Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/3YBcWWgFLlZkho3z42ZxckbqxGo.roa
File:                     3YBcWWgFLlZkho3z42ZxckbqxGo.roa (raw, json)
Hash identifier:          A7j7qt7+XedhOGWV0FPMWrCtVSIeeYzrUvquLHsK1no=
Subject key identifier:   DD:80:5C:59:68:05:2E:56:64:86:8D:F3:E3:66:71:72:46:EA:C4:6A
Certificate issuer:       /CN=e909ee3d618974da0cbd805a2da80410a4989881
Certificate serial:       1C9C9BEC
Authority key identifier: E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/3YBcWWgFLlZkho3z42ZxckbqxGo.roa
Signing time:             Fri 20 May 2022 08:23:29 +0000
ROA not before:           Fri 20 May 2022 08:23:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     30781
IP address blocks:        46.231.216.0/21 maxlen: 24
                          185.53.80.0/22 maxlen: 24
                          212.114.16.0/20 maxlen: 24
                          46.22.192.0/20 maxlen: 24
                          45.80.8.0/22 maxlen: 24
                          45.80.20.0/22 maxlen: 24
                          45.80.24.0/22 maxlen: 24
                          45.80.32.0/22 maxlen: 24
                          46.255.200.0/21 maxlen: 24
                          95.178.88.0/22 maxlen: 24
                          185.114.100.0/22 maxlen: 24
                          94.100.160.0/20 maxlen: 24
                          37.110.192.0/21 maxlen: 24
                          193.151.84.0/24 maxlen: 24
                          193.151.87.0/24 maxlen: 24
                          37.26.184.0/21 maxlen: 24
                          185.146.220.0/22 maxlen: 24
                          194.116.142.0/23 maxlen: 24
                          185.15.140.0/22 maxlen: 24
                          185.62.184.0/22 maxlen: 24
                          212.85.229.0/24 maxlen: 24
                          212.85.230.0/23 maxlen: 24
                          195.234.35.0/24 maxlen: 24
                          95.143.64.0/20 maxlen: 24
                          176.241.120.0/21 maxlen: 24
                          212.18.240.0/21 maxlen: 24
                          130.180.208.0/20 maxlen: 24
                          78.153.224.0/19 maxlen: 24
                          185.61.184.0/22 maxlen: 24
                          185.61.184.0/21 maxlen: 24
                          185.61.188.0/22 maxlen: 24
                          31.172.232.0/21 maxlen: 24
                          31.172.238.0/24 maxlen: 24
                          185.78.156.0/22 maxlen: 24
                          185.92.36.0/22 maxlen: 24
                          31.7.248.0/21 maxlen: 24
                          31.172.160.0/22 maxlen: 24
                          193.189.124.0/23 maxlen: 24
                          185.4.60.0/23 maxlen: 24
                          185.4.62.0/24 maxlen: 24
                          185.91.220.0/22 maxlen: 24
                          185.91.224.0/22 maxlen: 24
                          77.72.88.0/21 maxlen: 24
                          37.61.240.0/21 maxlen: 24
                          85.31.192.0/19 maxlen: 24
                          82.163.36.0/22 maxlen: 24
                          5.226.0.0/21 maxlen: 24
                          88.212.144.0/21 maxlen: 24
                          88.212.152.0/22 maxlen: 24
                          185.209.52.0/22 maxlen: 24
                          82.196.24.0/21 maxlen: 24
                          88.202.236.0/22 maxlen: 24
                          77.246.80.0/20 maxlen: 24
                          2a05:6e00::/29 maxlen: 48
                          2a03:bdc0::/32 maxlen: 48
                          2a02:398::/32 maxlen: 48
                          2a0b:41c0::/29 maxlen: 48
                          2a00:68c0::/32 maxlen: 48
                          2a04:cc00::/29 maxlen: 48
                          2a01:240::/32 maxlen: 48
                          2a01:290::/32 maxlen: 48
                          2a00:78c0::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 480025580 (0x1c9c9bec)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e909ee3d618974da0cbd805a2da80410a4989881
        Validity
            Not Before: May 20 08:23:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dd805c5968052e5664868df3e366717246eac46a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:92:de:ef:70:d2:9e:38:32:1a:aa:36:e6:c1:
                    c8:ba:4a:38:70:73:8a:97:bf:a8:50:61:2b:1d:ee:
                    d6:36:a5:35:64:5d:93:c8:d0:34:6b:65:9d:e8:df:
                    5a:4b:5f:4a:c2:c6:d6:fd:c3:89:6b:68:7c:be:76:
                    86:c5:46:c0:61:60:12:93:a7:fa:a3:09:a7:c5:74:
                    fa:71:15:da:d4:12:5d:10:54:df:93:88:50:8c:f0:
                    94:3a:3a:aa:a3:c4:3c:c2:d4:63:b1:52:27:40:db:
                    8f:08:af:c6:52:98:34:9f:37:bc:9c:98:5e:d0:8c:
                    51:d5:3c:6a:9e:e2:20:50:05:af:e3:10:67:b9:8b:
                    45:b2:07:1d:7e:b0:eb:c8:da:bb:fa:8b:72:9b:51:
                    c6:46:38:60:54:80:c1:d7:c7:26:32:58:e1:4d:cd:
                    ee:ad:45:1c:50:34:75:56:94:56:8c:82:b9:38:2e:
                    f3:7e:7d:6d:b7:cf:54:3f:b2:19:0c:ce:c9:5c:c1:
                    80:8a:37:a0:f5:95:d1:af:5f:ec:df:2c:ef:b7:de:
                    d7:64:d6:12:f1:7f:0e:ad:4f:8b:49:6d:d6:fa:5b:
                    66:02:81:e5:e3:be:7c:db:bc:6c:94:d2:aa:23:dd:
                    4f:63:67:38:72:6a:36:48:96:e6:ca:bd:8d:8c:cf:
                    d5:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:80:5C:59:68:05:2E:56:64:86:8D:F3:E3:66:71:72:46:EA:C4:6A
            X509v3 Authority Key Identifier:
                keyid:E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/3YBcWWgFLlZkho3z42ZxckbqxGo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/6QnuPWGJdNoMvYBaLagEEKSYmIE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.226.0.0/21
                  31.7.248.0/21
                  31.172.160.0/22
                  31.172.232.0/21
                  37.26.184.0/21
                  37.61.240.0/21
                  37.110.192.0/21
                  45.80.8.0/22
                  45.80.20.0-45.80.27.255
                  45.80.32.0/22
                  46.22.192.0/20
                  46.231.216.0/21
                  46.255.200.0/21
                  77.72.88.0/21
                  77.246.80.0/20
                  78.153.224.0/19
                  82.163.36.0/22
                  82.196.24.0/21
                  85.31.192.0/19
                  88.202.236.0/22
                  88.212.144.0-88.212.155.255
                  94.100.160.0/20
                  95.143.64.0/20
                  95.178.88.0/22
                  130.180.208.0/20
                  176.241.120.0/21
                  185.4.60.0-185.4.62.255
                  185.15.140.0/22
                  185.53.80.0/22
                  185.61.184.0/21
                  185.62.184.0/22
                  185.78.156.0/22
                  185.91.220.0-185.91.227.255
                  185.92.36.0/22
                  185.114.100.0/22
                  185.146.220.0/22
                  185.209.52.0/22
                  193.151.84.0/24
                  193.151.87.0/24
                  193.189.124.0/23
                  194.116.142.0/23
                  195.234.35.0/24
                  212.18.240.0/21
                  212.85.229.0-212.85.231.255
                  212.114.16.0/20
                IPv6:
                  2a00:68c0::/32
                  2a00:78c0::/29
                  2a01:240::/32
                  2a01:290::/32
                  2a02:398::/32
                  2a03:bdc0::/32
                  2a04:cc00::/29
                  2a05:6e00::/29
                  2a0b:41c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         0c:d3:15:d6:1a:30:89:40:5d:f5:ee:0b:e2:f6:ee:d6:42:6d:
         08:68:db:63:06:2b:7d:7c:53:11:1f:55:cb:eb:84:fd:57:f7:
         28:43:e8:32:19:ab:7c:7c:1c:01:89:f2:06:8b:7c:a9:88:78:
         4c:f4:42:d1:3f:4a:4f:2f:a4:ed:fa:63:07:a1:b3:8d:6a:1e:
         91:bf:c5:d0:43:5d:d1:a3:0a:80:7a:f3:92:0e:e5:25:8f:ad:
         14:c3:3f:61:c2:86:13:9c:13:b2:6f:41:cc:9f:57:f0:25:89:
         b5:5c:a6:f5:81:43:0e:64:a1:79:e5:0b:ee:6f:e7:8a:48:0f:
         89:b4:4a:d7:f0:f4:c7:b8:06:67:4a:26:fe:a0:1c:9d:22:df:
         4c:87:9a:68:56:69:b3:07:94:9f:60:48:0a:93:74:01:7a:37:
         b3:3a:7d:ce:89:34:4f:6b:cd:9f:44:0f:d9:4d:8b:89:14:ec:
         a6:16:64:5a:14:c3:77:e4:d1:56:14:81:36:c8:03:4b:4a:d7:
         fd:29:8f:bc:5e:02:e4:56:15:9a:cf:4c:74:06:18:dc:95:6d:
         59:08:e6:a0:58:de:39:c4:8c:86:ab:91:95:1d:d8:69:58:e7:
         a2:6d:0f:1c:de:e6:59:27:c6:71:98:05:14:66:a2:6a:67:0e:
         ce:3f:91:44
-----BEGIN CERTIFICATE-----
MIIGcDCCBVigAwIBAgIEHJyb7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OTA5ZWUzZDYxODk3NGRhMGNiZDgwNWEyZGE4MDQxMGE0OTg5ODgxMB4XDTIyMDUy
MDA4MjMyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGQ4MDVjNTk2ODA1
MmU1NjY0ODY4ZGYzZTM2NjcxNzI0NmVhYzQ2YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALqS3u9w0p44MhqqNubByLpKOHBzipe/qFBhKx3u1jalNWRd
k8jQNGtlnejfWktfSsLG1v3DiWtofL52hsVGwGFgEpOn+qMJp8V0+nEV2tQSXRBU
35OIUIzwlDo6qqPEPMLUY7FSJ0DbjwivxlKYNJ83vJyYXtCMUdU8ap7iIFAFr+MQ
Z7mLRbIHHX6w68jau/qLcptRxkY4YFSAwdfHJjJY4U3N7q1FHFA0dVaUVoyCuTgu
8359bbfPVD+yGQzOyVzBgIo3oPWV0a9f7N8s77fe12TWEvF/Dq1Pi0lt1vpbZgKB
5eO+fNu8bJTSqiPdT2NnOHJqNkiW5sq9jYzP1SUCAwEAAaOCA4owggOGMB0GA1Ud
DgQWBBTdgFxZaAUuVmSGjfPjZnFyRurEajAfBgNVHSMEGDAWgBTpCe49YYl02gy9
gFotqAQQpJiYgTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZRbnVQV0dKZE5vTXZZQmFMYWdFRUtTWW1JRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWUvMmI1ZjVmLWJiOTYtNGIzMS04YTZhLWRkMTE1ZjllMzMwMS8x
LzNZQmNXV2dGTGxaa2hvM3o0Mlp4Y2ticXhHby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWUv
MmI1ZjVmLWJiOTYtNGIzMS04YTZhLWRkMTE1ZjllMzMwMS8xLzZRbnVQV0dKZE5v
TXZZQmFMYWdFRUtTWW1JRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AZ4GCCsGAQUFBwEHAQH/BIIBjTCCAYkwggE+BAIAATCCATYDBAMF4gADBAMfB/gD
BAIfrKADBAMfrOgDBAMlGrgDBAMlPfADBAMlbsADBAItUAgwDAMEAi1QFAMEAi1Q
GAMEAi1QIAMEBC4WwAMEAy7n2AMEAy7/yAMEA01IWAMEBE32UAMEBU6Z4AMEAlKj
JAMEA1LEGAMEBVUfwAMEAljK7DAMAwQEWNSQAwQCWNSYAwQEXmSgAwQEX49AAwQC
X7JYAwQEgrTQAwQDsPF4MAwDBAK5BDwDBAC5BD4DBAK5D4wDBAK5NVADBAO5PbgD
BAK5PrgDBAK5TpwwDAMEArlb3AMEArlb4AMEArlcJAMEArlyZAMEArmS3AMEArnR
NAMEAMGXVAMEAMGXVwMEAcG9fAMEAcJ0jgMEAMPqIwMEA9QS8DAMAwQA1FXlAwQD
1FXgAwQE1HIQMEUEAgACMD8DBQAqAGjAAwUDKgB4wAMFACoBAkADBQAqAQKQAwUA
KgIDmAMFACoDvcADBQMqBMwAAwUDKgVuAAMFAyoLQcAwDQYJKoZIhvcNAQELBQAD
ggEBAAzTFdYaMIlAXfXuC+L27tZCbQho22MGK318UxEfVcvrhP1X9yhD6DIZq3x8
HAGJ8gaLfKmIeEz0QtE/Sk8vpO36Ywehs41qHpG/xdBDXdGjCoB685IO5SWPrRTD
P2HChhOcE7JvQcyfV/AlibVcpvWBQw5koXnlC+5v54pID4m0Stfw9Me4BmdKJv6g
HJ0i30yHmmhWabMHlJ9gSAqTdAF6N7M6fc6JNE9rzZ9ED9lNi4kU7KYWZFoUw3fk
0VYUgTbIA0tK1/0pj7xeAuRWFZrPTHQGGNyVbVkI5qBY3jnEjIarkZUd2GlY56Jt
Dxze5lknxnGYBRRmompnDs4/kUQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:17 2024 by rpki-client on console-ams.rpki-client.org