Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/HbB5Bh1XkHbggnuBOURathfX0Sg.roa
File:                     HbB5Bh1XkHbggnuBOURathfX0Sg.roa (raw, json)
Hash identifier:          fxnYYmk2gZ7N+p0dvpUxdxtnMGZwPIqKHAaaS3FOFSc=
Subject key identifier:   1D:B0:79:06:1D:57:90:76:E0:82:7B:81:39:44:5A:B6:17:D7:D1:28
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       03322ABC
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/HbB5Bh1XkHbggnuBOURathfX0Sg.roa
Signing time:             Sat 01 Jan 2022 09:57:15 +0000
ROA not before:           Sat 01 Jan 2022 09:57:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     52037
IP address blocks:        46.37.96.0/24 maxlen: 24
                          46.37.118.0/24 maxlen: 24
                          46.37.120.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 53619388 (0x3322abc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Jan  1 09:57:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1db079061d579076e0827b8139445ab617d7d128
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:cb:24:90:ad:d9:c9:ae:3c:34:8e:fb:7c:9b:
                    99:87:74:b7:b1:0c:7f:9d:58:55:48:a0:b4:4a:d8:
                    ad:4c:a8:4d:5c:97:a9:21:42:f0:09:13:4e:7c:c7:
                    55:e7:c1:a9:b8:b2:82:03:60:81:e3:a7:17:a9:34:
                    b0:70:fd:3e:fe:eb:7e:59:8a:03:47:44:3b:b9:5b:
                    18:7a:a9:5a:52:c1:60:54:e0:8f:4e:0f:bc:06:40:
                    6d:1c:3f:be:11:c2:b7:a5:31:76:97:ea:18:eb:24:
                    5b:46:35:0a:df:ec:34:a3:45:f3:bd:0d:04:d6:cc:
                    47:fe:40:c4:9a:3c:88:a2:51:90:02:b0:03:e3:5a:
                    bc:f1:7d:a1:26:84:06:3d:0e:90:0f:38:aa:b3:8e:
                    53:2c:53:28:b9:b4:45:ee:02:18:9d:d3:a6:5e:6c:
                    00:f8:36:e4:07:bf:ae:84:30:42:b7:2c:0f:92:ab:
                    2a:51:6f:44:41:a5:b7:81:cc:11:0c:fd:81:d8:cb:
                    a5:f5:d9:a9:7e:93:83:3a:f7:0a:cb:9d:a6:8f:eb:
                    ca:63:08:86:eb:36:e2:9e:45:82:42:13:d4:20:8c:
                    75:10:1b:9e:a0:11:09:0a:a3:4f:5c:e9:2a:69:a7:
                    d5:de:03:13:59:7a:de:12:78:08:9b:5b:5e:e0:3e:
                    8e:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:B0:79:06:1D:57:90:76:E0:82:7B:81:39:44:5A:B6:17:D7:D1:28
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/HbB5Bh1XkHbggnuBOURathfX0Sg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.96.0/24
                  46.37.118.0/24
                  46.37.120.0/21

    Signature Algorithm: sha256WithRSAEncryption
         ba:90:4c:e7:1b:21:33:1b:a5:05:a8:36:da:81:36:4e:55:d5:
         93:0e:50:9d:07:a8:4e:5c:1d:89:5c:16:40:8a:49:2f:da:c1:
         f2:fd:a1:b0:d5:22:e4:01:f8:ab:2e:7d:22:f9:9d:03:5f:3a:
         f3:63:49:b0:62:44:b0:98:5f:c9:97:0a:d7:b8:65:75:c8:e3:
         fb:ec:0e:cf:28:52:a2:ff:db:2c:48:cb:f8:a3:43:c9:a7:4a:
         97:a0:fc:50:96:3f:b6:7c:35:21:9d:07:30:b2:e1:9a:2d:17:
         89:8e:ed:a1:3b:b4:0c:d1:ad:e2:c0:f4:09:ad:b3:4b:54:24:
         45:e4:5e:9b:da:ef:a5:75:56:c3:d1:bb:78:46:52:aa:44:e7:
         31:ae:3c:31:25:65:b0:36:bd:b9:31:75:e4:d9:49:08:d3:ec:
         9b:e3:df:4c:ce:8a:5a:17:b8:92:0f:6c:a7:1f:c1:40:9f:71:
         15:b3:9d:39:6a:cb:a3:32:04:d7:80:ce:94:83:80:87:a4:4c:
         2e:42:4f:8f:15:ac:83:65:8b:19:0f:85:ad:0b:e1:65:1e:5d:
         81:fe:40:07:74:e7:2e:c3:30:2d:eb:79:17:d7:ed:68:5d:9b:
         a4:49:1e:4e:04:d7:78:f3:27:18:f3:a7:4f:d6:61:f7:d0:8a:
         4d:df:5c:16
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAzIqvDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
M2NmMDg4NDkxOGE1MDIzOWVmNzA1MThlZTlmYzA0ZjFhYWUxOTI5MB4XDTIyMDEw
MTA5NTcxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWRiMDc5MDYxZDU3
OTA3NmUwODI3YjgxMzk0NDVhYjYxN2Q3ZDEyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPLJJCt2cmuPDSO+3ybmYd0t7EMf51YVUigtErYrUyoTVyX
qSFC8AkTTnzHVefBqbiyggNggeOnF6k0sHD9Pv7rflmKA0dEO7lbGHqpWlLBYFTg
j04PvAZAbRw/vhHCt6UxdpfqGOskW0Y1Ct/sNKNF870NBNbMR/5AxJo8iKJRkAKw
A+NavPF9oSaEBj0OkA84qrOOUyxTKLm0Re4CGJ3Tpl5sAPg25Ae/roQwQrcsD5Kr
KlFvREGlt4HMEQz9gdjLpfXZqX6Tgzr3Csudpo/rymMIhus24p5FgkIT1CCMdRAb
nqARCQqjT1zpKmmn1d4DE1l63hJ4CJtbXuA+jv8CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQdsHkGHVeQduCCe4E5RFq2F9fRKDAfBgNVHSMEGDAWgBTTzwiEkYpQI573
BRjun8BPGq4ZKTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzA4OEloSkdLVUNPZTl3VVk3cF9BVHhxdUdTay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvY2RmZjE2LTQ1OGEtNDdjMy04ZGZhLTIzMTU0OTQwOTcyMC8x
L0hiQjVCaDFYa0hiZ2dudUJPVVJhdGhmWDBTZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
Y2RmZjE2LTQ1OGEtNDdjMy04ZGZhLTIzMTU0OTQwOTcyMC8xLzA4OEloSkdLVUNP
ZTl3VVk3cF9BVHhxdUdTay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAC4lYAMEAC4ldgMEAy4leDANBgkq
hkiG9w0BAQsFAAOCAQEAupBM5xshMxulBag22oE2TlXVkw5QnQeoTlwdiVwWQIpJ
L9rB8v2hsNUi5AH4qy59IvmdA18682NJsGJEsJhfyZcK17hldcjj++wOzyhSov/b
LEjL+KNDyadKl6D8UJY/tnw1IZ0HMLLhmi0XiY7toTu0DNGt4sD0Ca2zS1QkReRe
m9rvpXVWw9G7eEZSqkTnMa48MSVlsDa9uTF15NlJCNPsm+PfTM6KWhe4kg9spx/B
QJ9xFbOdOWrLozIE14DOlIOAh6RMLkJPjxWsg2WLGQ+FrQvhZR5dgf5AB3TnLsMw
Let5F9ftaF2bpEkeTgTXePMnGPOnT9Zh99CKTd9cFg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:54 2024 by rpki-client on console-fra.rpki-client.org