Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/r1BkJQVS6nA1_a2w-gbU5QtCxkc.roa
File:                     r1BkJQVS6nA1_a2w-gbU5QtCxkc.roa (raw, json)
Hash identifier:          TCEPcsEl7vr1QbphhTQ1NgM9Ley56aDAE4L/EZiQTQo=
Subject key identifier:   AF:50:64:25:05:52:EA:70:35:FD:AD:B0:FA:06:D4:E5:0B:42:C6:47
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       0184FB442CF8CB094ADADA27EEB0BE3D477B
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/r1BkJQVS6nA1_a2w-gbU5QtCxkc.roa
Signing time:             Sat 10 Dec 2022 09:00:59 +0000
ROA not before:           Sat 10 Dec 2022 09:00:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51559
IP address blocks:        46.37.99.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:fb:44:2c:f8:cb:09:4a:da:da:27:ee:b0:be:3d:47:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Dec 10 09:00:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=af5064250552ea7035fdadb0fa06d4e50b42c647
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:66:c0:9a:18:c9:f8:b0:4d:47:93:52:db:c6:
                    c8:f8:b0:15:71:9e:96:b1:51:3b:a3:e5:1b:b1:74:
                    e9:5f:c1:75:ac:50:9b:f3:f1:6f:71:4c:bb:dd:41:
                    ee:ec:a3:77:14:f6:a0:2e:ea:c6:e6:e8:2b:15:73:
                    3f:4e:0e:ba:67:3b:e5:a2:6d:28:aa:3d:99:ab:61:
                    7b:53:2a:b8:e1:0d:5f:45:8a:c6:af:2b:05:73:56:
                    b9:5c:d8:6a:f9:f0:f1:1e:0c:5f:e1:3e:f5:5b:27:
                    0d:5c:2b:7a:b9:8b:6e:07:82:95:fc:72:25:9e:e5:
                    30:1e:cb:a9:76:bf:33:ec:c0:c0:42:34:c6:b9:26:
                    5c:4d:71:38:74:7c:04:4e:ee:4d:3c:f0:b0:05:c3:
                    84:5c:e4:2f:a1:de:66:be:a5:ec:ad:d8:af:55:84:
                    0b:13:04:29:32:36:a6:ba:c9:6c:54:d8:fb:b4:9d:
                    f6:9c:52:91:a7:ef:98:96:24:dc:9d:c7:ba:18:ab:
                    56:9e:30:e2:a8:ce:be:a3:84:22:29:68:5c:13:4e:
                    60:58:5d:5b:d4:00:af:2f:6c:aa:d6:b6:b5:e7:da:
                    33:93:f1:d3:39:cc:3f:18:20:8f:d5:36:a9:7a:54:
                    56:ef:39:69:46:b3:1d:99:9e:be:e3:14:22:1e:be:
                    7c:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:50:64:25:05:52:EA:70:35:FD:AD:B0:FA:06:D4:E5:0B:42:C6:47
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/r1BkJQVS6nA1_a2w-gbU5QtCxkc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:38:a2:64:0b:b9:83:1d:75:e4:c0:8d:18:be:e7:17:9e:3c:
         03:3f:6d:2c:a6:2f:41:3d:7a:9b:09:b4:c0:92:30:57:98:69:
         ad:64:3d:e4:09:91:a1:41:25:13:ec:de:9c:c4:f0:b5:c6:c5:
         89:b9:2a:0c:54:d4:86:5d:89:62:f4:d9:4c:ef:62:c6:d4:b0:
         08:72:59:12:61:73:4d:29:de:a0:bb:a1:dc:b0:14:b0:bf:40:
         35:8f:bd:33:54:67:ae:0b:40:64:9b:c2:bf:19:fa:7f:a9:5e:
         66:dd:62:ce:c6:60:12:39:6b:12:df:8e:68:f7:fc:b4:82:ec:
         f1:93:c2:b4:ba:ac:1a:6e:f6:67:bc:a8:89:9b:0e:5e:96:a5:
         28:05:41:85:d9:e2:42:22:c5:e6:17:d1:4a:4a:ec:e3:f4:fb:
         a7:85:ab:3a:f3:84:c3:ed:2a:3a:bb:f4:b2:c3:ee:62:c0:1f:
         e5:a8:5b:bc:eb:04:71:97:ca:73:97:70:70:46:af:8d:2c:3f:
         0a:3e:b5:a5:b8:1d:46:9d:c1:39:2c:b3:f2:99:d8:0b:0f:4c:
         24:25:a8:ae:a0:0a:a2:0c:91:a3:4d:32:de:ea:10:ca:88:2d:
         79:2e:3e:23:58:46:9f:ed:ea:c9:38:ee:6d:3a:f2:7d:18:fe:
         10:25:67:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYT7RCz4ywlK2ton7rC+PUd7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjIxMjEwMDkwMDU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjUwNjQyNTA1NTJlYTcwMzVmZGFkYjBmYTA2ZDRlNTBiNDJjNjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmbAmhjJ+LBNR5NS28bI+LAVcZ6W
sVE7o+UbsXTpX8F1rFCb8/FvcUy73UHu7KN3FPagLurG5ugrFXM/Tg66Zzvlom0o
qj2Zq2F7Uyq44Q1fRYrGrysFc1a5XNhq+fDxHgxf4T71WycNXCt6uYtuB4KV/HIl
nuUwHsupdr8z7MDAQjTGuSZcTXE4dHwETu5NPPCwBcOEXOQvod5mvqXsrdivVYQL
EwQpMjamuslsVNj7tJ32nFKRp++YliTcnce6GKtWnjDiqM6+o4QiKWhcE05gWF1b
1ACvL2yq1ra159ozk/HTOcw/GCCP1TapelRW7zlpRrMdmZ6+4xQiHr58YQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK9QZCUFUupwNf2tsPoG1OULQsZHMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvcjFCa0pRVlM2bkExX2Eydy1nYlU1UXRDeGtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiVjMA0G
CSqGSIb3DQEBCwUAA4IBAQAbOKJkC7mDHXXkwI0YvucXnjwDP20spi9BPXqbCbTA
kjBXmGmtZD3kCZGhQSUT7N6cxPC1xsWJuSoMVNSGXYli9NlM72LG1LAIclkSYXNN
Kd6gu6HcsBSwv0A1j70zVGeuC0Bkm8K/Gfp/qV5m3WLOxmASOWsS345o9/y0guzx
k8K0uqwabvZnvKiJmw5elqUoBUGF2eJCIsXmF9FKSuzj9Punhas684TD7So6u/Sy
w+5iwB/lqFu86wRxl8pzl3BwRq+NLD8KPrWluB1GncE5LLPymdgLD0wkJaiuoAqi
DJGjTTLe6hDKiC15Lj4jWEaf7erJOO5tOvJ9GP4QJWer
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:54 2024 by rpki-client on console-fra.rpki-client.org