Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/fkN2KoT-m8l-_9jYcP3zaAi9YFg.roa
File:                     fkN2KoT-m8l-_9jYcP3zaAi9YFg.roa (raw, json)
Hash identifier:          +9KbMOH+4uiSrEpSmlXfY17AlqqBJK0V6PKCQ6hXvUg=
Subject key identifier:   7E:43:76:2A:84:FE:9B:C9:7E:FF:D8:D8:70:FD:F3:68:08:BD:60:58
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       01843FCB293499FEEA25DA7EC18A9703993C
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/fkN2KoT-m8l-_9jYcP3zaAi9YFg.roa
Signing time:             Thu 03 Nov 2022 23:19:49 +0000
ROA not before:           Thu 03 Nov 2022 23:19:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210703
IP address blocks:        46.37.124.0/24 maxlen: 24
                          46.37.123.0/24 maxlen: 24
                          46.37.127.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:3f:cb:29:34:99:fe:ea:25:da:7e:c1:8a:97:03:99:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Nov  3 23:19:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7e43762a84fe9bc97effd8d870fdf36808bd6058
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:a5:83:6b:c5:1d:ee:38:05:b4:a9:4e:67:de:
                    c3:b7:61:ee:a0:fa:ee:1a:49:28:33:70:21:76:f6:
                    08:cb:55:2e:93:fd:fc:6c:ed:e8:a3:1e:71:90:a4:
                    6e:af:a9:10:52:62:e8:55:73:76:0d:ed:c6:d0:57:
                    59:6d:fa:07:7e:9f:07:ae:e8:b1:ca:bf:b8:8b:c8:
                    94:ea:6c:e0:08:0a:f4:ec:43:e7:95:52:38:47:b9:
                    3f:07:53:f8:cb:6d:07:2a:60:fe:9f:f8:0c:8e:2e:
                    f6:9c:56:1b:19:02:9a:86:54:33:41:62:50:88:4d:
                    e1:c9:cc:83:40:ce:f9:bb:0b:1b:57:1a:f8:8c:f0:
                    9c:62:00:56:0b:b1:01:4f:b4:ec:05:6f:fb:28:0b:
                    64:6c:2a:82:6c:47:ba:e8:d1:66:da:b8:f0:da:b0:
                    34:58:77:27:35:78:59:54:c1:ac:1b:c7:62:0e:f2:
                    59:2b:09:60:9b:bb:a5:14:67:62:33:1a:6c:6e:43:
                    3c:cb:6a:70:5b:92:54:42:5e:0a:27:33:a7:73:e5:
                    c1:42:fe:2d:d7:72:d8:f2:f4:25:3e:bc:28:bb:8c:
                    15:f8:8a:c4:f1:0f:f0:4e:14:a7:a7:54:31:3f:e4:
                    ec:62:3e:5d:90:38:e0:bf:54:b6:bd:25:2a:46:7b:
                    cd:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:43:76:2A:84:FE:9B:C9:7E:FF:D8:D8:70:FD:F3:68:08:BD:60:58
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/fkN2KoT-m8l-_9jYcP3zaAi9YFg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.123.0-46.37.124.255
                  46.37.127.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:f0:4a:3d:c1:50:d6:3b:d7:26:98:8a:9f:fc:73:a8:11:57:
         6a:21:7b:b2:10:ec:19:bc:83:a8:e8:86:ec:aa:97:b2:8c:bf:
         09:4c:69:44:c7:05:fd:bc:d6:24:59:97:b3:4f:33:5c:65:82:
         80:8b:88:65:91:3e:1d:c3:ba:f4:be:5b:08:01:da:c8:d3:4a:
         a3:97:c3:06:5a:e8:4d:f8:df:9c:c3:df:ad:ca:ad:61:2d:a8:
         9d:e9:65:56:8f:ba:9d:9c:ae:f2:92:3d:bb:00:e1:98:09:82:
         04:04:51:4c:bb:fb:cd:43:29:22:53:cd:6a:bb:3f:9e:80:ac:
         5f:f1:83:5b:86:97:b8:6d:9e:5a:6f:d4:98:74:22:3e:10:2c:
         9a:e4:80:5e:10:fc:fd:a4:e6:33:3a:9d:25:38:e7:22:5f:e2:
         f5:e3:dd:66:1b:7c:85:98:5f:3a:31:e0:47:eb:04:da:a6:28:
         e9:b8:5b:71:bf:bf:15:a6:65:51:9d:ba:be:7b:ad:01:31:00:
         65:18:78:6d:7c:df:27:18:49:38:1d:13:9f:32:89:8f:ec:4e:
         ed:1b:c8:8c:2c:59:0a:3e:5d:78:c5:2f:fc:7b:5d:e9:bd:55:
         05:ad:7a:46:d1:da:77:2a:5a:09:dc:f3:6b:e8:b7:0f:53:58:
         8e:96:2a:47
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYQ/yyk0mf7qJdp+wYqXA5k8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjIxMTAzMjMxOTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTQzNzYyYTg0ZmU5YmM5N2VmZmQ4ZDg3MGZkZjM2ODA4YmQ2MDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6WDa8Ud7jgFtKlOZ97Dt2HuoPru
GkkoM3AhdvYIy1Uuk/38bO3oox5xkKRur6kQUmLoVXN2De3G0FdZbfoHfp8Hruix
yr+4i8iU6mzgCAr07EPnlVI4R7k/B1P4y20HKmD+n/gMji72nFYbGQKahlQzQWJQ
iE3hycyDQM75uwsbVxr4jPCcYgBWC7EBT7TsBW/7KAtkbCqCbEe66NFm2rjw2rA0
WHcnNXhZVMGsG8diDvJZKwlgm7ulFGdiMxpsbkM8y2pwW5JUQl4KJzOnc+XBQv4t
13LY8vQlPrwou4wV+IrE8Q/wThSnp1QxP+TsYj5dkDjgv1S2vSUqRnvNAQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFH5DdiqE/pvJfv/Y2HD982gIvWBYMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvZmtOMktvVC1tOGwtXzlqWWNQM3phQWk5WUZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAAuJXsD
BAAuJXwDBAAuJX8wDQYJKoZIhvcNAQELBQADggEBAJbwSj3BUNY71yaYip/8c6gR
V2ohe7IQ7Bm8g6johuyql7KMvwlMaUTHBf281iRZl7NPM1xlgoCLiGWRPh3DuvS+
WwgB2sjTSqOXwwZa6E3435zD363KrWEtqJ3pZVaPup2crvKSPbsA4ZgJggQEUUy7
+81DKSJTzWq7P56ArF/xg1uGl7htnlpv1Jh0Ij4QLJrkgF4Q/P2k5jM6nSU45yJf
4vXj3WYbfIWYXzox4EfrBNqmKOm4W3G/vxWmZVGdur57rQExAGUYeG183ycYSTgd
E58yiY/sTu0byIwsWQo+XXjFL/x7Xem9VQWtekbR2ncqWgnc82votw9TWI6WKkc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:07 2024 by rpki-client on console-ams.rpki-client.org