Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/5c565e-0427-4097-bc12-eb70ba1bde7b/1/HRuD4mwQCILKqTkLH-BhVrmhi7k.roa
File:                     HRuD4mwQCILKqTkLH-BhVrmhi7k.roa (raw, json)
Hash identifier:          AuBSMOPeZyMfIHgji97n2HjiyXcF0mv71uK5vgA77gQ=
Subject key identifier:   1D:1B:83:E2:6C:10:08:82:CA:A9:39:0B:1F:E0:61:56:B9:A1:8B:B9
Certificate issuer:       /CN=d52865e83b701b8ba934101c34c11ebdf3fa83bb
Certificate serial:       01824E75DC909A93282233C6135AFC8333BC
Authority key identifier: D5:28:65:E8:3B:70:1B:8B:A9:34:10:1C:34:C1:1E:BD:F3:FA:83:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1Shl6DtwG4upNBAcNMEevfP6g7s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/5c565e-0427-4097-bc12-eb70ba1bde7b/1/HRuD4mwQCILKqTkLH-BhVrmhi7k.roa
Signing time:             Sat 30 Jul 2022 09:35:23 +0000
ROA not before:           Sat 30 Jul 2022 09:35:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     399641
IP address blocks:        37.140.250.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:4e:75:dc:90:9a:93:28:22:33:c6:13:5a:fc:83:33:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d52865e83b701b8ba934101c34c11ebdf3fa83bb
        Validity
            Not Before: Jul 30 09:35:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1d1b83e26c100882caa9390b1fe06156b9a18bb9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:3d:6a:60:43:18:ed:aa:27:49:ac:a2:13:d4:
                    51:13:69:bf:4d:51:71:7e:7d:aa:af:68:ee:6c:3c:
                    30:d9:a3:5c:a9:c2:e6:82:30:b5:2b:47:47:b8:b7:
                    52:1d:ad:8d:6a:f7:19:51:38:d1:79:a7:52:7b:df:
                    22:4a:b0:22:3a:ac:e3:d4:dc:84:79:84:12:24:73:
                    59:7b:ef:37:bf:e7:54:e1:5e:88:be:15:b0:89:a1:
                    7a:b0:0a:57:7e:33:a7:03:c4:b3:a6:93:57:ff:d5:
                    d2:36:10:b9:f5:c4:c9:c0:de:3b:a5:42:a0:8d:49:
                    8d:62:25:8d:bf:00:d8:d2:2a:bd:8f:bf:18:60:53:
                    a4:9b:17:56:85:23:bb:08:f8:f2:eb:2b:67:43:e7:
                    83:01:94:86:ab:50:c6:00:bd:36:e2:b2:4e:7f:4b:
                    a5:09:70:13:83:55:bb:b5:b6:3a:44:d8:9e:11:f9:
                    13:4d:6e:a4:03:d5:12:ce:e3:a3:0b:bd:9a:06:e9:
                    18:58:15:b1:01:3f:46:68:61:d7:55:77:9b:87:37:
                    eb:18:b2:cf:a8:fd:92:3b:49:42:85:7d:8b:c2:01:
                    e0:26:52:3a:27:82:06:d1:5c:4d:9d:04:aa:e3:b4:
                    7d:0d:c3:42:3a:a5:59:61:30:cb:2e:ac:59:61:6a:
                    33:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:1B:83:E2:6C:10:08:82:CA:A9:39:0B:1F:E0:61:56:B9:A1:8B:B9
            X509v3 Authority Key Identifier:
                keyid:D5:28:65:E8:3B:70:1B:8B:A9:34:10:1C:34:C1:1E:BD:F3:FA:83:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Shl6DtwG4upNBAcNMEevfP6g7s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/5c565e-0427-4097-bc12-eb70ba1bde7b/1/HRuD4mwQCILKqTkLH-BhVrmhi7k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/5c565e-0427-4097-bc12-eb70ba1bde7b/1/1Shl6DtwG4upNBAcNMEevfP6g7s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.140.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3d:36:2b:9c:8e:99:77:37:4e:aa:e4:4d:d8:58:9a:c6:a7:40:
         de:95:af:b0:94:26:01:3e:78:61:8f:4e:19:1e:a8:df:24:51:
         c2:fd:69:96:59:9a:3d:13:cc:0f:1f:87:e0:90:bb:b9:54:49:
         41:cf:cd:7e:95:00:ce:fd:47:3b:52:a4:77:59:40:5a:4b:26:
         53:5a:57:b9:54:d0:1b:ac:17:13:e3:5f:f9:67:7b:7a:92:68:
         e9:09:1e:b3:03:49:ef:27:50:0b:4d:8e:a7:0f:60:cd:a7:ec:
         ef:4b:08:39:06:97:00:02:d5:91:60:8d:6a:36:fb:a5:fb:f4:
         07:9f:75:ed:ba:d8:ed:8b:af:92:7e:30:cc:6f:b2:60:32:de:
         f2:67:a6:8c:f9:d0:df:8c:0c:83:d6:e3:fd:c1:60:01:54:02:
         53:53:a9:2e:ab:c7:e2:f1:09:65:e2:d0:13:82:3f:c1:14:aa:
         da:f5:aa:4a:7b:3c:cb:0d:c8:57:b8:42:0e:ed:85:59:c9:2d:
         3e:e9:c7:83:f2:64:2f:3d:dc:e9:17:d1:12:a8:50:df:94:4e:
         68:c9:74:b4:42:4f:e1:20:a8:3f:95:dd:59:f4:98:47:03:ac:
         1e:f0:c3:ab:91:84:f5:6b:23:9c:de:20:b8:f3:0b:19:1f:71:
         63:f2:3f:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJOddyQmpMoIjPGE1r8gzO8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1Mjg2NWU4M2I3MDFiOGJhOTM0MTAxYzM0YzExZWJkZjNm
YTgzYmIwHhcNMjIwNzMwMDkzNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDFiODNlMjZjMTAwODgyY2FhOTM5MGIxZmUwNjE1NmI5YTE4YmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuj1qYEMY7aonSayiE9RRE2m/TVFx
fn2qr2jubDww2aNcqcLmgjC1K0dHuLdSHa2NavcZUTjReadSe98iSrAiOqzj1NyE
eYQSJHNZe+83v+dU4V6IvhWwiaF6sApXfjOnA8SzppNX/9XSNhC59cTJwN47pUKg
jUmNYiWNvwDY0iq9j78YYFOkmxdWhSO7CPjy6ytnQ+eDAZSGq1DGAL024rJOf0ul
CXATg1W7tbY6RNieEfkTTW6kA9USzuOjC72aBukYWBWxAT9GaGHXVXebhzfrGLLP
qP2SO0lChX2LwgHgJlI6J4IG0VxNnQSq47R9DcNCOqVZYTDLLqxZYWozLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB0bg+JsEAiCyqk5Cx/gYVa5oYu5MB8GA1UdIwQY
MBaAFNUoZeg7cBuLqTQQHDTBHr3z+oO7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVNobDZEdHdHNHVwTkJBY05NRWV2ZlA2ZzdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi81YzU2NWUtMDQyNy00MDk3LWJjMTIt
ZWI3MGJhMWJkZTdiLzEvSFJ1RDRtd1FDSUxLcVRrTEgtQmhWcm1oaTdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi81YzU2NWUtMDQyNy00MDk3LWJjMTItZWI3MGJhMWJkZTdi
LzEvMVNobDZEdHdHNHVwTkJBY05NRWV2ZlA2ZzdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJYz6MA0G
CSqGSIb3DQEBCwUAA4IBAQA9Niucjpl3N06q5E3YWJrGp0Dela+wlCYBPnhhj04Z
HqjfJFHC/WmWWZo9E8wPH4fgkLu5VElBz81+lQDO/Uc7UqR3WUBaSyZTWle5VNAb
rBcT41/5Z3t6kmjpCR6zA0nvJ1ALTY6nD2DNp+zvSwg5BpcAAtWRYI1qNvul+/QH
n3Xtutjti6+SfjDMb7JgMt7yZ6aM+dDfjAyD1uP9wWABVAJTU6kuq8fi8Qll4tAT
gj/BFKra9apKezzLDchXuEIO7YVZyS0+6ceD8mQvPdzpF9ESqFDflE5oyXS0Qk/h
IKg/ld1Z9JhHA6we8MOrkYT1ayOc3iC48wsZH3Fj8j/u
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:53 2023 by rpki-client on console-fra.rpki-client.org