Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/avaYbUqwnnj_BEBFLvdzysghgW4.roa
File:                     avaYbUqwnnj_BEBFLvdzysghgW4.roa (raw, json)
Hash identifier:          wYrfPOBdRS3daJGZgKAql0nFCpyMaXpu1T8xjqDrirQ=
Subject key identifier:   6A:F6:98:6D:4A:B0:9E:78:FF:04:40:45:2E:F7:73:CA:C8:21:81:6E
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0FE2C08E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/avaYbUqwnnj_BEBFLvdzysghgW4.roa
Signing time:             Sat 14 May 2022 14:09:40 +0000
ROA not before:           Sat 14 May 2022 14:09:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2118
IP address blocks:        62.76.232.0/24 maxlen: 24
                          62.76.235.0/24 maxlen: 24
                          194.87.22.0/24 maxlen: 24
                          195.58.35.0/24 maxlen: 24
                          195.58.50.0/24 maxlen: 24
                          195.58.51.0/24 maxlen: 24
                          195.58.54.0/23 maxlen: 24
                          195.58.55.0/24 maxlen: 24
                          195.58.52.0/24 maxlen: 24
                          194.58.60.0/24 maxlen: 24
                          212.193.0.0/22 maxlen: 24
                          194.87.104.0/24 maxlen: 24
                          194.87.64.0/24 maxlen: 24
                          193.124.89.0/24 maxlen: 24
                          193.124.91.0/24 maxlen: 24
                          193.124.95.0/24 maxlen: 24
                          193.124.93.0/24 maxlen: 24
                          194.87.200.0/24 maxlen: 24
                          195.133.81.0/24 maxlen: 24
                          194.87.226.0/24 maxlen: 24
                          194.135.23.0/24 maxlen: 24
                          212.192.10.0/23 maxlen: 24
                          194.87.166.0/24 maxlen: 24
                          192.124.173.0/24 maxlen: 24
                          192.124.178.0/24 maxlen: 24
                          192.124.181.0/24 maxlen: 24
                          192.124.182.0/23 maxlen: 24
                          192.124.180.0/22 maxlen: 24
                          192.124.180.0/24 maxlen: 24
                          194.87.172.0/24 maxlen: 24
                          192.124.188.0/22 maxlen: 22
                          194.87.179.0/24 maxlen: 24
                          193.124.205.0/24 maxlen: 24
                          193.124.202.0/24 maxlen: 24
                          193.124.203.0/24 maxlen: 24
                          193.124.207.0/24 maxlen: 24
                          192.124.209.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 266518670 (0xfe2c08e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: May 14 14:09:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6af6986d4ab09e78ff0440452ef773cac821816e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:72:e8:eb:f5:ad:4a:18:e8:00:da:84:a9:2a:
                    0e:00:b2:5a:63:bc:75:cb:eb:d1:e8:c9:b4:1f:95:
                    05:21:ad:18:c0:2c:9f:42:38:96:48:fb:90:4b:ab:
                    5a:0f:5a:30:3a:eb:4d:7c:55:21:1e:f3:19:22:ea:
                    39:e2:82:e5:b7:b7:a2:bd:0b:ae:ad:32:75:c4:27:
                    56:96:bd:8c:0e:a0:00:57:0a:a9:98:6e:ae:1a:87:
                    f1:45:df:b5:1d:9b:bd:44:31:3b:af:5f:03:10:69:
                    66:b5:56:9c:4d:11:3c:ba:8d:e9:10:3a:73:76:47:
                    34:d0:18:8f:f8:c3:67:91:42:fa:76:ea:c4:51:c4:
                    68:1d:d1:65:7c:b4:48:3c:d8:6f:75:ff:25:05:b6:
                    11:bf:09:06:5d:a3:95:03:66:3d:04:71:23:74:6e:
                    46:27:92:0c:33:2f:ff:5c:36:53:e7:07:61:79:76:
                    94:75:b1:73:53:e3:93:fb:6f:e9:dc:70:d2:a1:17:
                    df:c1:3d:5d:1a:60:03:62:87:20:06:cb:42:b0:9c:
                    77:f5:4e:de:d4:84:ea:6e:af:b7:30:4b:2a:ec:69:
                    f1:16:20:4c:5a:3e:85:a7:01:99:98:0c:b0:3e:06:
                    6e:6f:24:1f:d5:cd:65:35:71:49:0a:76:17:da:51:
                    ac:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:F6:98:6D:4A:B0:9E:78:FF:04:40:45:2E:F7:73:CA:C8:21:81:6E
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/avaYbUqwnnj_BEBFLvdzysghgW4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.232.0/24
                  62.76.235.0/24
                  192.124.173.0/24
                  192.124.178.0/24
                  192.124.180.0/22
                  192.124.188.0/22
                  192.124.209.0/24
                  193.124.89.0/24
                  193.124.91.0/24
                  193.124.93.0/24
                  193.124.95.0/24
                  193.124.202.0/23
                  193.124.205.0/24
                  193.124.207.0/24
                  194.58.60.0/24
                  194.87.22.0/24
                  194.87.64.0/24
                  194.87.104.0/24
                  194.87.166.0/24
                  194.87.172.0/24
                  194.87.179.0/24
                  194.87.200.0/24
                  194.87.226.0/24
                  194.135.23.0/24
                  195.58.35.0/24
                  195.58.50.0-195.58.52.255
                  195.58.54.0/23
                  195.133.81.0/24
                  212.192.10.0/23
                  212.193.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         68:c4:ae:28:cb:53:ee:d0:8d:ed:9b:54:26:e5:f6:41:1d:03:
         58:a4:01:f7:f1:2e:34:80:2b:0f:e3:a5:92:d3:a8:1c:3d:f8:
         f3:9f:85:8e:b8:39:4f:50:dd:6a:3b:29:14:c1:db:01:c7:76:
         15:f6:b0:a6:65:86:31:3d:4f:bc:47:a6:16:ed:9f:d0:b1:8f:
         e6:b7:78:ef:87:34:26:f1:b8:48:86:96:68:34:43:d1:9d:89:
         08:9d:ec:ed:ff:d0:ac:d6:34:e6:0b:93:27:35:1a:83:cf:3f:
         a7:c4:24:f0:e5:0b:7b:f9:74:ff:7a:65:f3:f5:3c:99:9b:af:
         2b:c7:1e:70:a0:33:15:ab:19:e9:5e:9b:cc:49:ee:15:ff:c7:
         4a:ed:dd:f3:c1:26:df:00:74:9c:ef:36:df:a2:78:9d:e1:92:
         16:63:5e:79:da:fa:06:19:d2:39:0d:b7:21:da:ca:7c:e9:d5:
         e7:53:3d:96:3e:6a:df:1c:a9:97:38:10:b1:4f:1a:23:61:c0:
         51:d4:c6:df:83:55:3e:26:fe:02:ad:73:d5:7c:48:dd:e2:e0:
         e3:8d:d5:6e:6a:4b:bc:2e:c6:f0:ec:b8:0a:d6:2a:53:7e:a2:
         c6:4c:72:d8:4c:72:b9:8e:bf:d0:79:aa:3d:03:88:fa:ce:7e:
         67:94:47:4d
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgIED+LAjjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDUx
NDE0MDk0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmFmNjk4NmQ0YWIw
OWU3OGZmMDQ0MDQ1MmVmNzczY2FjODIxODE2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIRy6Ov1rUoY6ADahKkqDgCyWmO8dcvr0ejJtB+VBSGtGMAs
n0I4lkj7kEurWg9aMDrrTXxVIR7zGSLqOeKC5be3or0Lrq0ydcQnVpa9jA6gAFcK
qZhurhqH8UXftR2bvUQxO69fAxBpZrVWnE0RPLqN6RA6c3ZHNNAYj/jDZ5FC+nbq
xFHEaB3RZXy0SDzYb3X/JQW2Eb8JBl2jlQNmPQRxI3RuRieSDDMv/1w2U+cHYXl2
lHWxc1Pjk/tv6dxw0qEX38E9XRpgA2KHIAbLQrCcd/VO3tSE6m6vtzBLKuxp8RYg
TFo+hacBmZgMsD4Gbm8kH9XNZTVxSQp2F9pRrOkCAwEAAaOCAsQwggLAMB0GA1Ud
DgQWBBRq9phtSrCeeP8EQEUu93PKyCGBbjAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
L2F2YVliVXF3bm5qX0JFQkZMdmR6eXNnaGdXNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
2QYIKwYBBQUHAQcBAf8EgckwgcYwgcMEAgABMIG8AwQAPkzoAwQAPkzrAwQAwHyt
AwQAwHyyAwQCwHy0AwQCwHy8AwQAwHzRAwQAwXxZAwQAwXxbAwQAwXxdAwQAwXxf
AwQBwXzKAwQAwXzNAwQAwXzPAwQAwjo8AwQAwlcWAwQAwldAAwQAwldoAwQAwlem
AwQAwlesAwQAwlezAwQAwlfIAwQAwlfiAwQAwocXAwQAwzojMAwDBAHDOjIDBADD
OjQDBAHDOjYDBADDhVEDBAHUwAoDBALUwQAwDQYJKoZIhvcNAQELBQADggEBAGjE
rijLU+7Qje2bVCbl9kEdA1ikAffxLjSAKw/jpZLTqBw9+POfhY64OU9Q3Wo7KRTB
2wHHdhX2sKZlhjE9T7xHphbtn9Cxj+a3eO+HNCbxuEiGlmg0Q9GdiQid7O3/0KzW
NOYLkyc1GoPPP6fEJPDlC3v5dP96ZfP1PJmbryvHHnCgMxWrGelem8xJ7hX/x0rt
3fPBJt8AdJzvNt+ieJ3hkhZjXnna+gYZ0jkNtyHaynzp1edTPZY+at8cqZc4ELFP
GiNhwFHUxt+DVT4m/gKtc9V8SN3i4OON1W5qS7wuxvDsuArWKlN+osZMcthMcrmO
v9B5qj0DiPrOfmeUR00=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:01 2023 by rpki-client on console-ams.rpki-client.org