Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/SO90k3JvxataCUUJCcjMgJ0i4N4.roa
File:                     SO90k3JvxataCUUJCcjMgJ0i4N4.roa (raw, json)
Hash identifier:          yYmlduVhKBQVb9yYA+9cSyQSRguVet64IVPs+JxPhLg=
Subject key identifier:   48:EF:74:93:72:6F:C5:AB:5A:09:45:09:09:C8:CC:80:9D:22:E0:DE
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       1E389705
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/SO90k3JvxataCUUJCcjMgJ0i4N4.roa
Signing time:             Fri 29 Apr 2022 17:13:45 +0000
ROA not before:           Fri 29 Apr 2022 17:13:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43260
IP address blocks:        37.221.120.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 507025157 (0x1e389705)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Apr 29 17:13:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=48ef7493726fc5ab5a09450909c8cc809d22e0de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:33:69:53:b2:0d:09:49:55:9c:03:18:53:be:
                    03:83:a4:96:6e:15:ef:ee:60:5a:85:ba:6a:4a:8d:
                    b1:3e:cd:d0:a5:d7:e6:bd:ac:74:59:9f:26:ff:2b:
                    9f:2e:a2:6a:86:3f:7b:6b:54:82:5b:79:7e:35:f4:
                    fb:87:b4:de:72:54:4f:3e:9c:75:90:0a:67:db:40:
                    4e:76:93:20:5e:4f:da:d0:95:ed:34:76:b5:2d:af:
                    1c:0c:4d:22:32:49:d8:82:26:15:fa:5a:b1:34:72:
                    36:b0:ab:bb:20:5f:2f:6e:27:08:85:01:ef:7e:8d:
                    06:e4:89:4d:85:10:e8:ea:61:83:c2:24:dc:de:19:
                    b3:55:24:5d:34:73:63:4e:a0:a2:a2:a1:56:f4:4e:
                    2a:38:8a:ed:f5:6f:b4:2d:91:b3:a5:3b:c3:c5:b5:
                    19:eb:d9:03:98:0b:8f:ad:d6:41:19:74:fc:83:f4:
                    b0:e1:b0:ef:32:ba:9d:38:a8:21:27:21:63:f0:56:
                    86:43:59:72:c7:27:13:5d:c1:75:1e:71:e7:67:4a:
                    81:13:43:b1:74:54:77:33:44:c8:88:d5:57:8a:bb:
                    eb:f4:7b:0e:2a:61:aa:9b:ac:ef:3d:63:28:b7:89:
                    8e:b0:a1:36:8f:d1:36:2c:6d:80:11:21:88:8a:b2:
                    02:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:EF:74:93:72:6F:C5:AB:5A:09:45:09:09:C8:CC:80:9D:22:E0:DE
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/SO90k3JvxataCUUJCcjMgJ0i4N4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.221.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         88:1f:51:d4:92:d8:ee:80:9d:73:d6:f0:6a:ed:56:8b:fa:b1:
         55:49:8c:63:14:d5:88:9b:61:d2:3f:18:3d:92:2e:fb:e9:af:
         81:33:f4:b2:47:29:e4:45:7e:a2:44:5f:40:2c:46:2c:5b:dd:
         41:38:59:0d:d0:ca:7f:00:09:f1:a7:4e:99:ab:50:24:5a:ba:
         43:24:e6:fa:d8:dd:1a:9d:3f:7d:4e:55:12:b5:fc:59:3a:f9:
         00:7e:00:f2:a9:4a:c8:98:ae:5d:f9:df:91:9b:29:10:40:df:
         b8:06:d2:4d:fa:16:45:59:f2:5b:21:cc:9f:34:a7:bf:91:43:
         c4:67:bf:56:f1:48:dd:14:58:28:d9:ec:ac:08:9d:6f:7b:33:
         d1:9c:b9:ef:ec:2c:df:32:e0:71:bb:e4:52:be:f8:f4:6e:4b:
         0b:51:8a:bc:fa:4e:f0:1c:cd:13:f6:bd:c0:bc:ef:be:94:b1:
         fa:30:d7:2c:ea:17:e6:36:97:15:0c:70:59:04:bc:57:66:0c:
         1c:b2:8c:97:23:4e:8c:46:0f:63:c9:81:9f:fe:6e:de:80:7f:
         9a:95:26:39:5d:a5:15:3d:f3:a4:38:78:bc:a1:a2:94:fa:9c:
         f6:eb:72:af:ba:ac:f1:dc:7d:7b:4d:87:53:91:b8:77:44:da:
         32:4f:5a:d9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEHjiXBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDQy
OTE3MTM0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDhlZjc0OTM3MjZm
YzVhYjVhMDk0NTA5MDljOGNjODA5ZDIyZTBkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJYzaVOyDQlJVZwDGFO+A4Oklm4V7+5gWoW6akqNsT7N0KXX
5r2sdFmfJv8rny6iaoY/e2tUglt5fjX0+4e03nJUTz6cdZAKZ9tATnaTIF5P2tCV
7TR2tS2vHAxNIjJJ2IImFfpasTRyNrCruyBfL24nCIUB736NBuSJTYUQ6Ophg8Ik
3N4Zs1UkXTRzY06goqKhVvROKjiK7fVvtC2Rs6U7w8W1GevZA5gLj63WQRl0/IP0
sOGw7zK6nTioISchY/BWhkNZcscnE13BdR5x52dKgRNDsXRUdzNEyIjVV4q76/R7
Diphqpus7z1jKLeJjrChNo/RNixtgBEhiIqyAsMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRI73STcm/Fq1oJRQkJyMyAnSLg3jAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L1NPOTBrM0p2eGF0YUNVVUpDY2pNZ0owaTRONC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAiXdeDANBgkqhkiG9w0BAQsFAAOC
AQEAiB9R1JLY7oCdc9bwau1Wi/qxVUmMYxTViJth0j8YPZIu++mvgTP0skcp5EV+
okRfQCxGLFvdQThZDdDKfwAJ8adOmatQJFq6QyTm+tjdGp0/fU5VErX8WTr5AH4A
8qlKyJiuXfnfkZspEEDfuAbSTfoWRVnyWyHMnzSnv5FDxGe/VvFI3RRYKNnsrAid
b3sz0Zy57+ws3zLgcbvkUr749G5LC1GKvPpO8BzNE/a9wLzvvpSx+jDXLOoX5jaX
FQxwWQS8V2YMHLKMlyNOjEYPY8mBn/5u3oB/mpUmOV2lFT3zpDh4vKGilPqc9uty
r7qs8dx9e02HU5G4d0TaMk9a2Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:07 2024 by rpki-client on console-fra.rpki-client.org