Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/6cd5fc-60cc-45de-bd8a-1544b44d59ca/1/Qnc_RjvWEbA6luri_Sm3NdhCym0.roa
File:                     Qnc_RjvWEbA6luri_Sm3NdhCym0.roa (raw, json)
Hash identifier:          IyOLCBEmXH8xzYVOAcvJiyT3CwcMGUg0SbKGcMbZdKs=
Subject key identifier:   42:77:3F:46:3B:D6:11:B0:3A:96:EA:E2:FD:29:B7:35:D8:42:CA:6D
Certificate issuer:       /CN=c62d7cac1ffb2c3fbde284625bf1af4c6bae6b0e
Certificate serial:       0184C781741085546A6894F2E9BE566489DC
Authority key identifier: C6:2D:7C:AC:1F:FB:2C:3F:BD:E2:84:62:5B:F1:AF:4C:6B:AE:6B:0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xi18rB_7LD-94oRiW_GvTGuuaw4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/6cd5fc-60cc-45de-bd8a-1544b44d59ca/1/Qnc_RjvWEbA6luri_Sm3NdhCym0.roa
Signing time:             Wed 30 Nov 2022 07:47:40 +0000
ROA not before:           Wed 30 Nov 2022 07:47:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3292
IP address blocks:        147.29.150.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:c7:81:74:10:85:54:6a:68:94:f2:e9:be:56:64:89:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c62d7cac1ffb2c3fbde284625bf1af4c6bae6b0e
        Validity
            Not Before: Nov 30 07:47:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=42773f463bd611b03a96eae2fd29b735d842ca6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:66:99:17:b3:96:b3:9c:ce:16:de:35:27:05:
                    4f:6a:cb:30:c0:b9:79:e7:7e:57:b1:df:72:a0:de:
                    e2:d0:c3:0a:fd:5c:0b:b6:c1:10:97:47:7e:d1:aa:
                    eb:9a:14:27:23:d4:4c:78:af:ff:2b:e0:33:17:04:
                    fc:eb:08:d6:8e:b4:24:18:ac:47:02:70:9a:5c:37:
                    44:ea:5c:06:72:5e:07:ff:22:0c:6b:85:4f:82:41:
                    f9:dd:df:dd:bb:ad:c5:db:63:1b:ae:1c:8f:84:60:
                    7c:b5:01:9b:ff:7a:6f:3e:e1:33:47:3b:7c:1c:bf:
                    0a:5b:6c:a7:85:3c:f0:e8:8a:f5:e3:f4:c5:3a:7a:
                    db:e8:9d:b8:a5:89:60:a2:8b:20:b0:29:51:e3:9a:
                    62:de:ac:0d:bf:c7:d8:ea:a3:7e:ec:d8:d6:52:df:
                    79:37:02:35:37:fa:c7:c0:d9:e7:87:97:c6:be:71:
                    74:ec:8a:c8:a8:7b:17:ba:63:16:e3:66:2d:8e:1c:
                    78:c6:a0:e8:c2:55:59:f1:4f:dd:3f:0e:8e:2c:31:
                    99:6d:af:71:17:db:5d:54:49:9d:e0:9b:44:a2:95:
                    2a:8e:60:77:23:40:30:4b:da:49:85:b1:8f:6e:bf:
                    dc:7f:f8:7d:b3:47:86:b4:f3:ee:16:66:d6:fa:58:
                    d2:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:77:3F:46:3B:D6:11:B0:3A:96:EA:E2:FD:29:B7:35:D8:42:CA:6D
            X509v3 Authority Key Identifier:
                keyid:C6:2D:7C:AC:1F:FB:2C:3F:BD:E2:84:62:5B:F1:AF:4C:6B:AE:6B:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xi18rB_7LD-94oRiW_GvTGuuaw4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6cd5fc-60cc-45de-bd8a-1544b44d59ca/1/Qnc_RjvWEbA6luri_Sm3NdhCym0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6cd5fc-60cc-45de-bd8a-1544b44d59ca/1/xi18rB_7LD-94oRiW_GvTGuuaw4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.29.150.0/23

    Signature Algorithm: sha256WithRSAEncryption
         85:61:17:b1:60:27:e1:1a:ae:86:c2:f2:a2:55:08:e5:b0:9d:
         80:8e:41:e5:2c:d9:1e:6e:a5:ff:89:13:d3:91:d9:15:84:2f:
         56:97:e6:79:c4:78:f6:b3:16:05:b0:22:ce:01:e0:e6:0f:63:
         4f:8f:21:a3:d9:19:4e:74:c3:80:ed:0c:2b:46:9c:7c:63:ee:
         47:d5:12:6a:ee:ce:64:68:52:b4:44:c9:a4:a0:f7:5c:32:87:
         bc:48:18:64:7a:10:6c:9c:3f:6a:56:1f:e4:71:ee:be:a3:a9:
         1a:00:27:54:66:cd:fa:aa:61:11:86:d6:e2:eb:94:76:02:33:
         91:b0:5a:dc:91:47:f5:0a:6d:89:e2:74:4a:f1:68:fc:6b:06:
         5c:e8:30:35:17:89:cf:66:30:76:f7:ec:c4:4d:17:c9:db:f6:
         bf:b2:10:74:a8:a1:8b:3c:fc:00:31:22:f0:a7:a7:18:45:f4:
         7f:5e:41:b9:8e:35:4c:ba:ca:6f:28:38:99:66:a7:7e:13:87:
         fe:f5:d0:5b:6f:8b:40:d9:3b:b5:47:66:b0:62:96:66:f8:ea:
         48:58:1b:7f:5a:b7:c1:a3:a6:16:91:29:ab:e5:79:90:e7:1e:
         f0:8f:5e:d2:af:87:86:4c:d5:8e:93:0d:ae:be:38:c7:e9:0e:
         7d:12:90:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTHgXQQhVRqaJTy6b5WZIncMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MmQ3Y2FjMWZmYjJjM2ZiZGUyODQ2MjViZjFhZjRjNmJh
ZTZiMGUwHhcNMjIxMTMwMDc0NzQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mjc3M2Y0NjNiZDYxMWIwM2E5NmVhZTJmZDI5YjczNWQ4NDJjYTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGaZF7OWs5zOFt41JwVPasswwLl5
535Xsd9yoN7i0MMK/VwLtsEQl0d+0arrmhQnI9RMeK//K+AzFwT86wjWjrQkGKxH
AnCaXDdE6lwGcl4H/yIMa4VPgkH53d/du63F22MbrhyPhGB8tQGb/3pvPuEzRzt8
HL8KW2ynhTzw6Ir14/TFOnrb6J24pYlgoosgsClR45pi3qwNv8fY6qN+7NjWUt95
NwI1N/rHwNnnh5fGvnF07IrIqHsXumMW42Ytjhx4xqDowlVZ8U/dPw6OLDGZba9x
F9tdVEmd4JtEopUqjmB3I0AwS9pJhbGPbr/cf/h9s0eGtPPuFmbW+ljShQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEJ3P0Y71hGwOpbq4v0ptzXYQsptMB8GA1UdIwQY
MBaAFMYtfKwf+yw/veKEYlvxr0xrrmsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGkxOHJCXzdMRC05NG9SaVdfR3ZUR3V1YXc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82Y2Q1ZmMtNjBjYy00NWRlLWJkOGEt
MTU0NGI0NGQ1OWNhLzEvUW5jX1JqdldFYkE2bHVyaV9TbTNOZGhDeW0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82Y2Q1ZmMtNjBjYy00NWRlLWJkOGEtMTU0NGI0NGQ1OWNh
LzEveGkxOHJCXzdMRC05NG9SaVdfR3ZUR3V1YXc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBkx2WMA0G
CSqGSIb3DQEBCwUAA4IBAQCFYRexYCfhGq6GwvKiVQjlsJ2AjkHlLNkebqX/iRPT
kdkVhC9Wl+Z5xHj2sxYFsCLOAeDmD2NPjyGj2RlOdMOA7QwrRpx8Y+5H1RJq7s5k
aFK0RMmkoPdcMoe8SBhkehBsnD9qVh/kce6+o6kaACdUZs36qmERhtbi65R2AjOR
sFrckUf1Cm2J4nRK8Wj8awZc6DA1F4nPZjB29+zETRfJ2/a/shB0qKGLPPwAMSLw
p6cYRfR/XkG5jjVMuspvKDiZZqd+E4f+9dBbb4tA2Tu1R2awYpZm+OpIWBt/WrfB
o6YWkSmr5XmQ5x7wj17Sr4eGTNWOkw2uvjjH6Q59EpBD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:53 2024 by rpki-client on console-ams.rpki-client.org