Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/x6OfRzgeQE3QqrO__MljcHUm_dE.roa
File:                     x6OfRzgeQE3QqrO__MljcHUm_dE.roa (raw, json)
Hash identifier:          puUOjJqDWmPtGWkXNhc6Q0q81Q+rQWLipA/FO7awMOs=
Subject key identifier:   C7:A3:9F:47:38:1E:40:4D:D0:AA:B3:BF:FC:C9:63:70:75:26:FD:D1
Certificate issuer:       /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial:       3703A070
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/x6OfRzgeQE3QqrO__MljcHUm_dE.roa
Signing time:             Sat 01 Jan 2022 11:00:20 +0000
ROA not before:           Sat 01 Jan 2022 11:00:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42007
IP address blocks:        46.8.132.0/22 maxlen: 24
                          46.8.130.0/23 maxlen: 24
                          46.8.136.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 922984560 (0x3703a070)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
        Validity
            Not Before: Jan  1 11:00:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c7a39f47381e404dd0aab3bffcc963707526fdd1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:50:d8:aa:ac:eb:18:0f:39:7e:60:f3:ba:84:
                    06:cd:40:a9:e1:f6:66:35:80:c5:1c:91:05:9d:21:
                    5e:34:24:5c:17:45:fb:e9:fb:e4:67:f2:46:70:d8:
                    b6:e4:35:a4:87:33:33:f5:62:3e:47:66:47:2f:71:
                    e4:58:7d:e6:92:ac:dd:d5:3e:10:07:01:32:97:75:
                    39:64:de:ca:e9:cf:2a:e7:cd:76:11:ef:ed:75:94:
                    51:50:0f:85:64:31:01:5e:e4:b2:c6:21:75:0f:77:
                    3b:cc:64:0e:f5:6b:16:68:c9:db:48:71:82:d0:0f:
                    b7:d3:78:b1:7c:b0:d5:e0:23:25:69:f2:11:e0:47:
                    6c:68:57:58:52:de:21:9a:d9:1f:7b:98:0f:c3:ce:
                    c2:08:d6:bc:0a:b8:24:7e:5d:86:bb:20:00:e7:88:
                    21:11:ec:e2:cb:ff:d9:74:10:33:a4:db:df:d0:21:
                    82:d6:7b:fd:bb:80:d2:db:40:20:f3:2c:82:e4:f9:
                    8e:fd:67:03:7c:cf:d3:19:96:1e:b7:14:18:8b:3f:
                    75:1c:aa:79:c3:67:c9:87:2a:63:12:7c:54:ad:e3:
                    8a:91:0a:71:f8:f8:a7:f1:28:b2:e8:b6:ac:15:f7:
                    da:97:a6:43:5d:76:77:fd:54:e0:20:8a:50:93:83:
                    1c:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:A3:9F:47:38:1E:40:4D:D0:AA:B3:BF:FC:C9:63:70:75:26:FD:D1
            X509v3 Authority Key Identifier:
                keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/x6OfRzgeQE3QqrO__MljcHUm_dE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.8.130.0-46.8.139.255

    Signature Algorithm: sha256WithRSAEncryption
         84:d3:1a:1e:f6:52:b0:8e:81:a0:33:0b:49:93:88:d8:5f:5b:
         35:4c:2c:f3:d9:ce:d1:9c:aa:b2:ab:03:ff:29:e4:f9:88:20:
         62:d0:4f:c4:cc:83:ab:05:97:0d:6d:90:fe:90:76:3e:1d:29:
         5a:de:31:93:01:f0:22:e2:9a:5f:ba:75:7a:c4:e8:80:93:b5:
         ac:54:40:04:ac:04:cd:12:12:90:77:9c:61:00:bf:fb:dc:5d:
         4c:65:24:7e:d9:b9:46:44:5a:49:8b:bd:2d:e0:cc:d6:cc:ed:
         11:7d:3b:d3:d1:7c:57:e5:f1:29:d8:87:b9:4c:42:74:c3:02:
         c6:c8:a5:32:9a:e7:92:84:65:51:d8:66:6e:f8:53:bb:07:f0:
         a5:ff:c1:ca:9c:69:28:55:ae:7a:23:07:f1:5e:5f:e8:83:7e:
         d7:cb:59:5e:6c:13:33:77:7f:d3:f0:63:7d:d8:8e:72:c0:f0:
         5c:4f:09:08:3f:fc:b9:53:51:87:3c:4d:e8:fc:68:80:27:79:
         34:63:f8:d4:dc:27:80:9b:e0:f3:18:c8:68:be:6c:93:8d:66:
         5a:fc:06:4d:8e:91:57:6f:d3:ad:00:d7:35:71:8e:0e:31:a0:
         54:67:4b:dd:c6:ad:16:78:aa:37:42:ef:bf:8f:38:ec:57:87:
         69:ca:54:24
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIENwOgcDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ODViODU3NzA2ZGFjNTRlMjBjYTBkMTFiZDY0MTZjYjYzNDIwM2I0MB4XDTIyMDEw
MTExMDAyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzdhMzlmNDczODFl
NDA0ZGQwYWFiM2JmZmNjOTYzNzA3NTI2ZmRkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ9Q2Kqs6xgPOX5g87qEBs1AqeH2ZjWAxRyRBZ0hXjQkXBdF
++n75GfyRnDYtuQ1pIczM/ViPkdmRy9x5Fh95pKs3dU+EAcBMpd1OWTeyunPKufN
dhHv7XWUUVAPhWQxAV7kssYhdQ93O8xkDvVrFmjJ20hxgtAPt9N4sXyw1eAjJWny
EeBHbGhXWFLeIZrZH3uYD8POwgjWvAq4JH5dhrsgAOeIIRHs4sv/2XQQM6Tb39Ah
gtZ7/buA0ttAIPMsguT5jv1nA3zP0xmWHrcUGIs/dRyqecNnyYcqYxJ8VK3jipEK
cfj4p/Eosui2rBX32pemQ112d/1U4CCKUJODHDUCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBTHo59HOB5ATdCqs7/8yWNwdSb90TAfBgNVHSMEGDAWgBSIW4V3BtrFTiDK
DRG9ZBbLY0IDtDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lGdUZkd2JheFU0Z3lnMFJ2V1FXeTJOQ0E3US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvMzIxY2RjLTIxNDMtNGI1Yy05NzMzLTE2Njk5Yzk2ZGQ1ZS8x
L3g2T2ZSemdlUUUzUXFyT19fTWxqY0hVbV9kRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
MzIxY2RjLTIxNDMtNGI1Yy05NzMzLTE2Njk5Yzk2ZGQ1ZS8xL2lGdUZkd2JheFU0
Z3lnMFJ2V1FXeTJOQ0E3US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQBLgiCAwQCLgiIMA0GCSqGSIb3
DQEBCwUAA4IBAQCE0xoe9lKwjoGgMwtJk4jYX1s1TCzz2c7RnKqyqwP/KeT5iCBi
0E/EzIOrBZcNbZD+kHY+HSla3jGTAfAi4ppfunV6xOiAk7WsVEAErATNEhKQd5xh
AL/73F1MZSR+2blGRFpJi70t4MzWzO0RfTvT0XxX5fEp2Ie5TEJ0wwLGyKUymueS
hGVR2GZu+FO7B/Cl/8HKnGkoVa56IwfxXl/og37Xy1lebBMzd3/T8GN92I5ywPBc
TwkIP/y5U1GHPE3o/GiAJ3k0Y/jU3CeAm+DzGMhovmyTjWZa/AZNjpFXb9OtANc1
cY4OMaBUZ0vdxq0WeKo3Qu+/jzjsV4dpylQk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:00 2024 by rpki-client on console-ams.rpki-client.org