Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/2M3B3Sp58OISKYefkHHXKDeRF-I.roa
File:                     2M3B3Sp58OISKYefkHHXKDeRF-I.roa (raw, json)
Hash identifier:          PsrzEYMyOp8SezzXhmyiINjp2/3U0hx407++iTTq/TQ=
Subject key identifier:   D8:CD:C1:DD:2A:79:F0:E2:12:29:87:9F:90:71:D7:28:37:91:17:E2
Certificate issuer:       /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial:       0185583847E6F9963782D9FF5BF8879CD8B3
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/2M3B3Sp58OISKYefkHHXKDeRF-I.roa
Signing time:             Wed 28 Dec 2022 10:12:41 +0000
ROA not before:           Wed 28 Dec 2022 10:12:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203120
IP address blocks:        46.102.180.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:58:38:47:e6:f9:96:37:82:d9:ff:5b:f8:87:9c:d8:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
        Validity
            Not Before: Dec 28 10:12:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d8cdc1dd2a79f0e21229879f9071d728379117e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:16:43:48:85:ac:32:fc:77:7d:1a:ad:06:50:
                    73:0d:d3:a4:e7:31:d9:d7:6f:6d:d9:a0:2c:9b:90:
                    0e:9c:23:a4:64:5e:5d:2f:85:04:d8:05:82:94:82:
                    2a:a2:4c:a7:7b:ae:68:18:11:bf:22:01:fb:d9:98:
                    e4:31:27:3f:70:79:75:4a:9f:5a:54:a6:6f:81:43:
                    d3:b0:ab:1f:29:23:55:cd:bf:07:34:0b:71:e5:59:
                    90:ca:c3:08:50:59:28:a0:f4:8a:01:3d:a5:2a:4b:
                    91:dd:2f:2b:ad:1d:12:c9:1d:b1:96:90:4a:57:aa:
                    2d:a6:7e:69:02:76:a0:95:d3:39:de:c8:c8:9a:1c:
                    e6:b5:3a:54:d3:46:52:8d:92:f0:85:30:8e:2b:d0:
                    3d:be:d3:43:d3:d3:8f:b4:f0:39:02:2a:a4:f9:63:
                    b9:66:ff:c1:41:c0:d1:6e:5c:1b:0d:7a:f6:54:b6:
                    e9:98:ca:86:07:3b:88:d4:eb:5b:34:d7:57:15:bf:
                    1a:c5:eb:2d:eb:60:ec:43:3a:26:a5:37:85:c8:c6:
                    8a:e8:05:b6:c2:3a:82:7d:3f:c0:aa:10:2f:23:98:
                    43:2c:8b:d0:48:89:0c:0e:15:80:04:2b:86:05:8b:
                    ef:d3:20:f1:fc:45:6a:f8:19:5f:52:d2:c6:6c:52:
                    da:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:CD:C1:DD:2A:79:F0:E2:12:29:87:9F:90:71:D7:28:37:91:17:E2
            X509v3 Authority Key Identifier:
                keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/2M3B3Sp58OISKYefkHHXKDeRF-I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.102.180.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:b6:f2:e5:9e:8a:38:a0:37:49:2c:e4:86:3b:5d:2e:f5:05:
         7c:07:95:53:d9:d7:48:67:cc:e2:de:9c:2e:86:fd:d4:be:d7:
         b9:e1:a2:94:9d:70:7c:4a:7a:f7:76:68:23:27:94:18:23:82:
         b1:6b:5f:f4:51:7c:67:29:3a:d1:37:e0:6d:38:ce:42:22:1b:
         ee:39:da:c5:02:c3:96:d7:f8:d9:52:ef:52:1e:f0:7a:9e:67:
         dd:2a:67:fa:9d:47:10:c5:f3:1a:29:bc:21:53:e9:66:27:a9:
         52:43:92:82:05:c6:1d:a2:ce:cf:d0:33:ea:8b:fc:fa:e4:2a:
         eb:59:31:7d:50:91:0f:89:20:bf:9f:9b:f4:4f:63:69:ca:63:
         3d:22:f1:8e:ec:1a:bf:e1:5a:7d:85:2a:18:11:20:1b:6b:ce:
         02:c0:57:d3:61:5e:c7:05:d9:79:11:60:00:39:2e:77:76:40:
         74:7b:ae:97:f7:53:33:6a:a7:1c:3d:bc:17:3a:68:44:7f:f9:
         c4:79:f3:54:a5:60:39:bc:b3:33:34:bb:97:15:a7:76:dd:14:
         28:72:93:77:3e:fe:ac:23:e5:c9:3a:fc:78:59:b9:6b:64:87:
         52:db:cf:b0:c6:12:fc:e8:33:ab:b6:03:55:f3:41:81:d4:7c:
         35:09:cf:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVYOEfm+ZY3gtn/W/iHnNizMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjgyNGQzMmRmMWE1MTEzZDgyMTAxMzQ1ZDc4NWEzOGFk
ZGJkZTUwHhcNMjIxMjI4MTAxMjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGNkYzFkZDJhNzlmMGUyMTIyOTg3OWY5MDcxZDcyODM3OTExN2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRZDSIWsMvx3fRqtBlBzDdOk5zHZ
129t2aAsm5AOnCOkZF5dL4UE2AWClIIqokyne65oGBG/IgH72ZjkMSc/cHl1Sp9a
VKZvgUPTsKsfKSNVzb8HNAtx5VmQysMIUFkooPSKAT2lKkuR3S8rrR0SyR2xlpBK
V6otpn5pAnagldM53sjImhzmtTpU00ZSjZLwhTCOK9A9vtND09OPtPA5Aiqk+WO5
Zv/BQcDRblwbDXr2VLbpmMqGBzuI1OtbNNdXFb8axest62DsQzompTeFyMaK6AW2
wjqCfT/AqhAvI5hDLIvQSIkMDhWABCuGBYvv0yDx/EVq+BlfUtLGbFLanQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNjNwd0qefDiEimHn5Bx1yg3kRfiMB8GA1UdIwQY
MBaAFIT4JNMt8aURPYIQE0XXhaOK3b3lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgt
NDM3Mzk0OTM4YzUyLzEvMk0zQjNTcDU4T0lTS1llZmtISFhLRGVSRi1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgtNDM3Mzk0OTM4YzUy
LzEvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALma0MA0G
CSqGSIb3DQEBCwUAA4IBAQAgtvLlnoo4oDdJLOSGO10u9QV8B5VT2ddIZ8zi3pwu
hv3Uvte54aKUnXB8Snr3dmgjJ5QYI4Kxa1/0UXxnKTrRN+BtOM5CIhvuOdrFAsOW
1/jZUu9SHvB6nmfdKmf6nUcQxfMaKbwhU+lmJ6lSQ5KCBcYdos7P0DPqi/z65Crr
WTF9UJEPiSC/n5v0T2NpymM9IvGO7Bq/4Vp9hSoYESAba84CwFfTYV7HBdl5EWAA
OS53dkB0e66X91MzaqccPbwXOmhEf/nEefNUpWA5vLMzNLuXFad23RQocpN3Pv6s
I+XJOvx4WblrZIdS28+wxhL86DOrtgNV80GB1Hw1Cc+A
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:58 2024 by rpki-client on console-ams.rpki-client.org