Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/8Q_32O-b1VraOFXbqeonDbWJ-fc.roa
File:                     8Q_32O-b1VraOFXbqeonDbWJ-fc.roa (raw, json)
Hash identifier:          BzRXYc7BrXbhNTvhhn3yYdq1MGqLVIF776EhUMnmtYw=
Subject key identifier:   F1:0F:F7:D8:EF:9B:D5:5A:DA:38:55:DB:A9:EA:27:0D:B5:89:F9:F7
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       0184F6C2C04D7366F9466688C65696ECDA0D
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/8Q_32O-b1VraOFXbqeonDbWJ-fc.roa
Signing time:             Fri 09 Dec 2022 12:01:09 +0000
ROA not before:           Fri 09 Dec 2022 12:01:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200704
IP address blocks:        46.37.99.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:f6:c2:c0:4d:73:66:f9:46:66:88:c6:56:96:ec:da:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Dec  9 12:01:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f10ff7d8ef9bd55ada3855dba9ea270db589f9f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:fe:b4:12:52:fa:fb:b0:0d:c0:67:2e:37:68:
                    99:ed:e7:a6:94:7f:97:b9:aa:f4:a5:3b:12:13:93:
                    b9:0d:72:89:b0:fb:e2:be:b3:76:03:39:e4:22:08:
                    f9:8a:29:23:ba:7e:51:91:e8:46:66:21:12:ea:41:
                    cc:3e:6c:e2:be:6f:51:7d:ac:26:48:4c:d6:32:56:
                    bc:b3:59:77:7e:41:a6:b9:0d:22:f4:f0:24:f5:1b:
                    67:77:95:fd:68:5f:cd:f9:f1:db:2e:cb:a1:19:ad:
                    05:34:56:be:a0:95:5f:00:bc:4a:22:54:ae:12:f2:
                    a4:51:eb:87:94:99:bb:a3:a5:57:e0:72:e7:5a:9f:
                    36:e8:08:a9:57:c6:e9:07:01:c1:3b:70:21:aa:52:
                    7f:60:7d:cf:46:ef:db:c5:18:db:6c:77:f0:f8:2f:
                    35:19:bc:b5:87:24:d6:f5:dc:52:43:f9:e7:b5:db:
                    1f:a6:c4:61:c5:d2:20:05:aa:20:92:35:61:69:67:
                    9a:d6:3d:f1:48:64:66:36:8c:31:5e:4a:18:59:36:
                    03:2d:8d:b0:e1:f3:56:64:f9:12:8a:f1:33:67:9c:
                    84:d3:4d:8c:48:87:22:85:75:64:6a:e3:7f:7f:6b:
                    5c:e3:d3:30:37:60:02:a1:52:76:ef:f7:c8:d1:2d:
                    d1:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:0F:F7:D8:EF:9B:D5:5A:DA:38:55:DB:A9:EA:27:0D:B5:89:F9:F7
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/8Q_32O-b1VraOFXbqeonDbWJ-fc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:93:8a:d3:f0:86:9a:e1:9b:36:ad:0d:6d:a7:a5:56:8a:f0:
         04:0b:1c:56:dc:d4:87:fb:08:4d:f7:e2:d5:ae:f0:80:7b:ce:
         f3:ea:8d:df:83:03:f5:10:86:fb:ee:0a:06:4a:44:01:20:d2:
         fc:46:ae:e9:aa:90:eb:94:25:ce:c2:7c:76:fc:16:31:31:5d:
         b8:3d:d8:52:f8:30:f2:91:63:47:a8:a8:0b:a5:a8:65:20:67:
         86:01:58:1c:0b:d5:9c:c5:1f:45:4e:41:20:39:a8:2f:26:f4:
         ec:45:a0:bc:6b:ac:8d:ef:73:12:32:28:8f:83:07:9c:7c:e0:
         45:23:ad:21:04:fb:fb:ac:43:b4:64:c0:c2:3d:2a:2e:61:ae:
         aa:6d:7d:31:c2:be:4d:ac:1b:96:b9:13:42:17:61:3b:55:67:
         58:fe:84:df:4b:df:b2:c8:6b:a5:31:fb:d5:c5:e2:4b:64:19:
         97:53:ad:2a:74:e5:6d:d3:4d:5d:4b:1e:4f:92:f9:66:3c:48:
         f6:16:33:ee:67:15:ed:9e:f0:36:68:3e:cd:a3:36:e1:d5:fa:
         02:c6:69:a9:a2:d6:18:2a:c2:c1:f3:d3:88:b8:2f:ab:43:37:
         d9:e0:c2:7c:03:f1:c8:00:6f:df:7d:5f:69:0d:a5:de:40:76:
         3f:67:35:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYT2wsBNc2b5RmaIxlaW7NoNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjIxMjA5MTIwMTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTBmZjdkOGVmOWJkNTVhZGEzODU1ZGJhOWVhMjcwZGI1ODlmOWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwP60ElL6+7ANwGcuN2iZ7eemlH+X
uar0pTsSE5O5DXKJsPvivrN2AznkIgj5iikjun5RkehGZiES6kHMPmzivm9Rfawm
SEzWMla8s1l3fkGmuQ0i9PAk9Rtnd5X9aF/N+fHbLsuhGa0FNFa+oJVfALxKIlSu
EvKkUeuHlJm7o6VX4HLnWp826AipV8bpBwHBO3AhqlJ/YH3PRu/bxRjbbHfw+C81
Gby1hyTW9dxSQ/nntdsfpsRhxdIgBaogkjVhaWea1j3xSGRmNowxXkoYWTYDLY2w
4fNWZPkSivEzZ5yE002MSIcihXVkauN/f2tc49MwN2ACoVJ27/fI0S3RQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPEP99jvm9Va2jhV26nqJw21ifn3MB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvOFFfMzJPLWIxVnJhT0ZYYnFlb25EYldKLWZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiVjMA0G
CSqGSIb3DQEBCwUAA4IBAQBik4rT8Iaa4Zs2rQ1tp6VWivAECxxW3NSH+whN9+LV
rvCAe87z6o3fgwP1EIb77goGSkQBINL8Rq7pqpDrlCXOwnx2/BYxMV24PdhS+DDy
kWNHqKgLpahlIGeGAVgcC9WcxR9FTkEgOagvJvTsRaC8a6yN73MSMiiPgwecfOBF
I60hBPv7rEO0ZMDCPSouYa6qbX0xwr5NrBuWuRNCF2E7VWdY/oTfS9+yyGulMfvV
xeJLZBmXU60qdOVt001dSx5PkvlmPEj2FjPuZxXtnvA2aD7Nozbh1foCxmmpotYY
KsLB89OIuC+rQzfZ4MJ8A/HIAG/ffV9pDaXeQHY/ZzUU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:54 2024 by rpki-client on console-fra.rpki-client.org