Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/3FzjENfNJEVhbSWpfYS0NqUXv-4.roa
File:                     3FzjENfNJEVhbSWpfYS0NqUXv-4.roa (raw, json)
Hash identifier:          lK3xgbR8DgAPjPVTZ7S3MFB5Aa2JjHnLK21OFWNhEPc=
Subject key identifier:   DC:5C:E3:10:D7:CD:24:45:61:6D:25:A9:7D:84:B4:36:A5:17:BF:EE
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       01843FCC13EDB9ED7710996E0E393F1E9F47
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/3FzjENfNJEVhbSWpfYS0NqUXv-4.roa
Signing time:             Thu 03 Nov 2022 23:20:49 +0000
ROA not before:           Thu 03 Nov 2022 23:20:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212384
IP address blocks:        46.37.103.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:3f:cc:13:ed:b9:ed:77:10:99:6e:0e:39:3f:1e:9f:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Nov  3 23:20:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dc5ce310d7cd2445616d25a97d84b436a517bfee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:32:93:52:60:71:83:e9:71:7a:eb:11:eb:76:
                    ae:18:14:70:04:02:b6:03:2f:22:23:ab:4d:8e:47:
                    e8:44:33:81:30:6f:a6:9a:77:f8:d3:5b:da:7b:6d:
                    15:92:15:71:ae:40:ad:a3:dd:bb:37:6a:e9:5e:5f:
                    ab:02:2e:01:f6:65:ab:41:e8:a2:04:fc:95:b5:fe:
                    f9:2a:94:b6:83:a1:99:9a:27:6f:59:71:fc:5a:58:
                    59:e0:f2:bb:e6:f6:59:28:5d:fb:93:70:dd:11:3b:
                    e1:51:92:ed:bf:18:de:b5:3d:7d:2d:67:d6:0c:e9:
                    2d:42:20:c3:cc:70:6d:b0:27:0f:ff:ce:f0:2b:b6:
                    ba:a0:1b:2e:bb:9e:6a:71:cd:de:17:0e:b9:1c:44:
                    a7:11:b1:4b:06:5a:eb:f5:6b:6d:db:a7:02:e6:36:
                    4d:a3:d9:51:f7:3c:59:17:b8:33:81:3f:b0:9e:06:
                    a5:9a:f4:af:61:8c:0e:2f:30:0f:6d:84:79:91:a0:
                    d8:9e:10:5f:ee:69:f3:1e:67:93:75:91:22:b7:1d:
                    a8:95:36:c6:bc:f3:52:e5:98:34:e2:a0:d4:e1:29:
                    50:89:05:d4:2c:d6:9c:51:2f:5b:08:b6:80:31:b4:
                    92:67:32:70:2c:72:6a:9f:f6:99:eb:33:a0:d7:00:
                    48:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:5C:E3:10:D7:CD:24:45:61:6D:25:A9:7D:84:B4:36:A5:17:BF:EE
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/3FzjENfNJEVhbSWpfYS0NqUXv-4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.103.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:33:28:ca:a2:2a:ac:bc:b0:5a:e6:14:dc:42:82:10:30:62:
         74:c7:e1:7f:9b:12:b5:24:a0:03:85:41:8d:ff:e5:ee:f7:fb:
         dc:15:b6:7a:3c:68:9c:bd:b2:92:68:84:f2:60:a5:de:31:2f:
         e2:86:11:cb:48:0a:67:48:39:a5:2d:2e:45:29:1a:aa:29:16:
         07:d4:d5:36:74:f4:36:b9:65:9a:9f:63:53:3b:82:0d:16:7d:
         91:ef:b6:f4:f7:5d:80:3a:4e:cf:42:4c:65:c4:9d:b5:30:68:
         f1:38:c6:a1:ab:7d:a8:91:b3:0c:a4:6d:23:19:eb:37:9a:73:
         f1:15:eb:db:09:71:d8:f1:d6:72:2a:2d:79:a8:76:d9:fe:c9:
         15:5c:bf:53:01:a8:6c:46:4e:dd:7e:8d:c8:ae:79:59:4c:4e:
         37:21:5d:c9:90:06:6f:58:43:b7:5f:ce:80:4b:93:91:f7:03:
         49:21:4f:0b:9b:ac:d1:ad:b1:6a:a6:59:cd:14:f5:e0:bc:18:
         f0:58:f6:31:0e:d4:46:3f:28:7a:5c:e3:d6:06:f6:b4:aa:d4:
         f2:90:5b:f9:ed:cb:41:42:ae:33:de:1c:cb:2d:67:d2:81:41:
         f2:62:5c:dc:ad:80:43:c6:16:c6:b4:56:c9:fd:93:80:92:d6:
         e1:da:27:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQ/zBPtue13EJluDjk/Hp9HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjIxMTAzMjMyMDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzVjZTMxMGQ3Y2QyNDQ1NjE2ZDI1YTk3ZDg0YjQzNmE1MTdiZmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszKTUmBxg+lxeusR63auGBRwBAK2
Ay8iI6tNjkfoRDOBMG+mmnf401vae20VkhVxrkCto927N2rpXl+rAi4B9mWrQeii
BPyVtf75KpS2g6GZmidvWXH8WlhZ4PK75vZZKF37k3DdETvhUZLtvxjetT19LWfW
DOktQiDDzHBtsCcP/87wK7a6oBsuu55qcc3eFw65HESnEbFLBlrr9Wtt26cC5jZN
o9lR9zxZF7gzgT+wngalmvSvYYwOLzAPbYR5kaDYnhBf7mnzHmeTdZEitx2olTbG
vPNS5Zg04qDU4SlQiQXULNacUS9bCLaAMbSSZzJwLHJqn/aZ6zOg1wBIdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNxc4xDXzSRFYW0lqX2EtDalF7/uMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvM0Z6akVOZk5KRVZoYlNXcGZZUzBOcVVYdi00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiVnMA0G
CSqGSIb3DQEBCwUAA4IBAQB2MyjKoiqsvLBa5hTcQoIQMGJ0x+F/mxK1JKADhUGN
/+Xu9/vcFbZ6PGicvbKSaITyYKXeMS/ihhHLSApnSDmlLS5FKRqqKRYH1NU2dPQ2
uWWan2NTO4INFn2R77b0912AOk7PQkxlxJ21MGjxOMahq32okbMMpG0jGes3mnPx
FevbCXHY8dZyKi15qHbZ/skVXL9TAahsRk7dfo3IrnlZTE43IV3JkAZvWEO3X86A
S5OR9wNJIU8Lm6zRrbFqplnNFPXgvBjwWPYxDtRGPyh6XOPWBva0qtTykFv57ctB
Qq4z3hzLLWfSgUHyYlzcrYBDxhbGtFbJ/ZOAktbh2icZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:53 2024 by rpki-client on console-fra.rpki-client.org