Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/CMH8oNRmaAtg-c9PZLDEynVhpiE.roa
File:                     CMH8oNRmaAtg-c9PZLDEynVhpiE.roa (raw, json)
Hash identifier:          8BEdrL09MRlA3WSwwYHgigaKUjvH9EWnOGCh58o4yvE=
Subject key identifier:   08:C1:FC:A0:D4:66:68:0B:60:F9:CF:4F:64:B0:C4:CA:75:61:A6:21
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       0338355F
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/CMH8oNRmaAtg-c9PZLDEynVhpiE.roa
Signing time:             Sat 01 Jan 2022 09:57:19 +0000
ROA not before:           Sat 01 Jan 2022 09:57:19 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     400040
IP address blocks:        46.37.105.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 54015327 (0x338355f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Jan  1 09:57:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=08c1fca0d466680b60f9cf4f64b0c4ca7561a621
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:ed:aa:23:51:fb:77:ff:15:f1:97:02:72:c6:
                    b3:16:7f:6d:f7:22:54:f2:24:5f:52:3a:fc:bd:17:
                    bb:7b:6d:1f:a6:81:fc:31:2e:9d:8e:b9:a7:ca:43:
                    79:66:57:78:af:0a:0a:7c:f0:2c:96:7e:31:41:04:
                    52:b5:3e:b6:2a:75:c0:0a:7a:c5:9d:62:b7:0c:69:
                    03:f7:64:6c:41:3a:b9:02:8e:59:9d:77:a9:ce:5f:
                    0c:39:1f:58:53:d1:2b:6b:e0:58:ff:83:22:c8:c8:
                    42:ba:41:d4:5c:b0:fe:2b:00:21:a4:56:5f:e9:dc:
                    08:30:e8:81:31:c7:d9:6a:1f:4e:b9:bc:76:3a:7d:
                    9b:9a:af:33:c4:ba:c1:46:f1:42:ce:82:6e:f0:f7:
                    cf:8a:51:7f:7f:54:f1:7a:f7:20:50:93:c8:8c:97:
                    f3:ef:d6:45:56:6f:14:fe:db:ea:bc:93:ef:1f:2d:
                    ac:c5:93:78:4b:4f:81:53:59:4b:51:24:e6:11:b2:
                    85:7b:c6:1e:43:22:27:47:48:44:48:06:f9:ce:c6:
                    9b:44:52:9e:69:09:33:93:ab:a8:d9:66:43:80:51:
                    84:76:dd:21:14:b8:a8:98:52:17:5a:c1:10:99:9d:
                    3d:bf:da:b1:5d:cc:ae:26:f6:d6:9d:fb:49:e3:b8:
                    49:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:C1:FC:A0:D4:66:68:0B:60:F9:CF:4F:64:B0:C4:CA:75:61:A6:21
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/CMH8oNRmaAtg-c9PZLDEynVhpiE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.105.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:c5:2b:59:ed:a6:a7:a4:5a:1d:51:61:1d:bf:54:33:4e:ea:
         67:77:f1:ed:78:f4:d2:b1:26:98:9a:0e:2c:ca:2d:b3:9d:00:
         4b:29:11:1a:e1:ea:73:21:7a:f4:f1:2f:00:1a:1d:5c:04:84:
         ff:08:9c:b6:1d:5e:13:0a:a8:7b:f4:80:94:be:51:a5:02:6a:
         67:64:1c:d7:fe:f4:a6:2f:c2:b0:61:28:d9:cd:f4:32:6c:2b:
         2f:ed:99:8e:17:f9:4f:fc:23:e3:18:f1:21:ec:68:1d:e1:f0:
         42:65:c3:14:4a:d2:4f:80:0d:27:d9:07:57:c9:4a:52:f8:e6:
         1e:1b:43:3c:b2:24:78:7d:b4:29:a0:42:db:35:5f:36:f6:1f:
         29:38:17:b3:a8:bc:95:7f:de:16:17:06:2c:50:28:fb:25:a3:
         71:9b:db:d5:1b:07:c7:61:79:d4:f7:75:19:83:68:32:e2:f3:
         d9:b8:cd:84:22:88:0e:8a:92:d2:1d:52:f6:cf:ac:db:0a:50:
         ad:a4:96:4f:d5:93:5f:64:04:b2:0a:45:89:c4:88:00:7f:d8:
         47:4f:82:ec:09:ae:04:99:38:ae:6c:49:2a:1e:6b:bc:38:83:
         8e:2f:40:ce:e5:ea:31:03:e4:af:2f:dc:31:58:de:88:a8:e8:
         63:19:ea:24
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAzg1XzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
M2NmMDg4NDkxOGE1MDIzOWVmNzA1MThlZTlmYzA0ZjFhYWUxOTI5MB4XDTIyMDEw
MTA5NTcxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDhjMWZjYTBkNDY2
NjgwYjYwZjljZjRmNjRiMGM0Y2E3NTYxYTYyMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOPtqiNR+3f/FfGXAnLGsxZ/bfciVPIkX1I6/L0Xu3ttH6aB
/DEunY65p8pDeWZXeK8KCnzwLJZ+MUEEUrU+tip1wAp6xZ1itwxpA/dkbEE6uQKO
WZ13qc5fDDkfWFPRK2vgWP+DIsjIQrpB1Fyw/isAIaRWX+ncCDDogTHH2WofTrm8
djp9m5qvM8S6wUbxQs6CbvD3z4pRf39U8Xr3IFCTyIyX8+/WRVZvFP7b6ryT7x8t
rMWTeEtPgVNZS1Ek5hGyhXvGHkMiJ0dIREgG+c7Gm0RSnmkJM5OrqNlmQ4BRhHbd
IRS4qJhSF1rBEJmdPb/asV3Mrib21p37SeO4SYsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQIwfyg1GZoC2D5z09ksMTKdWGmITAfBgNVHSMEGDAWgBTTzwiEkYpQI573
BRjun8BPGq4ZKTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzA4OEloSkdLVUNPZTl3VVk3cF9BVHhxdUdTay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvY2RmZjE2LTQ1OGEtNDdjMy04ZGZhLTIzMTU0OTQwOTcyMC8x
L0NNSDhvTlJtYUF0Zy1jOVBaTERFeW5WaHBpRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
Y2RmZjE2LTQ1OGEtNDdjMy04ZGZhLTIzMTU0OTQwOTcyMC8xLzA4OEloSkdLVUNP
ZTl3VVk3cF9BVHhxdUdTay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC4laTANBgkqhkiG9w0BAQsFAAOC
AQEAHsUrWe2mp6RaHVFhHb9UM07qZ3fx7Xj00rEmmJoOLMots50ASykRGuHqcyF6
9PEvABodXASE/wicth1eEwqoe/SAlL5RpQJqZ2Qc1/70pi/CsGEo2c30MmwrL+2Z
jhf5T/wj4xjxIexoHeHwQmXDFErST4ANJ9kHV8lKUvjmHhtDPLIkeH20KaBC2zVf
NvYfKTgXs6i8lX/eFhcGLFAo+yWjcZvb1RsHx2F51Pd1GYNoMuLz2bjNhCKIDoqS
0h1S9s+s2wpQraSWT9WTX2QEsgpFicSIAH/YR0+C7AmuBJk4rmxJKh5rvDiDji9A
zuXqMQPkry/cMVjeiKjoYxnqJA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:34 2023 by rpki-client on console-ams.rpki-client.org