Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/FuoO_wV9i-AujUtPcHR1fMdocg4.roa
File:                     FuoO_wV9i-AujUtPcHR1fMdocg4.roa (raw, json)
Hash identifier:          aMvuP3RBAHn6TV7F3tVN4HU1YF/dTP4bA87cqfgdXUY=
Subject key identifier:   16:EA:0E:FF:05:7D:8B:E0:2E:8D:4B:4F:70:74:75:7C:C7:68:72:0E
Certificate issuer:       /CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Certificate serial:       34C8AA97
Authority key identifier: E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/FuoO_wV9i-AujUtPcHR1fMdocg4.roa
Signing time:             Sun 13 Feb 2022 15:43:03 +0000
ROA not before:           Sun 13 Feb 2022 15:43:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203622
IP address blocks:        46.32.166.0/24 maxlen: 24
                          46.32.165.0/24 maxlen: 24
                          46.32.164.0/24 maxlen: 24
                          46.32.160.0/24 maxlen: 24
                          46.32.162.0/24 maxlen: 24
                          46.32.161.0/24 maxlen: 24
                          46.32.167.0/24 maxlen: 24
                          46.32.168.0/24 maxlen: 24
                          46.32.170.0/24 maxlen: 24
                          46.32.172.0/24 maxlen: 24
                          46.32.171.0/24 maxlen: 24
                          46.32.177.0/24 maxlen: 24
                          46.32.179.0/24 maxlen: 24
                          46.32.178.0/24 maxlen: 24
                          46.32.174.0/24 maxlen: 24
                          46.32.173.0/24 maxlen: 24
                          46.32.176.0/24 maxlen: 24
                          46.32.175.0/24 maxlen: 24
                          46.32.184.0/24 maxlen: 24
                          46.32.186.0/24 maxlen: 24
                          46.32.185.0/24 maxlen: 24
                          46.32.191.0/24 maxlen: 24
                          46.32.188.0/24 maxlen: 24
                          46.32.187.0/24 maxlen: 24
                          46.32.190.0/24 maxlen: 24
                          46.32.189.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 885566103 (0x34c8aa97)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
        Validity
            Not Before: Feb 13 15:43:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=16ea0eff057d8be02e8d4b4f7074757cc768720e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:ad:6d:fd:73:74:0c:e0:28:16:45:7f:69:a0:
                    f8:80:d5:02:dd:e0:e8:97:df:91:e6:c9:5c:0e:c5:
                    8c:06:75:3c:6a:b8:40:24:78:6b:6b:6f:0c:a7:92:
                    42:93:b0:3c:2a:5e:d4:23:87:9c:dd:93:dc:4f:66:
                    e8:f2:96:ca:cb:cd:be:66:1a:a9:b1:5f:3e:6a:e3:
                    09:72:ec:a1:d8:8d:5b:24:4b:24:5c:70:d0:fc:be:
                    08:6d:ce:d1:36:51:cc:78:38:51:23:52:92:5e:dd:
                    eb:89:48:a2:55:15:6e:36:c1:51:d2:38:36:b0:c4:
                    8e:72:e5:2f:f4:d8:01:e5:84:c6:8f:93:5a:c1:92:
                    cc:de:50:2c:f5:eb:23:8f:39:a4:65:b6:cc:ce:83:
                    aa:da:18:ef:79:6a:e6:37:d0:c3:cf:78:ac:d3:16:
                    22:45:43:90:42:c0:9e:e4:27:cb:6a:bb:07:02:18:
                    27:14:0e:db:94:93:8f:dc:73:6f:db:38:a2:cb:3c:
                    a3:ea:53:4b:21:cc:44:2b:d9:67:a1:82:b1:1f:27:
                    5f:32:06:7c:b2:6f:d9:be:bc:eb:34:9c:28:77:3b:
                    51:9f:b1:24:b6:22:d0:99:ef:22:42:04:45:5f:1f:
                    6b:a4:9f:39:42:a6:e1:f7:1a:4c:d2:04:48:52:db:
                    c7:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:EA:0E:FF:05:7D:8B:E0:2E:8D:4B:4F:70:74:75:7C:C7:68:72:0E
            X509v3 Authority Key Identifier:
                keyid:E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/FuoO_wV9i-AujUtPcHR1fMdocg4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.32.160.0-46.32.162.255
                  46.32.164.0-46.32.168.255
                  46.32.170.0-46.32.179.255
                  46.32.184.0/21

    Signature Algorithm: sha256WithRSAEncryption
         5b:25:d3:4f:0d:5b:33:68:77:e8:77:97:b2:08:00:75:9c:10:
         7e:df:f6:3c:af:49:e8:4d:a3:b9:2c:42:e0:d2:fa:5f:9d:af:
         1a:3c:c9:5d:3b:da:83:d1:91:c5:05:66:1f:90:56:0c:5d:b4:
         77:93:4c:3d:db:ee:bd:67:a4:d8:2d:35:8a:91:4f:a1:e8:cc:
         96:ca:c4:63:da:09:f6:16:d2:5d:00:81:b9:7b:85:63:6d:2d:
         3c:fa:e7:fc:06:4c:56:a1:6f:51:ca:3b:7d:6c:5e:d1:a9:8e:
         3b:a0:44:38:2a:c4:7b:8a:17:b6:8c:1f:88:32:85:74:15:b8:
         ff:8a:52:10:dc:db:6e:e8:02:d6:61:af:09:2a:4b:b5:ba:12:
         94:ed:2a:b4:8f:09:0f:09:09:54:ca:55:88:77:8c:a7:58:45:
         14:78:d7:6e:a9:e7:16:b6:00:6f:1a:2f:d3:e7:77:73:1d:b3:
         e1:ef:27:82:35:e6:d6:73:d2:eb:fa:ba:74:95:ee:e8:7f:f4:
         9c:08:20:fa:31:b4:c5:5b:aa:55:e0:f2:4e:47:0c:d1:bb:b9:
         22:d5:d6:6a:fb:e6:50:09:e7:2c:b1:8d:98:6a:41:74:71:15:
         d9:f5:12:0f:e6:f0:96:58:7c:7a:10:ce:83:ee:96:6b:05:c2:
         11:95:6b:e8
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIENMiqlzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MzdlZTFlY2VkMTlmOGEwYTNhNjM1YmZhYTI2NDI5M2UzNDM3Nzk1MB4XDTIyMDIx
MzE1NDMwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTZlYTBlZmYwNTdk
OGJlMDJlOGQ0YjRmNzA3NDc1N2NjNzY4NzIwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK2tbf1zdAzgKBZFf2mg+IDVAt3g6JffkebJXA7FjAZ1PGq4
QCR4a2tvDKeSQpOwPCpe1COHnN2T3E9m6PKWysvNvmYaqbFfPmrjCXLsodiNWyRL
JFxw0Py+CG3O0TZRzHg4USNSkl7d64lIolUVbjbBUdI4NrDEjnLlL/TYAeWExo+T
WsGSzN5QLPXrI485pGW2zM6DqtoY73lq5jfQw894rNMWIkVDkELAnuQny2q7BwIY
JxQO25STj9xzb9s4oss8o+pTSyHMRCvZZ6GCsR8nXzIGfLJv2b686zScKHc7UZ+x
JLYi0JnvIkIERV8fa6SfOUKm4fcaTNIESFLbxzUCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBQW6g7/BX2L4C6NS09wdHV8x2hyDjAfBgNVHSMEGDAWgBTjfuHs7Rn4oKOm
Nb+qJkKT40N3lTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzQzN2g3TzBaLUtDanBqV19xaVpDay1ORGQ1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvNmQ1ZDc1LTRkMWUtNDY5Ny1iMWQzLTM2ZTM0NGFiYzlkMy8x
L0Z1b09fd1Y5aS1BdWpVdFBjSFIxZk1kb2NnNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
NmQ1ZDc1LTRkMWUtNDY5Ny1iMWQzLTM2ZTM0NGFiYzlkMy8xLzQzN2g3TzBaLUtD
anBqV19xaVpDay1ORGQ1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMDAMAwQFLiCgAwQALiCiMAwDBAIuIKQD
BAAuIKgwDAMEAS4gqgMEAi4gsAMEAy4guDANBgkqhkiG9w0BAQsFAAOCAQEAWyXT
Tw1bM2h36HeXsggAdZwQft/2PK9J6E2juSxC4NL6X52vGjzJXTvag9GRxQVmH5BW
DF20d5NMPdvuvWek2C01ipFPoejMlsrEY9oJ9hbSXQCBuXuFY20tPPrn/AZMVqFv
Uco7fWxe0amOO6BEOCrEe4oXtowfiDKFdBW4/4pSENzbbugC1mGvCSpLtboSlO0q
tI8JDwkJVMpViHeMp1hFFHjXbqnnFrYAbxov0+d3cx2z4e8ngjXm1nPS6/q6dJXu
6H/0nAgg+jG0xVuqVeDyTkcM0bu5ItXWavvmUAnnLLGNmGpBdHEV2fUSD+bwllh8
ehDOg+6WawXCEZVr6A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:11 2024 by rpki-client on console-fra.rpki-client.org