Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/ZG0AlIAAaW0BrRihuvD4HewWnD0.roa
File:                     ZG0AlIAAaW0BrRihuvD4HewWnD0.roa (raw, json)
Hash identifier:          zYEGWO16fmiV06QJMyEEkGca5ObIPFElt+MJA4aQ4IE=
Subject key identifier:   64:6D:00:94:80:00:69:6D:01:AD:18:A1:BA:F0:F8:1D:EC:16:9C:3D
Certificate issuer:       /CN=e909ee3d618974da0cbd805a2da80410a4989881
Certificate serial:       0184607B752E4C2BB1F34C06C2091CB01649
Authority key identifier: E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/ZG0AlIAAaW0BrRihuvD4HewWnD0.roa
Signing time:             Thu 10 Nov 2022 07:40:14 +0000
ROA not before:           Thu 10 Nov 2022 07:40:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     30781
IP address blocks:        46.231.216.0/21 maxlen: 24
                          185.53.80.0/22 maxlen: 24
                          141.255.128.0/21 maxlen: 24
                          212.114.16.0/20 maxlen: 24
                          46.22.192.0/20 maxlen: 24
                          45.80.8.0/22 maxlen: 24
                          45.80.20.0/22 maxlen: 24
                          45.80.24.0/22 maxlen: 24
                          45.80.32.0/22 maxlen: 24
                          46.255.200.0/21 maxlen: 24
                          95.178.88.0/22 maxlen: 24
                          185.114.100.0/22 maxlen: 24
                          94.100.160.0/20 maxlen: 24
                          37.110.192.0/21 maxlen: 24
                          193.151.84.0/24 maxlen: 24
                          193.151.87.0/24 maxlen: 24
                          37.26.184.0/21 maxlen: 24
                          185.146.220.0/22 maxlen: 24
                          194.116.142.0/23 maxlen: 24
                          185.15.140.0/22 maxlen: 24
                          185.62.184.0/22 maxlen: 24
                          212.85.229.0/24 maxlen: 24
                          212.85.230.0/23 maxlen: 24
                          195.234.35.0/24 maxlen: 24
                          95.143.64.0/20 maxlen: 24
                          91.224.162.0/23 maxlen: 24
                          176.241.120.0/21 maxlen: 24
                          212.18.240.0/21 maxlen: 24
                          130.180.208.0/20 maxlen: 24
                          78.153.224.0/19 maxlen: 24
                          91.226.193.0/24 maxlen: 24
                          185.61.184.0/22 maxlen: 24
                          185.61.184.0/21 maxlen: 24
                          185.61.188.0/22 maxlen: 24
                          31.172.232.0/21 maxlen: 24
                          31.172.238.0/24 maxlen: 24
                          185.78.156.0/22 maxlen: 24
                          185.92.36.0/22 maxlen: 24
                          31.7.248.0/21 maxlen: 24
                          31.172.160.0/22 maxlen: 24
                          193.189.124.0/23 maxlen: 24
                          185.4.60.0/23 maxlen: 24
                          185.4.62.0/24 maxlen: 24
                          185.91.220.0/22 maxlen: 24
                          185.91.224.0/22 maxlen: 24
                          77.72.88.0/21 maxlen: 24
                          91.203.92.0/22 maxlen: 24
                          37.61.240.0/21 maxlen: 24
                          85.31.192.0/19 maxlen: 24
                          82.163.36.0/22 maxlen: 24
                          5.226.0.0/21 maxlen: 24
                          88.212.144.0/21 maxlen: 24
                          88.212.152.0/22 maxlen: 24
                          185.209.52.0/22 maxlen: 24
                          82.196.24.0/21 maxlen: 24
                          88.202.236.0/22 maxlen: 24
                          77.246.80.0/20 maxlen: 24
                          185.44.88.0/22 maxlen: 24
                          2a05:6e00::/29 maxlen: 48
                          2a03:bdc0::/32 maxlen: 48
                          2a02:398::/32 maxlen: 48
                          2a0b:41c0::/29 maxlen: 48
                          2a00:68c0::/32 maxlen: 48
                          2a04:cc00::/29 maxlen: 48
                          2a01:240::/32 maxlen: 48
                          2a01:290::/32 maxlen: 48
                          2a00:78c0::/29 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:60:7b:75:2e:4c:2b:b1:f3:4c:06:c2:09:1c:b0:16:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e909ee3d618974da0cbd805a2da80410a4989881
        Validity
            Not Before: Nov 10 07:40:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=646d00948000696d01ad18a1baf0f81dec169c3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:d9:83:ba:0b:d6:16:c1:24:af:d6:27:27:49:
                    ed:69:ff:00:27:0f:9d:ff:51:e1:ce:54:0c:c1:4a:
                    37:6f:4a:e4:10:70:60:db:0c:e8:e0:38:c0:88:d8:
                    f0:42:7a:07:9b:04:58:51:88:53:b9:38:b7:59:ed:
                    61:3e:75:29:11:2d:a3:6d:fe:7a:b5:48:82:fb:5d:
                    83:08:bb:02:0e:a3:19:26:7e:7e:54:19:de:91:b0:
                    49:20:91:5a:ef:dd:86:69:34:4b:f0:20:e6:b9:3c:
                    08:4f:f3:27:8a:ee:2d:0a:e9:a3:68:94:66:23:29:
                    0b:2a:ef:1e:fa:de:16:91:78:a3:3a:6a:b8:e9:81:
                    53:be:7d:fc:4a:98:cd:2b:0c:15:e8:03:cd:d0:51:
                    e8:02:f8:56:88:4b:6b:cf:8f:dd:35:b8:0e:c8:36:
                    9a:06:d8:9c:49:01:5b:6b:e9:8c:12:9f:e9:11:0a:
                    14:d1:e3:b7:00:4d:e7:08:23:87:77:41:06:a5:8a:
                    ad:bf:05:33:33:4a:12:af:81:df:0b:18:c0:90:36:
                    5b:1d:6a:c3:92:4c:0b:dc:86:9f:b7:a0:14:85:c4:
                    95:18:90:b3:24:c6:bb:33:e4:af:ee:c1:f2:8c:c1:
                    99:0e:cb:8d:c5:33:b2:b1:ec:2e:55:8a:84:3a:42:
                    6c:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:6D:00:94:80:00:69:6D:01:AD:18:A1:BA:F0:F8:1D:EC:16:9C:3D
            X509v3 Authority Key Identifier:
                keyid:E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/ZG0AlIAAaW0BrRihuvD4HewWnD0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/6QnuPWGJdNoMvYBaLagEEKSYmIE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.226.0.0/21
                  31.7.248.0/21
                  31.172.160.0/22
                  31.172.232.0/21
                  37.26.184.0/21
                  37.61.240.0/21
                  37.110.192.0/21
                  45.80.8.0/22
                  45.80.20.0-45.80.27.255
                  45.80.32.0/22
                  46.22.192.0/20
                  46.231.216.0/21
                  46.255.200.0/21
                  77.72.88.0/21
                  77.246.80.0/20
                  78.153.224.0/19
                  82.163.36.0/22
                  82.196.24.0/21
                  85.31.192.0/19
                  88.202.236.0/22
                  88.212.144.0-88.212.155.255
                  91.203.92.0/22
                  91.224.162.0/23
                  91.226.193.0/24
                  94.100.160.0/20
                  95.143.64.0/20
                  95.178.88.0/22
                  130.180.208.0/20
                  141.255.128.0/21
                  176.241.120.0/21
                  185.4.60.0-185.4.62.255
                  185.15.140.0/22
                  185.44.88.0/22
                  185.53.80.0/22
                  185.61.184.0/21
                  185.62.184.0/22
                  185.78.156.0/22
                  185.91.220.0-185.91.227.255
                  185.92.36.0/22
                  185.114.100.0/22
                  185.146.220.0/22
                  185.209.52.0/22
                  193.151.84.0/24
                  193.151.87.0/24
                  193.189.124.0/23
                  194.116.142.0/23
                  195.234.35.0/24
                  212.18.240.0/21
                  212.85.229.0-212.85.231.255
                  212.114.16.0/20
                IPv6:
                  2a00:68c0::/32
                  2a00:78c0::/29
                  2a01:240::/32
                  2a01:290::/32
                  2a02:398::/32
                  2a03:bdc0::/32
                  2a04:cc00::/29
                  2a05:6e00::/29
                  2a0b:41c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         af:2e:b1:8e:0e:ec:19:d0:1a:f2:63:56:fb:3e:5a:72:0f:99:
         8f:3f:9b:f0:64:8a:3e:42:54:00:d5:4b:82:c7:dd:3c:19:2f:
         fb:45:fd:f3:49:28:7b:37:9d:20:4c:dd:d7:c4:0c:f5:f0:9d:
         22:11:fb:44:25:14:56:e5:ff:c2:1a:80:9b:68:ac:2a:c8:d5:
         7c:e0:88:12:2e:68:d8:04:0f:33:53:bf:dc:85:4e:0d:34:5b:
         78:97:cc:ea:1b:53:1b:80:0d:1d:5e:23:8b:ef:df:8c:9a:fe:
         50:56:9f:1f:92:63:98:3b:fa:5b:97:96:e3:92:db:7c:ff:ba:
         ef:71:84:9d:f5:1e:66:7f:00:ce:98:60:c0:8c:00:b6:0c:1f:
         77:00:61:a0:c2:0b:7b:a3:10:3e:a9:9d:d9:5d:3a:9a:21:87:
         15:42:6d:f4:66:75:22:78:d8:56:00:ef:4b:82:08:44:81:7f:
         34:0c:b2:c4:f9:b2:77:89:19:5c:1e:ff:5f:8c:c5:91:a7:cd:
         73:c5:dc:2c:65:00:97:17:09:8d:62:0e:2e:9c:9c:34:79:da:
         43:e6:56:e9:98:f3:87:85:05:25:ef:8a:0c:33:c5:7f:1b:b5:
         7e:f7:f1:cd:ee:8d:13:00:74:17:05:e3:9a:4a:7a:61:5a:6b:
         e8:19:7e:bb
-----BEGIN CERTIFICATE-----
MIIGnDCCBYSgAwIBAgISAYRge3UuTCux80wGwgkcsBZJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MDllZTNkNjE4OTc0ZGEwY2JkODA1YTJkYTgwNDEwYTQ5
ODk4ODEwHhcNMjIxMTEwMDc0MDE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDZkMDA5NDgwMDA2OTZkMDFhZDE4YTFiYWYwZjgxZGVjMTY5YzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudmDugvWFsEkr9YnJ0ntaf8AJw+d
/1HhzlQMwUo3b0rkEHBg2wzo4DjAiNjwQnoHmwRYUYhTuTi3We1hPnUpES2jbf56
tUiC+12DCLsCDqMZJn5+VBnekbBJIJFa792GaTRL8CDmuTwIT/Mniu4tCumjaJRm
IykLKu8e+t4WkXijOmq46YFTvn38SpjNKwwV6APN0FHoAvhWiEtrz4/dNbgOyDaa
BticSQFba+mMEp/pEQoU0eO3AE3nCCOHd0EGpYqtvwUzM0oSr4HfCxjAkDZbHWrD
kkwL3Iaft6AUhcSVGJCzJMa7M+Sv7sHyjMGZDsuNxTOysewuVYqEOkJsaQIDAQAB
o4IDqDCCA6QwHQYDVR0OBBYEFGRtAJSAAGltAa0Yobrw+B3sFpw9MB8GA1UdIwQY
MBaAFOkJ7j1hiXTaDL2AWi2oBBCkmJiBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlFudVBXR0pkTm9NdllCYUxhZ0VFS1NZbUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8yYjVmNWYtYmI5Ni00YjMxLThhNmEt
ZGQxMTVmOWUzMzAxLzEvWkcwQWxJQUFhVzBCclJpaHV2RDRIZXdXbkQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8yYjVmNWYtYmI5Ni00YjMxLThhNmEtZGQxMTVmOWUzMzAx
LzEvNlFudVBXR0pkTm9NdllCYUxhZ0VFS1NZbUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBvAYIKwYBBQUHAQcBAf8EggGrMIIBpzCCAVwEAgABMIIB
VAMEAwXiAAMEAx8H+AMEAh+soAMEAx+s6AMEAyUauAMEAyU98AMEAyVuwAMEAi1Q
CDAMAwQCLVAUAwQCLVAYAwQCLVAgAwQELhbAAwQDLufYAwQDLv/IAwQDTUhYAwQE
TfZQAwQFTpngAwQCUqMkAwQDUsQYAwQFVR/AAwQCWMrsMAwDBARY1JADBAJY1JgD
BAJby1wDBAFb4KIDBABb4sEDBAReZKADBARfj0ADBAJfslgDBASCtNADBAON/4AD
BAOw8XgwDAMEArkEPAMEALkEPgMEArkPjAMEArksWAMEArk1UAMEA7k9uAMEArk+
uAMEArlOnDAMAwQCuVvcAwQCuVvgAwQCuVwkAwQCuXJkAwQCuZLcAwQCudE0AwQA
wZdUAwQAwZdXAwQBwb18AwQBwnSOAwQAw+ojAwQD1BLwMAwDBADUVeUDBAPUVeAD
BATUchAwRQQCAAIwPwMFACoAaMADBQMqAHjAAwUAKgECQAMFACoBApADBQAqAgOY
AwUAKgO9wAMFAyoEzAADBQMqBW4AAwUDKgtBwDANBgkqhkiG9w0BAQsFAAOCAQEA
ry6xjg7sGdAa8mNW+z5acg+Zjz+b8GSKPkJUANVLgsfdPBkv+0X980koezedIEzd
18QM9fCdIhH7RCUUVuX/whqAm2isKsjVfOCIEi5o2AQPM1O/3IVODTRbeJfM6htT
G4ANHV4ji+/fjJr+UFafH5JjmDv6W5eW45LbfP+673GEnfUeZn8AzphgwIwAtgwf
dwBhoMILe6MQPqmd2V06miGHFUJt9GZ1InjYVgDvS4IIRIF/NAyyxPmyd4kZXB7/
X4zFkafNc8XcLGUAlxcJjWIOLpycNHnaQ+ZW6Zjzh4UFJe+KDDPFfxu1fvfxze6N
EwB0FwXjmkp6YVpr6Bl+uw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:44 2024 by rpki-client on console-fra.rpki-client.org