Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/M5NQiTWzXEM8tHzIWcPRq4ueAeQ.roa
File:                     M5NQiTWzXEM8tHzIWcPRq4ueAeQ.roa (raw, json)
Hash identifier:          2Wpe3AAYCpLOSxhmpOR64oqAcG8P5UaK3FFxWWrY3sI=
Subject key identifier:   33:93:50:89:35:B3:5C:43:3C:B4:7C:C8:59:C3:D1:AB:8B:9E:01:E4
Certificate issuer:       /CN=52a5c90ca928313bc70d2683bb0f64d632b273a1
Certificate serial:       0B385959
Authority key identifier: 52:A5:C9:0C:A9:28:31:3B:C7:0D:26:83:BB:0F:64:D6:32:B2:73:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UqXJDKkoMTvHDSaDuw9k1jKyc6E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/M5NQiTWzXEM8tHzIWcPRq4ueAeQ.roa
Signing time:             Sat 01 Jan 2022 13:02:27 +0000
ROA not before:           Sat 01 Jan 2022 13:02:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     64396
IP address blocks:        46.229.8.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 188242265 (0xb385959)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52a5c90ca928313bc70d2683bb0f64d632b273a1
        Validity
            Not Before: Jan  1 13:02:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3393508935b35c433cb47cc859c3d1ab8b9e01e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:96:de:55:a4:94:60:d8:fb:9a:63:93:f4:44:
                    7f:05:c1:64:37:cf:41:c4:8e:54:5e:36:4d:6c:4f:
                    81:22:3b:7c:b1:eb:3d:ef:46:11:33:87:85:03:4b:
                    5a:8e:f0:de:96:80:a3:be:36:46:7d:da:12:f8:1c:
                    2e:26:cc:d7:ec:73:0e:92:6b:ca:50:1d:93:14:53:
                    20:52:63:2f:42:aa:10:97:e9:5b:0e:4b:2a:0e:d6:
                    92:f0:74:62:85:4f:bf:11:28:14:0e:8b:eb:61:1f:
                    1a:29:a7:99:b2:1a:42:ad:24:9c:81:54:65:d4:27:
                    25:5f:b6:b6:d2:9a:6a:a6:c4:04:86:ca:cd:a4:eb:
                    51:5d:85:13:d1:bc:3f:9e:0c:2e:80:7b:3e:78:f0:
                    b7:08:b8:b1:96:8a:26:ad:aa:d5:10:42:32:d2:7e:
                    5e:31:19:00:60:7f:65:1d:22:69:8c:c7:1f:07:75:
                    18:f0:8f:e2:05:53:a4:2b:27:a5:d5:51:e3:08:39:
                    2b:fd:e9:5f:a9:65:32:5f:e3:24:3d:a5:33:da:9e:
                    bc:f7:c6:9e:8d:40:ec:0d:80:3e:63:bd:09:91:81:
                    e1:c7:d3:20:f0:b4:e6:5d:ca:b4:ec:2d:32:55:7e:
                    29:34:60:a7:31:f8:8c:7b:05:3f:e6:fb:1e:01:0c:
                    2a:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:93:50:89:35:B3:5C:43:3C:B4:7C:C8:59:C3:D1:AB:8B:9E:01:E4
            X509v3 Authority Key Identifier:
                keyid:52:A5:C9:0C:A9:28:31:3B:C7:0D:26:83:BB:0F:64:D6:32:B2:73:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UqXJDKkoMTvHDSaDuw9k1jKyc6E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/M5NQiTWzXEM8tHzIWcPRq4ueAeQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/UqXJDKkoMTvHDSaDuw9k1jKyc6E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.229.8.0/23

    Signature Algorithm: sha256WithRSAEncryption
         aa:89:56:57:7f:93:e0:33:a1:32:73:b2:b8:8d:0a:05:ab:75:
         26:de:39:f0:96:e8:b6:00:03:0f:ca:6e:41:dd:96:fc:74:df:
         53:a4:39:aa:f7:cd:a8:f7:09:db:f7:01:b1:bb:14:87:00:86:
         f3:4d:95:31:88:32:6e:c3:0b:7b:7f:f5:c5:2d:5e:61:78:64:
         ef:72:75:f6:f5:10:7e:7d:30:13:65:c3:f4:47:ac:7c:2c:c2:
         55:7c:60:ea:46:cd:92:e5:48:c2:f5:02:f4:f4:bf:17:12:b1:
         7c:a8:cd:fa:be:1d:04:18:75:6e:58:25:25:80:04:38:03:eb:
         da:65:b3:f2:3b:1a:ca:b2:4c:71:b4:35:7a:b3:d4:14:60:03:
         06:21:45:56:a6:98:49:6b:b4:a6:6e:90:7d:75:b9:2b:64:a5:
         4d:f0:f0:6d:78:b1:78:a0:ee:39:33:3e:ab:de:ff:4e:68:7f:
         45:36:5e:c4:5a:c9:6c:f3:28:a6:5c:84:a4:26:8f:fa:ec:f2:
         10:90:4a:67:1e:e8:16:c8:ca:0a:f8:cf:19:23:8c:e0:63:8b:
         cb:fe:a7:fa:88:01:6a:60:47:18:02:8a:b1:12:92:35:23:ae:
         0c:bc:07:72:e4:8f:d8:f2:6f:de:65:1f:db:2e:90:20:c3:91:
         ec:03:49:cd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECzhZWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MmE1YzkwY2E5MjgzMTNiYzcwZDI2ODNiYjBmNjRkNjMyYjI3M2ExMB4XDTIyMDEw
MTEzMDIyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzM5MzUwODkzNWIz
NWM0MzNjYjQ3Y2M4NTljM2QxYWI4YjllMDFlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALiW3lWklGDY+5pjk/REfwXBZDfPQcSOVF42TWxPgSI7fLHr
Pe9GETOHhQNLWo7w3paAo742Rn3aEvgcLibM1+xzDpJrylAdkxRTIFJjL0KqEJfp
Ww5LKg7WkvB0YoVPvxEoFA6L62EfGimnmbIaQq0knIFUZdQnJV+2ttKaaqbEBIbK
zaTrUV2FE9G8P54MLoB7Pnjwtwi4sZaKJq2q1RBCMtJ+XjEZAGB/ZR0iaYzHHwd1
GPCP4gVTpCsnpdVR4wg5K/3pX6llMl/jJD2lM9qevPfGno1A7A2APmO9CZGB4cfT
IPC05l3KtOwtMlV+KTRgpzH4jHsFP+b7HgEMKjUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQzk1CJNbNcQzy0fMhZw9Gri54B5DAfBgNVHSMEGDAWgBRSpckMqSgxO8cN
JoO7D2TWMrJzoTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VxWEpES2tvTVR2SERTYUR1dzlrMWpLeWM2RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzQvYzRiN2EwLTFlNTAtNDAzYy1iMjRlLTEzZWQ2MzNmOTIyYS8x
L001TlFpVFd6WEVNOHRIeklXY1BScTR1ZUFlUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQv
YzRiN2EwLTFlNTAtNDAzYy1iMjRlLTEzZWQ2MzNmOTIyYS8xL1VxWEpES2tvTVR2
SERTYUR1dzlrMWpLeWM2RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS7lCDANBgkqhkiG9w0BAQsFAAOC
AQEAqolWV3+T4DOhMnOyuI0KBat1Jt458JbotgADD8puQd2W/HTfU6Q5qvfNqPcJ
2/cBsbsUhwCG802VMYgybsMLe3/1xS1eYXhk73J19vUQfn0wE2XD9EesfCzCVXxg
6kbNkuVIwvUC9PS/FxKxfKjN+r4dBBh1blglJYAEOAPr2mWz8jsayrJMcbQ1erPU
FGADBiFFVqaYSWu0pm6QfXW5K2SlTfDwbXixeKDuOTM+q97/Tmh/RTZexFrJbPMo
plyEpCaP+uzyEJBKZx7oFsjKCvjPGSOM4GOLy/6n+ogBamBHGAKKsRKSNSOuDLwH
cuSP2PJv3mUf2y6QIMOR7ANJzQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:00 2024 by rpki-client on console-fra.rpki-client.org