Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/bD6dJZtMnfwz9d96lMu_D3ZrXDQ.roa
File:                     bD6dJZtMnfwz9d96lMu_D3ZrXDQ.roa (raw, json)
Hash identifier:          2YDb+cbvcENI/3gWp53yq7nkxh0UmA7sqRSJeRwG7YQ=
Subject key identifier:   6C:3E:9D:25:9B:4C:9D:FC:33:F5:DF:7A:94:CB:BF:0F:76:6B:5C:34
Certificate issuer:       /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial:       01848A9D834C6CCDE172B1845A954EBB10A6
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/bD6dJZtMnfwz9d96lMu_D3ZrXDQ.roa
Signing time:             Fri 18 Nov 2022 12:01:29 +0000
ROA not before:           Fri 18 Nov 2022 12:01:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12716
IP address blocks:        151.251.254.0/24 maxlen: 24
                          151.251.255.0/24 maxlen: 24
                          37.63.96.0/22 maxlen: 22
                          83.97.30.0/24 maxlen: 24
                          84.252.40.0/23 maxlen: 23
                          151.251.240.0/24 maxlen: 24
                          151.251.238.0/24 maxlen: 24
                          151.251.239.0/24 maxlen: 24
                          151.251.245.0/24 maxlen: 24
                          151.251.240.0/20 maxlen: 20
                          151.251.243.0/24 maxlen: 24
                          151.251.246.0/24 maxlen: 24
                          151.251.241.0/24 maxlen: 24
                          151.251.244.0/24 maxlen: 24
                          151.251.242.0/24 maxlen: 24
                          151.251.253.0/24 maxlen: 24
                          151.251.248.0/24 maxlen: 24
                          151.251.251.0/24 maxlen: 24
                          151.251.249.0/24 maxlen: 24
                          151.251.252.0/24 maxlen: 24
                          151.251.247.0/24 maxlen: 24
                          151.251.250.0/24 maxlen: 24
                          89.215.62.0/23 maxlen: 23
                          151.251.44.0/22 maxlen: 22
                          151.251.68.0/22 maxlen: 22
                          185.224.160.0/23 maxlen: 23
                          37.63.0.0/20 maxlen: 20
                          37.63.16.0/22 maxlen: 22
                          62.204.154.0/23 maxlen: 23
                          151.251.121.0/24 maxlen: 24
                          85.118.64.0/22 maxlen: 22
                          85.118.71.0/24 maxlen: 24
                          85.118.68.0/23 maxlen: 23
                          213.226.17.0/24 maxlen: 24
                          85.118.70.0/24 maxlen: 24
                          85.118.76.0/22 maxlen: 22
                          85.118.74.0/24 maxlen: 24
                          85.118.72.0/23 maxlen: 23
                          213.226.19.0/24 maxlen: 24
                          185.151.156.0/22 maxlen: 22
                          85.118.84.0/24 maxlen: 24
                          85.118.80.0/22 maxlen: 22
                          213.226.36.0/24 maxlen: 24
                          85.118.92.0/24 maxlen: 24
                          85.118.93.0/24 maxlen: 24
                          213.226.40.0/24 maxlen: 24
                          213.226.51.0/24 maxlen: 24
                          213.226.57.0/24 maxlen: 24
                          213.226.56.0/24 maxlen: 24
                          213.226.63.0/24 maxlen: 24
                          213.226.59.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:8a:9d:83:4c:6c:cd:e1:72:b1:84:5a:95:4e:bb:10:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
        Validity
            Not Before: Nov 18 12:01:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6c3e9d259b4c9dfc33f5df7a94cbbf0f766b5c34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:f0:0a:07:60:9f:97:55:2f:84:67:4d:a3:c0:
                    96:4d:ca:d6:d0:2c:b6:e7:a8:ad:2c:0e:76:e6:a3:
                    8b:91:25:b7:cd:0d:4c:c2:4e:a5:2b:90:45:9c:48:
                    e1:ba:f5:3b:23:08:76:12:60:a6:ea:5c:08:44:76:
                    75:f5:a7:ae:b3:ce:e5:f1:34:36:2d:39:13:27:7b:
                    e3:ab:94:1e:ff:54:88:67:af:40:1a:55:3c:c0:ae:
                    59:98:1a:f1:60:08:60:e1:a3:dd:f3:1f:8e:a3:af:
                    8b:d6:87:d2:7b:4b:e0:e4:c1:a1:4c:90:99:33:a3:
                    56:34:f9:94:d1:36:71:e4:5b:ad:e0:6d:f3:ef:70:
                    48:0b:55:3c:51:b7:fd:a8:ea:db:78:66:ee:22:c5:
                    60:48:ee:28:fa:0e:41:4d:d2:9b:76:ac:05:1c:3d:
                    8d:90:9b:d4:86:74:05:c7:0d:25:34:22:7a:ba:21:
                    ce:e7:f1:95:94:2e:c5:ea:6f:0e:1e:f6:6b:1f:7e:
                    f3:27:92:12:1e:d1:4a:08:eb:fc:c8:df:01:44:ab:
                    6e:bc:6c:63:7e:dc:9c:b4:81:0c:53:7c:a1:e6:88:
                    0d:66:4b:5d:db:cb:cf:65:41:f1:bc:02:8b:e5:f6:
                    71:9a:0c:ea:93:a8:ed:c9:41:cd:62:d9:9f:fd:4c:
                    97:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:3E:9D:25:9B:4C:9D:FC:33:F5:DF:7A:94:CB:BF:0F:76:6B:5C:34
            X509v3 Authority Key Identifier:
                keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/bD6dJZtMnfwz9d96lMu_D3ZrXDQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.63.0.0-37.63.19.255
                  37.63.96.0/22
                  62.204.154.0/23
                  83.97.30.0/24
                  84.252.40.0/23
                  85.118.64.0-85.118.74.255
                  85.118.76.0-85.118.84.255
                  85.118.92.0/23
                  89.215.62.0/23
                  151.251.44.0/22
                  151.251.68.0/22
                  151.251.121.0/24
                  151.251.238.0-151.251.255.255
                  185.151.156.0/22
                  185.224.160.0/23
                  213.226.17.0/24
                  213.226.19.0/24
                  213.226.36.0/24
                  213.226.40.0/24
                  213.226.51.0/24
                  213.226.56.0/23
                  213.226.59.0/24
                  213.226.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:09:f9:ba:28:a9:10:dc:e9:bd:d2:7d:f5:6a:49:01:df:00:
         14:d9:31:7b:c2:b4:11:bb:dc:4e:fe:7a:7c:5e:df:db:cb:c3:
         58:ce:8a:21:f8:e8:54:98:e1:c0:90:72:57:63:e5:b0:c4:24:
         fe:aa:a1:08:14:33:15:23:63:76:e2:1c:0d:85:2f:3f:d4:df:
         03:b2:57:0f:78:c2:2a:34:f9:7d:f1:d6:49:af:b6:74:69:a9:
         cd:d8:e0:38:61:81:85:cc:da:a5:b6:cd:80:e5:6a:43:aa:02:
         4e:25:53:dc:ff:b4:59:01:ae:5f:05:b5:d9:b3:b8:eb:da:62:
         a5:f7:c9:76:e0:87:4e:57:29:9f:af:a5:d2:1c:6f:5f:f0:34:
         67:25:be:22:1e:17:bf:7c:7f:4e:29:51:a5:05:da:ad:84:56:
         e4:f0:7d:7a:1c:09:38:8d:3a:7a:09:67:74:26:dc:28:2d:42:
         36:af:89:49:07:30:24:57:0a:d6:fe:af:4a:cb:e6:a2:28:3e:
         35:1a:e6:ce:db:b9:27:7d:74:c1:75:2e:47:1b:15:3e:87:ae:
         43:d3:c8:c7:cd:20:97:74:70:84:ca:60:50:f2:2c:a8:ed:7d:
         d1:b7:0d:76:74:ca:16:64:48:31:08:60:ce:5d:8a:22:e4:29:
         0b:ff:0e:e6
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYSKnYNMbM3hcrGEWpVOuxCmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjIxMTE4MTIwMTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzNlOWQyNTliNGM5ZGZjMzNmNWRmN2E5NGNiYmYwZjc2NmI1YzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufAKB2Cfl1UvhGdNo8CWTcrW0Cy2
56itLA525qOLkSW3zQ1Mwk6lK5BFnEjhuvU7Iwh2EmCm6lwIRHZ19aeus87l8TQ2
LTkTJ3vjq5Qe/1SIZ69AGlU8wK5ZmBrxYAhg4aPd8x+Oo6+L1ofSe0vg5MGhTJCZ
M6NWNPmU0TZx5Fut4G3z73BIC1U8Ubf9qOrbeGbuIsVgSO4o+g5BTdKbdqwFHD2N
kJvUhnQFxw0lNCJ6uiHO5/GVlC7F6m8OHvZrH37zJ5ISHtFKCOv8yN8BRKtuvGxj
ftyctIEMU3yh5ogNZktd28vPZUHxvAKL5fZxmgzqk6jtyUHNYtmf/UyXWQIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFGw+nSWbTJ38M/XfepTLvw92a1w0MB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvYkQ2ZEpadE1uZnd6OWQ5NmxNdV9EM1pyWERRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBrwQCAAEwgagwCwMD
ACU/AwQCJT8QAwQCJT9gAwQBPsyaAwQAU2EeAwQBVPwoMAwDBAZVdkADBABVdkow
DAMEAlV2TAMEAFV2VAMEAVV2XAMEAVnXPgMEApf7LAMEApf7RAMEAJf7eTALAwQB
l/vuAwMCl/gDBAK5l5wDBAG54KADBADV4hEDBADV4hMDBADV4iQDBADV4igDBADV
4jMDBAHV4jgDBADV4jsDBADV4j8wDQYJKoZIhvcNAQELBQADggEBAJMJ+booqRDc
6b3SffVqSQHfABTZMXvCtBG73E7+enxe39vLw1jOiiH46FSY4cCQcldj5bDEJP6q
oQgUMxUjY3biHA2FLz/U3wOyVw94wio0+X3x1kmvtnRpqc3Y4DhhgYXM2qW2zYDl
akOqAk4lU9z/tFkBrl8FtdmzuOvaYqX3yXbgh05XKZ+vpdIcb1/wNGclviIeF798
f04pUaUF2q2EVuTwfXocCTiNOnoJZ3Qm3CgtQjaviUkHMCRXCtb+r0rL5qIoPjUa
5s7buSd9dMF1LkcbFT6HrkPTyMfNIJd0cITKYFDyLKjtfdG3DXZ0yhZkSDEIYM5d
iiLkKQv/DuY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:52 2024 by rpki-client on console-ams.rpki-client.org