Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/OrFE5AvU2op8osI7CPluxcpak_w.roa
File:                     OrFE5AvU2op8osI7CPluxcpak_w.roa (raw, json)
Hash identifier:          4tOHYp5z37ItpxWiVb1ynYCzbd56m9bS/4QdolL8wt0=
Subject key identifier:   3A:B1:44:E4:0B:D4:DA:8A:7C:A2:C2:3B:08:F9:6E:C5:CA:5A:93:FC
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       032C178B
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/OrFE5AvU2op8osI7CPluxcpak_w.roa
Signing time:             Sat 01 Jan 2022 09:57:12 +0000
ROA not before:           Sat 01 Jan 2022 09:57:12 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     26527
IP address blocks:        46.37.103.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 53221259 (0x32c178b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Jan  1 09:57:12 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3ab144e40bd4da8a7ca2c23b08f96ec5ca5a93fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:a7:09:df:1f:80:6b:a1:fe:f2:66:89:c7:4f:
                    43:99:4e:21:aa:ba:3a:40:28:cb:7f:c3:e5:31:00:
                    d5:e9:bb:4c:54:97:15:f6:54:07:7e:8c:ff:9a:5b:
                    7b:87:80:d5:07:0b:8a:cf:67:5e:73:23:f3:d8:b3:
                    99:17:69:1c:0d:0f:e3:be:c6:15:06:92:14:b9:6d:
                    80:7c:a4:05:db:1c:96:4a:63:73:c5:46:62:19:2d:
                    4c:19:b7:91:6a:b9:21:2e:9f:4b:6a:8d:61:a2:dc:
                    50:0f:d8:cf:32:40:98:d8:01:0e:6e:f4:59:4b:ac:
                    56:1f:69:d1:49:d3:69:0e:77:47:d0:da:f1:dd:00:
                    e1:b7:bc:aa:7e:bc:a8:73:90:83:55:89:34:35:2f:
                    65:93:87:7a:92:0e:a8:00:7b:bb:e6:73:0c:4a:08:
                    46:9e:3a:6c:99:de:9b:d1:e7:b0:25:88:01:77:09:
                    9a:23:8a:23:09:ac:52:69:dc:d7:18:ac:47:f6:eb:
                    66:23:f1:70:9e:d4:17:41:a4:f4:91:cb:11:7f:15:
                    e3:98:e5:f9:0d:c6:22:23:e3:43:0b:b5:fd:cb:0f:
                    c4:3c:63:a9:c1:82:a1:44:cd:b2:7f:ae:a0:0d:33:
                    05:70:63:65:a5:8a:ac:af:35:e0:53:0a:ff:3b:7c:
                    bc:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:B1:44:E4:0B:D4:DA:8A:7C:A2:C2:3B:08:F9:6E:C5:CA:5A:93:FC
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/OrFE5AvU2op8osI7CPluxcpak_w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.103.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:75:42:4a:cd:58:f5:ac:51:13:57:ba:7b:d0:ae:1d:8b:2f:
         d8:ab:42:4a:24:3c:83:ee:b7:e7:50:e2:1d:df:e9:1c:65:19:
         db:63:9a:06:d5:a3:2f:eb:56:e0:ad:23:c3:cf:ef:a6:49:4b:
         dc:f0:06:d9:b8:18:28:96:78:00:b2:4b:8c:de:c3:c4:01:26:
         38:a3:53:9d:f1:c0:39:bf:56:d3:5e:89:e0:53:0d:1e:3a:fd:
         5c:68:02:37:5b:51:d9:7f:8b:12:90:fc:b2:18:3d:94:9b:26:
         2d:46:a6:3d:50:3a:41:cc:81:fa:4d:35:e4:ae:d3:41:47:57:
         73:bc:de:44:ef:1d:54:a2:6e:11:0c:2e:94:e3:0c:16:7d:a6:
         57:7b:27:fc:62:88:81:1e:f3:14:75:49:b3:37:f2:25:46:45:
         23:1a:7f:37:39:2c:24:92:f1:e0:d0:72:63:1c:06:42:7f:5a:
         4e:5c:e8:03:01:96:3f:0f:13:9e:83:4e:b7:9e:a3:62:24:99:
         52:4e:c5:5d:0a:d7:ec:8f:d2:e6:59:ff:b1:6f:4a:69:14:ca:
         de:29:9f:92:90:9f:9c:cb:a8:ef:52:ea:4c:e6:0f:b1:e7:53:
         5c:e3:23:d8:ca:f4:34:97:11:3a:68:56:c0:a1:a7:c8:54:4d:
         7e:2c:72:84
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAywXizANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
M2NmMDg4NDkxOGE1MDIzOWVmNzA1MThlZTlmYzA0ZjFhYWUxOTI5MB4XDTIyMDEw
MTA5NTcxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2FiMTQ0ZTQwYmQ0
ZGE4YTdjYTJjMjNiMDhmOTZlYzVjYTVhOTNmYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMGnCd8fgGuh/vJmicdPQ5lOIaq6OkAoy3/D5TEA1em7TFSX
FfZUB36M/5pbe4eA1QcLis9nXnMj89izmRdpHA0P477GFQaSFLltgHykBdsclkpj
c8VGYhktTBm3kWq5IS6fS2qNYaLcUA/YzzJAmNgBDm70WUusVh9p0UnTaQ53R9Da
8d0A4be8qn68qHOQg1WJNDUvZZOHepIOqAB7u+ZzDEoIRp46bJnem9HnsCWIAXcJ
miOKIwmsUmnc1xisR/brZiPxcJ7UF0Gk9JHLEX8V45jl+Q3GIiPjQwu1/csPxDxj
qcGCoUTNsn+uoA0zBXBjZaWKrK814FMK/zt8vPUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ6sUTkC9TainyiwjsI+W7FylqT/DAfBgNVHSMEGDAWgBTTzwiEkYpQI573
BRjun8BPGq4ZKTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzA4OEloSkdLVUNPZTl3VVk3cF9BVHhxdUdTay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvY2RmZjE2LTQ1OGEtNDdjMy04ZGZhLTIzMTU0OTQwOTcyMC8x
L09yRkU1QXZVMm9wOG9zSTdDUGx1eGNwYWtfdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
Y2RmZjE2LTQ1OGEtNDdjMy04ZGZhLTIzMTU0OTQwOTcyMC8xLzA4OEloSkdLVUNP
ZTl3VVk3cF9BVHhxdUdTay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC4lZzANBgkqhkiG9w0BAQsFAAOC
AQEAanVCSs1Y9axRE1e6e9CuHYsv2KtCSiQ8g+6351DiHd/pHGUZ22OaBtWjL+tW
4K0jw8/vpklL3PAG2bgYKJZ4ALJLjN7DxAEmOKNTnfHAOb9W016J4FMNHjr9XGgC
N1tR2X+LEpD8shg9lJsmLUamPVA6QcyB+k015K7TQUdXc7zeRO8dVKJuEQwulOMM
Fn2mV3sn/GKIgR7zFHVJszfyJUZFIxp/NzksJJLx4NByYxwGQn9aTlzoAwGWPw8T
noNOt56jYiSZUk7FXQrX7I/S5ln/sW9KaRTK3imfkpCfnMuo71LqTOYPsedTXOMj
2Mr0NJcROmhWwKGnyFRNfixyhA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:07 2024 by rpki-client on console-ams.rpki-client.org