Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/LoN6TFS_6G4tnDe7bJZRFCL9Pbk.roa
File:                     LoN6TFS_6G4tnDe7bJZRFCL9Pbk.roa (raw, json)
Hash identifier:          SfWlbt0vf03qY7H2IcjQUJtCr/Jr1qOQIa8S5EbDlc8=
Subject key identifier:   2E:83:7A:4C:54:BF:E8:6E:2D:9C:37:BB:6C:96:51:14:22:FD:3D:B9
Certificate issuer:       /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial:       3A47D4CF
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/LoN6TFS_6G4tnDe7bJZRFCL9Pbk.roa
Signing time:             Sat 01 Jan 2022 14:56:19 +0000
ROA not before:           Sat 01 Jan 2022 14:56:19 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47843
IP address blocks:        46.209.145.0/24 maxlen: 24
                          46.209.146.0/24 maxlen: 24
                          46.209.147.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 977786063 (0x3a47d4cf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
        Validity
            Not Before: Jan  1 14:56:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2e837a4c54bfe86e2d9c37bb6c96511422fd3db9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:07:76:e4:ae:08:32:fa:28:bc:a7:12:2e:5a:
                    0e:e8:62:9f:a7:38:19:01:ee:6c:0d:1e:23:25:5a:
                    ef:bc:5c:0a:1d:81:39:ec:ce:b7:a5:6b:6f:59:18:
                    ac:b0:31:54:f7:a6:03:98:e2:1c:4d:ee:d2:05:bf:
                    24:08:94:49:b7:97:4b:70:79:45:09:a0:03:0d:b7:
                    99:ee:3d:fd:c7:d6:68:19:5f:54:f6:6e:18:f3:7b:
                    54:09:53:26:36:b0:09:e3:e9:f8:2c:64:c0:e6:7d:
                    94:5c:0e:a0:a5:c0:0a:1d:47:0f:2f:87:d8:04:f8:
                    69:bf:15:11:ff:9a:e9:81:1c:34:9e:6e:e0:75:74:
                    fe:03:b4:aa:bb:86:5c:6b:b9:d4:bc:cc:da:5a:5d:
                    42:95:82:da:c8:05:67:21:ba:cc:92:f4:3d:d4:d5:
                    8d:a6:80:bd:6e:c8:cf:bc:ef:69:1f:0d:1f:87:b9:
                    55:0f:5b:a0:54:2e:b0:18:ae:ce:42:3f:88:23:49:
                    1b:ad:47:0d:75:3b:d9:30:23:3a:f3:60:7f:7b:a4:
                    da:42:b6:cd:5c:d3:5e:c2:13:e6:bc:a6:a9:be:2d:
                    6e:09:0c:e9:a7:2c:4a:7d:ea:bf:7a:46:2d:8d:a9:
                    bf:e2:9e:36:fb:85:1b:b3:d1:88:c3:dd:00:51:8c:
                    2b:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:83:7A:4C:54:BF:E8:6E:2D:9C:37:BB:6C:96:51:14:22:FD:3D:B9
            X509v3 Authority Key Identifier:
                keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/LoN6TFS_6G4tnDe7bJZRFCL9Pbk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.209.145.0-46.209.147.255

    Signature Algorithm: sha256WithRSAEncryption
         74:b6:35:86:ac:e5:22:45:fc:82:cc:e9:db:14:40:21:1c:05:
         d9:ca:69:4f:eb:72:21:06:6b:8d:95:ac:98:4e:1e:53:87:d1:
         9b:f0:fd:c5:f6:5a:a6:c2:7d:51:c9:61:0e:da:65:e6:18:bb:
         94:43:d7:01:7d:38:f3:8d:1c:a8:0d:c7:d1:68:5b:e6:c6:8b:
         e7:5a:4d:60:40:75:98:82:01:6a:0c:a1:4d:39:df:a7:77:5e:
         91:b8:f3:0e:19:f9:7f:3a:75:c5:ac:32:72:97:ff:d6:6a:07:
         fa:19:b4:e0:97:e5:24:40:8b:45:4d:2c:a4:d2:7d:87:60:8b:
         8d:8a:42:72:2a:32:e3:d1:c6:d6:4b:fd:45:f4:6f:e4:52:d7:
         8a:15:b0:50:4b:22:bd:be:a6:85:b1:ff:22:57:79:df:91:85:
         53:55:9f:8b:70:ad:bd:cb:f3:5f:73:03:52:52:a1:0a:34:0d:
         f3:19:bb:19:f9:db:d1:dd:c6:50:b2:03:74:e9:07:19:e7:34:
         ec:d3:3b:0a:5c:01:93:37:ab:31:cf:f5:0f:65:e6:d1:0b:b5:
         97:72:76:01:91:56:5e:f1:d9:85:3d:f7:e5:b6:55:f0:24:25:
         b5:e5:43:5d:70:aa:71:a5:d1:ba:45:90:cc:ee:b5:fe:7d:fd:
         2c:82:57:a4
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEOkfUzzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWNjYTlmMTVlMTkyMTk1M2E2MjhjOGFkMmFjNGJlOTc3YjZjMzAzMB4XDTIyMDEw
MTE0NTYxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmU4MzdhNGM1NGJm
ZTg2ZTJkOWMzN2JiNmM5NjUxMTQyMmZkM2RiOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMEHduSuCDL6KLynEi5aDuhin6c4GQHubA0eIyVa77xcCh2B
OezOt6Vrb1kYrLAxVPemA5jiHE3u0gW/JAiUSbeXS3B5RQmgAw23me49/cfWaBlf
VPZuGPN7VAlTJjawCePp+CxkwOZ9lFwOoKXACh1HDy+H2AT4ab8VEf+a6YEcNJ5u
4HV0/gO0qruGXGu51LzM2lpdQpWC2sgFZyG6zJL0PdTVjaaAvW7Iz7zvaR8NH4e5
VQ9boFQusBiuzkI/iCNJG61HDXU72TAjOvNgf3uk2kK2zVzTXsIT5rymqb4tbgkM
6acsSn3qv3pGLY2pv+KeNvuFG7PRiMPdAFGMK9ECAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQug3pMVL/obi2cN7tsllEUIv09uTAfBgNVHSMEGDAWgBSBzKnxXhkhlTpi
jIrSrEvpd7bDAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2djeXA4VjRaSVpVNllveUswcXhMNlhlMnd3TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvMWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8x
L0xvTjZURlNfNkc0dG5EZTdiSlpSRkNMOVBiay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
MWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8xL2djeXA4VjRaSVpV
NllveUswcXhMNlhlMnd3TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQALtGRAwQCLtGQMA0GCSqGSIb3
DQEBCwUAA4IBAQB0tjWGrOUiRfyCzOnbFEAhHAXZymlP63IhBmuNlayYTh5Th9Gb
8P3F9lqmwn1RyWEO2mXmGLuUQ9cBfTjzjRyoDcfRaFvmxovnWk1gQHWYggFqDKFN
Od+nd16RuPMOGfl/OnXFrDJyl//Wagf6GbTgl+UkQItFTSyk0n2HYIuNikJyKjLj
0cbWS/1F9G/kUteKFbBQSyK9vqaFsf8iV3nfkYVTVZ+LcK29y/NfcwNSUqEKNA3z
GbsZ+dvR3cZQsgN06QcZ5zTs0zsKXAGTN6sxz/UPZebRC7WXcnYBkVZe8dmFPffl
tlXwJCW15UNdcKpxpdG6RZDM7rX+ff0sglek
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:21 2024 by rpki-client on console-ams.rpki-client.org