Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/RnLqowyu8R_zIpHzzuoO-an7L0g.roa
File:                     RnLqowyu8R_zIpHzzuoO-an7L0g.roa (raw, json)
Hash identifier:          qhM+MwgFrOpXx0XHAh6Ooj1T9U+zk9cImuPvPDcO6ss=
Subject key identifier:   46:72:EA:A3:0C:AE:F1:1F:F3:22:91:F3:CE:EA:0E:F9:A9:FB:2F:48
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       03CA2FDB
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/RnLqowyu8R_zIpHzzuoO-an7L0g.roa
Signing time:             Sat 19 Feb 2022 10:59:55 +0000
ROA not before:           Sat 19 Feb 2022 10:59:55 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211975
IP address blocks:        46.37.101.0/24 maxlen: 24
                          46.37.115.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 63582171 (0x3ca2fdb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Feb 19 10:59:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4672eaa30caef11ff32291f3ceea0ef9a9fb2f48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:4e:9c:1f:04:46:db:e2:0f:bc:b8:41:71:fe:
                    f7:09:d0:8f:d3:55:98:12:59:b1:e7:11:8f:39:2b:
                    ec:ac:43:5d:72:a1:67:b1:a5:6d:d7:7c:50:e0:f5:
                    a5:1f:13:35:7d:d0:7b:64:55:c3:d8:81:b5:e7:ba:
                    27:e6:c3:82:4b:de:6f:fe:de:cb:fb:96:21:bf:76:
                    c5:1c:7f:40:8e:08:6e:c0:97:52:c4:79:40:0b:f1:
                    08:68:18:3e:0a:e5:fa:cb:f3:df:b8:c1:08:90:85:
                    c1:2a:85:f9:8e:35:69:fa:0b:f7:3d:8b:3c:50:14:
                    72:c1:1c:e0:ee:e3:a4:b9:ee:c2:29:52:ce:90:aa:
                    86:fb:fb:0b:01:58:77:e5:94:8b:fc:5b:f7:35:36:
                    94:a5:a0:17:7c:19:6c:c5:dc:ba:62:ab:e0:6b:9e:
                    1c:15:dd:2f:2a:46:ee:a6:0e:ef:78:ca:21:3f:5e:
                    27:38:92:99:27:61:a9:3b:96:bf:21:0a:0b:9a:65:
                    ce:30:56:85:ef:72:60:9c:ec:64:a7:0d:5c:e9:08:
                    85:87:78:2f:c0:b0:a5:70:08:04:d3:e4:ef:34:ec:
                    49:ef:0d:10:c5:63:88:82:1d:ab:d7:c2:c9:46:ae:
                    81:da:6a:0b:90:9b:b5:87:9c:13:28:36:65:f7:f8:
                    7f:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:72:EA:A3:0C:AE:F1:1F:F3:22:91:F3:CE:EA:0E:F9:A9:FB:2F:48
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/RnLqowyu8R_zIpHzzuoO-an7L0g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.101.0/24
                  46.37.115.0/24

    Signature Algorithm: sha256WithRSAEncryption
         91:96:3c:30:7b:5d:45:ad:8c:ed:00:92:2e:c9:ee:3c:1e:b2:
         cb:44:e1:7b:d2:29:b7:e1:34:af:34:e6:1c:ae:24:09:2d:9e:
         65:73:e4:ee:6b:84:ca:03:21:d2:de:84:3a:74:aa:ec:ae:dc:
         d8:fd:84:e3:04:f9:58:0b:f7:b7:3c:fa:1e:90:62:74:bf:b8:
         8d:ca:60:11:44:84:33:ee:a5:a0:00:b8:4d:4d:0e:a2:95:a4:
         16:40:9b:fe:1e:54:c7:e1:08:d9:cd:b0:00:a9:08:6b:30:30:
         58:d6:65:f4:08:0b:b1:0e:3d:f3:7d:7d:6f:70:88:4d:1d:46:
         1e:35:c1:2f:f2:ac:6b:ea:f9:6a:76:12:f9:02:71:8c:56:69:
         2e:eb:6b:a3:3b:02:f1:0b:18:04:05:e1:20:9d:2d:5d:42:c6:
         23:ed:2b:9d:58:59:dd:e4:ca:3e:16:fa:15:a0:e9:1c:43:c0:
         81:cb:07:0b:42:17:8a:7f:41:9e:ae:1a:47:bc:41:4f:1b:9c:
         51:d4:28:10:ca:21:43:cd:9a:61:6d:12:5b:a9:e9:d0:a1:8b:
         b7:18:54:27:04:78:08:0a:c4:13:c3:3c:18:e4:93:de:5d:e6:
         6f:95:2d:d5:aa:e9:5b:45:66:ab:c4:d1:c2:74:0d:8c:be:ca:
         d0:da:f4:a3
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA8ov2zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
M2NmMDg4NDkxOGE1MDIzOWVmNzA1MThlZTlmYzA0ZjFhYWUxOTI5MB4XDTIyMDIx
OTEwNTk1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDY3MmVhYTMwY2Fl
ZjExZmYzMjI5MWYzY2VlYTBlZjlhOWZiMmY0ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOtOnB8ERtviD7y4QXH+9wnQj9NVmBJZsecRjzkr7KxDXXKh
Z7Glbdd8UOD1pR8TNX3Qe2RVw9iBtee6J+bDgkveb/7ey/uWIb92xRx/QI4IbsCX
UsR5QAvxCGgYPgrl+svz37jBCJCFwSqF+Y41afoL9z2LPFAUcsEc4O7jpLnuwilS
zpCqhvv7CwFYd+WUi/xb9zU2lKWgF3wZbMXcumKr4GueHBXdLypG7qYO73jKIT9e
JziSmSdhqTuWvyEKC5plzjBWhe9yYJzsZKcNXOkIhYd4L8CwpXAIBNPk7zTsSe8N
EMVjiIIdq9fCyUaugdpqC5CbtYecEyg2Zff4f8kCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRGcuqjDK7xH/MikfPO6g75qfsvSDAfBgNVHSMEGDAWgBTTzwiEkYpQI573
BRjun8BPGq4ZKTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzA4OEloSkdLVUNPZTl3VVk3cF9BVHhxdUdTay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvY2RmZjE2LTQ1OGEtNDdjMy04ZGZhLTIzMTU0OTQwOTcyMC8x
L1JuTHFvd3l1OFJfeklwSHp6dW9PLWFuN0wwZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
Y2RmZjE2LTQ1OGEtNDdjMy04ZGZhLTIzMTU0OTQwOTcyMC8xLzA4OEloSkdLVUNP
ZTl3VVk3cF9BVHhxdUdTay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAC4lZQMEAC4lczANBgkqhkiG9w0B
AQsFAAOCAQEAkZY8MHtdRa2M7QCSLsnuPB6yy0The9Ipt+E0rzTmHK4kCS2eZXPk
7muEygMh0t6EOnSq7K7c2P2E4wT5WAv3tzz6HpBidL+4jcpgEUSEM+6loAC4TU0O
opWkFkCb/h5Ux+EI2c2wAKkIazAwWNZl9AgLsQ498319b3CITR1GHjXBL/Ksa+r5
anYS+QJxjFZpLutrozsC8QsYBAXhIJ0tXULGI+0rnVhZ3eTKPhb6FaDpHEPAgcsH
C0IXin9Bnq4aR7xBTxucUdQoEMohQ82aYW0SW6np0KGLtxhUJwR4CArEE8M8GOST
3l3mb5Ut1arpW0Vmq8TRwnQNjL7K0Nr0ow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:54 2024 by rpki-client on console-fra.rpki-client.org