Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/KyruwOd1Emgrce8lox6i2Db0zCc.roa
File:                     KyruwOd1Emgrce8lox6i2Db0zCc.roa (raw, json)
Hash identifier:          FdFCtfSG8jEtngR/tXT8AmyVXsWHOqdkObFAsoIbi2k=
Subject key identifier:   2B:2A:EE:C0:E7:75:12:68:2B:71:EF:25:A3:1E:A2:D8:36:F4:CC:27
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       018441EEE62E5FDB194B78675C1DF711F58A
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/KyruwOd1Emgrce8lox6i2Db0zCc.roa
Signing time:             Fri 04 Nov 2022 09:18:06 +0000
ROA not before:           Fri 04 Nov 2022 09:18:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202358
IP address blocks:        46.37.99.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:41:ee:e6:2e:5f:db:19:4b:78:67:5c:1d:f7:11:f5:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Nov  4 09:18:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2b2aeec0e77512682b71ef25a31ea2d836f4cc27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:96:07:a6:46:b8:c6:9f:f8:07:a0:f7:45:2f:
                    c4:b8:46:2d:2f:c4:13:aa:2c:b1:63:0b:b1:b0:72:
                    da:78:70:da:8f:63:a8:1f:7f:0d:92:4d:66:5c:06:
                    52:e7:4c:17:28:80:7a:81:f8:a7:3a:31:e0:45:95:
                    bd:79:c7:49:6b:31:bd:c0:b2:48:43:e7:19:cf:f0:
                    29:1a:06:3a:62:f6:31:b5:31:64:a0:84:c4:99:3e:
                    a7:4d:6c:a6:c1:4b:16:09:86:79:89:a3:c5:a1:a3:
                    47:c7:e0:fa:ae:ea:04:8c:50:5e:1d:bf:7b:86:4e:
                    3f:a2:f4:5c:e1:7f:65:5c:77:de:e7:38:34:0f:c2:
                    30:87:74:5b:0f:74:77:2a:f8:a6:f6:ee:48:a5:18:
                    75:c7:39:30:8b:a3:1a:9c:4d:6b:f7:62:69:cb:d2:
                    e5:21:c7:fc:7c:9c:08:c7:ff:f0:c1:12:9b:dd:1e:
                    23:c7:39:7c:5b:86:5f:8f:37:31:b7:43:b9:9e:c4:
                    92:1c:51:5c:34:d8:9b:94:6d:94:28:56:2f:c3:80:
                    ce:74:b8:90:70:41:8f:0c:ec:d4:b4:10:07:85:6d:
                    da:34:e7:8a:3b:f2:8f:b3:10:99:06:26:f7:b9:91:
                    a1:33:f9:47:8e:af:db:29:99:24:6b:3f:8b:c4:85:
                    a7:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:2A:EE:C0:E7:75:12:68:2B:71:EF:25:A3:1E:A2:D8:36:F4:CC:27
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/KyruwOd1Emgrce8lox6i2Db0zCc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:3b:57:2b:55:b2:67:3e:f3:b8:b1:b7:ae:02:e9:74:18:be:
         29:1b:e8:47:5b:1f:8f:08:bf:68:36:e3:fc:f8:da:64:89:eb:
         e3:41:d8:dc:2d:3e:09:ba:a6:f5:6f:fd:ae:96:03:30:3f:82:
         aa:68:f6:66:2e:d5:a5:74:6c:1d:4f:10:b7:98:03:1f:ff:e9:
         fb:3f:d3:d4:e5:f2:28:79:38:48:34:21:3d:dc:19:b9:9b:2c:
         21:c1:f1:b1:ec:11:80:8c:39:38:56:53:0a:84:0c:e8:02:72:
         eb:b4:f5:18:53:dc:92:55:e4:9e:ca:e3:d7:c1:47:fc:4e:af:
         55:54:04:9d:8b:75:06:48:8a:54:dc:a5:d6:ff:5d:c2:6a:c2:
         e4:45:71:30:f1:24:94:70:2d:5d:a4:8b:c4:a1:1d:fb:24:bb:
         cc:eb:ff:c5:9b:ff:4d:6f:af:d6:de:bb:22:94:6f:3a:82:8d:
         55:c0:0a:2f:ab:3b:e9:d9:f6:a9:ae:94:a0:4c:91:e2:81:53:
         ae:f0:bd:09:7e:99:47:18:ab:80:4d:b8:72:8c:84:53:61:bf:
         11:15:d0:0f:76:ec:0d:90:37:94:f5:00:53:a5:7a:5a:82:f6:
         5c:8e:3f:43:79:d2:ac:54:1e:3a:7a:ab:10:4a:28:9c:6d:a4:
         ee:9e:ef:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRB7uYuX9sZS3hnXB33EfWKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjIxMTA0MDkxODA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjJhZWVjMGU3NzUxMjY4MmI3MWVmMjVhMzFlYTJkODM2ZjRjYzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJYHpka4xp/4B6D3RS/EuEYtL8QT
qiyxYwuxsHLaeHDaj2OoH38Nkk1mXAZS50wXKIB6gfinOjHgRZW9ecdJazG9wLJI
Q+cZz/ApGgY6YvYxtTFkoITEmT6nTWymwUsWCYZ5iaPFoaNHx+D6ruoEjFBeHb97
hk4/ovRc4X9lXHfe5zg0D8Iwh3RbD3R3Kvim9u5IpRh1xzkwi6ManE1r92Jpy9Ll
Icf8fJwIx//wwRKb3R4jxzl8W4Zfjzcxt0O5nsSSHFFcNNiblG2UKFYvw4DOdLiQ
cEGPDOzUtBAHhW3aNOeKO/KPsxCZBib3uZGhM/lHjq/bKZkkaz+LxIWnBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCsq7sDndRJoK3HvJaMeotg29MwnMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvS3lydXdPZDFFbWdyY2U4bG94NmkyRGIwekNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiVjMA0G
CSqGSIb3DQEBCwUAA4IBAQBdO1crVbJnPvO4sbeuAul0GL4pG+hHWx+PCL9oNuP8
+NpkievjQdjcLT4Juqb1b/2ulgMwP4KqaPZmLtWldGwdTxC3mAMf/+n7P9PU5fIo
eThINCE93Bm5mywhwfGx7BGAjDk4VlMKhAzoAnLrtPUYU9ySVeSeyuPXwUf8Tq9V
VASdi3UGSIpU3KXW/13CasLkRXEw8SSUcC1dpIvEoR37JLvM6//Fm/9Nb6/W3rsi
lG86go1VwAovqzvp2faprpSgTJHigVOu8L0JfplHGKuATbhyjIRTYb8RFdAPduwN
kDeU9QBTpXpagvZcjj9DedKsVB46eqsQSiicbaTunu8l
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:07 2024 by rpki-client on console-ams.rpki-client.org