Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/1-NuDsU4O0027y89zlf7FoiMa_X8.roa
File:                     1-NuDsU4O0027y89zlf7FoiMa_X8.roa (raw, json)
Hash identifier:          EFx8Y/xY7ZPofTaeTYNvN4AIIeZDvBWzHKmcuarlMuA=
Subject key identifier:   F8:DB:83:B1:4E:0E:D3:4D:BB:CB:CF:73:95:FE:C5:A2:23:1A:FD:7F
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       0471BCDF
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/1-NuDsU4O0027y89zlf7FoiMa_X8.roa
Signing time:             Fri 15 Apr 2022 12:24:52 +0000
ROA not before:           Fri 15 Apr 2022 12:24:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     142111
IP address blocks:        46.37.112.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 74562783 (0x471bcdf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Apr 15 12:24:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f8db83b14e0ed34dbbcbcf7395fec5a2231afd7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:5f:a8:dd:a1:e6:9e:ac:0c:e7:71:0a:52:cf:
                    8b:4d:79:c5:b0:a0:7b:34:b0:55:ea:09:b6:b7:ad:
                    51:86:19:e9:88:56:4b:99:9a:d4:9a:9b:57:f6:f5:
                    69:ef:d5:37:a2:6f:55:70:ff:86:88:95:1c:c8:48:
                    f2:ab:43:94:a8:46:09:da:ee:63:00:9c:09:b9:8c:
                    f8:f0:c8:a7:1c:84:38:f7:6f:77:6b:6f:df:68:56:
                    e2:47:b8:f9:30:e0:1b:01:3e:f3:07:08:b0:49:9e:
                    3e:20:3c:97:cd:36:6f:34:31:51:ab:08:38:3f:7c:
                    0f:da:af:9c:58:dc:28:7e:c0:fc:bf:32:64:0e:c3:
                    4e:8b:80:1c:f1:52:1d:34:62:60:7a:f7:49:0a:3c:
                    b6:ef:e9:18:ce:b8:ad:8b:41:5d:76:16:3a:1a:0b:
                    67:79:46:3c:46:86:be:e4:8c:b2:31:0f:f9:98:eb:
                    1c:ee:3c:d0:9a:9b:3e:6b:31:25:7f:74:21:75:e1:
                    11:56:b3:c1:17:c0:4d:d6:03:d1:26:e5:9a:63:55:
                    fe:95:d0:81:69:5b:19:a0:bd:3d:20:4a:c3:de:56:
                    0c:dc:a6:bf:6d:f2:8f:c9:fb:5a:64:28:81:0e:df:
                    5d:37:65:09:46:d2:f4:d8:e2:d3:da:de:5c:f8:d5:
                    da:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:DB:83:B1:4E:0E:D3:4D:BB:CB:CF:73:95:FE:C5:A2:23:1A:FD:7F
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/1-NuDsU4O0027y89zlf7FoiMa_X8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.112.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:f2:09:ea:99:e1:25:ab:d8:5f:f5:46:eb:9a:5b:c1:e3:cc:
         82:d9:ec:1f:9a:43:44:15:5a:68:66:d6:46:d0:cc:5f:c6:77:
         ed:0a:53:37:be:de:30:10:76:5d:7d:82:18:b1:ec:3d:d9:a9:
         ab:04:f1:aa:b5:8b:5e:07:09:8b:9e:a9:79:4f:ba:00:64:45:
         d3:7c:7f:63:61:3c:f5:41:97:73:e8:ab:98:9f:3e:77:07:91:
         88:36:b5:6a:ab:be:5b:03:42:ce:88:a2:04:3c:cc:a1:b7:79:
         51:ef:65:f7:19:61:09:67:c9:5c:7b:fd:e9:65:a7:b4:68:eb:
         b2:b9:9d:22:ea:65:7c:76:15:1c:98:c4:c7:ec:df:77:29:14:
         0b:37:52:c2:fc:4e:88:c0:fb:49:49:c5:1c:b5:32:c9:99:65:
         eb:66:ef:e4:9c:67:df:82:f9:a0:bd:be:43:23:7d:03:2b:55:
         75:52:c8:f1:d3:3b:8d:18:d6:f4:7a:22:2d:b3:e2:5e:9e:63:
         ba:95:fe:98:ac:c6:68:0d:37:4a:4e:bf:45:01:ba:49:99:77:
         1e:53:0c:e8:ef:24:b1:c9:ed:e3:ea:e5:bd:fe:e4:f6:90:17:
         bd:5a:87:8d:f3:fe:10:c1:eb:9c:3b:29:23:07:e9:a0:63:7c:
         1d:c5:b7:9d
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEBHG83zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
M2NmMDg4NDkxOGE1MDIzOWVmNzA1MThlZTlmYzA0ZjFhYWUxOTI5MB4XDTIyMDQx
NTEyMjQ1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjhkYjgzYjE0ZTBl
ZDM0ZGJiY2JjZjczOTVmZWM1YTIyMzFhZmQ3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKpfqN2h5p6sDOdxClLPi015xbCgezSwVeoJtretUYYZ6YhW
S5ma1JqbV/b1ae/VN6JvVXD/hoiVHMhI8qtDlKhGCdruYwCcCbmM+PDIpxyEOPdv
d2tv32hW4ke4+TDgGwE+8wcIsEmePiA8l802bzQxUasIOD98D9qvnFjcKH7A/L8y
ZA7DTouAHPFSHTRiYHr3SQo8tu/pGM64rYtBXXYWOhoLZ3lGPEaGvuSMsjEP+Zjr
HO480JqbPmsxJX90IXXhEVazwRfATdYD0SblmmNV/pXQgWlbGaC9PSBKw95WDNym
v23yj8n7WmQogQ7fXTdlCUbS9Nji09reXPjV2m0CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT424OxTg7TTbvLz3OV/sWiIxr9fzAfBgNVHSMEGDAWgBTTzwiEkYpQI573
BRjun8BPGq4ZKTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzA4OEloSkdLVUNPZTl3VVk3cF9BVHhxdUdTay5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvY2RmZjE2LTQ1OGEtNDdjMy04ZGZhLTIzMTU0OTQwOTcyMC8x
LzEtTnVEc1U0TzAwMjd5ODl6bGY3Rm9pTWFfWDgucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2U3
L2NkZmYxNi00NThhLTQ3YzMtOGRmYS0yMzE1NDk0MDk3MjAvMS8wODhJaEpHS1VD
T2U5d1VZN3BfQVR4cXVHU2suY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAuJXAwDQYJKoZIhvcNAQELBQAD
ggEBABzyCeqZ4SWr2F/1RuuaW8HjzILZ7B+aQ0QVWmhm1kbQzF/Gd+0KUze+3jAQ
dl19ghix7D3ZqasE8aq1i14HCYueqXlPugBkRdN8f2NhPPVBl3Poq5ifPncHkYg2
tWqrvlsDQs6IogQ8zKG3eVHvZfcZYQlnyVx7/ellp7Ro67K5nSLqZXx2FRyYxMfs
33cpFAs3UsL8TojA+0lJxRy1MsmZZetm7+ScZ9+C+aC9vkMjfQMrVXVSyPHTO40Y
1vR6Ii2z4l6eY7qV/pisxmgNN0pOv0UBukmZdx5TDOjvJLHJ7ePq5b3+5PaQF71a
h43z/hDB65w7KSMH6aBjfB3Ft50=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:53 2024 by rpki-client on console-fra.rpki-client.org