Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/GYFQNTHe3UZfYxbXBUzqhvIiu6o.roa
File:                     GYFQNTHe3UZfYxbXBUzqhvIiu6o.roa (raw, json)
Hash identifier:          Y/YeTk5dn84nK8+TA1uv9NtNqHY60cY6H3mIUd2rWHY=
Subject key identifier:   19:81:50:35:31:DE:DD:46:5F:63:16:D7:05:4C:EA:86:F2:22:BB:AA
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       03B62F62
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/GYFQNTHe3UZfYxbXBUzqhvIiu6o.roa
Signing time:             Tue 15 Feb 2022 09:58:02 +0000
ROA not before:           Tue 15 Feb 2022 09:58:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     19437
IP address blocks:        46.37.97.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 62271330 (0x3b62f62)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Feb 15 09:58:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1981503531dedd465f6316d7054cea86f222bbaa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:06:e4:c9:bb:2e:95:ca:ee:1a:d3:ef:3b:39:
                    ff:13:d4:35:f0:b9:df:e3:4d:3c:3b:0e:0f:c1:0a:
                    78:0a:3c:53:0d:5f:0a:ee:16:e3:f8:c3:05:d3:98:
                    04:60:46:40:20:71:19:86:30:77:93:33:4b:d6:50:
                    8f:db:ff:19:32:ad:af:46:a8:c1:be:f9:a2:e5:f0:
                    cb:0e:a5:9d:5b:fe:c9:91:ee:0f:aa:f9:dc:ee:1e:
                    09:37:86:24:b6:34:23:93:c6:a4:68:75:44:b7:91:
                    e3:40:f5:ae:6a:e9:87:27:93:e4:ff:2b:64:34:46:
                    0e:54:7f:64:c4:46:02:2c:b8:e6:b1:28:ae:0a:a5:
                    21:b4:7a:33:2d:65:07:24:7a:47:37:be:e7:ca:09:
                    e9:d5:60:d7:9f:cc:9a:25:02:89:ac:54:58:66:24:
                    36:a1:f1:4b:89:14:7c:7a:1c:3b:1b:4e:4a:17:d6:
                    04:15:2c:c5:37:85:4b:1d:d8:53:12:ff:55:f6:40:
                    3e:e7:5f:92:b6:2b:92:8a:09:0f:47:88:83:52:9b:
                    b0:9b:6d:22:3d:e1:9c:a5:ce:35:dd:e2:84:d7:b0:
                    0c:fd:79:4b:90:47:1c:e4:d8:fe:a6:cb:fc:c5:7f:
                    83:d0:0c:68:81:93:82:1c:06:e4:d3:d7:73:6a:5a:
                    62:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:81:50:35:31:DE:DD:46:5F:63:16:D7:05:4C:EA:86:F2:22:BB:AA
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/GYFQNTHe3UZfYxbXBUzqhvIiu6o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.97.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:37:6f:8a:f2:13:3a:81:2c:f4:6a:de:d1:ad:31:3e:82:b0:
         33:44:9c:da:9d:a1:7f:18:2c:28:7d:62:18:4d:29:d3:a2:92:
         cd:a6:54:10:42:50:60:8c:4c:26:64:9f:7d:05:ff:76:c0:3b:
         69:57:d4:a5:63:52:6f:37:12:4b:6d:e5:f1:68:37:98:17:8e:
         79:d3:18:7a:1b:1e:bb:f0:62:5b:b6:f6:7b:af:18:e9:1a:28:
         77:5c:40:a3:a3:4b:85:6a:8d:26:a8:09:a1:d3:ee:c6:c7:a8:
         57:0b:33:15:61:9f:43:2f:4c:d1:8f:91:c6:c9:97:38:b7:1b:
         df:80:7b:91:53:33:f9:06:05:8a:28:84:fd:d8:fe:01:16:2a:
         87:46:e8:9b:08:ea:14:34:09:6c:47:e3:70:a1:d7:42:13:f0:
         53:45:9d:03:d8:a9:bf:de:01:98:ef:96:2f:ee:8b:8a:27:1d:
         2e:93:8f:ee:2f:ce:20:13:cf:36:9e:56:09:6c:60:60:71:d4:
         e6:41:e0:c4:75:0f:09:a7:34:71:bc:0e:a4:51:d7:6e:54:f1:
         6a:d4:1a:bb:cc:47:4b:f2:ac:47:63:4e:c5:df:77:0a:32:92:
         80:20:da:37:5b:8c:6a:1e:0d:f6:74:ba:1e:ae:5f:30:ae:cd:
         52:a3:84:18
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA7YvYjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
M2NmMDg4NDkxOGE1MDIzOWVmNzA1MThlZTlmYzA0ZjFhYWUxOTI5MB4XDTIyMDIx
NTA5NTgwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTk4MTUwMzUzMWRl
ZGQ0NjVmNjMxNmQ3MDU0Y2VhODZmMjIyYmJhYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALoG5Mm7LpXK7hrT7zs5/xPUNfC53+NNPDsOD8EKeAo8Uw1f
Cu4W4/jDBdOYBGBGQCBxGYYwd5MzS9ZQj9v/GTKtr0aowb75ouXwyw6lnVv+yZHu
D6r53O4eCTeGJLY0I5PGpGh1RLeR40D1rmrphyeT5P8rZDRGDlR/ZMRGAiy45rEo
rgqlIbR6My1lByR6Rze+58oJ6dVg15/MmiUCiaxUWGYkNqHxS4kUfHocOxtOShfW
BBUsxTeFSx3YUxL/VfZAPudfkrYrkooJD0eIg1KbsJttIj3hnKXONd3ihNewDP15
S5BHHOTY/qbL/MV/g9AMaIGTghwG5NPXc2paYocCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQZgVA1Md7dRl9jFtcFTOqG8iK7qjAfBgNVHSMEGDAWgBTTzwiEkYpQI573
BRjun8BPGq4ZKTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzA4OEloSkdLVUNPZTl3VVk3cF9BVHhxdUdTay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvY2RmZjE2LTQ1OGEtNDdjMy04ZGZhLTIzMTU0OTQwOTcyMC8x
L0dZRlFOVEhlM1VaZll4YlhCVXpxaHZJaXU2by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
Y2RmZjE2LTQ1OGEtNDdjMy04ZGZhLTIzMTU0OTQwOTcyMC8xLzA4OEloSkdLVUNP
ZTl3VVk3cF9BVHhxdUdTay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC4lYTANBgkqhkiG9w0BAQsFAAOC
AQEAGzdvivITOoEs9Gre0a0xPoKwM0Sc2p2hfxgsKH1iGE0p06KSzaZUEEJQYIxM
JmSffQX/dsA7aVfUpWNSbzcSS23l8Wg3mBeOedMYehseu/BiW7b2e68Y6Rood1xA
o6NLhWqNJqgJodPuxseoVwszFWGfQy9M0Y+RxsmXOLcb34B7kVMz+QYFiiiE/dj+
ARYqh0bomwjqFDQJbEfjcKHXQhPwU0WdA9ipv94BmO+WL+6LiicdLpOP7i/OIBPP
Np5WCWxgYHHU5kHgxHUPCac0cbwOpFHXblTxatQau8xHS/KsR2NOxd93CjKSgCDa
N1uMah4N9nS6Hq5fMK7NUqOEGA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:54 2024 by rpki-client on console-fra.rpki-client.org