Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/fcb729-c288-4e15-9384-a20d2d751eb5/1/qXgQdOM5dg3Rw3LtpRzXDYD7rVs.roa
File:                     qXgQdOM5dg3Rw3LtpRzXDYD7rVs.roa (raw, json)
Hash identifier:          VuWZxYSTkxcX/oNOyvMLzoPdNwM632DeJOowyN8jXxw=
Subject key identifier:   A9:78:10:74:E3:39:76:0D:D1:C3:72:ED:A5:1C:D7:0D:80:FB:AD:5B
Certificate issuer:       /CN=0d2087b0f6716d23c8d23eb3d0392b6bf642ad4b
Certificate serial:       308C3B50
Authority key identifier: 0D:20:87:B0:F6:71:6D:23:C8:D2:3E:B3:D0:39:2B:6B:F6:42:AD:4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DSCHsPZxbSPI0j6z0Dkra_ZCrUs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/fcb729-c288-4e15-9384-a20d2d751eb5/1/qXgQdOM5dg3Rw3LtpRzXDYD7rVs.roa
Signing time:             Sat 01 Jan 2022 06:05:45 +0000
ROA not before:           Sat 01 Jan 2022 06:05:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34841
IP address blocks:        46.55.208.0/21 maxlen: 24
                          46.55.240.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 814496592 (0x308c3b50)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d2087b0f6716d23c8d23eb3d0392b6bf642ad4b
        Validity
            Not Before: Jan  1 06:05:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a9781074e339760dd1c372eda51cd70d80fbad5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:19:58:e6:48:06:72:09:34:81:b7:47:08:f7:
                    86:6f:78:d1:70:32:f6:17:ff:bc:15:1d:33:9f:76:
                    04:3d:a8:55:0f:e9:17:fa:dc:7d:2c:6b:ec:16:c3:
                    3b:4e:95:e3:17:0f:c5:20:9e:02:c1:8b:92:79:89:
                    af:fc:7b:7a:9b:78:18:9f:ab:f4:80:e9:b8:89:1b:
                    59:9b:81:e2:c7:18:1a:9c:0f:16:3f:c9:08:f6:21:
                    8c:40:1f:b6:48:b2:ed:d4:e1:17:cb:57:e4:3b:45:
                    bd:1b:3f:d8:39:2b:89:43:ad:1a:8e:fd:e6:43:2f:
                    81:f0:7b:aa:76:4f:29:7c:98:6c:7a:75:36:e2:24:
                    87:b0:5a:8a:5e:0b:b6:4b:6c:a2:55:67:4d:9f:4a:
                    97:09:cc:b6:85:99:3a:43:3b:0c:a3:f9:63:64:c3:
                    d2:2c:5d:5d:73:ec:99:3a:b2:08:4b:ff:ab:7e:59:
                    3b:b8:66:9d:9a:00:04:05:0d:77:8a:0c:c7:03:1c:
                    6e:c8:ff:b9:ce:91:8a:33:30:9c:9d:79:6b:8f:eb:
                    74:5d:04:44:86:4d:d0:06:e2:54:02:db:d2:3e:17:
                    65:39:80:9d:89:46:ad:15:99:97:12:73:55:6a:02:
                    7f:68:b7:e6:d4:57:dc:19:e2:f4:9b:ad:66:f6:21:
                    44:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:78:10:74:E3:39:76:0D:D1:C3:72:ED:A5:1C:D7:0D:80:FB:AD:5B
            X509v3 Authority Key Identifier:
                keyid:0D:20:87:B0:F6:71:6D:23:C8:D2:3E:B3:D0:39:2B:6B:F6:42:AD:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSCHsPZxbSPI0j6z0Dkra_ZCrUs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/fcb729-c288-4e15-9384-a20d2d751eb5/1/qXgQdOM5dg3Rw3LtpRzXDYD7rVs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/fcb729-c288-4e15-9384-a20d2d751eb5/1/DSCHsPZxbSPI0j6z0Dkra_ZCrUs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.55.208.0/21
                  46.55.240.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:70:86:78:c6:83:3e:cd:d4:da:71:89:a2:ae:e2:48:cc:c3:
         4e:7f:08:77:c8:57:f2:b7:ff:59:b9:d0:68:36:de:d1:80:f8:
         d1:bb:7a:69:75:30:30:06:57:6e:ab:29:a5:87:00:b3:c8:0d:
         83:6a:f1:a4:2f:a3:2c:05:37:11:3b:ca:92:f8:6f:d0:47:b2:
         e8:e7:cf:90:a0:84:bc:4b:50:ea:5a:07:22:aa:2e:3a:ae:79:
         ec:8c:5f:07:10:c6:d4:77:38:29:eb:ba:6c:6a:26:37:6b:f2:
         02:13:eb:55:1a:b4:12:f3:59:9a:a2:fd:4b:b5:ee:c6:86:9f:
         54:dd:81:3c:26:8d:62:06:8f:96:73:af:32:e4:f4:da:78:58:
         a2:5c:fa:f6:7d:6f:38:64:64:fb:f8:90:e9:a9:d0:37:52:45:
         b5:04:b4:2b:55:fa:83:8a:49:e0:ad:33:b1:b5:a8:01:86:2f:
         06:ff:07:9b:86:d3:74:16:78:89:2a:38:29:06:c9:f7:81:ae:
         42:93:e9:18:04:ca:92:af:d3:b5:d4:6d:7a:e1:ea:1d:20:d1:
         ef:3c:72:40:27:a3:22:b4:33:29:74:e8:c4:0e:5a:ea:2e:1d:
         95:a2:fe:74:04:3a:a7:5d:8d:43:b5:e8:bc:fa:a0:53:b3:b1:
         cc:27:5e:21
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEMIw7UDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZDIwODdiMGY2NzE2ZDIzYzhkMjNlYjNkMDM5MmI2YmY2NDJhZDRiMB4XDTIyMDEw
MTA2MDU0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTk3ODEwNzRlMzM5
NzYwZGQxYzM3MmVkYTUxY2Q3MGQ4MGZiYWQ1YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKgZWOZIBnIJNIG3Rwj3hm940XAy9hf/vBUdM592BD2oVQ/p
F/rcfSxr7BbDO06V4xcPxSCeAsGLknmJr/x7ept4GJ+r9IDpuIkbWZuB4scYGpwP
Fj/JCPYhjEAftkiy7dThF8tX5DtFvRs/2DkriUOtGo795kMvgfB7qnZPKXyYbHp1
NuIkh7Bail4LtktsolVnTZ9KlwnMtoWZOkM7DKP5Y2TD0ixdXXPsmTqyCEv/q35Z
O7hmnZoABAUNd4oMxwMcbsj/uc6RijMwnJ15a4/rdF0ERIZN0AbiVALb0j4XZTmA
nYlGrRWZlxJzVWoCf2i35tRX3Bni9JutZvYhRBsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSpeBB04zl2DdHDcu2lHNcNgPutWzAfBgNVHSMEGDAWgBQNIIew9nFtI8jS
PrPQOStr9kKtSzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RTQ0hzUFp4YlNQSTBqNnowRGtyYV9aQ3JVcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvZmNiNzI5LWMyODgtNGUxNS05Mzg0LWEyMGQyZDc1MWViNS8x
L3FYZ1FkT001ZGczUnczTHRwUnpYRFlEN3JWcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
ZmNiNzI5LWMyODgtNGUxNS05Mzg0LWEyMGQyZDc1MWViNS8xL0RTQ0hzUFp4YlNQ
STBqNnowRGtyYV9aQ3JVcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAy430AMEAC438DANBgkqhkiG9w0B
AQsFAAOCAQEAjXCGeMaDPs3U2nGJoq7iSMzDTn8Id8hX8rf/WbnQaDbe0YD40bt6
aXUwMAZXbqsppYcAs8gNg2rxpC+jLAU3ETvKkvhv0Eey6OfPkKCEvEtQ6loHIqou
Oq557IxfBxDG1Hc4Keu6bGomN2vyAhPrVRq0EvNZmqL9S7XuxoafVN2BPCaNYgaP
lnOvMuT02nhYolz69n1vOGRk+/iQ6anQN1JFtQS0K1X6g4pJ4K0zsbWoAYYvBv8H
m4bTdBZ4iSo4KQbJ94GuQpPpGATKkq/TtdRteuHqHSDR7zxyQCejIrQzKXToxA5a
6i4dlaL+dAQ6p12NQ7XovPqgU7OxzCdeIQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:54 2024 by rpki-client on console-fra.rpki-client.org