Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/92a0b9-f6d0-4a74-894b-d8ec738d9549/1/VDOX2rfkfFTKNOEvbGrbQm5Sx9k.roa
File:                     VDOX2rfkfFTKNOEvbGrbQm5Sx9k.roa (raw, json)
Hash identifier:          6gYrKF0vAdnfInT7pc26WTqvD7wqIrYUqbK5bYNi/eM=
Subject key identifier:   54:33:97:DA:B7:E4:7C:54:CA:34:E1:2F:6C:6A:DB:42:6E:52:C7:D9
Certificate issuer:       /CN=1e95d98e620be955f1f967908e61addd83fd05cd
Certificate serial:       9A1D2C
Authority key identifier: 1E:95:D9:8E:62:0B:E9:55:F1:F9:67:90:8E:61:AD:DD:83:FD:05:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HpXZjmIL6VXx-WeQjmGt3YP9Bc0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/92a0b9-f6d0-4a74-894b-d8ec738d9549/1/VDOX2rfkfFTKNOEvbGrbQm5Sx9k.roa
Signing time:             Sat 01 Jan 2022 02:57:46 +0000
ROA not before:           Sat 01 Jan 2022 02:57:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        91.246.36.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10100012 (0x9a1d2c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e95d98e620be955f1f967908e61addd83fd05cd
        Validity
            Not Before: Jan  1 02:57:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=543397dab7e47c54ca34e12f6c6adb426e52c7d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:10:90:00:44:b7:8e:ef:b9:e1:69:1a:bb:09:
                    66:a2:e5:3d:bf:54:c8:e6:8a:a6:84:5b:25:13:a8:
                    33:b6:70:bb:71:4a:8d:b5:8f:90:7e:17:e9:72:0c:
                    52:31:3f:44:63:42:1c:5e:32:fd:c3:dc:18:23:9f:
                    92:46:97:6a:0d:93:f8:82:f7:8a:30:6f:44:94:7a:
                    b0:6a:dd:4d:ab:b1:2f:6e:80:fb:d9:39:29:38:73:
                    db:e9:aa:99:10:03:08:73:a7:e3:dc:38:bb:10:16:
                    2d:52:f7:ca:0a:f3:ea:1a:ec:bc:6b:dd:38:96:f5:
                    7c:52:e5:e1:61:db:d1:3a:ee:97:dd:d6:80:f7:8a:
                    51:8f:6a:30:09:50:85:d9:65:f8:bd:17:2e:71:8b:
                    3e:6d:11:5f:a8:09:2c:6f:ad:a2:c4:8c:4a:b7:ad:
                    b9:ad:97:94:be:7b:26:58:d9:ae:03:4d:57:a4:b2:
                    76:67:ff:cb:23:1f:07:cd:56:36:7c:26:00:2f:c1:
                    d6:0e:60:cc:cd:b4:c2:06:87:c2:c6:96:bd:7a:a5:
                    e9:d7:16:62:a2:5b:58:78:0d:68:3f:36:a4:d9:da:
                    34:5f:e1:20:65:84:7d:9f:dc:1b:b0:d2:d7:f3:ac:
                    ac:36:a8:c8:60:4e:8b:87:16:fe:0d:96:7f:e0:ee:
                    28:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:33:97:DA:B7:E4:7C:54:CA:34:E1:2F:6C:6A:DB:42:6E:52:C7:D9
            X509v3 Authority Key Identifier:
                keyid:1E:95:D9:8E:62:0B:E9:55:F1:F9:67:90:8E:61:AD:DD:83:FD:05:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpXZjmIL6VXx-WeQjmGt3YP9Bc0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/92a0b9-f6d0-4a74-894b-d8ec738d9549/1/VDOX2rfkfFTKNOEvbGrbQm5Sx9k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/92a0b9-f6d0-4a74-894b-d8ec738d9549/1/HpXZjmIL6VXx-WeQjmGt3YP9Bc0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.246.36.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:82:3f:7e:2d:0b:34:00:b8:90:2b:fa:e6:c0:cf:77:0b:5c:
         92:5f:9a:3a:a9:43:6b:8f:32:47:d1:51:7e:9d:f6:d3:fd:90:
         c8:d4:0f:5b:71:f7:1e:28:7a:a2:cd:5d:7d:c5:9e:2d:3d:3a:
         82:40:b0:8a:1e:13:49:c6:25:14:e4:7f:af:74:e8:dc:79:d8:
         41:41:82:68:6e:ea:35:48:22:0e:88:87:f0:87:5a:95:ca:ce:
         f9:97:90:64:60:64:c7:e7:9d:36:e6:50:79:b2:5e:4f:77:bb:
         37:3e:de:19:a3:66:18:48:a7:c0:a6:ce:13:ae:9d:19:ef:df:
         b6:29:57:a9:e3:3b:15:b9:f5:7b:fb:00:70:4d:4f:12:7a:0c:
         43:c7:81:54:7e:cf:c8:43:0e:fd:c4:c8:76:24:56:0c:80:be:
         e4:cf:35:90:e8:cd:ec:ae:80:80:8e:13:69:d6:80:8f:d0:5c:
         7e:ce:b9:56:b2:ac:2f:ff:6d:49:34:c5:56:15:67:37:5e:ad:
         b2:ef:0d:a9:ae:d7:0f:da:f0:61:36:56:5b:a8:e5:84:7a:75:
         bc:14:ea:b4:4b:95:24:f6:3f:71:7e:ec:6b:91:7d:00:e2:22:
         37:f2:84:7f:97:f2:72:52:74:2d:19:a6:17:e9:ca:c2:07:1b:
         6c:19:a2:22
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAJodLDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZTk1ZDk4ZTYyMGJlOTU1ZjFmOTY3OTA4ZTYxYWRkZDgzZmQwNWNkMB4XDTIyMDEw
MTAyNTc0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTQzMzk3ZGFiN2U0
N2M1NGNhMzRlMTJmNmM2YWRiNDI2ZTUyYzdkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ0QkABEt47vueFpGrsJZqLlPb9UyOaKpoRbJROoM7Zwu3FK
jbWPkH4X6XIMUjE/RGNCHF4y/cPcGCOfkkaXag2T+IL3ijBvRJR6sGrdTauxL26A
+9k5KThz2+mqmRADCHOn49w4uxAWLVL3ygrz6hrsvGvdOJb1fFLl4WHb0Trul93W
gPeKUY9qMAlQhdll+L0XLnGLPm0RX6gJLG+tosSMSretua2XlL57JljZrgNNV6Sy
dmf/yyMfB81WNnwmAC/B1g5gzM20wgaHwsaWvXql6dcWYqJbWHgNaD82pNnaNF/h
IGWEfZ/cG7DS1/OsrDaoyGBOi4cW/g2Wf+DuKOsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRUM5fat+R8VMo04S9sattCblLH2TAfBgNVHSMEGDAWgBQeldmOYgvpVfH5
Z5COYa3dg/0FzTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hwWFpqbUlMNlZYeC1XZVFqbUd0M1lQOUJjMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWEvOTJhMGI5LWY2ZDAtNGE3NC04OTRiLWQ4ZWM3MzhkOTU0OS8x
L1ZET1gycmZrZkZUS05PRXZiR3JiUW01U3g5ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEv
OTJhMGI5LWY2ZDAtNGE3NC04OTRiLWQ4ZWM3MzhkOTU0OS8xL0hwWFpqbUlMNlZY
eC1XZVFqbUd0M1lQOUJjMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFv2JDANBgkqhkiG9w0BAQsFAAOC
AQEAfoI/fi0LNAC4kCv65sDPdwtckl+aOqlDa48yR9FRfp320/2QyNQPW3H3Hih6
os1dfcWeLT06gkCwih4TScYlFOR/r3To3HnYQUGCaG7qNUgiDoiH8IdalcrO+ZeQ
ZGBkx+edNuZQebJeT3e7Nz7eGaNmGEinwKbOE66dGe/ftilXqeM7Fbn1e/sAcE1P
EnoMQ8eBVH7PyEMO/cTIdiRWDIC+5M81kOjN7K6AgI4TadaAj9Bcfs65VrKsL/9t
STTFVhVnN16tsu8Nqa7XD9rwYTZWW6jlhHp1vBTqtEuVJPY/cX7sa5F9AOIiN/KE
f5fyclJ0LRmmF+nKwgcbbBmiIg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:54 2023 by rpki-client on console-ams.rpki-client.org