Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/ow_2eCVdLqRjRNr8x2NG23ve3Zs.roa
File:                     ow_2eCVdLqRjRNr8x2NG23ve3Zs.roa (raw, json)
Hash identifier:          Pd1B58+p2IQ/TNL3L2umMpngCa5WCNx8SnSQ2nyBBCs=
Subject key identifier:   A3:0F:F6:78:25:5D:2E:A4:63:44:DA:FC:C7:63:46:DB:7B:DE:DD:9B
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       0330C693
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/ow_2eCVdLqRjRNr8x2NG23ve3Zs.roa
Signing time:             Sat 01 Jan 2022 09:57:14 +0000
ROA not before:           Sat 01 Jan 2022 09:57:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49981
IP address blocks:        46.37.101.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 53528211 (0x330c693)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Jan  1 09:57:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a30ff678255d2ea46344dafcc76346db7bdedd9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:31:54:e4:d9:f9:bb:e1:ae:36:59:72:a8:85:
                    93:05:13:45:d1:c9:89:5e:0d:25:e7:b0:0b:98:24:
                    48:a1:f9:8a:e2:a4:d0:db:52:d3:43:e0:5b:80:ea:
                    1c:cb:eb:e1:e4:56:08:3f:f4:2c:4d:74:71:7e:ca:
                    a4:e9:73:f3:09:05:19:18:97:f2:77:57:6b:b1:2b:
                    08:cf:8f:21:df:5d:87:50:27:76:4f:90:f0:cb:5e:
                    39:59:81:67:2f:67:aa:25:f7:84:44:9e:a9:c5:81:
                    f9:64:56:3b:bd:52:98:35:07:6a:6f:24:41:59:28:
                    76:56:d5:59:6c:bf:77:c1:dd:45:b1:db:ae:c5:7c:
                    c3:79:cc:13:11:ce:4a:15:5a:0d:e2:2d:e7:3e:f1:
                    3f:f2:0d:dc:b2:b4:1b:d1:a9:34:57:a0:de:40:06:
                    57:80:21:c9:81:26:c4:ab:f7:86:60:f1:f5:a3:a5:
                    d7:3d:e9:20:d4:9c:58:2b:41:9b:fb:6a:87:06:81:
                    77:c9:0a:71:e3:a4:ce:26:37:7f:ee:e3:54:d8:f0:
                    0f:23:41:ba:51:4b:d9:a5:3b:84:af:9a:2f:24:e6:
                    1b:ce:14:7d:98:e2:f2:10:fc:20:bf:dc:13:40:72:
                    c5:8a:ad:91:d1:68:90:df:45:ea:29:d0:24:a2:f2:
                    ca:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:0F:F6:78:25:5D:2E:A4:63:44:DA:FC:C7:63:46:DB:7B:DE:DD:9B
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/ow_2eCVdLqRjRNr8x2NG23ve3Zs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.101.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:b9:59:a9:bf:4f:90:39:ad:b2:75:d7:97:2e:86:b6:4a:5b:
         37:4e:f1:27:eb:9d:bf:b4:50:3d:be:f6:5d:b1:22:d2:b1:1e:
         a8:3e:df:05:44:8d:9e:d3:15:92:f8:74:c5:35:06:93:f2:47:
         60:b7:1a:0e:c6:3c:68:c4:a7:95:24:be:f8:de:fd:5e:28:a0:
         1e:69:f1:01:89:3f:2a:c2:07:da:8e:50:13:7c:a5:3d:a3:ce:
         71:e8:08:ef:59:f4:ed:d6:e3:e0:0f:d4:30:50:1c:20:e5:9e:
         a2:0b:cf:aa:65:73:9e:21:5b:81:6f:e2:52:ae:2b:1a:e3:74:
         97:52:d7:1f:b1:b1:66:7f:ce:0e:dc:e1:25:77:3f:34:08:5d:
         ac:b9:35:0a:23:1d:a9:55:3f:b5:51:3e:bf:f5:0e:c8:db:0e:
         1c:89:d7:a3:46:5d:23:fa:5f:b3:4f:4b:e4:e4:77:a2:2c:84:
         3a:0f:32:82:bf:89:04:1e:d1:b0:37:18:35:51:fd:48:7b:80:
         1a:66:61:dc:a2:54:1c:98:16:b3:54:20:b6:96:66:12:32:77:
         9c:c4:b9:dd:a2:d1:46:63:05:17:8c:b4:d1:f9:b7:14:45:16:
         aa:37:a5:40:a8:29:20:a9:39:30:cf:f5:47:29:88:e4:20:a0:
         de:18:70:f9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAzDGkzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
M2NmMDg4NDkxOGE1MDIzOWVmNzA1MThlZTlmYzA0ZjFhYWUxOTI5MB4XDTIyMDEw
MTA5NTcxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTMwZmY2NzgyNTVk
MmVhNDYzNDRkYWZjYzc2MzQ2ZGI3YmRlZGQ5YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJsxVOTZ+bvhrjZZcqiFkwUTRdHJiV4NJeewC5gkSKH5iuKk
0NtS00PgW4DqHMvr4eRWCD/0LE10cX7KpOlz8wkFGRiX8ndXa7ErCM+PId9dh1An
dk+Q8MteOVmBZy9nqiX3hESeqcWB+WRWO71SmDUHam8kQVkodlbVWWy/d8HdRbHb
rsV8w3nMExHOShVaDeIt5z7xP/IN3LK0G9GpNFeg3kAGV4AhyYEmxKv3hmDx9aOl
1z3pINScWCtBm/tqhwaBd8kKceOkziY3f+7jVNjwDyNBulFL2aU7hK+aLyTmG84U
fZji8hD8IL/cE0ByxYqtkdFokN9F6inQJKLyyqkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSjD/Z4JV0upGNE2vzHY0bbe97dmzAfBgNVHSMEGDAWgBTTzwiEkYpQI573
BRjun8BPGq4ZKTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzA4OEloSkdLVUNPZTl3VVk3cF9BVHhxdUdTay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvY2RmZjE2LTQ1OGEtNDdjMy04ZGZhLTIzMTU0OTQwOTcyMC8x
L293XzJlQ1ZkTHFSalJOcjh4Mk5HMjN2ZTNacy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
Y2RmZjE2LTQ1OGEtNDdjMy04ZGZhLTIzMTU0OTQwOTcyMC8xLzA4OEloSkdLVUNP
ZTl3VVk3cF9BVHhxdUdTay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC4lZTANBgkqhkiG9w0BAQsFAAOC
AQEAJblZqb9PkDmtsnXXly6GtkpbN07xJ+udv7RQPb72XbEi0rEeqD7fBUSNntMV
kvh0xTUGk/JHYLcaDsY8aMSnlSS++N79XiigHmnxAYk/KsIH2o5QE3ylPaPOcegI
71n07dbj4A/UMFAcIOWeogvPqmVzniFbgW/iUq4rGuN0l1LXH7GxZn/ODtzhJXc/
NAhdrLk1CiMdqVU/tVE+v/UOyNsOHInXo0ZdI/pfs09L5OR3oiyEOg8ygr+JBB7R
sDcYNVH9SHuAGmZh3KJUHJgWs1QgtpZmEjJ3nMS53aLRRmMFF4y00fm3FEUWqjel
QKgpIKk5MM/1RymI5CCg3hhw+Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:54 2024 by rpki-client on console-fra.rpki-client.org