Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/Yh0MS6gwl3oDrDOQuZuGRXLdyls.roa
File:                     Yh0MS6gwl3oDrDOQuZuGRXLdyls.roa (raw, json)
Hash identifier:          C0YhkLAzgojIETu56pLwWwzRei59RQC5dS32y/Ti2aQ=
Subject key identifier:   62:1D:0C:4B:A8:30:97:7A:03:AC:33:90:B9:9B:86:45:72:DD:CA:5B
Certificate issuer:       /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial:       382EA36D
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/Yh0MS6gwl3oDrDOQuZuGRXLdyls.roa
Signing time:             Tue 10 May 2022 06:07:59 +0000
ROA not before:           Tue 10 May 2022 06:07:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8717
IP address blocks:        78.83.147.0/24 maxlen: 24
                          78.83.146.0/24 maxlen: 24
                          78.83.151.0/24 maxlen: 24
                          78.83.150.0/24 maxlen: 24
                          78.83.149.0/24 maxlen: 24
                          78.83.148.0/24 maxlen: 24
                          82.147.154.0/24 maxlen: 24
                          78.83.160.0/24 maxlen: 24
                          212.50.7.0/24 maxlen: 24
                          92.247.29.0/24 maxlen: 24
                          62.221.128.0/24 maxlen: 24
                          78.83.145.0/24 maxlen: 24
                          78.83.144.0/24 maxlen: 24
                          78.83.143.0/24 maxlen: 24
                          213.222.59.0/24 maxlen: 24
                          78.83.210.0/24 maxlen: 24
                          212.95.161.0/24 maxlen: 24
                          78.83.226.0/23 maxlen: 23
                          92.247.67.0/24 maxlen: 24
                          89.215.214.0/24 maxlen: 24
                          213.226.6.0/24 maxlen: 24
                          213.226.5.0/24 maxlen: 24
                          213.226.9.0/24 maxlen: 24
                          92.247.168.0/24 maxlen: 24
                          88.203.237.0/24 maxlen: 24
                          84.242.176.0/24 maxlen: 24
                          82.103.103.0/24 maxlen: 24
                          212.36.6.0/24 maxlen: 24
                          82.103.109.0/24 maxlen: 24
                          212.91.172.0/24 maxlen: 24
                          195.34.101.0/24 maxlen: 24
                          62.204.130.0/24 maxlen: 24
                          62.204.128.0/24 maxlen: 24
                          82.103.120.0/24 maxlen: 24
                          82.103.127.0/24 maxlen: 24
                          82.103.126.0/24 maxlen: 24
                          212.91.185.0/24 maxlen: 24
                          212.91.181.0/24 maxlen: 24
                          212.91.186.0/24 maxlen: 24
                          212.91.187.0/24 maxlen: 24
                          195.34.122.0/24 maxlen: 24
                          213.226.31.0/24 maxlen: 24
                          213.226.35.0/24 maxlen: 24
                          130.204.70.0/24 maxlen: 24
                          213.226.48.0/24 maxlen: 24
                          213.226.47.0/24 maxlen: 24
                          46.238.14.0/24 maxlen: 24
                          82.103.91.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 942580589 (0x382ea36d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
        Validity
            Not Before: May 10 06:07:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=621d0c4ba830977a03ac3390b99b864572ddca5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:9c:64:8e:82:f6:24:00:06:4c:42:3b:f9:2e:
                    9b:d6:91:6d:19:8e:e3:0a:ee:22:a2:af:16:c6:77:
                    b9:c5:1a:9e:4e:5b:bf:b0:7a:43:1d:1a:34:83:a9:
                    41:ce:c1:78:25:b2:55:77:6f:90:f7:11:87:b8:65:
                    84:ad:c8:bb:97:3c:c2:c7:a9:c2:e4:77:5f:37:5d:
                    20:68:de:62:aa:91:af:27:da:ce:f6:02:ae:9f:54:
                    a8:73:73:4f:c8:3f:06:0d:92:0e:33:21:e6:68:85:
                    0b:29:a5:5d:d1:17:ac:be:a8:eb:e0:8d:73:05:62:
                    21:63:a6:51:ca:71:01:2d:04:70:55:90:be:15:c7:
                    cd:ed:cd:20:52:7f:db:34:d4:ed:24:0e:b9:28:de:
                    90:36:eb:11:33:ca:5a:73:ea:67:65:3b:12:38:04:
                    03:15:66:c8:0a:cd:32:35:7d:a3:15:68:7d:52:e4:
                    12:b4:9f:d9:d5:58:84:12:65:7c:04:2f:ad:11:47:
                    f2:66:39:79:69:c4:9c:92:d9:65:54:e5:dc:30:b2:
                    7a:78:93:bc:d7:8a:44:3b:83:8f:d0:64:ef:2e:e8:
                    de:c2:9c:b4:e5:36:f1:3e:90:11:ad:ce:3b:13:e1:
                    c6:f0:4a:20:4d:cb:5c:40:ae:bb:32:a0:4c:c8:7d:
                    35:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:1D:0C:4B:A8:30:97:7A:03:AC:33:90:B9:9B:86:45:72:DD:CA:5B
            X509v3 Authority Key Identifier:
                keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/Yh0MS6gwl3oDrDOQuZuGRXLdyls.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.238.14.0/24
                  62.204.128.0/24
                  62.204.130.0/24
                  62.221.128.0/24
                  78.83.143.0-78.83.151.255
                  78.83.160.0/24
                  78.83.210.0/24
                  78.83.226.0/23
                  82.103.91.0/24
                  82.103.103.0/24
                  82.103.109.0/24
                  82.103.120.0/24
                  82.103.126.0/23
                  82.147.154.0/24
                  84.242.176.0/24
                  88.203.237.0/24
                  89.215.214.0/24
                  92.247.29.0/24
                  92.247.67.0/24
                  92.247.168.0/24
                  130.204.70.0/24
                  195.34.101.0/24
                  195.34.122.0/24
                  212.36.6.0/24
                  212.50.7.0/24
                  212.91.172.0/24
                  212.91.181.0/24
                  212.91.185.0-212.91.187.255
                  212.95.161.0/24
                  213.222.59.0/24
                  213.226.5.0-213.226.6.255
                  213.226.9.0/24
                  213.226.31.0/24
                  213.226.35.0/24
                  213.226.47.0-213.226.48.255

    Signature Algorithm: sha256WithRSAEncryption
         8d:d8:92:9e:f8:53:da:14:f3:63:5a:e4:cd:1a:e6:11:2d:e9:
         23:14:ad:2d:56:0d:a9:ee:88:ba:59:2b:d8:ca:46:0a:70:85:
         81:e5:ae:ab:a3:de:c5:aa:bf:a4:31:76:b8:b3:7e:35:0c:b6:
         99:b0:4c:9a:8b:76:4b:ff:d3:71:ab:0d:15:2e:05:16:64:92:
         32:25:a9:bc:22:e9:a4:39:32:7a:5e:e1:87:81:00:30:40:c9:
         3d:cb:12:10:6e:af:5e:5f:37:e7:96:f9:f3:7c:6b:f6:e5:bf:
         41:32:f5:71:57:5c:7f:87:85:0a:79:2b:55:a1:cc:84:3e:45:
         6a:19:8d:9a:0e:81:54:2c:39:45:64:af:5d:c2:88:0a:48:22:
         50:2e:78:6e:11:44:2d:c2:57:15:4e:00:3e:a1:1b:ed:7b:5a:
         af:84:7a:3d:25:99:2b:0d:e4:3f:4f:e7:e9:1c:62:ab:ed:82:
         d0:cd:1b:7f:92:70:c3:70:5e:19:de:c6:54:d4:bf:b5:2d:66:
         80:bb:62:ce:7b:a1:07:e0:d4:38:3a:ea:90:c3:97:18:47:83:
         3a:30:51:6e:eb:3c:f4:97:a1:7e:ca:70:3c:28:cb:f9:b4:db:
         e2:6b:ca:2b:6d:86:a6:13:a3:2e:8d:ba:57:09:48:25:0f:9e:
         8f:de:93:00
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgIEOC6jbTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTQ4Y2VkZjE3MDI5ZWQ5OGExMDgxMTNjNmMxMDllY2FjY2Q4MmVjMB4XDTIyMDUx
MDA2MDc1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjIxZDBjNGJhODMw
OTc3YTAzYWMzMzkwYjk5Yjg2NDU3MmRkY2E1YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM+cZI6C9iQABkxCO/kum9aRbRmO4wruIqKvFsZ3ucUank5b
v7B6Qx0aNIOpQc7BeCWyVXdvkPcRh7hlhK3Iu5c8wsepwuR3XzddIGjeYqqRryfa
zvYCrp9UqHNzT8g/Bg2SDjMh5miFCymlXdEXrL6o6+CNcwViIWOmUcpxAS0EcFWQ
vhXHze3NIFJ/2zTU7SQOuSjekDbrETPKWnPqZ2U7EjgEAxVmyArNMjV9oxVofVLk
ErSf2dVYhBJlfAQvrRFH8mY5eWnEnJLZZVTl3DCyeniTvNeKRDuDj9Bk7y7o3sKc
tOU28T6QEa3OOxPhxvBKIE3LXECuuzKgTMh9NQ0CAwEAAaOCAvswggL3MB0GA1Ud
DgQWBBRiHQxLqDCXegOsM5C5m4ZFct3KWzAfBgNVHSMEGDAWgBQFSM7fFwKe2YoQ
gRPGwQnsrM2C7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JVak8zeGNDbnRtS0VJRVR4c0VKN0t6Tmd1dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvNTQxYzA1LThkN2QtNDJiOC1hYjAwLTdmYmJhZTZmOTQzNy8x
L1loME1TNmd3bDNvRHJET1F1WnVHUlhMZHlscy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
NTQxYzA1LThkN2QtNDJiOC1hYjAwLTdmYmJhZTZmOTQzNy8xL0JVak8zeGNDbnRt
S0VJRVR4c0VKN0t6Tmd1dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AQ8GCCsGAQUFBwEHAQH/BIH/MIH8MIH5BAIAATCB8gMEAC7uDgMEAD7MgAMEAD7M
ggMEAD7dgDAMAwQATlOPAwQDTlOQAwQATlOgAwQATlPSAwQBTlPiAwQAUmdbAwQA
UmdnAwQAUmdtAwQAUmd4AwQBUmd+AwQAUpOaAwQAVPKwAwQAWMvtAwQAWdfWAwQA
XPcdAwQAXPdDAwQAXPeoAwQAgsxGAwQAwyJlAwQAwyJ6AwQA1CQGAwQA1DIHAwQA
1FusAwQA1Fu1MAwDBADUW7kDBALUW7gDBADUX6EDBADV3jswDAMEANXiBQMEANXi
BgMEANXiCQMEANXiHwMEANXiIzAMAwQA1eIvAwQA1eIwMA0GCSqGSIb3DQEBCwUA
A4IBAQCN2JKe+FPaFPNjWuTNGuYRLekjFK0tVg2p7oi6WSvYykYKcIWB5a6ro97F
qr+kMXa4s341DLaZsEyai3ZL/9Nxqw0VLgUWZJIyJam8IumkOTJ6XuGHgQAwQMk9
yxIQbq9eXzfnlvnzfGv25b9BMvVxV1x/h4UKeStVocyEPkVqGY2aDoFULDlFZK9d
wogKSCJQLnhuEUQtwlcVTgA+oRvte1qvhHo9JZkrDeQ/T+fpHGKr7YLQzRt/knDD
cF4Z3sZU1L+1LWaAu2LOe6EH4NQ4OuqQw5cYR4M6MFFu6zz0l6F+ynA8KMv5tNvi
a8orbYamE6MujbpXCUglD56P3pMA
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:52 2024 by rpki-client on console-ams.rpki-client.org