Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/G2RWnbeJvieQ2f52i2lqmjY_cWw.roa
File:                     G2RWnbeJvieQ2f52i2lqmjY_cWw.roa (raw, json)
Hash identifier:          Ih7ohaESeKCJSwmqB8xHrZGj2vEqAQGotJcyExdAyK0=
Subject key identifier:   1B:64:56:9D:B7:89:BE:27:90:D9:FE:76:8B:69:6A:9A:36:3F:71:6C
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       1BD415D3
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/G2RWnbeJvieQ2f52i2lqmjY_cWw.roa
Signing time:             Thu 30 Jun 2022 12:19:54 +0000
ROA not before:           Thu 30 Jun 2022 12:19:54 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     9009
IP address blocks:        81.181.68.0/23 maxlen: 24
                          194.102.36.0/22 maxlen: 24
                          81.181.72.0/23 maxlen: 24
                          217.156.16.0/23 maxlen: 24
                          80.97.40.0/21 maxlen: 24
                          81.181.104.0/21 maxlen: 24
                          85.122.120.0/22 maxlen: 22
                          85.122.124.0/22 maxlen: 24
                          217.156.48.0/22 maxlen: 24
                          81.181.14.0/23 maxlen: 24
                          81.181.26.0/23 maxlen: 24
                          194.102.148.0/23 maxlen: 24
                          194.102.160.0/23 maxlen: 24
                          85.121.48.0/21 maxlen: 24
                          194.102.174.0/23 maxlen: 24
                          194.102.180.0/22 maxlen: 24
                          85.120.224.0/21 maxlen: 24
                          80.97.96.0/23 maxlen: 24
                          217.156.94.0/23 maxlen: 24
                          80.96.54.0/23 maxlen: 24
                          80.96.102.0/23 maxlen: 24
                          85.121.168.0/22 maxlen: 24
                          194.102.224.0/22 maxlen: 24
                          80.96.44.0/23 maxlen: 24
                          81.180.98.0/23 maxlen: 24
                          85.121.232.0/21 maxlen: 24
                          194.105.12.0/22 maxlen: 24
                          194.153.230.0/23 maxlen: 24
                          81.180.228.0/23 maxlen: 24
                          194.153.244.0/23 maxlen: 24
                          85.120.84.0/23 maxlen: 24
                          81.180.254.0/23 maxlen: 24
                          81.180.174.0/23 maxlen: 24
                          85.121.208.0/21 maxlen: 24
                          193.226.76.0/22 maxlen: 24
                          80.96.156.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 466884051 (0x1bd415d3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Jun 30 12:19:54 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1b64569db789be2790d9fe768b696a9a363f716c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:11:88:7e:ba:64:6b:80:74:cc:8c:ac:6a:92:
                    f7:ab:8c:14:e2:1b:c3:51:3f:5a:c1:02:8e:2c:b0:
                    e4:6a:d6:77:35:15:2b:01:3f:4f:5c:20:a1:bc:e6:
                    f9:b1:53:b2:38:88:74:27:79:95:4b:c0:ac:4a:9a:
                    33:3e:ea:37:13:9e:b2:9b:0d:23:a1:52:86:96:97:
                    ab:f3:ae:5f:de:13:a5:ea:e8:d5:f2:ed:47:7c:9e:
                    e1:9e:62:d3:63:9b:31:cf:25:0e:51:60:7b:21:7c:
                    05:be:b7:48:e2:53:22:e7:24:95:de:5c:c2:59:91:
                    61:70:da:82:94:a6:ab:95:83:32:f5:a7:a5:c4:ee:
                    12:ce:86:91:c2:ba:8d:18:d8:95:9b:40:13:b1:e0:
                    6b:87:7f:8c:01:bd:a1:4f:1b:b6:a9:39:55:81:5f:
                    5d:5f:a4:1c:08:8f:fa:ac:a0:fb:cd:56:21:04:a8:
                    4c:ab:6a:e1:2c:4a:43:7c:6f:1f:6d:b4:7c:18:84:
                    44:92:8f:1f:a8:d1:5f:5b:17:85:5d:fb:fe:02:fe:
                    e3:52:13:93:0a:fd:7a:6c:62:18:ca:b6:bd:40:13:
                    56:3b:b1:cb:43:77:85:4f:39:b8:b9:10:53:fc:f6:
                    50:9d:14:69:53:8c:81:67:10:96:cf:b9:c3:54:07:
                    da:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:64:56:9D:B7:89:BE:27:90:D9:FE:76:8B:69:6A:9A:36:3F:71:6C
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/G2RWnbeJvieQ2f52i2lqmjY_cWw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.96.44.0/23
                  80.96.54.0/23
                  80.96.102.0/23
                  80.96.156.0/22
                  80.97.40.0/21
                  80.97.96.0/23
                  81.180.98.0/23
                  81.180.174.0/23
                  81.180.228.0/23
                  81.180.254.0/23
                  81.181.14.0/23
                  81.181.26.0/23
                  81.181.68.0/23
                  81.181.72.0/23
                  81.181.104.0/21
                  85.120.84.0/23
                  85.120.224.0/21
                  85.121.48.0/21
                  85.121.168.0/22
                  85.121.208.0/21
                  85.121.232.0/21
                  85.122.120.0/21
                  193.226.76.0/22
                  194.102.36.0/22
                  194.102.148.0/23
                  194.102.160.0/23
                  194.102.174.0/23
                  194.102.180.0/22
                  194.102.224.0/22
                  194.105.12.0/22
                  194.153.230.0/23
                  194.153.244.0/23
                  217.156.16.0/23
                  217.156.48.0/22
                  217.156.94.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3d:bf:70:03:9a:c8:57:38:a2:ae:7e:d9:12:e7:1c:f8:2a:db:
         da:8f:88:3d:bd:a4:f2:d9:47:a2:81:49:1f:1f:9d:62:36:13:
         1b:3d:4d:7a:22:ee:5a:5b:03:d3:62:3e:39:22:0c:27:d0:11:
         73:45:03:c0:e2:11:85:e1:07:d0:4e:47:21:44:36:b8:94:c2:
         5e:22:c9:ff:f4:62:05:dd:02:82:c8:91:83:00:02:6f:c0:bc:
         57:9b:53:4a:23:01:0d:34:a4:5b:c0:ea:71:52:86:24:41:a4:
         3f:6e:15:54:7f:40:86:75:85:7e:5c:99:af:d0:77:49:6f:a9:
         21:16:cb:52:46:11:16:a5:26:55:ad:ba:7f:ba:a8:1c:e7:b6:
         32:80:5b:24:69:cd:56:77:17:19:4a:a6:61:61:66:c5:7f:eb:
         25:e0:99:12:0f:23:b1:11:a3:64:df:0c:4e:11:6c:04:a9:fb:
         4d:0c:2c:20:52:b6:c3:96:cb:21:16:b4:24:f9:7f:12:f7:0e:
         df:c0:c2:12:f8:f8:d6:cc:08:b0:89:a5:ef:54:e9:db:77:ce:
         8f:d8:c7:fe:fe:9e:a4:47:cb:cf:55:59:e5:11:51:77:71:40:
         f1:b1:cb:30:35:18:c2:37:da:19:90:03:f6:71:b7:df:e6:1e:
         07:92:0b:41
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIEG9QV0zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MTgzNzg1OTE2Y2Q5OGQ3Yzc3MGQ2ODUxNDU0OTlhOGEwYTE1NzIyMB4XDTIyMDYz
MDEyMTk1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWI2NDU2OWRiNzg5
YmUyNzkwZDlmZTc2OGI2OTZhOWEzNjNmNzE2YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMARiH66ZGuAdMyMrGqS96uMFOIbw1E/WsECjiyw5GrWdzUV
KwE/T1wgobzm+bFTsjiIdCd5lUvArEqaMz7qNxOespsNI6FShpaXq/OuX94Tpero
1fLtR3ye4Z5i02ObMc8lDlFgeyF8Bb63SOJTIuckld5cwlmRYXDagpSmq5WDMvWn
pcTuEs6GkcK6jRjYlZtAE7Hga4d/jAG9oU8btqk5VYFfXV+kHAiP+qyg+81WIQSo
TKtq4SxKQ3xvH220fBiERJKPH6jRX1sXhV37/gL+41ITkwr9emxiGMq2vUATVjux
y0N3hU85uLkQU/z2UJ0UaVOMgWcQls+5w1QH2mECAwEAAaOCAtowggLWMB0GA1Ud
DgQWBBQbZFadt4m+J5DZ/naLaWqaNj9xbDAfBgNVHSMEGDAWgBQxg3hZFs2Y18dw
1oUUVJmooKFXIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01ZTjRXUmJObU5mSGNOYUZGRlNacUtDaFZ5SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvNzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8x
L0cyUlduYmVKdmllUTJmNTJpMmxxbWpZX2NXdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
NzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8xL01ZTjRXUmJObU5m
SGNOYUZGRlNacUtDaFZ5SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
7wYIKwYBBQUHAQcBAf8Egd8wgdwwgdkEAgABMIHSAwQBUGAsAwQBUGA2AwQBUGBm
AwQCUGCcAwQDUGEoAwQBUGFgAwQBUbRiAwQBUbSuAwQBUbTkAwQBUbT+AwQBUbUO
AwQBUbUaAwQBUbVEAwQBUbVIAwQDUbVoAwQBVXhUAwQDVXjgAwQDVXkwAwQCVXmo
AwQDVXnQAwQDVXnoAwQDVXp4AwQCweJMAwQCwmYkAwQBwmaUAwQBwmagAwQBwmau
AwQCwma0AwQCwmbgAwQCwmkMAwQBwpnmAwQBwpn0AwQB2ZwQAwQC2ZwwAwQB2Zxe
MA0GCSqGSIb3DQEBCwUAA4IBAQA9v3ADmshXOKKuftkS5xz4Ktvaj4g9vaTy2Uei
gUkfH51iNhMbPU16Iu5aWwPTYj45Igwn0BFzRQPA4hGF4QfQTkchRDa4lMJeIsn/
9GIF3QKCyJGDAAJvwLxXm1NKIwENNKRbwOpxUoYkQaQ/bhVUf0CGdYV+XJmv0HdJ
b6khFstSRhEWpSZVrbp/uqgc57YygFskac1WdxcZSqZhYWbFf+sl4JkSDyOxEaNk
3wxOEWwEqftNDCwgUrbDlsshFrQk+X8S9w7fwMIS+PjWzAiwiaXvVOnbd86P2Mf+
/p6kR8vPVVnlEVF3cUDxscswNRjCN9oZkAP2cbff5h4HkgtB
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:28 2023 by rpki-client on console-fra.rpki-client.org