Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/4Ufo5qvpnXUWLnE_js5WbrEA1KU.roa
File:                     4Ufo5qvpnXUWLnE_js5WbrEA1KU.roa (raw, json)
Hash identifier:          9TFEqWMXy5cEipCFudSxWnmRdts6UNn6ahBc6t1HwMw=
Subject key identifier:   E1:47:E8:E6:AB:E9:9D:75:16:2E:71:3F:8E:CE:56:6E:B1:00:D4:A5
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       0184AEB50EF7BD3B2342B805ED6EFA2E4178
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/4Ufo5qvpnXUWLnE_js5WbrEA1KU.roa
Signing time:             Fri 25 Nov 2022 12:13:32 +0000
ROA not before:           Fri 25 Nov 2022 12:13:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        46.37.114.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:ae:b5:0e:f7:bd:3b:23:42:b8:05:ed:6e:fa:2e:41:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Nov 25 12:13:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e147e8e6abe99d75162e713f8ece566eb100d4a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:d3:b8:ab:4e:80:50:a5:04:04:35:26:e7:b3:
                    d2:81:da:a6:20:ae:0a:4a:01:4e:7f:df:f5:57:4d:
                    3e:ee:c9:4d:c6:d3:c4:d6:0c:9f:9a:4d:6f:af:b1:
                    a4:a4:f9:6c:c0:0b:c9:a4:9d:0d:d6:0a:53:d9:9e:
                    33:51:95:4a:ed:de:65:4e:d3:bd:e9:11:ef:f2:a0:
                    73:3e:aa:7f:90:09:59:bd:75:82:0b:b2:4d:df:b0:
                    34:31:11:eb:90:83:a4:5e:c0:3b:aa:5e:fb:b6:01:
                    6b:ec:cc:49:c5:83:7b:12:f1:fb:7b:a9:a8:db:6d:
                    94:c1:d8:eb:1f:65:f7:ca:f3:6f:8e:a9:0c:88:5c:
                    38:c3:39:4c:b3:85:f6:1b:cc:45:9d:41:61:27:a8:
                    16:dd:0c:52:bb:13:27:22:65:72:ad:62:8b:28:f3:
                    c4:2e:55:de:9a:3b:24:4b:4c:12:f2:6c:63:44:34:
                    a8:e4:d5:85:90:7e:d9:3c:7d:7d:6c:a1:e3:9f:2b:
                    41:f5:87:7b:10:bc:5a:ce:11:b6:4c:ad:a7:df:c3:
                    07:00:c4:94:ba:e5:32:74:65:95:87:17:8d:b4:85:
                    7f:66:5b:e6:03:7b:ef:2a:78:d3:38:8c:e2:b2:44:
                    76:28:e2:cf:81:42:99:70:c1:04:41:bf:1c:6c:64:
                    11:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:47:E8:E6:AB:E9:9D:75:16:2E:71:3F:8E:CE:56:6E:B1:00:D4:A5
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/4Ufo5qvpnXUWLnE_js5WbrEA1KU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.114.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:3b:93:79:35:aa:6e:1c:6d:9b:0b:73:a6:91:42:69:51:07:
         0e:81:3d:51:c7:ff:50:75:04:82:e2:20:dd:be:1f:83:b0:0a:
         a4:92:97:47:9d:f5:48:d0:df:71:de:a4:f4:08:aa:94:66:28:
         fc:d1:16:2f:9f:2d:0b:6b:4d:3c:bf:1f:41:9e:e0:81:e1:01:
         7b:ee:e6:1a:81:46:08:f9:27:9a:1b:8e:91:ab:d0:61:f9:3b:
         b4:9b:2d:3c:18:60:e3:60:4a:b7:e5:d7:83:5f:57:20:6c:53:
         ff:6a:8a:8c:cd:ee:29:5b:16:5a:b4:c0:b6:69:d4:1c:61:ea:
         28:1c:7c:13:83:4f:c3:4b:75:f8:d4:69:06:59:a0:67:ad:2d:
         d1:0a:14:2e:68:dd:42:7c:5e:6f:5c:7e:73:45:d4:ab:cc:66:
         1a:b9:76:87:4d:b2:e4:03:b3:49:6d:79:30:69:5a:fe:75:75:
         37:cf:62:fb:40:07:8b:8b:0f:cb:c7:79:40:2a:61:29:2a:82:
         2f:47:0f:b8:9e:31:c8:94:c5:7e:e8:4a:83:7f:05:d3:de:8e:
         24:50:a5:8a:64:ce:30:d2:87:45:73:d7:81:02:9d:c3:20:95:
         17:7f:5f:f8:7e:6e:e6:7b:b7:3e:bd:81:75:32:ac:00:a4:a2:
         1e:15:6f:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSutQ73vTsjQrgF7W76LkF4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjIxMTI1MTIxMzMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTQ3ZThlNmFiZTk5ZDc1MTYyZTcxM2Y4ZWNlNTY2ZWIxMDBkNGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9O4q06AUKUEBDUm57PSgdqmIK4K
SgFOf9/1V00+7slNxtPE1gyfmk1vr7GkpPlswAvJpJ0N1gpT2Z4zUZVK7d5lTtO9
6RHv8qBzPqp/kAlZvXWCC7JN37A0MRHrkIOkXsA7ql77tgFr7MxJxYN7EvH7e6mo
222UwdjrH2X3yvNvjqkMiFw4wzlMs4X2G8xFnUFhJ6gW3QxSuxMnImVyrWKLKPPE
LlXemjskS0wS8mxjRDSo5NWFkH7ZPH19bKHjnytB9Yd7ELxazhG2TK2n38MHAMSU
uuUydGWVhxeNtIV/ZlvmA3vvKnjTOIziskR2KOLPgUKZcMEEQb8cbGQRwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOFH6Oar6Z11Fi5xP47OVm6xANSlMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvNFVmbzVxdnBuWFVXTG5FX2pzNVdickVBMUtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiVyMA0G
CSqGSIb3DQEBCwUAA4IBAQB7O5N5NapuHG2bC3OmkUJpUQcOgT1Rx/9QdQSC4iDd
vh+DsAqkkpdHnfVI0N9x3qT0CKqUZij80RYvny0La008vx9BnuCB4QF77uYagUYI
+SeaG46Rq9Bh+Tu0my08GGDjYEq35deDX1cgbFP/aoqMze4pWxZatMC2adQcYeoo
HHwTg0/DS3X41GkGWaBnrS3RChQuaN1CfF5vXH5zRdSrzGYauXaHTbLkA7NJbXkw
aVr+dXU3z2L7QAeLiw/Lx3lAKmEpKoIvRw+4njHIlMV+6EqDfwXT3o4kUKWKZM4w
0odFc9eBAp3DIJUXf1/4fm7me7c+vYF1MqwApKIeFW++
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:53 2024 by rpki-client on console-fra.rpki-client.org