Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/ddD6lupVwbBfOWBt59oZ49jlMt4.roa
File:                     ddD6lupVwbBfOWBt59oZ49jlMt4.roa (raw, json)
Hash identifier:          ta35B17HXdsQaBPHykTz9DQwxjlvrtjeOMWTL0rYJHE=
Subject key identifier:   75:D0:FA:96:EA:55:C1:B0:5F:39:60:6D:E7:DA:19:E3:D8:E5:32:DE
Certificate issuer:       /CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Certificate serial:       0B321180
Authority key identifier: F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/ddD6lupVwbBfOWBt59oZ49jlMt4.roa
Signing time:             Wed 16 Feb 2022 00:23:47 +0000
ROA not before:           Wed 16 Feb 2022 00:23:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202448
IP address blocks:        45.137.151.0/24 maxlen: 24
                          45.137.150.0/24 maxlen: 24
                          45.137.148.0/24 maxlen: 32
                          45.137.149.0/24 maxlen: 24
                          2.56.213.0/24 maxlen: 24
                          2.56.212.0/24 maxlen: 24
                          89.43.33.0/24 maxlen: 24
                          86.107.197.0/24 maxlen: 24
                          93.114.128.0/24 maxlen: 24
                          2.56.215.0/24 maxlen: 24
                          2.56.214.0/24 maxlen: 24
                          194.32.78.0/24 maxlen: 24
                          194.32.77.0/24 maxlen: 24
                          194.32.76.0/24 maxlen: 24
                          194.32.79.0/24 maxlen: 24
                          91.250.248.0/24 maxlen: 32
                          91.250.249.0/24 maxlen: 32
                          185.234.52.0/24 maxlen: 32
                          185.96.163.0/24 maxlen: 24
                          178.157.82.0/24 maxlen: 24
                          185.170.213.0/24 maxlen: 24
                          178.157.91.0/24 maxlen: 24
                          185.170.212.0/24 maxlen: 24
                          178.157.90.0/24 maxlen: 24
                          185.170.215.0/24 maxlen: 24
                          185.170.214.0/24 maxlen: 24
                          45.153.184.0/24 maxlen: 24
                          45.153.186.0/24 maxlen: 24
                          45.153.185.0/24 maxlen: 24
                          45.153.187.0/24 maxlen: 24
                          86.106.181.0/24 maxlen: 24
                          89.38.135.0/24 maxlen: 32
                          86.105.252.0/24 maxlen: 24
                          94.176.182.0/24 maxlen: 24
                          185.243.214.0/24 maxlen: 32
                          185.243.215.0/24 maxlen: 24
                          194.99.23.0/24 maxlen: 24
                          194.99.22.0/24 maxlen: 24
                          194.99.21.0/24 maxlen: 24
                          194.99.20.0/24 maxlen: 24
                          89.38.131.0/24 maxlen: 24
                          31.14.238.0/24 maxlen: 24
                          89.38.130.0/24 maxlen: 24
                          89.38.129.0/24 maxlen: 24
                          93.114.133.0/24 maxlen: 24
                          93.115.23.0/24 maxlen: 24
                          93.115.22.0/24 maxlen: 24
                          93.115.21.0/24 maxlen: 24
                          93.115.20.0/24 maxlen: 24
                          93.115.19.0/24 maxlen: 24
                          93.115.18.0/24 maxlen: 24
                          2a05:8280::/32 maxlen: 32
                          2a09:cd42::/32 maxlen: 32
                          2a09:cd45::/32 maxlen: 32
                          2a09:cd43::/32 maxlen: 32
                          2a09:cd41::/32 maxlen: 32
                          2a09:cd40::/32 maxlen: 32
                          2a0c:b9c0::/32 maxlen: 32
                          2a09:cd46::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 187830656 (0xb321180)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
        Validity
            Not Before: Feb 16 00:23:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=75d0fa96ea55c1b05f39606de7da19e3d8e532de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:b4:27:3d:10:54:a8:6f:81:86:36:6a:82:e2:
                    b2:b3:7c:01:05:9b:d4:86:88:03:fd:0c:5e:30:85:
                    59:36:f8:75:94:bc:89:60:8c:8c:2f:cc:22:f3:55:
                    6e:29:a4:75:1a:5a:54:77:37:8d:ff:b5:d0:9d:fd:
                    f3:86:55:56:0f:5c:3b:fb:b2:b8:8b:2f:25:05:12:
                    89:90:4f:2a:a8:a1:cc:60:62:c0:30:57:08:16:a4:
                    6a:1c:05:a1:cb:15:02:7c:7c:86:0e:43:14:65:f6:
                    7c:a5:24:5c:bc:be:0b:b0:92:d8:10:1c:5c:fc:6b:
                    49:39:59:2d:d2:fc:17:e4:1b:dc:c7:56:a8:6f:0e:
                    38:dd:25:ca:9d:2d:72:bd:ba:9f:62:54:4e:59:21:
                    cf:64:24:86:84:a2:75:2b:c9:7f:fa:a8:e6:4f:a6:
                    be:03:f0:63:98:94:37:31:6c:89:ab:18:c1:cd:00:
                    57:82:99:98:19:29:83:e6:cc:d3:bc:43:64:76:4c:
                    bd:9e:17:fa:af:d7:59:72:12:2c:70:be:ab:6e:46:
                    e2:fd:35:91:b5:d4:1f:b6:ae:8a:ae:58:a9:05:9a:
                    54:3e:c0:87:c9:d2:9d:44:0e:df:05:42:15:b9:da:
                    b4:d3:d1:2c:e9:88:d9:d5:87:03:cd:6a:e7:cc:2d:
                    03:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:D0:FA:96:EA:55:C1:B0:5F:39:60:6D:E7:DA:19:E3:D8:E5:32:DE
            X509v3 Authority Key Identifier:
                keyid:F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/ddD6lupVwbBfOWBt59oZ49jlMt4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.56.212.0/22
                  31.14.238.0/24
                  45.137.148.0/22
                  45.153.184.0/22
                  86.105.252.0/24
                  86.106.181.0/24
                  86.107.197.0/24
                  89.38.129.0-89.38.131.255
                  89.38.135.0/24
                  89.43.33.0/24
                  91.250.248.0/23
                  93.114.128.0/24
                  93.114.133.0/24
                  93.115.18.0-93.115.23.255
                  94.176.182.0/24
                  178.157.82.0/24
                  178.157.90.0/23
                  185.96.163.0/24
                  185.170.212.0/22
                  185.234.52.0/24
                  185.243.214.0/23
                  194.32.76.0/22
                  194.99.20.0/22
                IPv6:
                  2a05:8280::/32
                  2a09:cd40::/30
                  2a09:cd45::-2a09:cd46:ffff:ffff:ffff:ffff:ffff:ffff
                  2a0c:b9c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         05:c4:85:59:b9:04:be:cf:04:71:3e:36:56:58:7b:77:e1:80:
         75:d4:3b:96:64:1b:d4:df:1e:2e:23:8e:a4:84:85:03:90:c9:
         66:7c:70:06:21:49:99:6b:b7:a0:47:ba:67:b5:33:42:cd:10:
         bc:b9:47:32:2b:65:2b:da:1b:5b:11:8c:40:91:4d:48:40:fb:
         18:37:90:44:82:8b:9e:de:4b:3c:1e:c2:95:46:7e:d8:ef:e1:
         3e:4e:7f:57:2c:88:7f:2c:1c:67:1a:13:31:39:6c:a4:38:3a:
         bb:1a:06:36:f9:70:17:f9:ca:ef:6a:31:fb:fc:b0:ca:63:3d:
         20:84:c6:ae:8e:97:c9:23:f1:c9:5f:65:2e:67:0e:ba:0d:0d:
         99:11:ae:f2:b8:c1:b2:6b:08:4d:77:2d:7a:c5:49:b0:ca:a7:
         63:b2:b6:59:b8:48:f6:1e:3b:fa:d4:14:36:09:01:01:82:83:
         22:f6:d7:66:f1:94:72:29:a7:68:c5:42:1a:16:c8:bf:c8:41:
         29:0e:24:de:f9:e3:c2:d8:04:c5:4e:33:46:c8:db:9b:99:31:
         a3:72:8c:b8:fe:0a:55:34:d2:dd:d6:30:4b:a0:9e:39:1c:e5:
         e5:f4:99:09:5f:4f:a8:0c:9a:0f:5e:b4:4e:04:f2:ae:6c:ec:
         4c:1d:2b:f8
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgIECzIRgDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NDNiZjkwODA4YWU3ZWNhMDYzZjc0NmE4ZjFkODg4NjU3MzRjOGEzMB4XDTIyMDIx
NjAwMjM0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzVkMGZhOTZlYTU1
YzFiMDVmMzk2MDZkZTdkYTE5ZTNkOGU1MzJkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOm0Jz0QVKhvgYY2aoLisrN8AQWb1IaIA/0MXjCFWTb4dZS8
iWCMjC/MIvNVbimkdRpaVHc3jf+10J3984ZVVg9cO/uyuIsvJQUSiZBPKqihzGBi
wDBXCBakahwFocsVAnx8hg5DFGX2fKUkXLy+C7CS2BAcXPxrSTlZLdL8F+Qb3MdW
qG8OON0lyp0tcr26n2JUTlkhz2QkhoSidSvJf/qo5k+mvgPwY5iUNzFsiasYwc0A
V4KZmBkpg+bM07xDZHZMvZ4X+q/XWXISLHC+q25G4v01kbXUH7auiq5YqQWaVD7A
h8nSnUQO3wVCFbnatNPRLOmI2dWHA81q58wtA+0CAwEAAaOCAs8wggLLMB0GA1Ud
DgQWBBR10PqW6lXBsF85YG3n2hnj2OUy3jAfBgNVHSMEGDAWgBT0O/kICK5+ygY/
dGqPHYiGVzTIozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlEdjVDQWl1ZnNvR1AzUnFqeDJJaGxjMHlLTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvYThkOTQzLWYwODItNGIxOC1iODQwLTM4OTE5NWM0ZjA3Yi8x
L2RkRDZsdXBWd2JCZk9XQnQ1OW9aNDlqbE10NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
YThkOTQzLWYwODItNGIxOC1iODQwLTM4OTE5NWM0ZjA3Yi8xLzlEdjVDQWl1ZnNv
R1AzUnFqeDJJaGxjMHlLTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
5AYIKwYBBQUHAQcBAf8EgdQwgdEwgaEEAgABMIGaAwQCAjjUAwQAHw7uAwQCLYmU
AwQCLZm4AwQAVmn8AwQAVmq1AwQAVmvFMAwDBABZJoEDBAJZJoADBABZJocDBABZ
KyEDBAFb+vgDBABdcoADBABdcoUwDAMEAV1zEgMEA11zEAMEAF6wtgMEALKdUgME
AbKdWgMEALlgowMEArmq1AMEALnqNAMEAbnz1gMEAsIgTAMEAsJjFDArBAIAAjAl
AwUAKgWCgAMFAioJzUAwDgMFACoJzUUDBQAqCc1GAwUAKgy5wDANBgkqhkiG9w0B
AQsFAAOCAQEABcSFWbkEvs8EcT42Vlh7d+GAddQ7lmQb1N8eLiOOpISFA5DJZnxw
BiFJmWu3oEe6Z7UzQs0QvLlHMitlK9obWxGMQJFNSED7GDeQRIKLnt5LPB7ClUZ+
2O/hPk5/VyyIfywcZxoTMTlspDg6uxoGNvlwF/nK72ox+/ywymM9IITGro6XySPx
yV9lLmcOug0NmRGu8rjBsmsITXctesVJsMqnY7K2WbhI9h47+tQUNgkBAYKDIvbX
ZvGUcimnaMVCGhbIv8hBKQ4k3vnjwtgExU4zRsjbm5kxo3KMuP4KVTTS3dYwS6Ce
ORzl5fSZCV9PqAyaD160TgTyrmzsTB0r+A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:23 2024 by rpki-client on console-ams.rpki-client.org