Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/IAjd0pUrjaqjDsm2CORi3A7MR0s.roa
File:                     IAjd0pUrjaqjDsm2CORi3A7MR0s.roa (raw, json)
Hash identifier:          +WIFCOrlkwqeV+yN1qgu0czBtQFs4TKXc/UNeRGHIYE=
Subject key identifier:   20:08:DD:D2:95:2B:8D:AA:A3:0E:C9:B6:08:E4:62:DC:0E:CC:47:4B
Certificate issuer:       /CN=b155daddb871b9d6a53cd6b47f776250837f7774
Certificate serial:       018355803A94637C1E02CB7B4CA39E783C48
Authority key identifier: B1:55:DA:DD:B8:71:B9:D6:A5:3C:D6:B4:7F:77:62:50:83:7F:77:74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVXa3bhxudalPNa0f3diUIN_d3Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/IAjd0pUrjaqjDsm2CORi3A7MR0s.roa
Signing time:             Mon 19 Sep 2022 11:26:50 +0000
ROA not before:           Mon 19 Sep 2022 11:26:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     9145
IP address blocks:        92.252.0.0/17 maxlen: 17
                          212.95.96.0/19 maxlen: 19
                          212.6.64.0/18 maxlen: 18
                          85.16.0.0/16 maxlen: 16
                          95.33.0.0/16 maxlen: 16
                          85.8.64.0/18 maxlen: 18
                          213.252.128.0/18 maxlen: 24
                          37.138.0.0/16 maxlen: 16
                          82.149.160.0/19 maxlen: 19
                          90.153.0.0/17 maxlen: 17
                          89.166.128.0/17 maxlen: 17
                          213.168.192.0/19 maxlen: 19
                          80.66.0.0/19 maxlen: 24
                          213.183.160.0/19 maxlen: 19
                          91.96.0.0/15 maxlen: 15
                          31.150.0.0/16 maxlen: 16
                          80.228.0.0/16 maxlen: 24
                          87.245.0.0/18 maxlen: 18
                          89.233.64.0/19 maxlen: 19
                          31.184.0.0/18 maxlen: 18
                          91.248.0.0/15 maxlen: 15
                          213.182.96.0/19 maxlen: 19
                          31.187.112.0/20 maxlen: 20
                          213.170.160.0/19 maxlen: 19
                          178.142.0.0/16 maxlen: 16
                          188.118.128.0/18 maxlen: 18
                          2a02:8200::/27 maxlen: 27

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:55:80:3a:94:63:7c:1e:02:cb:7b:4c:a3:9e:78:3c:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155daddb871b9d6a53cd6b47f776250837f7774
        Validity
            Not Before: Sep 19 11:26:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2008ddd2952b8daaa30ec9b608e462dc0ecc474b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:dc:eb:94:87:06:94:8a:76:fc:e2:5b:48:4f:
                    e1:64:cc:bc:53:77:28:39:7c:a5:71:61:31:d1:f7:
                    66:68:57:b7:0c:64:59:ea:95:f9:4f:a8:ed:21:2a:
                    73:9a:62:1f:96:71:90:63:63:48:42:02:ae:b2:91:
                    2a:16:cd:1e:05:42:aa:01:e6:83:63:88:ca:55:7e:
                    a8:67:30:8c:20:60:07:52:7a:e4:b9:39:02:ee:49:
                    7b:f3:55:91:df:9b:79:28:a8:3e:0f:72:0a:1b:ad:
                    19:4a:a8:c8:49:29:f4:81:66:67:a6:82:df:0c:95:
                    18:9c:af:99:4b:a5:f9:fa:4d:4d:49:b7:16:61:d9:
                    01:1b:3d:01:cd:ee:e5:d7:26:08:77:2d:cf:df:0c:
                    6a:c7:b3:05:03:a0:af:af:7e:6c:0f:4f:e8:4e:0d:
                    ff:7e:fe:cd:fa:44:41:10:80:60:b7:cd:db:19:86:
                    e7:0c:ca:4e:6d:de:11:b5:7b:e9:9f:42:48:29:c5:
                    8d:17:41:47:49:0b:3d:95:b8:b8:66:78:75:63:4b:
                    65:81:4c:f1:2b:e3:5b:71:e1:fd:49:1b:80:7b:6f:
                    7e:f5:45:a4:7a:25:3a:d9:4f:2d:dc:9a:bb:6e:9b:
                    d4:e1:b3:e6:47:c6:c9:a2:57:10:12:35:c3:ca:4d:
                    a8:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:08:DD:D2:95:2B:8D:AA:A3:0E:C9:B6:08:E4:62:DC:0E:CC:47:4B
            X509v3 Authority Key Identifier:
                keyid:B1:55:DA:DD:B8:71:B9:D6:A5:3C:D6:B4:7F:77:62:50:83:7F:77:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVXa3bhxudalPNa0f3diUIN_d3Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/IAjd0pUrjaqjDsm2CORi3A7MR0s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/sVXa3bhxudalPNa0f3diUIN_d3Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.150.0.0/16
                  31.184.0.0/18
                  31.187.112.0/20
                  37.138.0.0/16
                  80.66.0.0/19
                  80.228.0.0/16
                  82.149.160.0/19
                  85.8.64.0/18
                  85.16.0.0/16
                  87.245.0.0/18
                  89.166.128.0/17
                  89.233.64.0/19
                  90.153.0.0/17
                  91.96.0.0/15
                  91.248.0.0/15
                  92.252.0.0/17
                  95.33.0.0/16
                  178.142.0.0/16
                  188.118.128.0/18
                  212.6.64.0/18
                  212.95.96.0/19
                  213.168.192.0/19
                  213.170.160.0/19
                  213.182.96.0/19
                  213.183.160.0/19
                  213.252.128.0/18
                IPv6:
                  2a02:8200::/27

    Signature Algorithm: sha256WithRSAEncryption
         8d:5d:77:36:80:4b:47:87:0a:2c:c3:44:4f:8b:92:a3:6c:c1:
         50:69:ef:9d:75:47:72:87:85:e1:37:d3:05:7a:d3:f4:d1:cb:
         e7:91:41:a2:08:74:c7:0d:3d:20:f2:7c:38:ec:be:3f:83:13:
         c9:20:e5:b4:2b:39:4a:ae:8a:23:18:fe:ef:a3:b4:ad:e1:9e:
         77:c8:a2:6f:77:51:50:26:97:d1:36:aa:1a:57:af:da:05:78:
         e6:8b:d9:72:aa:13:95:c9:05:cf:18:6c:08:7d:f2:48:38:3e:
         f4:3c:49:c2:2d:6d:98:cd:a0:9d:25:16:84:4e:03:44:67:86:
         e9:5d:ee:24:d7:91:9b:fb:af:db:f2:f7:86:cf:8f:4d:05:47:
         7e:6c:e3:16:9b:37:73:9c:6a:0e:f7:0d:84:22:3c:01:7d:ff:
         1c:41:60:3c:1f:c1:80:ef:25:47:4a:f9:6f:1e:28:ef:64:b0:
         66:08:30:81:32:73:b7:a5:6e:7b:d2:36:1b:90:6f:eb:da:83:
         c0:01:8b:a6:29:24:2c:eb:ba:ae:33:a9:13:a2:04:ba:e2:06:
         70:9a:cc:82:84:97:f0:d7:fd:17:a9:57:1a:1a:49:a9:24:22:
         38:e7:de:73:d5:52:91:4b:9f:f0:13:9e:f1:cb:b6:79:c9:49:
         c9:84:7d:b1
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgISAYNVgDqUY3weAst7TKOeeDxIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTVkYWRkYjg3MWI5ZDZhNTNjZDZiNDdmNzc2MjUwODM3
Zjc3NzQwHhcNMjIwOTE5MTEyNjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDA4ZGRkMjk1MmI4ZGFhYTMwZWM5YjYwOGU0NjJkYzBlY2M0NzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdzrlIcGlIp2/OJbSE/hZMy8U3co
OXylcWEx0fdmaFe3DGRZ6pX5T6jtISpzmmIflnGQY2NIQgKuspEqFs0eBUKqAeaD
Y4jKVX6oZzCMIGAHUnrkuTkC7kl781WR35t5KKg+D3IKG60ZSqjISSn0gWZnpoLf
DJUYnK+ZS6X5+k1NSbcWYdkBGz0Bze7l1yYIdy3P3wxqx7MFA6Cvr35sD0/oTg3/
fv7N+kRBEIBgt83bGYbnDMpObd4RtXvpn0JIKcWNF0FHSQs9lbi4Znh1Y0tlgUzx
K+NbceH9SRuAe29+9UWkeiU62U8t3Jq7bpvU4bPmR8bJolcQEjXDyk2oVwIDAQAB
o4ICqzCCAqcwHQYDVR0OBBYEFCAI3dKVK42qow7JtgjkYtwOzEdLMB8GA1UdIwQY
MBaAFLFV2t24cbnWpTzWtH93YlCDf3d0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZYYTNiaHh1ZGFsUE5hMGYzZGlVSU5fZDNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS84ZmQ2ZTctNDk2Zi00N2NmLTgwZmIt
NTQ2OGIyY2YwYTc3LzEvSUFqZDBwVXJqYXFqRHNtMkNPUmkzQTdNUjBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS84ZmQ2ZTctNDk2Zi00N2NmLTgwZmItNTQ2OGIyY2YwYTc3
LzEvc1ZYYTNiaHh1ZGFsUE5hMGYzZGlVSU5fZDNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHABggrBgEFBQcBBwEB/wSBsDCBrTCBmwQCAAEwgZQDAwAf
lgMEBh+4AAMEBB+7cAMDACWKAwQFUEIAAwMAUOQDBAVSlaADBAZVCEADAwBVEAME
Blf1AAMEB1mmgAMEBVnpQAMEB1qZAAMDAVtgAwMBW/gDBAdc/AADAwBfIQMDALKO
AwQGvHaAAwQG1AZAAwQF1F9gAwQF1ajAAwQF1aqgAwQF1bZgAwQF1begAwQG1fyA
MA0EAgACMAcDBQUqAoIAMA0GCSqGSIb3DQEBCwUAA4IBAQCNXXc2gEtHhwosw0RP
i5KjbMFQae+ddUdyh4XhN9MFetP00cvnkUGiCHTHDT0g8nw47L4/gxPJIOW0KzlK
roojGP7vo7St4Z53yKJvd1FQJpfRNqoaV6/aBXjmi9lyqhOVyQXPGGwIffJIOD70
PEnCLW2YzaCdJRaETgNEZ4bpXe4k15Gb+6/b8veGz49NBUd+bOMWmzdznGoO9w2E
IjwBff8cQWA8H8GA7yVHSvlvHijvZLBmCDCBMnO3pW570jYbkG/r2oPAAYumKSQs
67quM6kTogS64gZwmsyChJfw1/0XqVcaGkmpJCI4595z1VKRS5/wE57xy7Z5yUnJ
hH2x
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:06 2024 by rpki-client on console-ams.rpki-client.org