Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/0d68d4-adb3-4ff9-b78a-4ef9d07c4405/1/hdkjtiBw1lWL3I8Wiw00ZANhRDE.roa
File:                     hdkjtiBw1lWL3I8Wiw00ZANhRDE.roa (raw, json)
Hash identifier:          EfnZoSJyoSa5Xe6uEJRKR6qAWtJbG+6ZacdY6wI85Kw=
Subject key identifier:   85:D9:23:B6:20:70:D6:55:8B:DC:8F:16:8B:0D:34:64:03:61:44:31
Certificate issuer:       /CN=19193cd0cfb9395989358e0396312cfbb1c88ffe
Certificate serial:       0E9F48F2
Authority key identifier: 19:19:3C:D0:CF:B9:39:59:89:35:8E:03:96:31:2C:FB:B1:C8:8F:FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GRk80M-5OVmJNY4DljEs-7HIj_4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/0d68d4-adb3-4ff9-b78a-4ef9d07c4405/1/hdkjtiBw1lWL3I8Wiw00ZANhRDE.roa
Signing time:             Tue 12 Apr 2022 06:14:16 +0000
ROA not before:           Tue 12 Apr 2022 06:14:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212238
IP address blocks:        37.19.195.0/24 maxlen: 24
                          37.19.198.0/23 maxlen: 23
                          37.19.196.0/23 maxlen: 23
                          45.134.142.0/24 maxlen: 24
                          45.134.140.0/24 maxlen: 24
                          37.19.201.0/24 maxlen: 24
                          37.19.200.0/24 maxlen: 24
                          37.19.205.0/24 maxlen: 24
                          37.19.211.0/24 maxlen: 24
                          37.19.210.0/24 maxlen: 24
                          37.19.209.0/24 maxlen: 24
                          37.19.212.0/23 maxlen: 23
                          37.19.217.0/24 maxlen: 24
                          37.19.221.0/24 maxlen: 24
                          37.19.220.0/24 maxlen: 24
                          37.19.223.0/24 maxlen: 24
                          156.146.37.0/24 maxlen: 24
                          156.146.39.0/24 maxlen: 24
                          156.146.41.0/24 maxlen: 24
                          156.146.46.0/23 maxlen: 23
                          156.146.46.0/24 maxlen: 24
                          156.146.45.0/24 maxlen: 24
                          156.146.51.0/24 maxlen: 24
                          156.146.50.0/24 maxlen: 24
                          156.146.48.0/24 maxlen: 24
                          156.146.47.0/24 maxlen: 24
                          156.146.57.0/24 maxlen: 24
                          156.146.55.0/24 maxlen: 24
                          156.146.54.0/24 maxlen: 24
                          156.146.60.0/24 maxlen: 24
                          156.146.63.0/24 maxlen: 24
                          156.146.62.0/24 maxlen: 24
                          138.199.10.0/23 maxlen: 23
                          84.17.36.0/24 maxlen: 24
                          138.199.7.0/24 maxlen: 24
                          138.199.6.0/24 maxlen: 24
                          84.17.43.0/24 maxlen: 24
                          138.199.16.0/24 maxlen: 24
                          138.199.13.0/24 maxlen: 24
                          138.199.18.0/23 maxlen: 23
                          84.17.51.0/24 maxlen: 24
                          84.17.49.0/24 maxlen: 24
                          84.17.48.0/24 maxlen: 24
                          138.199.18.0/24 maxlen: 24
                          84.17.48.0/23 maxlen: 23
                          138.199.21.0/24 maxlen: 24
                          138.199.19.0/24 maxlen: 24
                          84.17.52.0/24 maxlen: 24
                          138.199.28.0/23 maxlen: 23
                          138.199.31.0/24 maxlen: 24
                          138.199.30.0/24 maxlen: 24
                          138.199.34.0/23 maxlen: 23
                          138.199.38.0/24 maxlen: 24
                          138.199.35.0/24 maxlen: 24
                          138.199.34.0/24 maxlen: 24
                          138.199.33.0/24 maxlen: 24
                          138.199.39.0/24 maxlen: 24
                          138.199.43.0/24 maxlen: 24
                          138.199.42.0/24 maxlen: 24
                          138.199.46.0/23 maxlen: 23
                          138.199.50.0/24 maxlen: 24
                          138.199.49.0/24 maxlen: 24
                          138.199.48.0/24 maxlen: 24
                          138.199.47.0/24 maxlen: 24
                          138.199.52.0/24 maxlen: 24
                          138.199.58.0/24 maxlen: 24
                          138.199.56.0/24 maxlen: 24
                          138.199.55.0/24 maxlen: 24
                          138.199.54.0/24 maxlen: 24
                          138.199.63.0/24 maxlen: 24
                          138.199.62.0/24 maxlen: 24
                          138.199.61.0/24 maxlen: 24
                          138.199.60.0/23 maxlen: 23
                          138.199.60.0/24 maxlen: 24
                          138.199.59.0/24 maxlen: 24
                          169.150.198.0/24 maxlen: 24
                          169.150.197.0/24 maxlen: 24
                          169.150.196.0/24 maxlen: 24
                          169.150.199.0/24 maxlen: 24
                          169.150.205.0/24 maxlen: 24
                          169.150.204.0/24 maxlen: 24
                          169.150.203.0/24 maxlen: 24
                          169.150.201.0/24 maxlen: 24
                          169.150.209.0/24 maxlen: 24
                          169.150.208.0/24 maxlen: 24
                          143.244.54.0/23 maxlen: 23
                          143.244.52.0/22 maxlen: 22
                          143.244.52.0/23 maxlen: 23
                          45.136.155.0/24 maxlen: 24
                          45.136.154.0/24 maxlen: 24
                          212.102.37.0/24 maxlen: 24
                          212.102.35.0/24 maxlen: 24
                          212.102.39.0/24 maxlen: 24
                          212.102.51.0/24 maxlen: 24
                          212.102.49.0/24 maxlen: 24
                          212.102.47.0/24 maxlen: 24
                          212.102.57.0/24 maxlen: 24
                          212.102.53.0/24 maxlen: 24
                          185.156.44.0/24 maxlen: 24
                          185.156.46.0/24 maxlen: 24
                          143.244.34.0/24 maxlen: 24
                          143.244.41.0/24 maxlen: 24
                          143.244.44.0/24 maxlen: 24
                          143.244.47.0/24 maxlen: 24
                          143.244.46.0/24 maxlen: 24
                          45.134.212.0/24 maxlen: 24
                          45.134.213.0/24 maxlen: 24
                          45.134.214.0/24 maxlen: 24
                          2a02:6ea0:1000::/40 maxlen: 40
                          2a02:6ea0:1100::/40 maxlen: 40
                          2a02:6ea0:1300::/40 maxlen: 40

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 245319922 (0xe9f48f2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=19193cd0cfb9395989358e0396312cfbb1c88ffe
        Validity
            Not Before: Apr 12 06:14:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=85d923b62070d6558bdc8f168b0d346403614431
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:e9:83:ae:37:49:62:9d:c3:89:4d:4b:cb:36:
                    a3:87:1c:7d:e0:49:6a:46:4f:f9:65:f1:fa:12:8f:
                    6b:97:a8:91:76:7b:df:b2:b7:7d:c7:81:4b:5d:ba:
                    db:84:ed:86:0d:c4:80:6a:a2:03:77:d8:f4:01:b9:
                    c2:fd:a7:9b:e3:63:d5:b0:60:ba:1a:2f:f8:57:a0:
                    5e:9b:1d:90:ac:b9:fe:d4:35:20:0f:b7:91:2a:95:
                    6f:d5:22:68:6d:d6:c3:ea:2a:8d:e6:ff:c2:e2:2a:
                    f0:27:5a:af:4c:c6:49:38:d8:8f:54:c1:31:04:07:
                    a7:e9:8c:cb:41:fe:c6:df:8e:25:62:65:58:d9:dc:
                    6d:4d:8e:fc:27:ee:eb:43:75:f8:fa:86:76:49:48:
                    45:47:f6:6b:74:47:e2:6d:5a:5d:0a:d6:c7:20:3b:
                    4b:05:c3:7f:27:fb:82:9d:9c:c7:db:38:a2:87:ce:
                    30:31:19:39:eb:90:d3:ad:a5:cc:f5:9e:c6:6e:54:
                    53:94:ec:28:d9:11:fa:d2:81:c1:36:d5:3c:90:db:
                    50:85:e9:b5:94:9a:b8:73:35:74:00:28:fb:be:f4:
                    14:5c:1b:26:a8:8a:77:15:1d:a8:c4:33:8a:98:70:
                    d5:66:72:14:b0:d4:84:14:42:35:26:30:21:12:2d:
                    b9:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:D9:23:B6:20:70:D6:55:8B:DC:8F:16:8B:0D:34:64:03:61:44:31
            X509v3 Authority Key Identifier:
                keyid:19:19:3C:D0:CF:B9:39:59:89:35:8E:03:96:31:2C:FB:B1:C8:8F:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GRk80M-5OVmJNY4DljEs-7HIj_4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/0d68d4-adb3-4ff9-b78a-4ef9d07c4405/1/hdkjtiBw1lWL3I8Wiw00ZANhRDE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/0d68d4-adb3-4ff9-b78a-4ef9d07c4405/1/GRk80M-5OVmJNY4DljEs-7HIj_4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.19.195.0-37.19.201.255
                  37.19.205.0/24
                  37.19.209.0-37.19.213.255
                  37.19.217.0/24
                  37.19.220.0/23
                  37.19.223.0/24
                  45.134.140.0/24
                  45.134.142.0/24
                  45.134.212.0-45.134.214.255
                  45.136.154.0/23
                  84.17.36.0/24
                  84.17.43.0/24
                  84.17.48.0/23
                  84.17.51.0-84.17.52.255
                  138.199.6.0/23
                  138.199.10.0/23
                  138.199.13.0/24
                  138.199.16.0/24
                  138.199.18.0/23
                  138.199.21.0/24
                  138.199.28.0/22
                  138.199.33.0-138.199.35.255
                  138.199.38.0/23
                  138.199.42.0/23
                  138.199.46.0-138.199.50.255
                  138.199.52.0/24
                  138.199.54.0-138.199.56.255
                  138.199.58.0-138.199.63.255
                  143.244.34.0/24
                  143.244.41.0/24
                  143.244.44.0/24
                  143.244.46.0/23
                  143.244.52.0/22
                  156.146.37.0/24
                  156.146.39.0/24
                  156.146.41.0/24
                  156.146.45.0-156.146.48.255
                  156.146.50.0/23
                  156.146.54.0/23
                  156.146.57.0/24
                  156.146.60.0/24
                  156.146.62.0/23
                  169.150.196.0/22
                  169.150.201.0/24
                  169.150.203.0-169.150.205.255
                  169.150.208.0/23
                  185.156.44.0/24
                  185.156.46.0/24
                  212.102.35.0/24
                  212.102.37.0/24
                  212.102.39.0/24
                  212.102.47.0/24
                  212.102.49.0/24
                  212.102.51.0/24
                  212.102.53.0/24
                  212.102.57.0/24
                IPv6:
                  2a02:6ea0:1000::/39
                  2a02:6ea0:1300::/40

    Signature Algorithm: sha256WithRSAEncryption
         05:5f:a7:ef:21:59:08:c1:7f:a8:0a:1a:2f:80:31:30:1a:6d:
         02:72:62:72:e5:3f:eb:d0:20:17:62:bb:84:8a:bf:4d:c2:e6:
         45:19:ef:de:e8:83:94:a8:37:a9:bb:00:5e:4b:07:ce:28:a9:
         97:5e:fa:f4:f2:db:c4:08:b4:57:c8:e9:41:e3:2f:76:cb:ac:
         b1:15:84:39:d8:66:a5:a6:82:a0:10:44:e0:65:20:a5:2c:3f:
         98:cc:fb:04:8a:f8:b8:45:88:e1:ba:b2:69:32:2f:66:27:8e:
         39:66:10:de:6c:b4:1a:13:56:78:56:97:07:8f:e6:71:6f:c8:
         98:71:52:d4:0d:16:4b:60:38:cd:f9:e9:1f:26:9f:e2:aa:64:
         dc:6e:f6:51:ca:44:8a:48:7a:78:40:60:66:86:81:92:d2:bc:
         60:67:88:b8:7b:5f:98:8d:dc:1e:f3:67:ab:d6:da:8a:d9:ed:
         bd:a0:f8:2b:2d:83:13:36:9d:4a:57:5b:0d:f0:a5:49:f9:72:
         89:63:4d:03:66:f6:57:54:ce:49:32:02:7f:f9:aa:ec:ce:c8:
         6c:fb:22:c4:22:e5:ac:ec:28:51:3b:de:8b:38:f1:14:51:5d:
         62:df:9b:6c:92:10:83:61:64:5a:82:49:be:1a:85:1f:d5:a8:
         41:35:2f:8f
-----BEGIN CERTIFICATE-----
MIIGqzCCBZOgAwIBAgIEDp9I8jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OTE5M2NkMGNmYjkzOTU5ODkzNThlMDM5NjMxMmNmYmIxYzg4ZmZlMB4XDTIyMDQx
MjA2MTQxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODVkOTIzYjYyMDcw
ZDY1NThiZGM4ZjE2OGIwZDM0NjQwMzYxNDQzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL/pg643SWKdw4lNS8s2o4ccfeBJakZP+WXx+hKPa5eokXZ7
37K3fceBS12624Tthg3EgGqiA3fY9AG5wv2nm+Nj1bBguhov+FegXpsdkKy5/tQ1
IA+3kSqVb9UiaG3Ww+oqjeb/wuIq8Cdar0zGSTjYj1TBMQQHp+mMy0H+xt+OJWJl
WNncbU2O/Cfu60N1+PqGdklIRUf2a3RH4m1aXQrWxyA7SwXDfyf7gp2cx9s4oofO
MDEZOeuQ062lzPWexm5UU5TsKNkR+tKBwTbVPJDbUIXptZSauHM1dAAo+770FFwb
JqiKdxUdqMQziphw1WZyFLDUhBRCNSYwIRItuUMCAwEAAaOCA8UwggPBMB0GA1Ud
DgQWBBSF2SO2IHDWVYvcjxaLDTRkA2FEMTAfBgNVHSMEGDAWgBQZGTzQz7k5WYk1
jgOWMSz7sciP/jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dSazgwTS01T1ZtSk5ZNERsakVzLTdISWpfNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDIvMGQ2OGQ0LWFkYjMtNGZmOS1iNzhhLTRlZjlkMDdjNDQwNS8x
L2hka2p0aUJ3MWxXTDNJOFdpdzAwWkFOaFJERS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDIv
MGQ2OGQ0LWFkYjMtNGZmOS1iNzhhLTRlZjlkMDdjNDQwNS8xL0dSazgwTS01T1Zt
Sk5ZNERsakVzLTdISWpfNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AdkGCCsGAQUFBwEHAQH/BIIByDCCAcQwggGoBAIAATCCAaAwDAMEACUTwwMEASUT
yAMEACUTzTAMAwQAJRPRAwQBJRPUAwQAJRPZAwQBJRPcAwQAJRPfAwQALYaMAwQA
LYaOMAwDBAIthtQDBAAthtYDBAEtiJoDBABUESQDBABUESsDBAFUETAwDAMEAFQR
MwMEAFQRNAMEAYrHBgMEAYrHCgMEAIrHDQMEAIrHEAMEAYrHEgMEAIrHFQMEAorH
HDAMAwQAischAwQCiscgAwQBiscmAwQBiscqMAwDBAGKxy4DBACKxzIDBACKxzQw
DAMEAYrHNgMEAIrHODAMAwQBisc6AwQGiscAAwQAj/QiAwQAj/QpAwQAj/QsAwQB
j/QuAwQCj/Q0AwQAnJIlAwQAnJInAwQAnJIpMAwDBACcki0DBACckjADBAGckjID
BAGckjYDBACckjkDBACckjwDBAGckj4DBAKplsQDBACplskwDAMEAKmWywMEAamW
zAMEAamW0AMEALmcLAMEALmcLgMEANRmIwMEANRmJQMEANRmJwMEANRmLwMEANRm
MQMEANRmMwMEANRmNQMEANRmOTAWBAIAAjAQAwYBKgJuoBADBgAqAm6gEzANBgkq
hkiG9w0BAQsFAAOCAQEABV+n7yFZCMF/qAoaL4AxMBptAnJicuU/69AgF2K7hIq/
TcLmRRnv3uiDlKg3qbsAXksHziipl1769PLbxAi0V8jpQeMvdsussRWEOdhmpaaC
oBBE4GUgpSw/mMz7BIr4uEWI4bqyaTIvZieOOWYQ3my0GhNWeFaXB4/mcW/ImHFS
1A0WS2A4zfnpHyaf4qpk3G72UcpEikh6eEBgZoaBktK8YGeIuHtfmI3cHvNnq9ba
itntvaD4Ky2DEzadSldbDfClSflyiWNNA2b2V1TOSTICf/mq7M7IbPsixCLlrOwo
UTveizjxFFFdYt+bbJIQg2FkWoJJvhqFH9WoQTUvjw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:06 2024 by rpki-client on console-ams.rpki-client.org