Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/7bbb91-c5b0-4d0b-925b-09be5989d0ac/1/fdRsOJPpOALULiaXd9xmCz7XsRE.roa
File:                     fdRsOJPpOALULiaXd9xmCz7XsRE.roa (raw, json)
Hash identifier:          D0xRAx+W+qXr7WaH7hH+nsTL1+txdhrX2/jfT2B5zgY=
Subject key identifier:   7D:D4:6C:38:93:E9:38:02:D4:2E:26:97:77:DC:66:0B:3E:D7:B1:11
Certificate issuer:       /CN=4edc689bb22d09475574f41c0e5d97c045930928
Certificate serial:       30708A4B
Authority key identifier: 4E:DC:68:9B:B2:2D:09:47:55:74:F4:1C:0E:5D:97:C0:45:93:09:28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ttxom7ItCUdVdPQcDl2XwEWTCSg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/7bbb91-c5b0-4d0b-925b-09be5989d0ac/1/fdRsOJPpOALULiaXd9xmCz7XsRE.roa
Signing time:             Sat 01 Jan 2022 05:02:23 +0000
ROA not before:           Sat 01 Jan 2022 05:02:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39884
IP address blocks:        46.31.224.0/21 maxlen: 24
                          185.75.92.0/22 maxlen: 22
                          195.189.172.0/23 maxlen: 23
                          2a03:8e00::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 812681803 (0x30708a4b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4edc689bb22d09475574f41c0e5d97c045930928
        Validity
            Not Before: Jan  1 05:02:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7dd46c3893e93802d42e269777dc660b3ed7b111
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:fd:49:ab:ec:63:94:49:f3:0d:22:18:28:7d:
                    74:16:92:7f:82:63:07:d6:11:34:91:ed:33:54:70:
                    3b:a8:14:ae:45:33:7b:f3:39:d3:c1:76:e8:2c:8f:
                    eb:2a:bc:ba:c3:26:c0:d3:36:65:07:0c:b3:9e:7a:
                    b8:9e:a7:5b:03:3f:b3:61:59:97:ff:ef:40:23:87:
                    0f:65:d5:9e:1e:a6:ef:4c:9b:15:24:f4:d4:a6:d1:
                    fd:14:bc:d8:e4:5a:7b:5c:38:cd:8f:b5:e7:2c:01:
                    a2:e6:d1:a1:39:27:54:6f:30:c0:b4:d3:e0:5c:62:
                    ad:d4:d3:e3:ca:c6:fc:36:60:2d:c6:b0:35:c0:cc:
                    72:1e:d3:c8:fe:b6:dc:b0:ae:7e:8e:41:1b:21:8d:
                    55:3f:06:13:8d:f7:0a:67:cd:22:76:5f:af:21:f7:
                    a0:1b:86:af:68:5f:c6:c8:9f:4f:17:6d:7d:53:0d:
                    01:a2:d7:5e:da:85:f1:54:82:4d:ec:53:14:5a:30:
                    b1:da:22:55:fc:eb:fd:32:af:d1:8f:c4:fe:99:b4:
                    a1:37:99:3e:5c:af:d1:da:10:aa:51:4b:96:13:98:
                    a6:8a:bc:65:1b:40:6e:86:73:82:8f:3b:2f:9d:fd:
                    5c:fd:ff:67:6e:99:98:a6:2a:6b:22:87:db:b8:a4:
                    49:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:D4:6C:38:93:E9:38:02:D4:2E:26:97:77:DC:66:0B:3E:D7:B1:11
            X509v3 Authority Key Identifier:
                keyid:4E:DC:68:9B:B2:2D:09:47:55:74:F4:1C:0E:5D:97:C0:45:93:09:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ttxom7ItCUdVdPQcDl2XwEWTCSg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/7bbb91-c5b0-4d0b-925b-09be5989d0ac/1/fdRsOJPpOALULiaXd9xmCz7XsRE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/7bbb91-c5b0-4d0b-925b-09be5989d0ac/1/Ttxom7ItCUdVdPQcDl2XwEWTCSg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.31.224.0/21
                  185.75.92.0/22
                  195.189.172.0/23
                IPv6:
                  2a03:8e00::/32

    Signature Algorithm: sha256WithRSAEncryption
         4b:ea:05:fa:2c:1e:b2:10:17:e4:4f:c4:09:13:0a:e7:26:90:
         bf:ae:1f:86:f4:28:e8:25:88:ff:60:f8:2a:31:39:c9:7a:74:
         c4:5b:0e:c4:bc:f2:34:02:6d:71:c2:12:e9:43:47:bc:4d:08:
         19:42:10:50:58:14:01:4c:21:c5:b0:eb:2d:b5:80:4f:d5:31:
         b5:b4:56:f0:79:a7:7e:75:5d:2e:55:ff:b8:28:f8:07:22:02:
         f2:12:32:11:24:13:f8:fa:d6:49:8a:01:2e:89:a3:fb:be:e6:
         3c:68:26:2c:1f:a6:19:b0:3a:74:33:6d:a2:5a:bf:95:a7:e7:
         55:18:7d:01:d9:78:f8:6f:52:87:32:21:59:9a:a6:ce:63:3d:
         cf:41:e7:5e:03:a3:dc:14:1e:a9:35:69:88:e4:dc:29:3e:bc:
         39:b2:f4:0a:c6:cf:2d:a5:12:e5:81:ae:67:a4:a9:7a:1e:ba:
         10:04:bf:27:63:c4:55:74:d3:65:9c:f2:3c:a6:a7:ac:b6:64:
         c0:72:61:f3:52:49:b3:fa:54:3e:2b:90:af:ad:02:a3:8f:10:
         cc:3a:b4:6f:c0:6b:9d:62:24:a7:9c:73:2d:14:b4:87:46:5b:
         23:6d:93:bc:dc:6f:13:27:37:49:e1:71:c5:07:80:92:d9:b7:
         ce:4e:bc:96
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEMHCKSzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZWRjNjg5YmIyMmQwOTQ3NTU3NGY0MWMwZTVkOTdjMDQ1OTMwOTI4MB4XDTIyMDEw
MTA1MDIyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2RkNDZjMzg5M2U5
MzgwMmQ0MmUyNjk3NzdkYzY2MGIzZWQ3YjExMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANT9SavsY5RJ8w0iGCh9dBaSf4JjB9YRNJHtM1RwO6gUrkUz
e/M508F26CyP6yq8usMmwNM2ZQcMs556uJ6nWwM/s2FZl//vQCOHD2XVnh6m70yb
FST01KbR/RS82ORae1w4zY+15ywBoubRoTknVG8wwLTT4FxirdTT48rG/DZgLcaw
NcDMch7TyP623LCufo5BGyGNVT8GE433CmfNInZfryH3oBuGr2hfxsifTxdtfVMN
AaLXXtqF8VSCTexTFFowsdoiVfzr/TKv0Y/E/pm0oTeZPlyv0doQqlFLlhOYpoq8
ZRtAboZzgo87L539XP3/Z26ZmKYqayKH27ikSd8CAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBR91Gw4k+k4AtQuJpd33GYLPtexETAfBgNVHSMEGDAWgBRO3Gibsi0JR1V0
9BwOXZfARZMJKDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1R0eG9tN0l0Q1VkVmRQUWNEbDJYd0VXVENTZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTIvN2JiYjkxLWM1YjAtNGQwYi05MjViLTA5YmU1OTg5ZDBhYy8x
L2ZkUnNPSlBwT0FMVUxpYVhkOXhtQ3o3WHNSRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIv
N2JiYjkxLWM1YjAtNGQwYi05MjViLTA5YmU1OTg5ZDBhYy8xL1R0eG9tN0l0Q1Vk
VmRQUWNEbDJYd0VXVENTZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAy4f4AMEArlLXAMEAcO9rDANBAIA
AjAHAwUAKgOOADANBgkqhkiG9w0BAQsFAAOCAQEAS+oF+iweshAX5E/ECRMK5yaQ
v64fhvQo6CWI/2D4KjE5yXp0xFsOxLzyNAJtccIS6UNHvE0IGUIQUFgUAUwhxbDr
LbWAT9UxtbRW8HmnfnVdLlX/uCj4ByIC8hIyESQT+PrWSYoBLomj+77mPGgmLB+m
GbA6dDNtolq/lafnVRh9Adl4+G9ShzIhWZqmzmM9z0HnXgOj3BQeqTVpiOTcKT68
ObL0CsbPLaUS5YGuZ6Speh66EAS/J2PEVXTTZZzyPKanrLZkwHJh81JJs/pUPiuQ
r60Co48QzDq0b8BrnWIkp5xzLRS0h0ZbI22TvNxvEyc3SeFxxQeAktm3zk68lg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:07 2024 by rpki-client on console-fra.rpki-client.org