Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/ef2b49-035f-40a4-ae51-d3c55d4fda9d/1/Q4sY4q4OVVwrsTdHi74Cdm3YDak.roa
File:                     Q4sY4q4OVVwrsTdHi74Cdm3YDak.roa (raw, json)
Hash identifier:          BuqMZauX53tmWJiJdKBntB5Tgmijf+5ecEzgx3uZkvc=
Subject key identifier:   43:8B:18:E2:AE:0E:55:5C:2B:B1:37:47:8B:BE:02:76:6D:D8:0D:A9
Certificate issuer:       /CN=77e3c2900b599754283f27f3b4e8d7f6c4510972
Certificate serial:       30842D
Authority key identifier: 77:E3:C2:90:0B:59:97:54:28:3F:27:F3:B4:E8:D7:F6:C4:51:09:72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d-PCkAtZl1QoPyfztOjX9sRRCXI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/ef2b49-035f-40a4-ae51-d3c55d4fda9d/1/Q4sY4q4OVVwrsTdHi74Cdm3YDak.roa
Signing time:             Tue 12 Apr 2022 06:39:20 +0000
ROA not before:           Tue 12 Apr 2022 06:39:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39438
IP address blocks:        46.226.208.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3179565 (0x30842d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77e3c2900b599754283f27f3b4e8d7f6c4510972
        Validity
            Not Before: Apr 12 06:39:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=438b18e2ae0e555c2bb137478bbe02766dd80da9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:b0:74:ce:c8:7a:f3:00:e4:e5:98:bc:39:08:
                    0d:73:76:96:9f:d7:ad:ea:2d:54:00:55:92:8c:bf:
                    8a:72:1a:72:fb:84:01:2f:97:08:4f:65:0e:27:51:
                    d6:f5:01:b0:3c:6a:54:fa:3a:f1:30:59:6b:88:3c:
                    8a:bc:11:71:23:fd:63:e9:71:75:06:32:f2:fb:bb:
                    b1:6e:9c:a2:dd:2b:a9:7b:4f:cd:e7:4c:39:31:c3:
                    22:b9:59:9b:f7:c3:ab:10:97:ab:1a:fd:eb:76:36:
                    f8:ce:dc:d0:1d:18:cc:78:c6:d8:ef:41:6b:6b:42:
                    e8:bd:44:28:0f:24:2a:f9:0b:83:cf:fd:33:5b:df:
                    4a:74:a9:61:4b:38:89:d1:09:93:ae:6c:95:43:d2:
                    3f:86:1e:0c:80:cf:8c:0c:0c:98:40:c5:87:d7:7c:
                    05:b4:51:65:87:73:86:0a:a7:37:2a:8e:f0:a4:26:
                    6c:0e:02:4f:df:8d:63:cb:fd:d3:ce:28:c5:28:0d:
                    70:86:69:02:15:c1:a1:a4:3a:fb:5f:95:37:f8:2b:
                    7c:92:4c:59:2c:19:e2:39:fe:c2:7a:52:1b:c2:fb:
                    68:25:0c:1e:ac:25:c7:ff:1a:f8:33:fe:bd:55:a2:
                    c9:85:62:d5:21:a4:a7:de:5b:d6:c2:14:9d:f2:2d:
                    1b:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:8B:18:E2:AE:0E:55:5C:2B:B1:37:47:8B:BE:02:76:6D:D8:0D:A9
            X509v3 Authority Key Identifier:
                keyid:77:E3:C2:90:0B:59:97:54:28:3F:27:F3:B4:E8:D7:F6:C4:51:09:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d-PCkAtZl1QoPyfztOjX9sRRCXI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/ef2b49-035f-40a4-ae51-d3c55d4fda9d/1/Q4sY4q4OVVwrsTdHi74Cdm3YDak.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/ef2b49-035f-40a4-ae51-d3c55d4fda9d/1/d-PCkAtZl1QoPyfztOjX9sRRCXI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.226.208.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3a:d4:c6:4b:5c:50:e3:c2:2c:d5:4d:17:8b:b9:f0:fa:7b:ac:
         d8:98:62:49:20:30:8f:c1:32:33:ab:20:fb:4c:3f:63:9f:3f:
         9d:36:6e:36:0e:2c:0c:eb:01:6d:2f:e9:79:26:98:bb:ae:c1:
         7f:da:ba:c5:c4:39:b6:7a:15:7a:94:c0:25:c4:59:c7:61:6b:
         5b:37:40:bf:4a:30:8a:a3:0e:05:b9:aa:32:c1:e5:71:52:30:
         15:a1:f2:ba:31:59:d8:2c:af:d9:dc:a2:3d:f6:3c:c2:e0:d3:
         ff:80:fb:25:2d:f6:41:2b:d3:cc:f1:65:49:06:6a:d0:23:8b:
         65:1e:12:e9:11:20:d9:7c:c2:54:9e:8c:ce:80:28:23:f9:bf:
         d2:76:65:8c:eb:65:22:db:70:77:95:8f:fc:75:5b:b5:b1:bc:
         ee:42:5e:c2:89:08:31:5a:3a:27:e8:3f:dc:bd:a0:f7:e1:c7:
         6d:34:a1:55:9e:89:ad:1b:b6:17:ad:17:8a:eb:eb:6c:f2:2d:
         9b:23:3a:d3:e9:72:26:92:0f:be:5d:16:00:b0:36:64:74:de:
         51:48:7d:ee:ae:35:4c:3c:80:49:95:9f:11:83:3d:c2:ce:43:
         af:b8:d0:c4:44:6f:4e:2f:e7:bb:53:55:28:fa:fe:d2:18:2c:
         a2:8e:c9:83
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDMIQtMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDc3
ZTNjMjkwMGI1OTk3NTQyODNmMjdmM2I0ZThkN2Y2YzQ1MTA5NzIwHhcNMjIwNDEy
MDYzOTIwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0MzhiMThlMmFlMGU1
NTVjMmJiMTM3NDc4YmJlMDI3NjZkZDgwZGE5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlLB0zsh68wDk5Zi8OQgNc3aWn9et6i1UAFWSjL+Kchpy+4QB
L5cIT2UOJ1HW9QGwPGpU+jrxMFlriDyKvBFxI/1j6XF1BjLy+7uxbpyi3Supe0/N
50w5McMiuVmb98OrEJerGv3rdjb4ztzQHRjMeMbY70Fra0LovUQoDyQq+QuDz/0z
W99KdKlhSziJ0QmTrmyVQ9I/hh4MgM+MDAyYQMWH13wFtFFlh3OGCqc3Ko7wpCZs
DgJP341jy/3TzijFKA1whmkCFcGhpDr7X5U3+Ct8kkxZLBniOf7CelIbwvtoJQwe
rCXH/xr4M/69VaLJhWLVIaSn3lvWwhSd8i0boQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFEOLGOKuDlVcK7E3R4u+AnZt2A2pMB8GA1UdIwQYMBaAFHfjwpALWZdUKD8n
87To1/bEUQlyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ZC1QQ2tBdFpsMVFvUHlmenRPalg5c1JSQ1hJLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8xNS9lZjJiNDktMDM1Zi00MGE0LWFlNTEtZDNjNTVkNGZkYTlkLzEv
UTRzWTRxNE9WVndyc1RkSGk3NENkbTNZRGFrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9l
ZjJiNDktMDM1Zi00MGE0LWFlNTEtZDNjNTVkNGZkYTlkLzEvZC1QQ2tBdFpsMVFv
UHlmenRPalg5c1JSQ1hJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALuLQMA0GCSqGSIb3DQEBCwUAA4IB
AQA61MZLXFDjwizVTReLufD6e6zYmGJJIDCPwTIzqyD7TD9jnz+dNm42DiwM6wFt
L+l5Jpi7rsF/2rrFxDm2ehV6lMAlxFnHYWtbN0C/SjCKow4FuaoyweVxUjAVofK6
MVnYLK/Z3KI99jzC4NP/gPslLfZBK9PM8WVJBmrQI4tlHhLpESDZfMJUnozOgCgj
+b/SdmWM62Ui23B3lY/8dVu1sbzuQl7CiQgxWjon6D/cvaD34cdtNKFVnomtG7YX
rReK6+ts8i2bIzrT6XImkg++XRYAsDZkdN5RSH3urjVMPIBJlZ8Rgz3CzkOvuNDE
RG9OL+e7U1Uo+v7SGCyijsmD
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:11 2024 by rpki-client on console-ams.rpki-client.org