Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/zzwhkLdycAQ_TchFIAp2RNSEv60.roa
File:                     zzwhkLdycAQ_TchFIAp2RNSEv60.roa (raw, json)
Hash identifier:          ihHKKDG/8FEXpn80J30kkBdz6w5O0pzXCBRAWS43PxU=
Subject key identifier:   CF:3C:21:90:B7:72:70:04:3F:4D:C8:45:20:0A:76:44:D4:84:BF:AD
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       081364B1
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/zzwhkLdycAQ_TchFIAp2RNSEv60.roa
Signing time:             Thu 31 Mar 2022 18:23:15 +0000
ROA not before:           Thu 31 Mar 2022 18:23:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62206
IP address blocks:        45.151.2.0/24 maxlen: 24
                          195.211.190.0/24 maxlen: 24
                          45.88.139.0/24 maxlen: 24
                          45.88.138.0/24 maxlen: 24
                          45.88.137.0/24 maxlen: 24
                          45.88.136.0/24 maxlen: 24
                          185.200.62.0/24 maxlen: 24
                          194.242.96.0/22 maxlen: 22
                          193.57.43.0/24 maxlen: 24
                          193.57.41.0/24 maxlen: 24
                          45.144.213.0/24 maxlen: 24
                          45.144.212.0/24 maxlen: 24
                          45.132.181.0/24 maxlen: 24
                          195.62.24.0/24 maxlen: 24
                          45.13.188.0/24 maxlen: 24
                          45.13.191.0/24 maxlen: 24
                          45.13.189.0/24 maxlen: 24
                          45.144.215.0/24 maxlen: 24
                          45.144.214.0/24 maxlen: 24
                          194.15.52.0/23 maxlen: 24
                          185.43.248.0/24 maxlen: 24
                          185.43.251.0/24 maxlen: 24
                          185.43.249.0/24 maxlen: 24
                          193.30.243.0/24 maxlen: 24
                          193.30.242.0/24 maxlen: 24
                          77.83.39.0/24 maxlen: 24
                          85.209.120.0/24 maxlen: 24
                          85.209.123.0/24 maxlen: 24
                          85.209.122.0/24 maxlen: 24
                          85.209.121.0/24 maxlen: 24
                          193.30.241.0/24 maxlen: 24
                          45.9.29.0/24 maxlen: 24
                          195.177.95.0/24 maxlen: 24
                          195.177.93.0/24 maxlen: 24
                          77.83.38.0/24 maxlen: 24
                          77.83.37.0/24 maxlen: 24
                          193.30.240.0/24 maxlen: 24
                          2a10:dfc0::/29 maxlen: 29
                          2a07:9200::/29 maxlen: 29
                          2a11:580::/29 maxlen: 29
                          2a0c:a580::/29 maxlen: 29
                          2a01:7120::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 135488689 (0x81364b1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Mar 31 18:23:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cf3c2190b77270043f4dc845200a7644d484bfad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:be:34:9a:20:e0:e4:87:90:ff:47:4e:90:47:
                    f4:88:8c:dd:d1:3d:a0:4b:c5:37:d9:7a:48:f0:28:
                    df:51:e0:02:55:cc:75:07:01:bf:00:8a:57:11:30:
                    4c:33:ff:9d:98:55:a0:7b:0a:e6:09:c7:2b:94:36:
                    00:3b:2c:5b:cf:b1:31:03:8b:1e:f3:f0:8e:0b:af:
                    e7:b4:ed:d1:06:36:46:e9:55:e6:78:e0:ef:6b:f9:
                    58:d3:46:55:d7:d0:11:25:f5:64:1b:86:5d:1c:ae:
                    8f:59:5d:9c:c6:ae:9d:c4:f2:b0:e2:48:cb:b1:9b:
                    bb:5f:11:79:8b:5b:ee:8f:9e:7c:c2:37:41:04:27:
                    a6:c7:2e:1b:4b:4a:ec:2c:c4:97:0c:ae:8f:e1:70:
                    75:bf:42:ac:f8:8c:85:ba:30:43:a7:24:3c:f0:a6:
                    91:a9:9e:2e:b2:02:6c:e3:41:32:0a:f3:ec:07:c1:
                    12:62:a7:15:9d:29:83:1c:a7:dc:ac:b4:a2:f9:c1:
                    65:27:3e:f3:79:25:49:76:d0:90:e2:66:a9:7e:40:
                    d0:20:61:71:ea:d7:1e:69:99:5b:af:ac:60:5d:40:
                    56:a9:40:18:3a:f9:f7:d9:b9:2b:5f:66:c0:2e:18:
                    bf:4f:84:db:f7:a6:08:93:48:bd:81:c3:e3:29:c9:
                    22:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:3C:21:90:B7:72:70:04:3F:4D:C8:45:20:0A:76:44:D4:84:BF:AD
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/zzwhkLdycAQ_TchFIAp2RNSEv60.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.9.29.0/24
                  45.13.188.0/23
                  45.13.191.0/24
                  45.88.136.0/22
                  45.132.181.0/24
                  45.144.212.0/22
                  45.151.2.0/24
                  77.83.37.0-77.83.39.255
                  85.209.120.0/22
                  185.43.248.0/23
                  185.43.251.0/24
                  185.200.62.0/24
                  193.30.240.0/22
                  193.57.41.0/24
                  193.57.43.0/24
                  194.15.52.0/23
                  194.242.96.0/22
                  195.62.24.0/24
                  195.177.93.0/24
                  195.177.95.0/24
                  195.211.190.0/24
                IPv6:
                  2a01:7120::/32
                  2a07:9200::/29
                  2a0c:a580::/29
                  2a10:dfc0::/29
                  2a11:580::/29

    Signature Algorithm: sha256WithRSAEncryption
         24:3d:ee:7e:8a:a8:02:d4:4b:a2:fa:1c:31:7f:a6:25:44:c5:
         58:90:e8:da:96:de:09:4f:ef:f2:ff:40:9e:60:b6:2b:bf:4f:
         3d:7c:93:a9:c1:25:1d:24:16:8d:c5:49:90:06:56:fd:68:64:
         4c:93:99:10:f9:47:48:14:24:49:b6:9e:3a:70:a2:76:92:4a:
         a2:bf:6c:89:a7:23:9e:43:77:18:14:e0:e9:c9:21:0d:79:6e:
         29:01:fe:48:17:f2:ab:0f:9a:ea:1f:2c:c8:33:ad:c4:6b:52:
         30:91:ca:54:91:07:b9:a0:ab:9f:40:f4:cc:cd:95:4c:da:8e:
         41:42:aa:c5:cc:d2:b5:79:28:d6:47:45:e1:55:40:92:fc:01:
         d3:24:76:62:ac:3a:01:63:2d:66:b0:6f:45:77:73:91:30:55:
         b0:be:0e:5a:2f:18:bf:bb:14:96:67:cb:56:45:cf:1f:df:d2:
         43:8a:39:a9:b2:31:47:e9:bc:27:dd:8e:21:fb:55:59:86:5b:
         24:19:2a:cf:ef:0d:2b:4b:42:6d:12:07:b2:b4:2f:48:f2:3a:
         a3:0d:d1:69:ad:18:34:ca:9c:7a:19:8e:75:f2:b2:37:68:d5:
         90:02:70:b5:41:3b:eb:03:b7:ad:f5:3c:86:2d:c9:5b:39:eb:
         81:dd:ca:54
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIECBNksTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDJhNDc4YmIwYjA4ZTY2MWIwYjJmOWZiZTg5MzViYzljMmEyOGExMB4XDTIyMDMz
MTE4MjMxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2YzYzIxOTBiNzcy
NzAwNDNmNGRjODQ1MjAwYTc2NDRkNDg0YmZhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANi+NJog4OSHkP9HTpBH9IiM3dE9oEvFN9l6SPAo31HgAlXM
dQcBvwCKVxEwTDP/nZhVoHsK5gnHK5Q2ADssW8+xMQOLHvPwjguv57Tt0QY2RulV
5njg72v5WNNGVdfQESX1ZBuGXRyuj1ldnMauncTysOJIy7Gbu18ReYtb7o+efMI3
QQQnpscuG0tK7CzElwyuj+Fwdb9CrPiMhbowQ6ckPPCmkameLrICbONBMgrz7AfB
EmKnFZ0pgxyn3Ky0ovnBZSc+83klSXbQkOJmqX5A0CBhcerXHmmZW6+sYF1AVqlA
GDr599m5K19mwC4Yv0+E2/emCJNIvYHD4ynJIjECAwEAAaOCArkwggK1MB0GA1Ud
DgQWBBTPPCGQt3JwBD9NyEUgCnZE1IS/rTAfBgNVHSMEGDAWgBSdKkeLsLCOZhsL
L5++iTW8nCoooTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25TcEhpN0N3am1ZYkN5LWZ2b2sxdkp3cUtLRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvNjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8x
L3p6d2hrTGR5Y0FRX1RjaEZJQXAyUk5TRXY2MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
NjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8xL25TcEhpN0N3am1Z
YkN5LWZ2b2sxdkp3cUtLRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
zgYIKwYBBQUHAQcBAf8Egb4wgbswgY0EAgABMIGGAwQALQkdAwQBLQ28AwQALQ2/
AwQCLViIAwQALYS1AwQCLZDUAwQALZcCMAwDBABNUyUDBANNUyADBAJV0XgDBAG5
K/gDBAC5K/sDBAC5yD4DBALBHvADBADBOSkDBADBOSsDBAHCDzQDBALC8mADBADD
PhgDBADDsV0DBADDsV8DBADD074wKQQCAAIwIwMFACoBcSADBQMqB5IAAwUDKgyl
gAMFAyoQ38ADBQMqEQWAMA0GCSqGSIb3DQEBCwUAA4IBAQAkPe5+iqgC1Eui+hwx
f6YlRMVYkOjalt4JT+/y/0CeYLYrv089fJOpwSUdJBaNxUmQBlb9aGRMk5kQ+UdI
FCRJtp46cKJ2kkqiv2yJpyOeQ3cYFODpySENeW4pAf5IF/KrD5rqHyzIM63Ea1Iw
kcpUkQe5oKufQPTMzZVM2o5BQqrFzNK1eSjWR0XhVUCS/AHTJHZirDoBYy1msG9F
d3ORMFWwvg5aLxi/uxSWZ8tWRc8f39JDijmpsjFH6bwn3Y4h+1VZhlskGSrP7w0r
S0JtEgeytC9I8jqjDdFprRg0ypx6GY518rI3aNWQAnC1QTvrA7et9TyGLclbOeuB
3cpU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:32 2024 by rpki-client on console-fra.rpki-client.org