Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/53e496-0097-462a-a989-d67a61d5416d/1/3QqvbR6SYENMzWgJfh69GElh5ps.roa
File:                     3QqvbR6SYENMzWgJfh69GElh5ps.roa (raw, json)
Hash identifier:          MATEDIqFiOO84wYiakAdd6uc61ZCwmJIaTf6gQ85QYc=
Subject key identifier:   DD:0A:AF:6D:1E:92:60:43:4C:CD:68:09:7E:1E:BD:18:49:61:E6:9B
Certificate issuer:       /CN=f416539e74934d23a0572f6625dbfdb54e820873
Certificate serial:       308AF9ED
Authority key identifier: F4:16:53:9E:74:93:4D:23:A0:57:2F:66:25:DB:FD:B5:4E:82:08:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9BZTnnSTTSOgVy9mJdv9tU6CCHM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/53e496-0097-462a-a989-d67a61d5416d/1/3QqvbR6SYENMzWgJfh69GElh5ps.roa
Signing time:             Sat 01 Jan 2022 14:04:58 +0000
ROA not before:           Sat 01 Jan 2022 14:04:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     56671
IP address blocks:        46.255.149.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 814414317 (0x308af9ed)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f416539e74934d23a0572f6625dbfdb54e820873
        Validity
            Not Before: Jan  1 14:04:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dd0aaf6d1e9260434ccd68097e1ebd184961e69b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:78:4b:ea:00:10:91:fe:56:c1:1e:40:11:8c:
                    80:89:5d:dd:b6:a9:f0:e5:ba:f3:e2:a6:04:57:3c:
                    00:e4:c0:d3:eb:98:7e:74:ca:71:5e:5c:f5:ac:d6:
                    08:6a:da:78:d9:f1:45:65:91:ea:89:4e:f8:b0:33:
                    74:d1:be:0b:72:f6:f2:f3:21:a1:42:f9:72:97:8a:
                    8c:e5:78:92:86:0a:e9:da:48:29:a6:b2:bc:d1:78:
                    25:4e:05:b7:ff:5c:27:9d:ff:bc:42:e4:97:40:7f:
                    38:17:41:12:57:21:9e:01:ae:82:5d:e4:bb:17:48:
                    2f:29:ba:c3:cd:c9:46:ea:f7:46:3a:f1:d5:5e:84:
                    cd:ae:bf:2a:4f:3f:83:c7:b3:a9:55:62:5e:0a:50:
                    0d:1e:d9:f3:40:bc:63:03:67:20:cd:6d:57:f2:69:
                    7d:b4:76:bd:61:6f:cd:af:3c:7a:d1:ba:4e:88:b4:
                    a7:07:08:5e:2a:00:87:6e:e1:ad:b6:e7:9d:f5:b7:
                    8b:72:6e:1b:42:f2:41:b6:d5:16:3f:c0:6f:48:7c:
                    91:e6:2e:7c:98:44:bb:d3:4c:e5:6d:1d:76:a4:b6:
                    78:05:25:b2:fd:66:a0:37:2d:44:aa:48:64:d9:b1:
                    19:96:04:16:89:19:1d:2e:80:d0:0f:c8:7a:2c:a4:
                    13:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:0A:AF:6D:1E:92:60:43:4C:CD:68:09:7E:1E:BD:18:49:61:E6:9B
            X509v3 Authority Key Identifier:
                keyid:F4:16:53:9E:74:93:4D:23:A0:57:2F:66:25:DB:FD:B5:4E:82:08:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9BZTnnSTTSOgVy9mJdv9tU6CCHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/53e496-0097-462a-a989-d67a61d5416d/1/3QqvbR6SYENMzWgJfh69GElh5ps.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/53e496-0097-462a-a989-d67a61d5416d/1/9BZTnnSTTSOgVy9mJdv9tU6CCHM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.255.149.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:10:2d:5a:e1:73:29:44:a4:2e:38:35:ac:13:8b:d6:23:1d:
         3b:d4:67:83:fb:57:80:2e:07:7d:95:26:4f:5d:fe:9a:9d:f3:
         b2:0b:7b:38:1f:09:d3:01:ff:14:74:a3:cf:eb:a6:8b:2c:58:
         0e:cc:e9:63:ef:3a:fa:15:af:d7:35:20:e3:cb:b5:24:33:b8:
         cb:5d:86:79:03:31:f2:f9:d4:64:6e:f1:17:42:7d:ec:3a:de:
         28:e2:85:f0:04:1a:93:ad:ca:1e:c7:e2:60:ee:c9:05:ba:fe:
         d9:72:9b:ea:2a:b7:76:67:81:fd:46:d3:02:7b:34:6e:00:b9:
         fd:fd:d3:8a:73:3c:f4:14:e4:1b:49:55:f9:43:c2:bb:72:0f:
         cf:a7:cf:83:3c:e9:b5:bc:db:55:84:48:c0:02:0a:de:04:69:
         ac:ec:88:96:a0:fe:69:05:f1:5c:fb:ed:91:39:6f:03:61:f9:
         d6:57:14:91:f1:82:df:fb:05:49:10:b5:88:f3:4c:b9:29:af:
         81:5b:2f:88:de:2e:1c:c3:20:2b:40:86:36:7f:c6:ea:88:ff:
         62:be:7f:6a:1e:e2:c4:1c:65:3c:82:41:b1:ea:21:86:14:72:
         86:c4:69:7b:8f:21:f6:4c:eb:32:24:a4:33:89:93:b4:ca:a2:
         37:42:80:04
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEMIr57TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NDE2NTM5ZTc0OTM0ZDIzYTA1NzJmNjYyNWRiZmRiNTRlODIwODczMB4XDTIyMDEw
MTE0MDQ1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGQwYWFmNmQxZTky
NjA0MzRjY2Q2ODA5N2UxZWJkMTg0OTYxZTY5YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJF4S+oAEJH+VsEeQBGMgIld3bap8OW68+KmBFc8AOTA0+uY
fnTKcV5c9azWCGraeNnxRWWR6olO+LAzdNG+C3L28vMhoUL5cpeKjOV4koYK6dpI
KaayvNF4JU4Ft/9cJ53/vELkl0B/OBdBElchngGugl3kuxdILym6w83JRur3Rjrx
1V6Eza6/Kk8/g8ezqVViXgpQDR7Z80C8YwNnIM1tV/JpfbR2vWFvza88etG6Toi0
pwcIXioAh27hrbbnnfW3i3JuG0LyQbbVFj/Ab0h8keYufJhEu9NM5W0ddqS2eAUl
sv1moDctRKpIZNmxGZYEFokZHS6A0A/IeiykE0cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTdCq9tHpJgQ0zNaAl+Hr0YSWHmmzAfBgNVHSMEGDAWgBT0FlOedJNNI6BX
L2Yl2/21ToIIczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlCWlRublNUVFNPZ1Z5OW1KZHY5dFU2Q0NITS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvNTNlNDk2LTAwOTctNDYyYS1hOTg5LWQ2N2E2MWQ1NDE2ZC8x
LzNRcXZiUjZTWUVOTXpXZ0pmaDY5R0VsaDVwcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
NTNlNDk2LTAwOTctNDYyYS1hOTg5LWQ2N2E2MWQ1NDE2ZC8xLzlCWlRublNUVFNP
Z1Z5OW1KZHY5dFU2Q0NITS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC7/lTANBgkqhkiG9w0BAQsFAAOC
AQEARBAtWuFzKUSkLjg1rBOL1iMdO9Rng/tXgC4HfZUmT13+mp3zsgt7OB8J0wH/
FHSjz+umiyxYDszpY+86+hWv1zUg48u1JDO4y12GeQMx8vnUZG7xF0J97DreKOKF
8AQak63KHsfiYO7JBbr+2XKb6iq3dmeB/UbTAns0bgC5/f3TinM89BTkG0lV+UPC
u3IPz6fPgzzptbzbVYRIwAIK3gRprOyIlqD+aQXxXPvtkTlvA2H51lcUkfGC3/sF
SRC1iPNMuSmvgVsviN4uHMMgK0CGNn/G6oj/Yr5/ah7ixBxlPIJBseohhhRyhsRp
e48h9kzrMiSkM4mTtMqiN0KABA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:43 2024 by rpki-client on console-ams.rpki-client.org