Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/4uL6a5C9-Vk4_D63JVsMRWhPBM0.roa
File:                     4uL6a5C9-Vk4_D63JVsMRWhPBM0.roa (raw, json)
Hash identifier:          BSexfawuHbppeJzrwdKrGMcClFVXyoRwIG6IDO6O/XA=
Subject key identifier:   E2:E2:FA:6B:90:BD:F9:59:38:FC:3E:B7:25:5B:0C:45:68:4F:04:CD
Certificate issuer:       /CN=1cee91296c94992d151a232240e6cf3a176d2039
Certificate serial:       0203673A
Authority key identifier: 1C:EE:91:29:6C:94:99:2D:15:1A:23:22:40:E6:CF:3A:17:6D:20:39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HO6RKWyUmS0VGiMiQObPOhdtIDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/4uL6a5C9-Vk4_D63JVsMRWhPBM0.roa
Signing time:             Sat 01 Jan 2022 03:59:43 +0000
ROA not before:           Sat 01 Jan 2022 03:59:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212621
IP address blocks:        46.172.90.0/24 maxlen: 24
                          46.172.93.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 33777466 (0x203673a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cee91296c94992d151a232240e6cf3a176d2039
        Validity
            Not Before: Jan  1 03:59:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e2e2fa6b90bdf95938fc3eb7255b0c45684f04cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:d8:d7:2b:fd:b7:af:be:56:62:05:26:db:8e:
                    85:61:29:6a:0f:a2:7c:a2:a2:68:07:75:1e:c5:12:
                    5b:0c:73:ec:16:9b:1a:c3:51:a5:d7:42:db:36:6c:
                    14:f5:54:5a:f0:36:53:88:89:ab:89:80:df:50:a3:
                    41:6c:ef:c9:54:bc:10:37:e5:f3:d4:cf:50:09:f7:
                    07:cd:cf:fc:0c:e2:f9:92:f0:c2:1f:a9:46:00:5c:
                    a5:85:4c:f2:fa:aa:36:c6:87:2d:54:ef:e6:1a:40:
                    ac:89:34:f4:74:8c:65:5b:f6:7a:cb:d0:69:71:5d:
                    b8:f9:b9:90:9e:bb:a6:9c:b9:d6:04:4f:71:81:d5:
                    39:84:89:07:a3:cf:48:b4:70:22:64:e7:09:30:73:
                    d2:3b:48:93:e3:ff:15:e8:a6:48:1b:07:bb:b7:46:
                    1c:5f:00:41:25:7c:ec:06:da:46:9a:e8:ea:c3:ef:
                    2e:d9:34:dc:ce:cf:b5:d6:31:9c:8c:24:20:40:38:
                    7d:ee:d7:6d:38:a9:53:9c:8a:61:8e:b7:d6:61:4e:
                    fc:d0:0c:72:16:62:9c:d6:09:56:5d:cd:a5:fe:cd:
                    d7:cc:b1:ef:4a:b3:63:43:cc:75:15:49:78:52:f5:
                    5b:5e:aa:12:3d:f8:e3:b3:4d:38:cc:bf:91:9c:72:
                    56:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:E2:FA:6B:90:BD:F9:59:38:FC:3E:B7:25:5B:0C:45:68:4F:04:CD
            X509v3 Authority Key Identifier:
                keyid:1C:EE:91:29:6C:94:99:2D:15:1A:23:22:40:E6:CF:3A:17:6D:20:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HO6RKWyUmS0VGiMiQObPOhdtIDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/4uL6a5C9-Vk4_D63JVsMRWhPBM0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/HO6RKWyUmS0VGiMiQObPOhdtIDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.172.90.0/24
                  46.172.93.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:76:56:22:55:44:0c:c4:79:bb:e0:a8:9c:9c:02:bf:b4:bd:
         79:12:47:4a:3d:09:9a:ae:4c:59:11:5d:1a:17:d8:71:c6:bd:
         9d:f0:b2:d7:b9:72:dc:83:bb:63:f7:66:4b:6f:ef:60:00:07:
         c6:e4:92:2d:da:9a:d3:e3:2a:c3:40:4a:ef:f9:90:fc:86:cd:
         0a:c2:cb:43:9d:d6:e2:08:00:96:66:40:c8:60:2e:bd:84:e8:
         f2:b8:fe:91:fb:93:d6:dc:dd:02:84:52:8b:f2:5f:1b:a3:aa:
         56:16:af:ca:92:35:a8:c4:09:91:84:63:f1:bc:0e:7a:30:54:
         64:ca:55:7a:6d:af:ec:ec:22:bc:bd:72:51:e3:ab:66:39:f4:
         06:0c:a8:d9:52:32:5c:8c:d9:d8:60:4d:41:c5:9b:6e:f9:60:
         26:aa:37:f3:ae:2f:c1:39:f8:0c:43:42:45:02:1c:c4:e3:81:
         38:d7:79:eb:b9:36:c0:dc:e7:cc:2d:f1:63:f4:70:ae:7f:09:
         54:46:62:0d:f5:7f:d7:9e:6b:e3:50:68:e8:e7:57:de:c5:40:
         8c:cf:af:fb:b7:b2:44:d8:07:93:d8:fc:a6:ff:cf:f6:5f:61:
         e2:75:1a:30:e2:02:7f:ac:4c:99:f5:9b:dd:64:33:6a:ad:7a:
         64:86:44:ce
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAgNnOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
Y2VlOTEyOTZjOTQ5OTJkMTUxYTIzMjI0MGU2Y2YzYTE3NmQyMDM5MB4XDTIyMDEw
MTAzNTk0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTJlMmZhNmI5MGJk
Zjk1OTM4ZmMzZWI3MjU1YjBjNDU2ODRmMDRjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ/Y1yv9t6++VmIFJtuOhWEpag+ifKKiaAd1HsUSWwxz7Bab
GsNRpddC2zZsFPVUWvA2U4iJq4mA31CjQWzvyVS8EDfl89TPUAn3B83P/Azi+ZLw
wh+pRgBcpYVM8vqqNsaHLVTv5hpArIk09HSMZVv2esvQaXFduPm5kJ67ppy51gRP
cYHVOYSJB6PPSLRwImTnCTBz0jtIk+P/FeimSBsHu7dGHF8AQSV87AbaRpro6sPv
Ltk03M7PtdYxnIwkIEA4fe7XbTipU5yKYY631mFO/NAMchZinNYJVl3Npf7N18yx
70qzY0PMdRVJeFL1W16qEj3447NNOMy/kZxyVvMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTi4vprkL35WTj8PrclWwxFaE8EzTAfBgNVHSMEGDAWgBQc7pEpbJSZLRUa
IyJA5s86F20gOTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hPNlJLV3lVbVMwVkdpTWlRT2JQT2hkdElEay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2EvYzkxZWMzLTI4MjAtNDE3Yi05YWFkLWJhY2FiNDc1ZTZjYy8x
LzR1TDZhNUM5LVZrNF9ENjNKVnNNUldoUEJNMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Ev
YzkxZWMzLTI4MjAtNDE3Yi05YWFkLWJhY2FiNDc1ZTZjYy8xL0hPNlJLV3lVbVMw
VkdpTWlRT2JQT2hkdElEay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAC6sWgMEAC6sXTANBgkqhkiG9w0B
AQsFAAOCAQEAY3ZWIlVEDMR5u+ConJwCv7S9eRJHSj0Jmq5MWRFdGhfYcca9nfCy
17ly3IO7Y/dmS2/vYAAHxuSSLdqa0+Mqw0BK7/mQ/IbNCsLLQ53W4ggAlmZAyGAu
vYTo8rj+kfuT1tzdAoRSi/JfG6OqVhavypI1qMQJkYRj8bwOejBUZMpVem2v7Owi
vL1yUeOrZjn0Bgyo2VIyXIzZ2GBNQcWbbvlgJqo3864vwTn4DENCRQIcxOOBONd5
67k2wNznzC3xY/Rwrn8JVEZiDfV/155r41Bo6OdX3sVAjM+v+7eyRNgHk9j8pv/P
9l9h4nUaMOICf6xMmfWb3WQzaq16ZIZEzg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:58 2024 by rpki-client on console-ams.rpki-client.org