Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/i1hCR9rSAR3ffRVS2kBu7Dsh7Tg.roa
File:                     i1hCR9rSAR3ffRVS2kBu7Dsh7Tg.roa (raw, json)
Hash identifier:          y1t65cXhlRRcpbDfKXl3Dpa7u22el5FqUPXl9ieB0o4=
Subject key identifier:   8B:58:42:47:DA:D2:01:1D:DF:7D:15:52:DA:40:6E:EC:3B:21:ED:38
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       01836EAC99B7DDA8606DE139F6E42CB17937
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/i1hCR9rSAR3ffRVS2kBu7Dsh7Tg.roa
Signing time:             Sat 24 Sep 2022 08:45:48 +0000
ROA not before:           Sat 24 Sep 2022 08:45:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207633
IP address blocks:        46.37.107.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:6e:ac:99:b7:dd:a8:60:6d:e1:39:f6:e4:2c:b1:79:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Sep 24 08:45:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8b584247dad2011ddf7d1552da406eec3b21ed38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:96:93:d4:9f:3f:8e:33:47:17:ab:0a:53:92:
                    23:7c:87:a0:48:b6:1c:ed:9f:4d:ca:06:e8:1c:ef:
                    a4:5a:2e:9c:de:52:81:39:58:37:8b:81:43:b6:e7:
                    4c:c3:62:ef:d9:14:3b:f1:9e:b5:21:24:4d:95:7e:
                    e2:67:ff:c3:fa:80:50:fb:99:ab:79:0b:3c:95:56:
                    4a:88:19:b1:01:03:c8:a3:35:cd:9c:d9:49:2b:5c:
                    cb:47:10:89:ce:1d:79:6d:9a:9f:37:54:df:fb:ed:
                    25:17:df:7c:78:19:ca:02:53:76:1d:8f:f6:7a:c3:
                    bd:8c:6f:df:4f:4c:45:5e:8b:96:cc:58:81:8c:3d:
                    e8:97:6a:32:b9:a6:fa:54:43:ac:01:31:ec:2b:c4:
                    a2:40:65:b6:eb:35:70:a8:25:ec:1b:4f:51:a9:fe:
                    f9:2b:38:6a:d1:9b:ef:e3:6a:5b:de:f4:e9:3d:88:
                    9d:49:4b:6d:48:7b:6d:51:e9:6a:1d:ff:2e:b2:d8:
                    66:d8:5d:11:8d:99:e1:05:0b:87:c8:cf:1a:94:d8:
                    ec:af:e6:4f:af:f1:57:ff:65:fb:85:ea:ab:9f:e8:
                    af:fe:31:7d:ee:38:26:c5:5a:97:be:96:9d:9a:7e:
                    b8:49:49:81:5a:8b:6c:55:10:11:d1:9b:6f:c5:85:
                    7c:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:58:42:47:DA:D2:01:1D:DF:7D:15:52:DA:40:6E:EC:3B:21:ED:38
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/i1hCR9rSAR3ffRVS2kBu7Dsh7Tg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.107.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:e6:fa:8e:b9:1a:43:87:6d:53:ce:ef:81:d5:37:20:34:ec:
         9e:aa:a4:85:dc:71:46:ea:bd:60:df:8e:4f:8e:ea:b0:9c:d2:
         44:55:64:7b:85:e3:72:51:2e:cf:c1:44:5a:07:27:84:22:70:
         78:b1:ba:0b:24:dc:cb:34:a0:29:01:a5:4b:fb:03:e0:47:cf:
         08:60:a3:97:04:14:14:5e:11:85:63:38:7a:e4:71:47:50:4e:
         07:6c:c0:fd:1e:8d:cb:ad:d2:56:93:86:fa:20:f4:57:98:f8:
         4b:c7:84:88:6d:c9:d1:79:25:84:d8:4b:fa:82:41:a9:ec:1a:
         22:63:9e:95:b8:96:7e:7a:bf:83:3a:87:da:5c:04:a6:a8:43:
         1b:df:94:bd:ea:bc:56:17:e0:e8:26:0b:f0:cc:73:c5:6b:48:
         c6:5a:b1:1c:87:fe:26:58:ed:8c:21:92:0b:a8:db:7b:93:44:
         02:ae:05:cd:6f:68:7b:d4:74:6e:93:30:58:ea:b4:c0:39:6c:
         55:84:6f:0a:d1:8e:b7:7b:00:be:be:c7:27:36:bd:5d:f7:8b:
         58:a1:9f:fb:3d:28:c1:3c:68:ba:28:a9:f0:d1:40:cb:59:48:
         c3:ce:34:20:77:a1:7c:54:99:4b:2c:04:a8:cb:62:4f:ca:48:
         69:63:b6:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNurJm33ahgbeE59uQssXk3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjIwOTI0MDg0NTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjU4NDI0N2RhZDIwMTFkZGY3ZDE1NTJkYTQwNmVlYzNiMjFlZDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppaT1J8/jjNHF6sKU5IjfIegSLYc
7Z9NygboHO+kWi6c3lKBOVg3i4FDtudMw2Lv2RQ78Z61ISRNlX7iZ//D+oBQ+5mr
eQs8lVZKiBmxAQPIozXNnNlJK1zLRxCJzh15bZqfN1Tf++0lF998eBnKAlN2HY/2
esO9jG/fT0xFXouWzFiBjD3ol2oyuab6VEOsATHsK8SiQGW26zVwqCXsG09Rqf75
Kzhq0Zvv42pb3vTpPYidSUttSHttUelqHf8usthm2F0RjZnhBQuHyM8alNjsr+ZP
r/FX/2X7heqrn+iv/jF97jgmxVqXvpadmn64SUmBWotsVRAR0ZtvxYV88QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFItYQkfa0gEd330VUtpAbuw7Ie04MB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvaTFoQ1I5clNBUjNmZlJWUzJrQnU3RHNoN1RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiVrMA0G
CSqGSIb3DQEBCwUAA4IBAQB/5vqOuRpDh21Tzu+B1TcgNOyeqqSF3HFG6r1g345P
juqwnNJEVWR7heNyUS7PwURaByeEInB4sboLJNzLNKApAaVL+wPgR88IYKOXBBQU
XhGFYzh65HFHUE4HbMD9Ho3LrdJWk4b6IPRXmPhLx4SIbcnReSWE2Ev6gkGp7Boi
Y56VuJZ+er+DOofaXASmqEMb35S96rxWF+DoJgvwzHPFa0jGWrEch/4mWO2MIZIL
qNt7k0QCrgXNb2h71HRukzBY6rTAOWxVhG8K0Y63ewC+vscnNr1d94tYoZ/7PSjB
PGi6KKnw0UDLWUjDzjQgd6F8VJlLLASoy2JPykhpY7Zc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:07 2024 by rpki-client on console-ams.rpki-client.org