Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/d5hZHMyGmZMi8VNaU2jCKwaua0c.roa
File:                     d5hZHMyGmZMi8VNaU2jCKwaua0c.roa (raw, json)
Hash identifier:          F2eszC+gUjaEG6LsgtPCqAmYbtBcDcUW3kHJ343XAWM=
Subject key identifier:   77:98:59:1C:CC:86:99:93:22:F1:53:5A:53:68:C2:2B:06:AE:6B:47
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       01824C7C7DB455091CC7305A5F981315D91B
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/d5hZHMyGmZMi8VNaU2jCKwaua0c.roa
Signing time:             Sat 30 Jul 2022 00:23:23 +0000
ROA not before:           Sat 30 Jul 2022 00:23:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     399641
IP address blocks:        46.37.102.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:4c:7c:7d:b4:55:09:1c:c7:30:5a:5f:98:13:15:d9:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Jul 30 00:23:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7798591ccc86999322f1535a5368c22b06ae6b47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:08:4f:97:f3:f3:8f:ed:ec:0b:f7:67:77:f0:
                    ff:b4:4b:6f:41:b4:26:a6:03:7f:ab:b0:9d:7f:18:
                    8e:3c:7c:0a:f5:a4:c4:31:cf:a9:8c:c0:d9:56:60:
                    b0:37:b1:8e:27:91:4d:7e:5f:cf:82:d3:39:94:66:
                    df:70:7b:64:e6:7b:fa:b9:ed:b2:18:c5:ec:15:92:
                    a4:df:39:a4:fc:1b:6d:3a:d6:66:a5:b0:e3:68:1d:
                    90:9d:4c:ac:30:78:ed:a6:a9:82:31:5b:ab:9d:5f:
                    e2:f5:70:99:64:f6:7f:5f:7d:ed:06:92:8b:7f:b6:
                    82:f5:60:33:6d:eb:ad:5b:6e:15:58:38:3f:71:39:
                    bc:7f:6d:e5:1d:6a:1e:6e:fd:f3:2e:c4:a7:2e:50:
                    25:36:2b:06:35:ce:73:66:d3:c2:37:4a:c9:c3:1a:
                    46:9a:45:d0:c6:78:c6:35:b3:98:e9:6d:dd:b2:e4:
                    d8:95:37:30:8b:bb:2e:4a:4f:d5:a7:f9:a0:39:29:
                    ae:76:5e:0e:40:9c:c1:d4:f8:82:dd:05:4a:33:42:
                    b0:c5:36:96:ac:92:0e:17:62:f5:45:e5:5c:47:c1:
                    19:18:89:40:73:1a:66:a8:c9:fb:bc:59:18:20:10:
                    24:86:cc:8f:14:86:36:19:cf:63:18:34:52:37:4f:
                    7f:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:98:59:1C:CC:86:99:93:22:F1:53:5A:53:68:C2:2B:06:AE:6B:47
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/d5hZHMyGmZMi8VNaU2jCKwaua0c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.102.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:c8:27:24:f9:19:28:71:9c:99:2d:29:f5:c7:b5:58:20:82:
         d4:c4:b3:d4:70:25:ae:95:93:62:c6:71:7c:d4:75:b7:f8:3b:
         b3:07:0d:01:e9:6f:e2:74:99:9b:40:42:42:57:44:5a:8a:ab:
         e4:28:a2:cf:c2:73:6c:17:a6:84:5c:19:c5:6a:c2:f9:26:7b:
         32:3c:0c:21:99:88:e1:8c:61:5d:7b:ee:7d:26:11:91:0b:ca:
         53:17:4d:12:64:c4:f5:24:20:7a:d8:24:52:1c:56:ff:c0:b9:
         9b:5c:e5:22:ee:5f:09:a5:dd:b2:f7:22:30:72:8f:5e:8b:40:
         2d:5b:b2:03:d1:6b:31:18:e2:c3:53:ff:da:0a:32:a6:05:b5:
         9e:dc:c8:86:8a:fe:59:7c:78:c7:7e:a8:9a:d7:ef:49:aa:39:
         19:3f:0d:a9:8a:cb:1b:d4:cf:ee:4d:dc:f5:ce:1c:7f:7f:3d:
         e5:4b:03:71:7c:3d:85:31:31:a1:f4:31:21:89:88:36:11:1d:
         bc:01:eb:7e:d8:fd:a0:b6:4d:b2:5f:98:39:97:e4:aa:b5:ca:
         b1:cc:48:c3:f4:7c:bb:f8:b0:87:ec:7e:06:a7:8b:fd:6f:4e:
         c6:1a:fe:ea:74:fb:ad:d5:a6:3c:8d:6b:49:13:1b:29:f2:dc:
         e7:d3:fc:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJMfH20VQkcxzBaX5gTFdkbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjIwNzMwMDAyMzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Nzk4NTkxY2NjODY5OTkzMjJmMTUzNWE1MzY4YzIyYjA2YWU2YjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAhPl/Pzj+3sC/dnd/D/tEtvQbQm
pgN/q7CdfxiOPHwK9aTEMc+pjMDZVmCwN7GOJ5FNfl/PgtM5lGbfcHtk5nv6ue2y
GMXsFZKk3zmk/BttOtZmpbDjaB2QnUysMHjtpqmCMVurnV/i9XCZZPZ/X33tBpKL
f7aC9WAzbeutW24VWDg/cTm8f23lHWoebv3zLsSnLlAlNisGNc5zZtPCN0rJwxpG
mkXQxnjGNbOY6W3dsuTYlTcwi7suSk/Vp/mgOSmudl4OQJzB1PiC3QVKM0KwxTaW
rJIOF2L1ReVcR8EZGIlAcxpmqMn7vFkYIBAkhsyPFIY2Gc9jGDRSN09/ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHeYWRzMhpmTIvFTWlNowisGrmtHMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvZDVoWkhNeUdtWk1pOFZOYVUyakNLd2F1YTBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiVmMA0G
CSqGSIb3DQEBCwUAA4IBAQCKyCck+RkocZyZLSn1x7VYIILUxLPUcCWulZNixnF8
1HW3+DuzBw0B6W/idJmbQEJCV0RaiqvkKKLPwnNsF6aEXBnFasL5JnsyPAwhmYjh
jGFde+59JhGRC8pTF00SZMT1JCB62CRSHFb/wLmbXOUi7l8Jpd2y9yIwco9ei0At
W7ID0WsxGOLDU//aCjKmBbWe3MiGiv5ZfHjHfqia1+9JqjkZPw2pissb1M/uTdz1
zhx/fz3lSwNxfD2FMTGh9DEhiYg2ER28Aet+2P2gtk2yX5g5l+SqtcqxzEjD9Hy7
+LCH7H4Gp4v9b07GGv7qdPut1aY8jWtJExsp8tzn0/yE
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:44 2023 by rpki-client on console-fra.rpki-client.org