Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/hesNBwf-Wr0OqLzc-MTrOLchdQY.roa
File:                     hesNBwf-Wr0OqLzc-MTrOLchdQY.roa (raw, json)
Hash identifier:          4r0T02cfeiJWqBP1nKmBO3v83pnnZROqd2SB1iKz0Fg=
Subject key identifier:   85:EB:0D:07:07:FE:5A:BD:0E:A8:BC:DC:F8:C4:EB:38:B7:21:75:06
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       03D6F592
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/hesNBwf-Wr0OqLzc-MTrOLchdQY.roa
Signing time:             Tue 22 Feb 2022 09:10:14 +0000
ROA not before:           Tue 22 Feb 2022 09:10:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     397423
IP address blocks:        46.37.100.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 64419218 (0x3d6f592)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Feb 22 09:10:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=85eb0d0707fe5abd0ea8bcdcf8c4eb38b7217506
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:ac:f9:49:b7:4d:65:4c:09:51:e7:02:19:7f:
                    fd:32:fe:4f:aa:98:0b:b7:a6:eb:b4:66:35:5d:72:
                    a9:bf:c0:e3:94:21:5d:a5:9c:8c:a9:1f:c8:dc:31:
                    e0:e0:0b:79:1f:13:0d:e3:b0:0d:36:7e:a7:15:66:
                    93:e6:de:07:11:2e:90:32:7b:c4:de:28:25:59:87:
                    bd:9e:cd:68:c2:d3:49:78:1a:fc:1a:b2:29:a5:04:
                    42:14:d1:bc:2b:c9:4d:d2:9f:ab:f7:df:5e:0c:6d:
                    47:02:95:60:3e:09:e2:59:31:b7:f7:d6:c3:e9:ce:
                    1e:51:b0:6e:74:51:ed:c2:e7:3b:24:e4:a0:88:25:
                    fe:5b:cc:73:3c:9f:2b:2e:c2:da:ff:a4:e7:0b:5c:
                    14:23:08:9c:d7:0f:8d:5b:ed:07:7c:e8:9b:52:76:
                    e2:9e:d8:ad:24:0c:b5:c4:22:14:24:d9:3f:d5:6f:
                    79:fd:0b:09:e4:19:04:a4:42:78:04:dd:16:28:da:
                    36:39:15:d1:22:0c:e5:70:4f:23:f2:fe:69:38:0b:
                    53:a2:f9:92:f1:2e:04:3f:23:1c:31:87:f5:a7:00:
                    0d:e8:46:95:e3:8d:6c:74:4e:ef:7e:51:21:cb:cd:
                    d3:9d:e2:9e:e1:3f:7e:4b:40:7b:eb:a2:38:df:87:
                    8a:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:EB:0D:07:07:FE:5A:BD:0E:A8:BC:DC:F8:C4:EB:38:B7:21:75:06
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/hesNBwf-Wr0OqLzc-MTrOLchdQY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.100.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:fa:44:6b:a1:5f:bd:26:4b:94:3a:8b:0b:3d:0b:c5:f1:45:
         33:bf:68:63:91:1e:f5:c9:43:15:e4:4a:ed:72:42:28:d9:9c:
         05:70:7b:3d:cd:93:53:ba:cf:ef:52:f0:5b:9e:73:0b:7b:9b:
         52:06:aa:91:d2:c2:e9:40:62:23:f4:d3:44:b9:75:54:38:e5:
         12:d3:c4:b4:07:6f:42:b7:b1:5c:e5:7e:9a:ad:9c:03:0b:7e:
         f3:b0:a0:38:48:34:7c:ab:d4:f6:43:10:7e:32:7a:06:95:53:
         d5:d0:12:ae:57:38:f2:5b:2c:12:17:7d:8e:04:f6:5a:26:61:
         eb:8e:ff:bf:3f:46:c2:d5:80:aa:68:96:77:c9:cc:f4:7b:fb:
         19:6f:a3:da:19:24:81:fd:13:0c:13:9a:9d:d3:45:d3:62:e0:
         22:dd:5a:09:3d:84:17:d8:b6:13:62:7c:c0:3b:26:8d:79:59:
         eb:12:ec:62:d4:42:12:11:b9:5d:85:68:ce:13:19:34:f5:b3:
         77:c9:5d:0c:f1:15:44:91:26:41:75:40:88:45:d1:b4:4d:84:
         9e:a1:fc:19:06:b0:00:cc:19:a9:bc:75:90:af:93:64:f7:81:
         3e:02:fa:1f:07:46:ea:b8:3c:eb:8d:e3:62:10:4d:ab:66:ab:
         15:14:3a:9c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA9b1kjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
M2NmMDg4NDkxOGE1MDIzOWVmNzA1MThlZTlmYzA0ZjFhYWUxOTI5MB4XDTIyMDIy
MjA5MTAxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODVlYjBkMDcwN2Zl
NWFiZDBlYThiY2RjZjhjNGViMzhiNzIxNzUwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJGs+Um3TWVMCVHnAhl//TL+T6qYC7em67RmNV1yqb/A45Qh
XaWcjKkfyNwx4OALeR8TDeOwDTZ+pxVmk+beBxEukDJ7xN4oJVmHvZ7NaMLTSXga
/BqyKaUEQhTRvCvJTdKfq/ffXgxtRwKVYD4J4lkxt/fWw+nOHlGwbnRR7cLnOyTk
oIgl/lvMczyfKy7C2v+k5wtcFCMInNcPjVvtB3zom1J24p7YrSQMtcQiFCTZP9Vv
ef0LCeQZBKRCeATdFijaNjkV0SIM5XBPI/L+aTgLU6L5kvEuBD8jHDGH9acADehG
leONbHRO735RIcvN053inuE/fktAe+uiON+HiiMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSF6w0HB/5avQ6ovNz4xOs4tyF1BjAfBgNVHSMEGDAWgBTTzwiEkYpQI573
BRjun8BPGq4ZKTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzA4OEloSkdLVUNPZTl3VVk3cF9BVHhxdUdTay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvY2RmZjE2LTQ1OGEtNDdjMy04ZGZhLTIzMTU0OTQwOTcyMC8x
L2hlc05Cd2YtV3IwT3FMemMtTVRyT0xjaGRRWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
Y2RmZjE2LTQ1OGEtNDdjMy04ZGZhLTIzMTU0OTQwOTcyMC8xLzA4OEloSkdLVUNP
ZTl3VVk3cF9BVHhxdUdTay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC4lZDANBgkqhkiG9w0BAQsFAAOC
AQEAVfpEa6FfvSZLlDqLCz0LxfFFM79oY5Ee9clDFeRK7XJCKNmcBXB7Pc2TU7rP
71LwW55zC3ubUgaqkdLC6UBiI/TTRLl1VDjlEtPEtAdvQrexXOV+mq2cAwt+87Cg
OEg0fKvU9kMQfjJ6BpVT1dASrlc48lssEhd9jgT2WiZh647/vz9GwtWAqmiWd8nM
9Hv7GW+j2hkkgf0TDBOandNF02LgIt1aCT2EF9i2E2J8wDsmjXlZ6xLsYtRCEhG5
XYVozhMZNPWzd8ldDPEVRJEmQXVAiEXRtE2EnqH8GQawAMwZqbx1kK+TZPeBPgL6
HwdG6rg8643jYhBNq2arFRQ6nA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:07 2024 by rpki-client on console-ams.rpki-client.org