Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/eNj7tp7FHaWKTuCd0OQovuqpigo.roa
File:                     eNj7tp7FHaWKTuCd0OQovuqpigo.roa (raw, json)
Hash identifier:          OfrZ4i5U8297tUsJSvMk6+XVXnLdbcw59r+kgDElOlI=
Subject key identifier:   78:D8:FB:B6:9E:C5:1D:A5:8A:4E:E0:9D:D0:E4:28:BE:EA:A9:8A:0A
Certificate issuer:       /CN=c5a2f42407f21c9d7690fb30fd8cdb2bfdf6d030
Certificate serial:       07284C1D
Authority key identifier: C5:A2:F4:24:07:F2:1C:9D:76:90:FB:30:FD:8C:DB:2B:FD:F6:D0:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/eNj7tp7FHaWKTuCd0OQovuqpigo.roa
Signing time:             Sat 01 Jan 2022 00:56:25 +0000
ROA not before:           Sat 01 Jan 2022 00:56:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15967
IP address blocks:        77.55.208.0/20 maxlen: 20
                          77.55.224.0/20 maxlen: 20
                          77.55.240.0/22 maxlen: 22
                          77.55.244.0/23 maxlen: 23
                          77.55.246.0/24 maxlen: 24
                          77.55.248.0/22 maxlen: 22
                          77.55.252.0/23 maxlen: 23
                          77.55.247.0/24 maxlen: 24
                          77.55.152.0/22 maxlen: 22
                          77.55.159.0/24 maxlen: 24
                          77.55.158.0/24 maxlen: 24
                          77.55.156.0/23 maxlen: 23
                          77.55.155.0/24 maxlen: 24
                          77.55.166.0/24 maxlen: 24
                          77.55.160.0/23 maxlen: 23
                          77.55.160.0/20 maxlen: 20
                          77.55.164.0/23 maxlen: 23
                          77.55.162.0/23 maxlen: 23
                          77.55.167.0/24 maxlen: 24
                          77.55.168.0/21 maxlen: 21
                          77.55.176.0/23 maxlen: 23
                          77.55.176.0/21 maxlen: 21
                          77.55.186.0/23 maxlen: 23
                          77.55.180.0/23 maxlen: 23
                          77.55.184.0/23 maxlen: 23
                          77.55.182.0/23 maxlen: 23
                          77.55.192.0/20 maxlen: 20
                          77.55.188.0/23 maxlen: 23
                          77.55.190.0/23 maxlen: 23
                          77.55.254.0/23 maxlen: 23
                          77.55.0.0/18 maxlen: 18
                          77.55.0.0/16 maxlen: 16
                          31.172.170.0/23 maxlen: 23
                          31.172.169.0/24 maxlen: 24
                          31.172.168.0/24 maxlen: 24
                          31.172.168.0/22 maxlen: 22
                          77.55.96.0/20 maxlen: 20
                          77.55.118.0/23 maxlen: 23
                          77.55.116.0/23 maxlen: 23
                          77.55.114.0/23 maxlen: 23
                          77.55.122.0/23 maxlen: 23
                          77.55.121.0/24 maxlen: 24
                          77.55.120.0/24 maxlen: 24
                          77.55.125.0/24 maxlen: 24
                          77.55.124.0/24 maxlen: 24
                          77.55.126.0/24 maxlen: 24
                          77.55.128.0/20 maxlen: 20
                          77.55.127.0/24 maxlen: 24
                          77.55.144.0/21 maxlen: 21
                          77.55.64.0/19 maxlen: 19
                          77.55.76.0/23 maxlen: 23
                          77.55.78.0/23 maxlen: 23
                          77.55.72.0/22 maxlen: 22
                          85.128.160.0/19 maxlen: 19
                          85.128.192.0/18 maxlen: 18
                          85.128.130.0/24 maxlen: 24
                          85.128.129.0/24 maxlen: 24
                          85.128.128.0/24 maxlen: 24
                          85.128.128.0/17 maxlen: 17
                          85.128.132.0/23 maxlen: 23
                          85.128.131.0/24 maxlen: 24
                          85.128.136.0/22 maxlen: 22
                          85.128.135.0/24 maxlen: 24
                          85.128.134.0/24 maxlen: 24
                          85.128.144.0/20 maxlen: 20
                          85.128.143.0/24 maxlen: 24
                          85.128.142.0/24 maxlen: 24
                          85.128.140.0/23 maxlen: 23
                          2a01:6100::/32 maxlen: 32
                          2a01:6100::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 120081437 (0x7284c1d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5a2f42407f21c9d7690fb30fd8cdb2bfdf6d030
        Validity
            Not Before: Jan  1 00:56:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=78d8fbb69ec51da58a4ee09dd0e428beeaa98a0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:e5:48:2b:43:28:d0:f1:67:ab:d9:4a:21:92:
                    f0:b2:b6:02:62:52:1e:86:da:08:d2:6e:8a:cf:a0:
                    e6:8a:b1:55:7d:a5:31:58:f9:b4:d0:3d:60:47:d0:
                    8b:13:dd:51:0f:84:cc:56:4a:06:82:9b:4f:fb:9f:
                    29:1c:07:a9:4e:f7:95:14:49:98:b0:a3:a0:ea:7f:
                    ca:0a:23:d5:cc:f5:eb:cc:33:92:99:8f:33:71:22:
                    e4:aa:3e:a5:fb:49:9e:39:75:5c:ac:de:93:86:00:
                    56:48:97:b2:4a:90:9c:fb:75:da:d5:64:30:0e:4d:
                    d7:20:30:53:77:ba:c3:35:c8:c4:de:f0:91:6d:2c:
                    02:82:c2:95:c2:07:88:34:aa:49:b8:2d:72:e5:84:
                    03:e1:a7:ee:81:4f:f1:70:b3:0a:94:02:cd:a5:c5:
                    cb:e1:05:41:9b:76:5f:4c:11:58:14:5f:4d:fa:45:
                    a3:90:1d:dc:63:80:11:07:32:ab:0b:bd:f7:3f:67:
                    f0:67:3c:d5:db:a4:5e:8e:94:f6:0d:8f:a5:1e:17:
                    f9:01:52:be:92:fb:d8:0c:2d:c3:8f:bc:68:fa:3f:
                    9f:e0:a6:ea:08:81:be:ae:2d:cf:d7:36:d6:e1:15:
                    0d:93:66:72:61:69:b0:5a:e3:20:2b:82:7b:11:a6:
                    f6:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:D8:FB:B6:9E:C5:1D:A5:8A:4E:E0:9D:D0:E4:28:BE:EA:A9:8A:0A
            X509v3 Authority Key Identifier:
                keyid:C5:A2:F4:24:07:F2:1C:9D:76:90:FB:30:FD:8C:DB:2B:FD:F6:D0:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/eNj7tp7FHaWKTuCd0OQovuqpigo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.172.168.0/22
                  77.55.0.0/16
                  85.128.128.0/17
                IPv6:
                  2a01:6100::/32

    Signature Algorithm: sha256WithRSAEncryption
         1a:40:6f:d1:8d:92:79:29:7f:ca:01:fe:72:1c:59:43:22:07:
         4f:0c:a6:fc:b0:f3:03:03:6b:e8:92:94:12:d1:5e:f2:29:5c:
         80:72:0a:d5:75:59:29:02:63:27:de:34:79:b7:fe:3e:32:b9:
         9a:b5:5c:7e:54:bf:a3:d4:35:a1:c5:86:93:f7:46:3d:bf:a8:
         cf:bf:fc:f5:19:13:09:2e:c5:fc:60:e7:2a:21:3a:88:2f:06:
         3f:36:09:72:a8:fe:21:59:bc:60:b2:2d:a2:2b:82:13:df:39:
         ab:59:af:20:89:51:fb:6b:23:a8:ac:a4:7c:56:6e:5e:52:a6:
         56:1a:99:a7:7b:86:a0:1f:6e:0d:55:5f:a6:8a:31:a2:b8:7e:
         92:ac:06:c2:55:f5:42:e9:97:72:f4:f4:28:a5:2a:f6:4d:a9:
         99:53:67:ce:18:fa:1e:20:93:85:ac:af:82:8e:cc:73:ca:b4:
         ba:2d:c9:21:de:8a:a6:3a:79:ee:f4:ea:e2:0d:ef:5a:65:30:
         70:96:d2:ab:77:ab:8c:da:9c:27:09:20:a3:5c:0c:14:80:49:
         89:ac:07:66:68:33:95:56:b8:c3:7f:a0:2d:3c:06:33:8b:e0:
         d4:cb:63:90:fe:34:2b:c9:10:65:c9:9b:84:72:a8:2a:f7:ed:
         e2:c5:d7:43
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEByhMHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NWEyZjQyNDA3ZjIxYzlkNzY5MGZiMzBmZDhjZGIyYmZkZjZkMDMwMB4XDTIyMDEw
MTAwNTYyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzhkOGZiYjY5ZWM1
MWRhNThhNGVlMDlkZDBlNDI4YmVlYWE5OGEwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALjlSCtDKNDxZ6vZSiGS8LK2AmJSHobaCNJuis+g5oqxVX2l
MVj5tNA9YEfQixPdUQ+EzFZKBoKbT/ufKRwHqU73lRRJmLCjoOp/ygoj1cz168wz
kpmPM3Ei5Ko+pftJnjl1XKzek4YAVkiXskqQnPt12tVkMA5N1yAwU3e6wzXIxN7w
kW0sAoLClcIHiDSqSbgtcuWEA+Gn7oFP8XCzCpQCzaXFy+EFQZt2X0wRWBRfTfpF
o5Ad3GOAEQcyqwu99z9n8Gc81dukXo6U9g2PpR4X+QFSvpL72Awtw4+8aPo/n+Cm
6giBvq4tz9c21uEVDZNmcmFpsFrjICuCexGm9vMCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBR42Pu2nsUdpYpO4J3Q5Ci+6qmKCjAfBgNVHSMEGDAWgBTFovQkB/IcnXaQ
+zD9jNsr/fbQMDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hhTDBKQWZ5SEoxMmtQc3dfWXpiS18zMjBEQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWQvMWExOGUxLTY3YzgtNDkyZS04ZmJhLWZiNWM2MmU0MmY2Yi8x
L2VOajd0cDdGSGFXS1R1Q2QwT1FvdnVxcGlnby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWQv
MWExOGUxLTY3YzgtNDkyZS04ZmJhLWZiNWM2MmU0MmY2Yi8xL3hhTDBKQWZ5SEox
MmtQc3dfWXpiS18zMjBEQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwFwQCAAEwEQMEAh+sqAMDAE03AwQHVYCAMA0EAgAC
MAcDBQAqAWEAMA0GCSqGSIb3DQEBCwUAA4IBAQAaQG/RjZJ5KX/KAf5yHFlDIgdP
DKb8sPMDA2vokpQS0V7yKVyAcgrVdVkpAmMn3jR5t/4+MrmatVx+VL+j1DWhxYaT
90Y9v6jPv/z1GRMJLsX8YOcqITqILwY/NglyqP4hWbxgsi2iK4IT3zmrWa8giVH7
ayOorKR8Vm5eUqZWGpmne4agH24NVV+mijGiuH6SrAbCVfVC6Zdy9PQopSr2TamZ
U2fOGPoeIJOFrK+CjsxzyrS6Lckh3oqmOnnu9OriDe9aZTBwltKrd6uM2pwnCSCj
XAwUgEmJrAdmaDOVVrjDf6AtPAYzi+DUy2OQ/jQryRBlyZuEcqgq9+3ixddD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:39 2024 by rpki-client on console-fra.rpki-client.org