Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/vqs1L0Qe_EanSjTeyD46pIONixM.roa
File:                     vqs1L0Qe_EanSjTeyD46pIONixM.roa (raw, json)
Hash identifier:          2GuO1U28sDgpVp9KJoeZvsO3+pZEm/UvnCTazp2vxDM=
Subject key identifier:   BE:AB:35:2F:44:1E:FC:46:A7:4A:34:DE:C8:3E:3A:A4:83:8D:8B:13
Certificate issuer:       /CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Certificate serial:       3570E12B
Authority key identifier: E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/vqs1L0Qe_EanSjTeyD46pIONixM.roa
Signing time:             Wed 20 Apr 2022 09:41:47 +0000
ROA not before:           Wed 20 Apr 2022 09:41:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     18046
IP address blocks:        46.32.186.0/24 maxlen: 24
                          46.32.184.0/22 maxlen: 22
                          46.32.185.0/24 maxlen: 24
                          46.32.184.0/24 maxlen: 24
                          46.32.187.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 896590123 (0x3570e12b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
        Validity
            Not Before: Apr 20 09:41:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=beab352f441efc46a74a34dec83e3aa4838d8b13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:43:b3:b6:0b:1b:6d:19:3a:80:a9:a1:97:96:
                    24:77:14:83:7a:47:35:48:d2:04:4b:b5:a1:1b:cb:
                    ed:6e:65:fc:9d:83:cc:09:32:1c:21:cc:9b:a9:f5:
                    da:e2:17:f4:2e:f6:93:4e:10:4c:81:53:02:31:c2:
                    62:55:07:82:a5:7c:31:a3:0b:c7:d7:52:d5:2d:56:
                    09:95:37:11:8a:25:8e:98:05:3f:69:73:26:00:1b:
                    60:e3:62:a1:c7:2c:8c:dd:69:e9:f2:c6:cf:26:57:
                    77:57:af:3a:9e:7b:4c:47:33:71:22:59:48:01:92:
                    d3:c1:5d:f9:03:27:88:8a:e6:cb:a6:c9:bd:b0:dd:
                    e4:f7:27:61:9c:c9:d6:80:1f:dc:c2:da:32:2f:7f:
                    ea:7b:85:44:ed:5d:e8:4c:74:51:87:6c:0b:69:01:
                    aa:2f:be:03:e6:41:ff:35:e4:be:43:87:39:e3:d0:
                    09:3b:47:ce:50:5c:fc:69:bc:61:fd:37:b4:f4:f0:
                    8f:0f:92:e2:4f:86:b7:4f:61:1d:eb:d2:b5:34:65:
                    d9:58:94:97:7c:d6:b2:32:dc:bc:ac:79:a6:46:e4:
                    41:4a:71:4a:5e:e5:6c:67:bd:22:c8:f5:2f:c5:9b:
                    ca:4a:f0:e0:e2:51:1e:38:70:0e:e5:2d:5f:58:a4:
                    89:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:AB:35:2F:44:1E:FC:46:A7:4A:34:DE:C8:3E:3A:A4:83:8D:8B:13
            X509v3 Authority Key Identifier:
                keyid:E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/vqs1L0Qe_EanSjTeyD46pIONixM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.32.184.0/22

    Signature Algorithm: sha256WithRSAEncryption
         08:20:d5:4e:89:5b:a5:0f:af:23:f9:bd:90:03:34:1b:4e:c5:
         16:94:c3:b2:9d:48:2c:b4:e1:2a:aa:65:bc:1f:e3:4a:ae:20:
         78:55:5f:88:3a:07:3d:14:f2:58:fe:8d:ae:8e:ad:b7:04:31:
         60:e5:a9:77:f7:6d:c1:67:75:37:bd:91:cb:d7:6a:07:76:64:
         4f:72:ce:3b:11:0a:05:58:01:ee:3b:49:e8:80:84:66:50:59:
         b6:12:5a:2b:39:81:9b:83:50:58:ec:6f:88:0f:9c:8c:c2:71:
         4a:a5:80:8c:e0:7a:1e:f6:ec:f2:ca:12:be:15:6f:43:d5:46:
         27:0d:01:9b:c0:e1:ba:d9:e5:0c:8d:14:44:a8:46:e5:06:82:
         d3:bb:51:db:3f:c9:94:fa:79:1a:8f:d0:11:ae:a4:b5:8a:6e:
         ae:43:94:eb:c5:0b:16:c1:ad:83:35:95:2f:ca:fe:07:0d:3f:
         a7:e9:5c:39:21:1e:20:f9:89:a5:25:a5:e3:28:2e:e2:3c:87:
         4b:6b:b0:8c:69:13:18:95:22:f9:68:01:ff:ca:97:d8:02:b8:
         25:56:08:7e:8f:27:d5:2f:1a:24:54:24:aa:5a:24:46:44:54:
         35:90:09:8f:84:1b:cc:73:12:85:a9:71:ad:41:14:1c:34:85:
         16:75:e6:31
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENXDhKzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MzdlZTFlY2VkMTlmOGEwYTNhNjM1YmZhYTI2NDI5M2UzNDM3Nzk1MB4XDTIyMDQy
MDA5NDE0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmVhYjM1MmY0NDFl
ZmM0NmE3NGEzNGRlYzgzZTNhYTQ4MzhkOGIxMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANhDs7YLG20ZOoCpoZeWJHcUg3pHNUjSBEu1oRvL7W5l/J2D
zAkyHCHMm6n12uIX9C72k04QTIFTAjHCYlUHgqV8MaMLx9dS1S1WCZU3EYoljpgF
P2lzJgAbYONioccsjN1p6fLGzyZXd1evOp57TEczcSJZSAGS08Fd+QMniIrmy6bJ
vbDd5PcnYZzJ1oAf3MLaMi9/6nuFRO1d6Ex0UYdsC2kBqi++A+ZB/zXkvkOHOePQ
CTtHzlBc/Gm8Yf03tPTwjw+S4k+Gt09hHevStTRl2ViUl3zWsjLcvKx5pkbkQUpx
Sl7lbGe9Isj1L8Wbykrw4OJRHjhwDuUtX1ikiRECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS+qzUvRB78RqdKNN7IPjqkg42LEzAfBgNVHSMEGDAWgBTjfuHs7Rn4oKOm
Nb+qJkKT40N3lTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzQzN2g3TzBaLUtDanBqV19xaVpDay1ORGQ1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvNmQ1ZDc1LTRkMWUtNDY5Ny1iMWQzLTM2ZTM0NGFiYzlkMy8x
L3ZxczFMMFFlX0VhblNqVGV5RDQ2cElPTml4TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
NmQ1ZDc1LTRkMWUtNDY5Ny1iMWQzLTM2ZTM0NGFiYzlkMy8xLzQzN2g3TzBaLUtD
anBqV19xaVpDay1ORGQ1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi4guDANBgkqhkiG9w0BAQsFAAOC
AQEACCDVTolbpQ+vI/m9kAM0G07FFpTDsp1ILLThKqplvB/jSq4geFVfiDoHPRTy
WP6Nro6ttwQxYOWpd/dtwWd1N72Ry9dqB3ZkT3LOOxEKBVgB7jtJ6ICEZlBZthJa
KzmBm4NQWOxviA+cjMJxSqWAjOB6Hvbs8soSvhVvQ9VGJw0Bm8DhutnlDI0URKhG
5QaC07tR2z/JlPp5Go/QEa6ktYpurkOU68ULFsGtgzWVL8r+Bw0/p+lcOSEeIPmJ
pSWl4ygu4jyHS2uwjGkTGJUi+WgB/8qX2AK4JVYIfo8n1S8aJFQkqlokRkRUNZAJ
j4QbzHMShalxrUEUHDSFFnXmMQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:11 2024 by rpki-client on console-fra.rpki-client.org