdmgCE/al5MLzOzcMQBSD8GcQ7rUEnFLV3jVx409Qwh6
+dI4DFhRPmXbozatvYlk2sJ/s1qW2OoCuOdHt5CMeSfm/dzt0MY9GSmTzgDaWm5L
yKe9Vwp1h1vvkJP7rJRYoZu8NQowcaRGew==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:43 2024 by rpki-client on console-fra.rpki-client.org