Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/vQmV6RszmpHqVWHZzSVCwhAgZsM.roa
File:                     vQmV6RszmpHqVWHZzSVCwhAgZsM.roa (raw, json)
Hash identifier:          bKO4WcdoDFrisrDbfCcR0twf2BizU/YLsYl/URmYh1U=
Subject key identifier:   BD:09:95:E9:1B:33:9A:91:EA:55:61:D9:CD:25:42:C2:10:20:66:C3
Certificate issuer:       /CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Certificate serial:       3890ACDE
Authority key identifier: ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/vQmV6RszmpHqVWHZzSVCwhAgZsM.roa
Signing time:             Sat 01 Jan 2022 10:05:23 +0000
ROA not before:           Sat 01 Jan 2022 10:05:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42163
IP address blocks:        46.143.194.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 949005534 (0x3890acde)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ed6da9e41686d21c12799c8e84b274aa8241508c
        Validity
            Not Before: Jan  1 10:05:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bd0995e91b339a91ea5561d9cd2542c2102066c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:72:36:db:bd:52:e5:0c:58:c1:f0:11:b6:85:
                    73:6f:88:ca:a2:20:cb:c8:f9:82:ce:21:c0:b8:86:
                    a7:3d:44:cf:14:c7:28:8e:bb:23:40:dc:c2:01:4e:
                    d0:ae:3d:dc:ce:4f:d1:15:eb:cf:57:0f:ad:9c:f0:
                    d9:e6:34:78:e5:0b:33:4d:40:73:d6:fa:73:18:6e:
                    4a:f8:5c:b6:39:b9:37:d4:55:6b:9b:7d:a5:a8:06:
                    b9:9f:37:56:ff:b4:f5:ea:6b:f4:5b:e6:73:16:a2:
                    e7:27:b2:cd:75:7a:d1:47:d2:ba:bb:10:e3:9d:50:
                    dd:3b:b9:eb:0c:8d:a4:1e:2b:40:f4:34:b1:c2:8c:
                    7e:bd:f0:48:5a:a8:ba:e9:60:8a:f9:1b:ff:0f:33:
                    0f:f2:b0:31:59:9b:ec:27:e8:c6:bb:bb:e7:1c:f6:
                    22:9d:5e:ee:51:a5:17:81:11:26:4e:62:6d:a5:67:
                    67:9c:84:12:0e:12:07:fa:c7:fc:1e:07:8d:81:d8:
                    bb:b4:8d:55:b6:02:05:0a:f3:a6:03:5f:bc:76:4b:
                    c4:63:d9:71:0a:7d:cd:60:4e:60:0d:f4:4d:ce:df:
                    25:f7:7f:8d:0a:58:cb:4e:91:83:3a:4d:21:c2:b4:
                    55:09:8e:70:62:2e:d5:40:c5:f3:c6:9d:28:d1:4a:
                    a3:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:09:95:E9:1B:33:9A:91:EA:55:61:D9:CD:25:42:C2:10:20:66:C3
            X509v3 Authority Key Identifier:
                keyid:ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/vQmV6RszmpHqVWHZzSVCwhAgZsM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.143.194.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:92:12:5d:c9:69:f4:63:f0:f7:f8:19:f2:a1:86:73:59:c4:
         df:40:6c:c2:69:51:2a:0e:1c:ac:25:00:c8:f9:5f:5e:9d:f9:
         0c:20:d8:30:0b:0a:a1:1b:32:cc:f8:66:c5:8c:63:0d:42:e8:
         53:be:fa:19:d5:13:c7:f4:de:93:25:ee:04:ad:c5:50:8a:69:
         c0:e0:00:5d:18:f8:5a:89:71:75:04:39:2f:c4:b2:11:1f:76:
         4e:09:d4:80:aa:8e:09:9d:00:6d:2f:d3:90:c4:e1:cf:0f:cf:
         5d:da:c2:1c:6f:b5:12:e2:ff:1f:9c:e4:40:3a:7d:31:be:35:
         b5:8d:b3:1a:61:0a:7d:5f:10:f8:48:0a:73:e1:0b:87:ea:4d:
         19:2f:ea:35:b3:da:e9:b4:21:ea:18:3a:f6:3d:53:68:30:35:
         01:82:36:29:08:6c:94:60:02:d5:af:79:b2:ce:78:43:8a:8c:
         81:46:79:e7:bf:4f:ef:38:9d:b7:76:54:1a:2c:bd:94:b2:ce:
         29:6d:cd:d1:29:04:b2:ee:30:cd:a0:d6:bc:97:09:09:97:78:
         68:90:6c:f9:c3:91:fd:11:eb:6e:70:69:8b:25:d2:b9:5c:bb:
         d2:dc:ac:a5:c0:5b:94:51:75:39:94:d8:f9:ac:52:4b:4a:b3:
         88:b1:63:77
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOJCs3jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZDZkYTllNDE2ODZkMjFjMTI3OTljOGU4NGIyNzRhYTgyNDE1MDhjMB4XDTIyMDEw
MTEwMDUyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmQwOTk1ZTkxYjMz
OWE5MWVhNTU2MWQ5Y2QyNTQyYzIxMDIwNjZjMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAORyNtu9UuUMWMHwEbaFc2+IyqIgy8j5gs4hwLiGpz1EzxTH
KI67I0DcwgFO0K493M5P0RXrz1cPrZzw2eY0eOULM01Ac9b6cxhuSvhctjm5N9RV
a5t9pagGuZ83Vv+09epr9Fvmcxai5yeyzXV60UfSursQ451Q3Tu56wyNpB4rQPQ0
scKMfr3wSFqouulgivkb/w8zD/KwMVmb7Cfoxru75xz2Ip1e7lGlF4ERJk5ibaVn
Z5yEEg4SB/rH/B4HjYHYu7SNVbYCBQrzpgNfvHZLxGPZcQp9zWBOYA30Tc7fJfd/
jQpYy06RgzpNIcK0VQmOcGIu1UDF88adKNFKoxkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS9CZXpGzOakepVYdnNJULCECBmwzAfBgNVHSMEGDAWgBTtbankFobSHBJ5
nI6EsnSqgkFQjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdXMnA1QmFHMGh3U2VaeU9oTEowcW9KQlVJdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzEvYWMwMTdjLWZmMjktNDNjZi1hM2Q2LTI5ZjFiZWIyZjI4Mi8x
L3ZRbVY2UnN6bXBIcVZXSFp6U1ZDd2hBZ1pzTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzEv
YWMwMTdjLWZmMjktNDNjZi1hM2Q2LTI5ZjFiZWIyZjI4Mi8xLzdXMnA1QmFHMGh3
U2VaeU9oTEowcW9KQlVJdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC6PwjANBgkqhkiG9w0BAQsFAAOC
AQEAWJISXclp9GPw9/gZ8qGGc1nE30BswmlRKg4crCUAyPlfXp35DCDYMAsKoRsy
zPhmxYxjDULoU776GdUTx/TekyXuBK3FUIppwOAAXRj4WolxdQQ5L8SyER92TgnU
gKqOCZ0AbS/TkMThzw/PXdrCHG+1EuL/H5zkQDp9Mb41tY2zGmEKfV8Q+EgKc+EL
h+pNGS/qNbPa6bQh6hg69j1TaDA1AYI2KQhslGAC1a95ss54Q4qMgUZ5579P7zid
t3ZUGiy9lLLOKW3N0SkEsu4wzaDWvJcJCZd4aJBs+cOR/RHrbnBpiyXSuVy70tys
pcBblFF1OZTY+axSS0qziLFjdw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:37 2024 by rpki-client on console-ams.rpki-client.org