Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/oGOohS6ek3T3OEuuv-r37EnJawo.roa
File:                     oGOohS6ek3T3OEuuv-r37EnJawo.roa (raw, json)
Hash identifier:          S/Wso8lJoNg79jKIJ10uvb3yKHiWVlHXFUp8J6Abx3w=
Subject key identifier:   A0:63:A8:85:2E:9E:93:74:F7:38:4B:AE:BF:EA:F7:EC:49:C9:6B:0A
Certificate issuer:       /CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Certificate serial:       360E151E
Authority key identifier: E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/oGOohS6ek3T3OEuuv-r37EnJawo.roa
Signing time:             Tue 21 Jun 2022 12:06:44 +0000
ROA not before:           Tue 21 Jun 2022 12:06:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     17941
IP address blocks:        46.32.184.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 906892574 (0x360e151e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
        Validity
            Not Before: Jun 21 12:06:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a063a8852e9e9374f7384baebfeaf7ec49c96b0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:bd:88:7e:de:e2:45:17:df:d3:d3:33:17:01:
                    83:54:5f:59:51:80:50:ba:51:cb:1d:a1:13:9c:6e:
                    05:c0:49:da:79:2d:61:36:74:6e:d5:a2:32:6d:17:
                    f3:25:28:d1:c7:95:be:a5:56:f4:16:16:6f:c3:20:
                    1d:de:b1:2b:ee:12:2d:df:01:9d:5c:3c:ac:ce:11:
                    15:64:9e:2a:e4:f5:f1:80:71:f2:0a:2f:b8:8c:39:
                    e1:4f:b2:1e:d2:15:36:f8:b0:43:61:ad:5c:e1:ff:
                    39:59:98:c4:a2:b0:a8:8f:f0:2a:64:ec:a7:a4:ef:
                    3c:f8:59:8a:6c:a1:4e:c9:3f:77:cc:14:e5:2e:a8:
                    75:5d:13:d9:64:fb:38:f1:8c:a5:ec:5d:e6:dd:82:
                    fd:55:e7:ec:7d:fa:21:f1:f0:e7:85:1e:bc:c8:6b:
                    ff:78:29:0f:0d:0b:b9:12:d4:c3:0f:d7:4d:2a:8a:
                    5d:1a:50:16:9d:6e:45:2a:3f:fb:fb:fd:e1:14:45:
                    38:57:7e:d9:ba:4b:26:21:93:8d:ae:f7:c3:96:af:
                    81:84:0b:96:8e:6e:b2:6c:d1:4a:d1:18:1c:e7:76:
                    7d:5c:4c:ed:e6:56:98:f8:57:9c:18:7a:20:f8:c9:
                    c8:d7:de:75:5c:75:2b:ef:3a:f4:d7:e3:f6:7a:c7:
                    20:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:63:A8:85:2E:9E:93:74:F7:38:4B:AE:BF:EA:F7:EC:49:C9:6B:0A
            X509v3 Authority Key Identifier:
                keyid:E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/oGOohS6ek3T3OEuuv-r37EnJawo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.32.184.0/22

    Signature Algorithm: sha256WithRSAEncryption
         30:14:5e:75:fc:3e:87:66:58:f6:15:dd:28:4c:ed:1b:48:27:
         06:e8:0c:7d:8b:a1:7c:4f:3d:0b:16:e5:05:d4:a4:7d:a1:1d:
         d4:05:bd:08:8f:f8:6d:d4:22:3e:9c:b1:26:27:4f:99:40:c6:
         ee:f0:b8:9b:55:66:e1:14:b2:0d:ec:31:62:1e:56:b7:40:2a:
         f3:30:64:1d:c3:52:ad:ab:b0:06:b8:1d:36:25:9f:ff:d0:b9:
         01:43:47:c0:29:a2:18:10:6b:19:1a:03:e0:c6:ed:8d:a3:a8:
         ac:98:4b:93:a1:17:a2:38:b1:a3:71:b0:80:6a:7f:9b:1e:26:
         42:20:e6:3d:0d:bc:56:ba:29:4e:e4:3b:54:db:09:73:a2:5c:
         a3:c7:89:43:45:7d:51:e5:7d:ec:fd:b4:f4:f9:d4:2a:c7:bd:
         c4:5a:e0:d5:c5:39:9b:eb:28:c4:da:78:d6:18:67:55:96:98:
         99:ff:df:48:f5:23:de:bd:37:af:e1:0b:8c:8f:39:61:cf:25:
         0e:7c:37:7a:cd:b7:f8:8f:14:5d:f6:cd:3c:6d:5e:2f:40:2c:
         43:2f:f8:02:b4:c3:6b:22:19:b9:78:fc:a6:d7:7b:f6:8c:bd:
         f2:14:9b:3f:74:b1:2f:09:72:74:df:f4:ca:4d:25:67:9d:f1:
         a6:59:5b:58
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENg4VHjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MzdlZTFlY2VkMTlmOGEwYTNhNjM1YmZhYTI2NDI5M2UzNDM3Nzk1MB4XDTIyMDYy
MTEyMDY0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTA2M2E4ODUyZTll
OTM3NGY3Mzg0YmFlYmZlYWY3ZWM0OWM5NmIwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIm9iH7e4kUX39PTMxcBg1RfWVGAULpRyx2hE5xuBcBJ2nkt
YTZ0btWiMm0X8yUo0ceVvqVW9BYWb8MgHd6xK+4SLd8BnVw8rM4RFWSeKuT18YBx
8govuIw54U+yHtIVNviwQ2GtXOH/OVmYxKKwqI/wKmTsp6TvPPhZimyhTsk/d8wU
5S6odV0T2WT7OPGMpexd5t2C/VXn7H36IfHw54UevMhr/3gpDw0LuRLUww/XTSqK
XRpQFp1uRSo/+/v94RRFOFd+2bpLJiGTja73w5avgYQLlo5usmzRStEYHOd2fVxM
7eZWmPhXnBh6IPjJyNfedVx1K+869Nfj9nrHIA0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSgY6iFLp6TdPc4S66/6vfsSclrCjAfBgNVHSMEGDAWgBTjfuHs7Rn4oKOm
Nb+qJkKT40N3lTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzQzN2g3TzBaLUtDanBqV19xaVpDay1ORGQ1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvNmQ1ZDc1LTRkMWUtNDY5Ny1iMWQzLTM2ZTM0NGFiYzlkMy8x
L29HT29oUzZlazNUM09FdXV2LXIzN0VuSmF3by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
NmQ1ZDc1LTRkMWUtNDY5Ny1iMWQzLTM2ZTM0NGFiYzlkMy8xLzQzN2g3TzBaLUtD
anBqV19xaVpDay1ORGQ1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi4guDANBgkqhkiG9w0BAQsFAAOC
AQEAMBRedfw+h2ZY9hXdKEztG0gnBugMfYuhfE89CxblBdSkfaEd1AW9CI/4bdQi
PpyxJidPmUDG7vC4m1Vm4RSyDewxYh5Wt0Aq8zBkHcNSrauwBrgdNiWf/9C5AUNH
wCmiGBBrGRoD4MbtjaOorJhLk6EXojixo3GwgGp/mx4mQiDmPQ28VropTuQ7VNsJ
c6Jco8eJQ0V9UeV97P209PnUKse9xFrg1cU5m+soxNp41hhnVZaYmf/fSPUj3r03
r+ELjI85Yc8lDnw3es23+I8UXfbNPG1eL0AsQy/4ArTDayIZuXj8ptd79oy98hSb
P3SxLwlydN/0yk0lZ53xpllbWA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:11 2024 by rpki-client on console-fra.rpki-client.org