Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/008371-1589-4465-a656-d05dd1f3943d/1/ZASEs7xOz_mo6iBXdAaIrkheRTU.roa
File:                     ZASEs7xOz_mo6iBXdAaIrkheRTU.roa (raw, json)
Hash identifier:          KwdFUHTeYRO5OSo2ZDglY/dPE8+t3VluBAbecGxevoA=
Subject key identifier:   64:04:84:B3:BC:4E:CF:F9:A8:EA:20:57:74:06:88:AE:48:5E:45:35
Certificate issuer:       /CN=33d18bd110c2abed247e42b1ad939d6fad817743
Certificate serial:       010754DF
Authority key identifier: 33:D1:8B:D1:10:C2:AB:ED:24:7E:42:B1:AD:93:9D:6F:AD:81:77:43
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M9GL0RDCq-0kfkKxrZOdb62Bd0M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/008371-1589-4465-a656-d05dd1f3943d/1/ZASEs7xOz_mo6iBXdAaIrkheRTU.roa
Signing time:             Sat 01 Jan 2022 06:04:23 +0000
ROA not before:           Sat 01 Jan 2022 06:04:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        37.77.151.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17257695 (0x10754df)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=33d18bd110c2abed247e42b1ad939d6fad817743
        Validity
            Not Before: Jan  1 06:04:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=640484b3bc4ecff9a8ea2057740688ae485e4535
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:3d:c8:59:1c:f9:f6:a1:14:ad:bd:43:9d:88:
                    bd:37:0e:e5:60:5d:f5:73:bc:5a:3b:50:6e:f4:04:
                    36:2e:a6:db:a9:4b:c7:5a:69:19:ed:6c:6a:17:46:
                    78:ca:06:ba:11:36:f4:ee:50:bf:f0:f4:5f:07:94:
                    3a:eb:58:73:04:e7:f2:38:27:73:c4:aa:b6:4c:1b:
                    e0:29:79:ae:f8:31:bb:8b:35:46:f8:37:bf:76:03:
                    6a:2b:2d:92:cb:7c:c5:f3:67:c5:67:35:24:f1:18:
                    f4:c2:90:26:4b:36:e5:d3:68:11:86:b7:93:8a:e4:
                    7f:e8:d8:4f:cc:11:c5:57:00:63:dd:e9:d5:75:4b:
                    b5:39:b8:f5:dc:92:09:1d:da:ff:cf:1a:bc:f4:fc:
                    1d:97:46:7e:6a:01:3b:9a:c7:ef:28:0b:be:02:87:
                    d2:06:07:e9:8e:a7:fa:7d:63:6a:8a:c0:f6:19:cb:
                    74:ed:a7:2b:30:25:99:b3:e1:64:7f:7f:ba:23:4b:
                    61:5a:73:f7:8d:b4:64:e4:7d:60:38:a8:92:3b:8b:
                    1d:78:92:c8:13:74:49:14:e9:7f:27:9b:ac:48:36:
                    cd:11:77:2e:63:7f:f1:a1:f8:84:30:a9:bb:8b:e2:
                    15:21:82:b8:77:8a:a8:72:f7:64:6e:7a:02:dd:36:
                    17:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:04:84:B3:BC:4E:CF:F9:A8:EA:20:57:74:06:88:AE:48:5E:45:35
            X509v3 Authority Key Identifier:
                keyid:33:D1:8B:D1:10:C2:AB:ED:24:7E:42:B1:AD:93:9D:6F:AD:81:77:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M9GL0RDCq-0kfkKxrZOdb62Bd0M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/008371-1589-4465-a656-d05dd1f3943d/1/ZASEs7xOz_mo6iBXdAaIrkheRTU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/008371-1589-4465-a656-d05dd1f3943d/1/M9GL0RDCq-0kfkKxrZOdb62Bd0M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.77.151.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:9c:5e:31:35:d1:a7:03:3f:d6:e2:4f:cb:a0:c8:72:c4:54:
         30:4d:71:79:ef:06:a7:5b:c8:14:58:d8:fd:b8:14:e4:db:11:
         a7:16:b0:0a:06:fa:cb:d0:50:4f:5f:ee:cf:f8:da:f7:91:ae:
         ae:17:bd:12:7c:5f:39:02:58:95:5a:14:6a:33:5c:11:e4:3c:
         41:8a:4b:14:2b:ea:f2:21:28:98:18:0b:31:8c:db:08:f6:f6:
         5b:0f:8b:1d:84:c1:59:6e:ac:ef:56:e2:da:c4:fb:36:cd:c5:
         12:8b:4c:d3:54:bd:b2:32:b2:d8:8a:e8:6e:99:3d:66:76:f0:
         37:43:ae:db:da:1e:c1:8a:72:3e:50:18:49:a4:c7:ab:74:4a:
         58:37:76:d3:2e:15:e5:74:19:0e:df:f3:52:6f:af:ea:ed:a8:
         53:06:33:0a:d1:3a:3e:58:de:1e:37:4d:04:61:01:86:38:74:
         3a:0a:e3:04:4e:20:87:1f:77:a5:c0:49:7a:e4:a6:b8:02:73:
         c1:4c:90:31:a7:3c:23:80:10:38:2a:de:4c:83:57:a8:2d:dd:
         1d:6b:e5:87:1a:ac:49:5e:0f:e0:b5:ad:ea:e7:e7:9d:9e:1e:
         95:fe:c2:b7:bd:ed:4d:d2:fc:86:76:5a:86:9d:91:27:12:74:
         84:7d:e4:b5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAQdU3zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
M2QxOGJkMTEwYzJhYmVkMjQ3ZTQyYjFhZDkzOWQ2ZmFkODE3NzQzMB4XDTIyMDEw
MTA2MDQyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjQwNDg0YjNiYzRl
Y2ZmOWE4ZWEyMDU3NzQwNjg4YWU0ODVlNDUzNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALc9yFkc+fahFK29Q52IvTcO5WBd9XO8WjtQbvQENi6m26lL
x1ppGe1sahdGeMoGuhE29O5Qv/D0XweUOutYcwTn8jgnc8Sqtkwb4Cl5rvgxu4s1
Rvg3v3YDaistkst8xfNnxWc1JPEY9MKQJks25dNoEYa3k4rkf+jYT8wRxVcAY93p
1XVLtTm49dySCR3a/88avPT8HZdGfmoBO5rH7ygLvgKH0gYH6Y6n+n1jaorA9hnL
dO2nKzAlmbPhZH9/uiNLYVpz9420ZOR9YDiokjuLHXiSyBN0SRTpfyebrEg2zRF3
LmN/8aH4hDCpu4viFSGCuHeKqHL3ZG56At02FwkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRkBISzvE7P+ajqIFd0BoiuSF5FNTAfBgNVHSMEGDAWgBQz0YvREMKr7SR+
QrGtk51vrYF3QzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L005R0wwUkRDcS0wa2ZrS3hyWk9kYjYyQmQwTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWYvMDA4MzcxLTE1ODktNDQ2NS1hNjU2LWQwNWRkMWYzOTQzZC8x
L1pBU0VzN3hPel9tbzZpQlhkQWFJcmtoZVJUVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYv
MDA4MzcxLTE1ODktNDQ2NS1hNjU2LWQwNWRkMWYzOTQzZC8xL005R0wwUkRDcS0w
a2ZrS3hyWk9kYjYyQmQwTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACVNlzANBgkqhkiG9w0BAQsFAAOC
AQEAJJxeMTXRpwM/1uJPy6DIcsRUME1xee8Gp1vIFFjY/bgU5NsRpxawCgb6y9BQ
T1/uz/ja95Gurhe9EnxfOQJYlVoUajNcEeQ8QYpLFCvq8iEomBgLMYzbCPb2Ww+L
HYTBWW6s71bi2sT7Ns3FEotM01S9sjKy2Irobpk9ZnbwN0Ou29oewYpyPlAYSaTH
q3RKWDd20y4V5XQZDt/zUm+v6u2oUwYzCtE6PljeHjdNBGEBhjh0OgrjBE4ghx93
pcBJeuSmuAJzwUyQMac8I4AQOCreTINXqC3dHWvlhxqsSV4P4LWt6ufnnZ4elf7C
t73tTdL8hnZahp2RJxJ0hH3ktQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:56:49 2023 by rpki-client on console-fra.rpki-client.org