Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/_EhVMV3Rgi6MBqk7HkNp4hdwyus.roa
File:                     _EhVMV3Rgi6MBqk7HkNp4hdwyus.roa (raw, json)
Hash identifier:          BX3B+ItS/amSVMhDmj1KjLPS3EQonoqWYaOSxS2m2pg=
Subject key identifier:   FC:48:55:31:5D:D1:82:2E:8C:06:A9:3B:1E:43:69:E2:17:70:CA:EB
Certificate issuer:       /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial:       180933D9
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/_EhVMV3Rgi6MBqk7HkNp4hdwyus.roa
Signing time:             Sat 01 Jan 2022 04:00:35 +0000
ROA not before:           Sat 01 Jan 2022 04:00:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     201384
IP address blocks:        46.10.176.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 403256281 (0x180933d9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
        Validity
            Not Before: Jan  1 04:00:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fc4855315dd1822e8c06a93b1e4369e21770caeb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:0b:14:fc:48:63:3e:6c:4f:b7:7e:b1:48:3a:
                    43:34:fc:90:4d:04:86:49:7f:c7:d1:0f:aa:ae:dc:
                    f8:f2:7a:58:e0:f6:c3:46:27:7e:27:28:c1:5e:67:
                    4a:d2:3f:c6:f2:11:bb:9a:08:fe:52:1d:45:ba:3d:
                    71:23:63:29:f4:54:65:22:3c:c5:5f:93:dc:6b:3a:
                    fd:d9:63:21:e1:b2:d1:19:88:8a:d9:3c:d0:b6:54:
                    83:09:a4:ea:03:f2:e7:38:46:c4:4a:c1:43:d6:b8:
                    3c:93:bd:e6:3a:75:bc:49:ab:69:80:d4:07:e0:25:
                    05:8b:cb:47:d1:f7:7c:5f:52:55:62:5e:1b:96:82:
                    36:eb:ad:1e:12:52:c8:45:4d:57:a5:14:23:e8:d6:
                    b6:0b:1b:57:12:50:e5:a1:6c:71:37:8f:a7:0d:22:
                    ed:53:23:67:d8:88:23:21:a1:72:3b:0e:65:8e:b3:
                    8e:49:c0:03:39:a5:cf:93:51:43:ef:5f:de:39:dd:
                    0e:0b:2e:19:bd:b9:4e:a6:35:f7:38:41:b0:c9:32:
                    23:f6:a1:53:98:b9:61:12:bd:e4:73:18:11:b4:d2:
                    d1:0e:d7:86:02:ac:02:34:1f:a3:f0:ce:ff:b8:42:
                    00:31:5e:26:0c:b2:d7:86:4f:91:8a:ca:a2:c6:58:
                    40:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:48:55:31:5D:D1:82:2E:8C:06:A9:3B:1E:43:69:E2:17:70:CA:EB
            X509v3 Authority Key Identifier:
                keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/_EhVMV3Rgi6MBqk7HkNp4hdwyus.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.10.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         64:38:bf:bc:73:a7:28:26:75:e3:22:e5:0b:60:9e:f5:4d:99:
         0c:de:b2:7b:11:d6:59:0f:b1:ba:af:7b:f9:be:ce:d7:66:6d:
         81:2d:ef:f2:46:59:03:8c:6c:a8:f3:80:af:f9:94:51:a0:53:
         6c:50:64:15:ec:65:83:43:25:f1:49:4d:6e:21:ff:6d:2e:c9:
         2f:50:36:eb:ad:b5:ea:24:0a:c6:1f:9d:4d:2e:26:22:0d:f9:
         01:de:9f:2a:23:9b:7a:d6:48:a4:3d:00:8e:6a:c3:dc:9b:fb:
         a1:94:a5:ff:4d:31:c9:88:4b:50:fb:13:b9:85:85:8e:79:d3:
         f4:80:a0:5e:65:2b:2f:34:9a:3a:da:6e:8c:94:ef:c2:7b:32:
         9b:14:6c:df:bb:f9:af:9e:51:e4:85:d5:53:6a:a9:95:16:1f:
         97:a3:e5:c6:c7:70:15:49:5f:2b:3f:7c:0a:63:34:b3:78:57:
         00:f1:33:ca:30:ed:b4:5a:ce:ca:90:fd:e4:b4:61:3c:e8:e5:
         7e:b1:ae:35:6f:57:ce:56:fe:56:03:26:0c:cf:b1:ec:85:38:
         fb:f5:c4:7f:ac:3a:08:14:b6:e4:a2:e7:9b:4d:21:d1:15:f3:
         ad:98:61:d2:6e:94:08:46:41:44:5a:07:f6:6a:e6:65:92:23:
         06:bf:a2:f1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGAkz2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NGIyZjRmYTUxNjNhZjk2MTY4ZTg4ZmJmOWNiNGVkMWVkOGZiNGM0MB4XDTIyMDEw
MTA0MDAzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmM0ODU1MzE1ZGQx
ODIyZThjMDZhOTNiMWU0MzY5ZTIxNzcwY2FlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM8LFPxIYz5sT7d+sUg6QzT8kE0Ehkl/x9EPqq7c+PJ6WOD2
w0YnficowV5nStI/xvIRu5oI/lIdRbo9cSNjKfRUZSI8xV+T3Gs6/dljIeGy0RmI
itk80LZUgwmk6gPy5zhGxErBQ9a4PJO95jp1vEmraYDUB+AlBYvLR9H3fF9SVWJe
G5aCNuutHhJSyEVNV6UUI+jWtgsbVxJQ5aFscTePpw0i7VMjZ9iIIyGhcjsOZY6z
jknAAzmlz5NRQ+9f3jndDgsuGb25TqY19zhBsMkyI/ahU5i5YRK95HMYEbTS0Q7X
hgKsAjQfo/DO/7hCADFeJgyy14ZPkYrKosZYQKECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT8SFUxXdGCLowGqTseQ2niF3DK6zAfBgNVHSMEGDAWgBSEsvT6UWOvlhaO
iPv5y07R7Y+0xDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hMTDAtbEZqcjVZV2pvajctY3RPMGUyUHRNUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvNGFhNzg5LTg3OGItNDcyYi1iODQ3LTg3MmJhMmQ5ZjQ0Yy8x
L19FaFZNVjNSZ2k2TUJxazdIa05wNGhkd3l1cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
NGFhNzg5LTg3OGItNDcyYi1iODQ3LTg3MmJhMmQ5ZjQ0Yy8xL2hMTDAtbEZqcjVZ
V2pvajctY3RPMGUyUHRNUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC4KsDANBgkqhkiG9w0BAQsFAAOC
AQEAZDi/vHOnKCZ14yLlC2Ce9U2ZDN6yexHWWQ+xuq97+b7O12ZtgS3v8kZZA4xs
qPOAr/mUUaBTbFBkFexlg0Ml8UlNbiH/bS7JL1A266216iQKxh+dTS4mIg35Ad6f
KiObetZIpD0AjmrD3Jv7oZSl/00xyYhLUPsTuYWFjnnT9ICgXmUrLzSaOtpujJTv
wnsymxRs37v5r55R5IXVU2qplRYfl6PlxsdwFUlfKz98CmM0s3hXAPEzyjDttFrO
ypD95LRhPOjlfrGuNW9Xzlb+VgMmDM+x7IU4+/XEf6w6CBS25KLnm00h0RXzrZhh
0m6UCEZBRFoH9mrmZZIjBr+i8Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:53 2024 by rpki-client on console-ams.rpki-client.org