Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/0bNsVaJ5Hz-nzqTd5lP-BX0zkbQ.roa
File:                     0bNsVaJ5Hz-nzqTd5lP-BX0zkbQ.roa (raw, json)
Hash identifier:          aATuB8D2TMKmo53Nb/8snws1xRqPTcDSoJGnIJh2PwM=
Subject key identifier:   D1:B3:6C:55:A2:79:1F:3F:A7:CE:A4:DD:E6:53:FE:05:7D:33:91:B4
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       04932E96
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/0bNsVaJ5Hz-nzqTd5lP-BX0zkbQ.roa
Signing time:             Thu 28 Apr 2022 07:38:01 +0000
ROA not before:           Thu 28 Apr 2022 07:38:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     399916
IP address blocks:        46.37.102.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 76754582 (0x4932e96)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Apr 28 07:38:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d1b36c55a2791f3fa7cea4dde653fe057d3391b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:5f:62:b7:d2:2f:da:b5:7c:64:15:79:1a:73:
                    56:41:25:7d:1b:f8:fa:bd:89:74:19:0c:fb:2c:15:
                    5c:5b:ff:cd:14:6f:22:a1:b5:c3:3a:43:c2:8d:ca:
                    c4:de:35:56:01:85:a9:72:91:88:e7:94:19:b3:0c:
                    ec:38:17:4f:9c:7c:b0:44:31:2f:44:32:2e:e0:cf:
                    cc:64:a0:f8:e7:38:ba:97:fc:fd:15:51:93:b6:13:
                    8c:cc:29:e7:d6:4d:cf:c5:e7:4a:8e:73:bc:d5:68:
                    e0:a8:8f:44:10:bf:ea:b9:37:17:c3:b3:15:16:a2:
                    09:93:49:b2:d2:d4:a2:d5:b5:3d:88:58:e2:09:79:
                    4f:d4:bf:2e:4e:12:6e:a8:cb:f5:1b:b7:06:53:8f:
                    1b:5b:e6:90:04:aa:b4:1f:9e:76:6c:61:a8:17:e2:
                    42:b3:e6:3f:42:42:fa:98:37:e7:29:66:f2:d5:07:
                    ef:09:ee:5b:1c:ca:0a:7c:fd:99:d3:a7:6f:11:69:
                    ed:11:02:81:e5:fd:4b:4d:92:e4:ea:90:ab:83:c1:
                    de:69:64:87:07:6a:f8:a0:60:98:22:d1:d7:3a:fd:
                    37:58:bd:b9:c9:75:e8:45:71:50:11:95:5c:aa:c2:
                    b1:aa:fb:66:46:43:f4:f3:0e:9d:b0:4a:b4:8c:67:
                    89:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:B3:6C:55:A2:79:1F:3F:A7:CE:A4:DD:E6:53:FE:05:7D:33:91:B4
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/0bNsVaJ5Hz-nzqTd5lP-BX0zkbQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.102.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:ee:44:75:29:1b:b2:b0:f0:4c:44:9b:eb:cf:47:70:a2:bd:
         ae:5a:01:46:29:d7:8d:87:64:27:1b:14:74:84:24:0f:04:a0:
         21:17:4e:1c:8a:89:1e:65:4d:18:b1:a2:0a:eb:0b:a5:b2:be:
         e0:e6:22:6d:c7:bb:e2:85:27:c0:69:bc:31:37:02:9f:1f:2a:
         63:0d:a8:45:7b:94:e9:de:03:18:c8:2f:7a:64:83:42:ec:f2:
         cd:f5:44:41:4d:54:f6:58:02:49:78:e8:9b:c3:07:6b:5d:c0:
         cc:5b:31:54:16:5b:e4:08:0d:83:86:7c:e5:c5:a1:6c:9c:cf:
         a7:4d:1a:ae:fc:25:ec:cc:7f:0c:bf:16:b1:a1:06:0d:82:58:
         3f:1d:8c:10:6b:25:85:1c:27:7a:5d:61:ef:c0:ce:d4:d1:4d:
         1e:82:8b:a8:05:ac:d6:3e:0c:2d:3d:6f:79:ee:4d:d9:d2:12:
         0c:ce:a1:fb:a2:8f:87:f3:59:01:7f:01:39:78:11:f1:65:a1:
         d6:9a:88:fb:1d:65:b2:7d:63:53:4f:1a:cf:4d:f6:12:6a:d3:
         90:7c:53:50:39:e0:19:e9:5c:b5:0b:52:dc:9c:16:d5:41:59:
         13:0d:87:49:e6:83:a3:55:4b:58:42:a9:ec:4d:68:46:04:b9:
         c0:3d:bc:f4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBJMuljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
M2NmMDg4NDkxOGE1MDIzOWVmNzA1MThlZTlmYzA0ZjFhYWUxOTI5MB4XDTIyMDQy
ODA3MzgwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDFiMzZjNTVhMjc5
MWYzZmE3Y2VhNGRkZTY1M2ZlMDU3ZDMzOTFiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALdfYrfSL9q1fGQVeRpzVkElfRv4+r2JdBkM+ywVXFv/zRRv
IqG1wzpDwo3KxN41VgGFqXKRiOeUGbMM7DgXT5x8sEQxL0QyLuDPzGSg+Oc4upf8
/RVRk7YTjMwp59ZNz8XnSo5zvNVo4KiPRBC/6rk3F8OzFRaiCZNJstLUotW1PYhY
4gl5T9S/Lk4SbqjL9Ru3BlOPG1vmkASqtB+edmxhqBfiQrPmP0JC+pg35ylm8tUH
7wnuWxzKCnz9mdOnbxFp7RECgeX9S02S5OqQq4PB3mlkhwdq+KBgmCLR1zr9N1i9
ucl16EVxUBGVXKrCsar7ZkZD9PMOnbBKtIxniQ8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTRs2xVonkfP6fOpN3mU/4FfTORtDAfBgNVHSMEGDAWgBTTzwiEkYpQI573
BRjun8BPGq4ZKTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzA4OEloSkdLVUNPZTl3VVk3cF9BVHhxdUdTay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvY2RmZjE2LTQ1OGEtNDdjMy04ZGZhLTIzMTU0OTQwOTcyMC8x
LzBiTnNWYUo1SHotbnpxVGQ1bFAtQlgwemtiUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
Y2RmZjE2LTQ1OGEtNDdjMy04ZGZhLTIzMTU0OTQwOTcyMC8xLzA4OEloSkdLVUNP
ZTl3VVk3cF9BVHhxdUdTay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC4lZjANBgkqhkiG9w0BAQsFAAOC
AQEAg+5EdSkbsrDwTESb689HcKK9rloBRinXjYdkJxsUdIQkDwSgIRdOHIqJHmVN
GLGiCusLpbK+4OYibce74oUnwGm8MTcCnx8qYw2oRXuU6d4DGMgvemSDQuzyzfVE
QU1U9lgCSXjom8MHa13AzFsxVBZb5AgNg4Z85cWhbJzPp00arvwl7Mx/DL8WsaEG
DYJYPx2MEGslhRwnel1h78DO1NFNHoKLqAWs1j4MLT1vee5N2dISDM6h+6KPh/NZ
AX8BOXgR8WWh1pqI+x1lsn1jU08az032EmrTkHxTUDngGelctQtS3JwW1UFZEw2H
SeaDo1VLWEKp7E1oRgS5wD289A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:05 2024 by rpki-client on console-ams.rpki-client.org