Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/cswwLbZVzZq_tSLQ6kswaft8zoE.roa
File:                     cswwLbZVzZq_tSLQ6kswaft8zoE.roa (raw, json)
Hash identifier:          Hf9rQarvJFfh+5faFeR5cQaJ1b5SRcy4WRnakmhRTcM=
Subject key identifier:   72:CC:30:2D:B6:55:CD:9A:BF:B5:22:D0:EA:4B:30:69:FB:7C:CE:81
Certificate issuer:       /CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Certificate serial:       0183A6C49B53FD3BA8AB83EA05EC80A8FCCC
Authority key identifier: A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/cswwLbZVzZq_tSLQ6kswaft8zoE.roa
Signing time:             Wed 05 Oct 2022 06:10:46 +0000
ROA not before:           Wed 05 Oct 2022 06:10:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     398464
IP address blocks:        45.146.202.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:a6:c4:9b:53:fd:3b:a8:ab:83:ea:05:ec:80:a8:fc:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
        Validity
            Not Before: Oct  5 06:10:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=72cc302db655cd9abfb522d0ea4b3069fb7cce81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:b4:9b:96:d4:69:b7:af:41:d3:d2:10:0e:7e:
                    63:95:41:b7:d6:66:95:1b:d9:3e:f2:04:1b:19:56:
                    f3:e7:c2:e3:e2:67:22:15:ee:d9:09:99:a5:82:5d:
                    7d:6e:56:d9:ad:0b:88:92:e6:fa:e3:fc:42:bf:27:
                    81:e2:da:2f:4b:10:97:81:a1:0d:92:28:66:67:26:
                    94:e3:85:37:ff:64:28:b3:5a:a3:03:48:8d:80:d3:
                    dc:db:75:b7:fc:e4:c3:7f:c3:1a:f9:79:91:d0:8f:
                    40:c3:30:00:0b:a6:29:4f:a1:b2:3f:74:ee:1d:fa:
                    cd:75:52:31:bb:88:a1:9e:4f:f4:36:bf:78:cf:ad:
                    e2:e3:9b:0a:be:48:bd:23:c8:60:84:0e:6f:08:f0:
                    e1:fd:fe:ea:85:2f:44:14:dd:42:13:e7:4d:60:88:
                    e2:aa:db:f5:3d:01:24:27:8d:9e:2a:42:22:bc:7c:
                    cf:7a:5c:42:f6:c6:61:73:a0:1d:8a:23:8c:f9:c2:
                    b2:a6:47:9e:68:97:da:a9:9b:a1:34:c1:e1:78:8a:
                    73:24:64:b5:a6:de:52:1e:45:89:01:85:9e:31:cd:
                    5a:91:14:e1:14:c5:a9:7f:84:c0:46:0a:e3:1f:b6:
                    12:0e:f0:80:a8:bd:f3:55:91:f2:8e:3b:43:ee:7c:
                    c9:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:CC:30:2D:B6:55:CD:9A:BF:B5:22:D0:EA:4B:30:69:FB:7C:CE:81
            X509v3 Authority Key Identifier:
                keyid:A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/cswwLbZVzZq_tSLQ6kswaft8zoE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/olSp86JmUT3caTXYvgIuflIw6hA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.146.202.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:e8:a0:c3:64:e0:99:8c:43:c0:ec:b6:f8:18:f3:c9:ab:5e:
         1c:39:13:c7:37:b8:7f:c2:39:ae:13:bb:e6:e1:c5:4f:58:6f:
         6c:bd:48:4e:85:0b:c8:1d:80:d9:93:9f:52:8f:15:41:f5:f5:
         c6:b3:c1:28:50:20:58:f3:cd:f9:5b:48:b5:c7:26:2e:bd:96:
         44:89:b9:0a:53:26:71:56:9b:26:31:4a:66:9c:4a:b5:1f:bf:
         53:4b:30:de:77:72:f6:71:6a:e3:35:c6:48:ed:19:52:0c:21:
         a5:5c:10:4f:b2:b2:4f:6f:79:b3:8e:35:50:f1:b8:d6:af:99:
         f5:cd:15:3c:92:be:79:bc:59:11:1b:d3:1e:b0:44:07:a8:ef:
         d4:33:a5:68:ef:ee:57:37:84:24:27:a0:4a:76:2c:f8:e9:b0:
         fe:92:96:8c:5a:40:3a:18:c3:d1:ac:be:c6:6b:8a:41:28:9a:
         fe:b8:96:ed:3c:67:69:6b:a9:2e:3b:35:60:c6:fd:17:9a:b1:
         17:d7:35:78:ad:e5:8e:e5:98:3f:92:2d:85:5d:78:dd:da:e8:
         aa:79:f9:25:a9:eb:42:ac:ff:e2:0a:d9:c4:5f:ec:83:f7:31:
         fb:29:14:26:09:d2:1d:18:ae:4f:e7:4f:ff:6a:e4:c8:77:11:
         eb:37:1f:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOmxJtT/Tuoq4PqBeyAqPzMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNTRhOWYzYTI2NjUxM2RkYzY5MzVkOGJlMDIyZTdlNTIz
MGVhMTAwHhcNMjIxMDA1MDYxMDQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmNjMzAyZGI2NTVjZDlhYmZiNTIyZDBlYTRiMzA2OWZiN2NjZTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7SbltRpt69B09IQDn5jlUG31maV
G9k+8gQbGVbz58Lj4mciFe7ZCZmlgl19blbZrQuIkub64/xCvyeB4tovSxCXgaEN
kihmZyaU44U3/2Qos1qjA0iNgNPc23W3/OTDf8Ma+XmR0I9AwzAAC6YpT6GyP3Tu
HfrNdVIxu4ihnk/0Nr94z63i45sKvki9I8hghA5vCPDh/f7qhS9EFN1CE+dNYIji
qtv1PQEkJ42eKkIivHzPelxC9sZhc6AdiiOM+cKypkeeaJfaqZuhNMHheIpzJGS1
pt5SHkWJAYWeMc1akRThFMWpf4TARgrjH7YSDvCAqL3zVZHyjjtD7nzJawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHLMMC22Vc2av7Ui0OpLMGn7fM6BMB8GA1UdIwQY
MBaAFKJUqfOiZlE93Gk12L4CLn5SMOoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTkt
YWRkZjBlMTg0OWViLzEvY3N3d0xiWlZ6WnFfdFNMUTZrc3dhZnQ4em9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTktYWRkZjBlMTg0OWVi
LzEvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZLKMA0G
CSqGSIb3DQEBCwUAA4IBAQBH6KDDZOCZjEPA7Lb4GPPJq14cORPHN7h/wjmuE7vm
4cVPWG9svUhOhQvIHYDZk59SjxVB9fXGs8EoUCBY8835W0i1xyYuvZZEibkKUyZx
VpsmMUpmnEq1H79TSzDed3L2cWrjNcZI7RlSDCGlXBBPsrJPb3mzjjVQ8bjWr5n1
zRU8kr55vFkRG9MesEQHqO/UM6Vo7+5XN4QkJ6BKdiz46bD+kpaMWkA6GMPRrL7G
a4pBKJr+uJbtPGdpa6kuOzVgxv0XmrEX1zV4reWO5Zg/ki2FXXjd2uiqefklqetC
rP/iCtnEX+yD9zH7KRQmCdIdGK5P50//auTIdxHrNx/a
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:32 2023 by rpki-client on console-fra.rpki-client.org