Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/7cef9c-7aff-4727-afa7-c48ea85a75bc/1/IRjB9dwRj4PDiiyiDW5wGdXNRb0.roa
File:                     IRjB9dwRj4PDiiyiDW5wGdXNRb0.roa (raw, json)
Hash identifier:          gdsFDN+kvw9F2syep5KGYs5QYdbpEEYg7NzMUoQThOM=
Subject key identifier:   21:18:C1:F5:DC:11:8F:83:C3:8A:2C:A2:0D:6E:70:19:D5:CD:45:BD
Certificate issuer:       /CN=7669943165d59f25265fb97cb77a6c7cbf8b5077
Certificate serial:       E5E576
Authority key identifier: 76:69:94:31:65:D5:9F:25:26:5F:B9:7C:B7:7A:6C:7C:BF:8B:50:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dmmUMWXVnyUmX7l8t3psfL-LUHc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/7cef9c-7aff-4727-afa7-c48ea85a75bc/1/IRjB9dwRj4PDiiyiDW5wGdXNRb0.roa
Signing time:             Sat 01 Jan 2022 09:58:08 +0000
ROA not before:           Sat 01 Jan 2022 09:58:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        37.72.135.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15066486 (0xe5e576)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7669943165d59f25265fb97cb77a6c7cbf8b5077
        Validity
            Not Before: Jan  1 09:58:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2118c1f5dc118f83c38a2ca20d6e7019d5cd45bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:33:64:31:a9:98:d0:f0:ed:a2:2d:cd:ac:01:
                    dc:5b:8f:8c:55:be:e3:c0:89:22:d8:bb:0d:cf:bb:
                    f0:c7:73:f4:b2:74:61:40:6d:a9:cf:1b:33:e5:b5:
                    cb:34:31:cd:b1:61:24:ff:7a:bb:59:0d:7c:be:7c:
                    d6:76:e2:1d:fe:a1:11:03:e8:da:e1:91:07:43:87:
                    b9:64:39:1a:6a:01:96:7a:ec:a5:48:b7:5b:07:92:
                    1f:67:a2:f8:ba:a3:e1:e3:fa:e2:57:93:74:ba:85:
                    2f:24:b3:4d:a0:e6:e3:ba:ba:b4:10:79:04:c5:0b:
                    85:1b:cb:ee:a8:09:f3:a2:ea:b5:97:21:b6:8b:a6:
                    3a:71:b5:da:31:aa:46:03:a3:50:b3:d3:f2:0b:e6:
                    51:e7:fb:73:3a:a7:a4:6d:82:1c:d4:00:5c:d8:3c:
                    54:1e:24:d6:11:5e:33:9a:28:a7:84:03:17:87:46:
                    b6:95:f2:c2:fc:c4:45:a4:a0:c9:37:bc:0e:5a:c9:
                    7e:a9:ec:47:9f:0c:12:16:23:3a:5e:5f:35:17:62:
                    e5:60:12:3c:7e:82:a5:ae:ae:c9:5d:89:c9:e6:ff:
                    b4:c5:5e:40:5e:fb:73:e5:43:df:e8:c5:23:ac:4f:
                    a1:4f:88:27:46:76:0c:08:37:d9:0c:b7:99:60:45:
                    6c:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:18:C1:F5:DC:11:8F:83:C3:8A:2C:A2:0D:6E:70:19:D5:CD:45:BD
            X509v3 Authority Key Identifier:
                keyid:76:69:94:31:65:D5:9F:25:26:5F:B9:7C:B7:7A:6C:7C:BF:8B:50:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dmmUMWXVnyUmX7l8t3psfL-LUHc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7cef9c-7aff-4727-afa7-c48ea85a75bc/1/IRjB9dwRj4PDiiyiDW5wGdXNRb0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7cef9c-7aff-4727-afa7-c48ea85a75bc/1/dmmUMWXVnyUmX7l8t3psfL-LUHc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.72.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         e4:c6:a4:ef:01:73:53:6c:40:88:d9:80:9e:9c:d0:63:c4:5d:
         96:ff:a8:5a:f7:9a:52:af:17:7f:68:6a:fb:0e:5a:3f:33:6e:
         2b:1f:01:f7:05:03:7f:ea:17:97:e5:8a:f0:0f:a0:ee:38:03:
         c5:9f:7a:29:5e:3e:18:ee:60:8a:e6:fa:d5:c2:ae:42:4d:55:
         eb:fd:b9:bc:09:fb:53:e8:20:2a:d4:66:39:9b:1b:b5:6b:f2:
         b1:49:9c:73:a2:56:28:1a:fe:a4:a4:d9:f2:24:50:b3:c0:69:
         31:86:64:1a:2a:a4:ca:1e:53:3e:fa:ca:32:9f:d5:52:c8:46:
         39:23:6b:8a:f5:2c:f1:62:bc:ab:3a:5d:7b:6a:4d:30:96:5c:
         45:34:9d:1d:7b:cf:54:ac:25:a3:89:3c:78:c2:25:63:21:f0:
         3a:fe:62:b0:3d:33:59:fa:ee:50:d3:a4:01:95:b0:ca:3d:b4:
         3d:6c:9b:d0:4b:6a:2e:b1:ff:b4:6f:6f:e3:1e:62:a7:fa:da:
         90:92:8b:8b:ae:1e:9a:92:6a:a2:c4:95:50:25:6a:5e:7b:b6:
         8a:5a:7a:c1:3b:d5:4e:3a:98:89:22:a9:3a:2a:2a:8f:b5:ac:
         4a:c9:bf:f8:c2:87:6c:39:fe:63:6c:39:47:43:d9:a1:43:30:
         dd:87:1d:98
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAOXldjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NjY5OTQzMTY1ZDU5ZjI1MjY1ZmI5N2NiNzdhNmM3Y2JmOGI1MDc3MB4XDTIyMDEw
MTA5NTgwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjExOGMxZjVkYzEx
OGY4M2MzOGEyY2EyMGQ2ZTcwMTlkNWNkNDViZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJIzZDGpmNDw7aItzawB3FuPjFW+48CJIti7Dc+78Mdz9LJ0
YUBtqc8bM+W1yzQxzbFhJP96u1kNfL581nbiHf6hEQPo2uGRB0OHuWQ5GmoBlnrs
pUi3WweSH2ei+Lqj4eP64leTdLqFLySzTaDm47q6tBB5BMULhRvL7qgJ86LqtZch
toumOnG12jGqRgOjULPT8gvmUef7czqnpG2CHNQAXNg8VB4k1hFeM5oop4QDF4dG
tpXywvzERaSgyTe8DlrJfqnsR58MEhYjOl5fNRdi5WASPH6Cpa6uyV2Jyeb/tMVe
QF77c+VD3+jFI6xPoU+IJ0Z2DAg32Qy3mWBFbEcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQhGMH13BGPg8OKLKINbnAZ1c1FvTAfBgNVHSMEGDAWgBR2aZQxZdWfJSZf
uXy3emx8v4tQdzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RtbVVNV1hWbnlVbVg3bDh0M3BzZkwtTFVIYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzcvN2NlZjljLTdhZmYtNDcyNy1hZmE3LWM0OGVhODVhNzViYy8x
L0lSakI5ZHdSajRQRGlpeWlEVzV3R2RYTlJiMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcv
N2NlZjljLTdhZmYtNDcyNy1hZmE3LWM0OGVhODVhNzViYy8xL2RtbVVNV1hWbnlV
bVg3bDh0M3BzZkwtTFVIYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACVIhzANBgkqhkiG9w0BAQsFAAOC
AQEA5Mak7wFzU2xAiNmAnpzQY8Rdlv+oWveaUq8Xf2hq+w5aPzNuKx8B9wUDf+oX
l+WK8A+g7jgDxZ96KV4+GO5giub61cKuQk1V6/25vAn7U+ggKtRmOZsbtWvysUmc
c6JWKBr+pKTZ8iRQs8BpMYZkGiqkyh5TPvrKMp/VUshGOSNrivUs8WK8qzpde2pN
MJZcRTSdHXvPVKwlo4k8eMIlYyHwOv5isD0zWfruUNOkAZWwyj20PWyb0EtqLrH/
tG9v4x5ip/rakJKLi64empJqosSVUCVqXnu2ilp6wTvVTjqYiSKpOioqj7WsSsm/
+MKHbDn+Y2w5R0PZoUMw3YcdmA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:22 2023 by rpki-client on console-ams.rpki-client.org