Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/Skc-GcX9x1vt0w5rNYaZ8Yi94x0.roa
File:                     Skc-GcX9x1vt0w5rNYaZ8Yi94x0.roa (raw, json)
Hash identifier:          /NSa7v6uO9IgPMsC3MDk+j4+JVWHcloTox2mjMbaLP8=
Subject key identifier:   4A:47:3E:19:C5:FD:C7:5B:ED:D3:0E:6B:35:86:99:F1:88:BD:E3:1D
Certificate issuer:       /CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Certificate serial:       38926725
Authority key identifier: ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/Skc-GcX9x1vt0w5rNYaZ8Yi94x0.roa
Signing time:             Sat 01 Jan 2022 10:05:24 +0000
ROA not before:           Sat 01 Jan 2022 10:05:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51788
IP address blocks:        46.143.252.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 949118757 (0x38926725)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ed6da9e41686d21c12799c8e84b274aa8241508c
        Validity
            Not Before: Jan  1 10:05:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4a473e19c5fdc75bedd30e6b358699f188bde31d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:71:c4:04:d2:07:45:b5:ed:52:00:96:99:f4:
                    c6:86:2c:77:7d:59:57:bc:c2:30:f6:ff:ac:3a:53:
                    66:95:8d:72:19:78:fc:63:11:f0:90:c2:56:b6:3a:
                    fc:ee:5c:2b:1f:7e:af:7b:c3:27:5b:12:7e:d9:a7:
                    30:12:54:7c:18:89:b0:aa:b1:c0:0d:ef:71:b2:2d:
                    f6:3d:a2:a8:5b:8f:b9:4f:5e:39:ec:b2:82:31:71:
                    c2:c1:7d:03:ec:13:15:77:d2:d4:c1:46:1e:e2:3e:
                    95:74:de:15:3b:2e:42:5d:39:7e:72:e2:9a:9c:87:
                    cc:c7:c6:c0:51:cb:a2:55:ae:b9:1a:9c:36:6b:fb:
                    62:5d:1c:ba:0f:06:78:65:46:23:60:8c:1e:68:c8:
                    68:15:b2:19:2d:93:1b:73:d1:be:d5:9a:6c:f0:1b:
                    db:8a:76:ef:f3:83:28:b5:6e:2e:c1:1a:f4:3e:a0:
                    ce:6f:07:c5:9a:f0:e6:81:e5:e2:c1:0b:49:2d:63:
                    82:8c:9e:48:6c:d7:bd:ec:ed:6f:98:0c:36:ca:8d:
                    19:fc:c5:b2:0a:23:fb:22:f3:0c:c6:1b:13:d1:7e:
                    08:0c:5d:aa:b2:38:ab:24:ac:cc:16:23:f3:a4:56:
                    42:a4:a7:93:89:ca:b9:76:f4:c1:55:c3:24:5d:3f:
                    50:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:47:3E:19:C5:FD:C7:5B:ED:D3:0E:6B:35:86:99:F1:88:BD:E3:1D
            X509v3 Authority Key Identifier:
                keyid:ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/Skc-GcX9x1vt0w5rNYaZ8Yi94x0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.143.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         bb:74:18:2d:6f:71:e5:22:b7:81:1b:83:e9:88:8a:a2:b9:cb:
         24:79:e0:a1:f8:54:9a:1a:71:74:69:8a:39:1d:04:94:aa:94:
         60:31:c0:ce:7e:10:ae:6c:42:31:04:d3:58:0f:c9:c9:75:39:
         2f:4d:23:4e:ba:4e:cb:28:e4:81:bd:2b:5b:33:21:03:68:42:
         90:9b:5f:ef:0a:27:7b:50:ba:e9:64:c3:73:b0:5b:20:09:d3:
         18:66:be:89:bc:13:6f:32:a9:fb:4a:9d:bf:71:d9:62:60:0b:
         28:ea:55:49:cc:05:c7:e7:ed:a1:12:22:6d:f6:ab:ae:5a:05:
         5e:e4:dc:78:11:43:bf:14:d8:3e:cc:24:38:7b:91:d2:95:43:
         55:4b:73:9c:68:ac:99:c2:f4:b4:2c:a9:22:2a:90:ed:7e:f5:
         ab:02:e7:e0:2c:b4:7d:6b:1f:4e:5e:7d:22:4f:8d:f7:95:76:
         48:50:f5:5e:2f:c3:b3:7d:73:c4:e5:e1:5f:bb:a0:03:3b:86:
         5c:bb:1a:83:40:fc:f4:b0:ac:06:bd:07:99:12:04:7e:ff:90:
         3d:2c:6f:67:91:41:17:33:f6:da:fe:d0:39:cc:11:8b:a3:fb:
         2b:9b:57:85:f7:84:c4:69:14:d2:42:e5:e0:a9:cb:3e:cf:cd:
         ed:d3:79:3c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOJJnJTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZDZkYTllNDE2ODZkMjFjMTI3OTljOGU4NGIyNzRhYTgyNDE1MDhjMB4XDTIyMDEw
MTEwMDUyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGE0NzNlMTljNWZk
Yzc1YmVkZDMwZTZiMzU4Njk5ZjE4OGJkZTMxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL1xxATSB0W17VIAlpn0xoYsd31ZV7zCMPb/rDpTZpWNchl4
/GMR8JDCVrY6/O5cKx9+r3vDJ1sSftmnMBJUfBiJsKqxwA3vcbIt9j2iqFuPuU9e
OeyygjFxwsF9A+wTFXfS1MFGHuI+lXTeFTsuQl05fnLimpyHzMfGwFHLolWuuRqc
Nmv7Yl0cug8GeGVGI2CMHmjIaBWyGS2TG3PRvtWabPAb24p27/ODKLVuLsEa9D6g
zm8HxZrw5oHl4sELSS1jgoyeSGzXveztb5gMNsqNGfzFsgoj+yLzDMYbE9F+CAxd
qrI4qySszBYj86RWQqSnk4nKuXb0wVXDJF0/UIcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRKRz4Zxf3HW+3TDms1hpnxiL3jHTAfBgNVHSMEGDAWgBTtbankFobSHBJ5
nI6EsnSqgkFQjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdXMnA1QmFHMGh3U2VaeU9oTEowcW9KQlVJdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzEvYWMwMTdjLWZmMjktNDNjZi1hM2Q2LTI5ZjFiZWIyZjI4Mi8x
L1NrYy1HY1g5eDF2dDB3NXJOWWFaOFlpOTR4MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzEv
YWMwMTdjLWZmMjktNDNjZi1hM2Q2LTI5ZjFiZWIyZjI4Mi8xLzdXMnA1QmFHMGh3
U2VaeU9oTEowcW9KQlVJdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi6P/DANBgkqhkiG9w0BAQsFAAOC
AQEAu3QYLW9x5SK3gRuD6YiKornLJHngofhUmhpxdGmKOR0ElKqUYDHAzn4QrmxC
MQTTWA/JyXU5L00jTrpOyyjkgb0rWzMhA2hCkJtf7wone1C66WTDc7BbIAnTGGa+
ibwTbzKp+0qdv3HZYmALKOpVScwFx+ftoRIibfarrloFXuTceBFDvxTYPswkOHuR
0pVDVUtznGismcL0tCypIiqQ7X71qwLn4Cy0fWsfTl59Ik+N95V2SFD1Xi/Ds31z
xOXhX7ugAzuGXLsag0D89LCsBr0HmRIEfv+QPSxvZ5FBFzP22v7QOcwRi6P7K5tX
hfeExGkU0kLl4KnLPs/N7dN5PA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:46 2024 by rpki-client on console-fra.rpki-client.org