Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/jcQTJuC7uhfJi8Ktm7cNzFfIrTo.roa
File:                     jcQTJuC7uhfJi8Ktm7cNzFfIrTo.roa (raw, json)
Hash identifier:          jf462WrBhwT0orcundj1PTpiI2F6ipb0qPQPi0xrMrk=
Subject key identifier:   8D:C4:13:26:E0:BB:BA:17:C9:8B:C2:AD:9B:B7:0D:CC:57:C8:AD:3A
Certificate issuer:       /CN=e7133dcaf2b1ebf5dade5a33aa1b2fb99d2689ba
Certificate serial:       018515B26DF634D6F4E76C144D22074BF1A7
Authority key identifier: E7:13:3D:CA:F2:B1:EB:F5:DA:DE:5A:33:AA:1B:2F:B9:9D:26:89:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5xM9yvKx6_Xa3lozqhsvuZ0mibo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/jcQTJuC7uhfJi8Ktm7cNzFfIrTo.roa
Signing time:             Thu 15 Dec 2022 12:11:33 +0000
ROA not before:           Thu 15 Dec 2022 12:11:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     36692
IP address blocks:        185.60.84.0/23 maxlen: 24
                          185.60.86.0/24 maxlen: 24
                          185.60.87.0/24 maxlen: 24
                          146.112.60.0/24 maxlen: 24
                          146.112.10.0/24 maxlen: 24
                          146.112.41.0/24 maxlen: 24
                          146.112.170.0/24 maxlen: 24
                          146.112.174.0/24 maxlen: 24
                          146.112.187.0/24 maxlen: 24
                          146.112.131.0/24 maxlen: 24
                          146.112.132.0/24 maxlen: 24
                          146.112.128.0/24 maxlen: 24
                          146.112.129.0/24 maxlen: 24
                          146.112.130.0/24 maxlen: 24
                          146.112.133.0/24 maxlen: 24
                          146.112.134.0/24 maxlen: 24
                          146.112.135.0/24 maxlen: 24
                          146.112.136.0/24 maxlen: 24
                          146.112.137.0/24 maxlen: 24
                          146.112.138.0/24 maxlen: 24
                          146.112.139.0/24 maxlen: 24
                          155.190.192.0/24 maxlen: 24
                          155.190.193.0/24 maxlen: 24
                          155.190.194.0/24 maxlen: 24
                          155.190.195.0/24 maxlen: 24
                          155.190.196.0/24 maxlen: 24
                          155.190.197.0/24 maxlen: 24
                          155.190.201.0/24 maxlen: 24
                          155.190.202.0/24 maxlen: 24
                          155.190.203.0/24 maxlen: 24
                          155.190.232.0/24 maxlen: 24
                          155.190.238.0/24 maxlen: 24
                          155.190.28.0/24 maxlen: 24
                          155.190.29.0/24 maxlen: 24
                          155.190.38.0/24 maxlen: 24
                          155.190.32.0/24 maxlen: 24
                          155.190.33.0/24 maxlen: 24
                          155.190.34.0/24 maxlen: 24
                          155.190.35.0/24 maxlen: 24
                          155.190.36.0/24 maxlen: 24
                          155.190.37.0/24 maxlen: 24
                          155.190.39.0/24 maxlen: 24
                          155.190.40.0/24 maxlen: 24
                          155.190.41.0/24 maxlen: 24
                          155.190.42.0/24 maxlen: 24
                          155.190.43.0/24 maxlen: 24
                          155.190.44.0/24 maxlen: 24
                          155.190.45.0/24 maxlen: 24
                          155.190.46.0/24 maxlen: 24
                          155.190.47.0/24 maxlen: 24
                          155.190.48.0/24 maxlen: 24
                          155.190.49.0/24 maxlen: 24
                          155.190.50.0/24 maxlen: 24
                          155.190.51.0/24 maxlen: 24
                          155.190.53.0/24 maxlen: 24
                          155.190.54.0/24 maxlen: 24
                          155.190.55.0/24 maxlen: 24
                          155.190.57.0/24 maxlen: 24
                          155.190.58.0/24 maxlen: 24
                          155.190.0.0/24 maxlen: 24
                          155.190.4.0/24 maxlen: 24
                          155.190.3.0/24 maxlen: 24
                          155.190.1.0/24 maxlen: 24
                          155.190.2.0/24 maxlen: 24
                          155.190.8.0/24 maxlen: 24
                          155.190.9.0/24 maxlen: 24
                          155.190.15.0/24 maxlen: 24
                          155.190.17.0/24 maxlen: 24
                          155.190.18.0/24 maxlen: 24
                          155.190.19.0/24 maxlen: 24
                          155.190.20.0/24 maxlen: 24
                          155.190.21.0/24 maxlen: 24
                          155.190.22.0/24 maxlen: 24
                          2a04:e4c0:25::/48 maxlen: 48
                          2a04:e4c0:14::/48 maxlen: 48
                          2a04:e4c0:22::/48 maxlen: 48
                          2a04:e4c0:11::/48 maxlen: 48
                          2a04:e4c0:47::/48 maxlen: 48
                          2a04:e4c0:55::/48 maxlen: 48
                          2a04:e4c0:30::/48 maxlen: 48
                          2a04:e4c0:44::/48 maxlen: 48
                          2a04:e4c7:fffd::/48 maxlen: 48
                          2a04:e4c0:52::/48 maxlen: 48
                          2a04:e4c4:3::/48 maxlen: 48
                          2a04:e4c0:63::/48 maxlen: 48
                          2a04:e4c0:41::/48 maxlen: 48
                          2a04:e4c0:60::/48 maxlen: 48
                          2a04:e4c0:13::/48 maxlen: 48
                          2a04:e4c0:16::/48 maxlen: 48
                          2a04:e4c7:ffff::/48 maxlen: 48
                          2a04:e4c0:10::/48 maxlen: 48
                          2a04:e4c0:49::/48 maxlen: 48
                          2a04:e4c0:24::/48 maxlen: 48
                          2a04:e4c0:43::/48 maxlen: 48
                          2a04:e4c0:46::/48 maxlen: 48
                          2a04:e4c0:21::/48 maxlen: 48
                          2a04:e4c0:40::/48 maxlen: 48
                          2a04:e4c7:fffe::/48 maxlen: 48
                          2a04:e4c4:1::/48 maxlen: 48
                          2a04:e4c0:54::/48 maxlen: 48
                          2a04:e4c0:62::/48 maxlen: 48
                          2a04:e4c0:18::/48 maxlen: 48
                          2a04:e4c4:4::/48 maxlen: 48
                          2a04:e4c0:51::/48 maxlen: 48
                          2a04:e4c0:15::/48 maxlen: 48
                          2a04:e4c0:12::/48 maxlen: 48
                          2a04:e4c0:48::/48 maxlen: 48
                          2a04:e4c0:23::/48 maxlen: 48
                          2a04:e4c0:45::/48 maxlen: 48
                          2a04:e4c0:20::/48 maxlen: 48
                          2a04:e4c0:59::/48 maxlen: 48
                          2a04:e4c0:42::/48 maxlen: 48
                          2a04:e4c0:53::/48 maxlen: 48
                          2a04:e4c0:56::/48 maxlen: 48
                          2a04:e4c0:31::/48 maxlen: 48
                          2a04:e4c4:2::/48 maxlen: 48
                          2a04:e4c0:61::/48 maxlen: 48
                          2a04:e4c0:17::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:15:b2:6d:f6:34:d6:f4:e7:6c:14:4d:22:07:4b:f1:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7133dcaf2b1ebf5dade5a33aa1b2fb99d2689ba
        Validity
            Not Before: Dec 15 12:11:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8dc41326e0bbba17c98bc2ad9bb70dcc57c8ad3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:9e:6e:57:47:35:16:bc:22:03:96:99:3f:05:
                    74:9b:48:3d:6e:e9:4b:7e:2d:ca:1f:06:27:03:6c:
                    19:d2:e6:1c:a4:42:af:01:6e:bf:40:ee:a5:a2:86:
                    cc:33:db:08:f5:c4:23:45:a5:f2:38:21:53:64:d2:
                    b6:57:34:ca:3b:dc:b2:66:89:68:7f:43:81:d5:cf:
                    b1:76:bd:d9:0d:3b:6c:a8:42:62:63:8a:6f:f2:51:
                    d7:8a:e7:ef:28:a8:78:0e:12:df:20:f4:86:2a:67:
                    fe:f7:35:35:43:43:8b:ba:00:7a:af:0a:ed:96:93:
                    ce:3a:45:e4:b7:07:70:ad:c8:69:68:a4:fc:ac:2f:
                    ae:8c:e5:2f:79:4e:0f:a2:d0:c1:67:3d:5c:2a:fe:
                    7e:94:20:42:b3:b3:d1:f4:1c:7a:02:29:b8:65:80:
                    f3:c8:00:81:b7:4a:1b:71:34:42:b0:fb:ad:f2:98:
                    4f:b7:b1:f9:1f:cc:48:0d:15:5d:77:de:a6:6b:d6:
                    45:c7:47:cb:ec:a2:80:e8:c7:b9:e9:d6:2b:14:76:
                    42:b2:48:fa:0d:3c:5e:b0:c7:a7:6f:71:d0:0e:a1:
                    95:d0:df:ca:8d:65:e2:0a:64:19:e5:94:c7:c1:18:
                    9b:eb:ab:6e:12:ca:0e:0e:28:a7:ae:6f:26:56:d1:
                    ae:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:C4:13:26:E0:BB:BA:17:C9:8B:C2:AD:9B:B7:0D:CC:57:C8:AD:3A
            X509v3 Authority Key Identifier:
                keyid:E7:13:3D:CA:F2:B1:EB:F5:DA:DE:5A:33:AA:1B:2F:B9:9D:26:89:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5xM9yvKx6_Xa3lozqhsvuZ0mibo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/jcQTJuC7uhfJi8Ktm7cNzFfIrTo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/5xM9yvKx6_Xa3lozqhsvuZ0mibo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.112.10.0/24
                  146.112.41.0/24
                  146.112.60.0/24
                  146.112.128.0-146.112.139.255
                  146.112.170.0/24
                  146.112.174.0/24
                  146.112.187.0/24
                  155.190.0.0-155.190.4.255
                  155.190.8.0/23
                  155.190.15.0/24
                  155.190.17.0-155.190.22.255
                  155.190.28.0/23
                  155.190.32.0-155.190.51.255
                  155.190.53.0-155.190.55.255
                  155.190.57.0-155.190.58.255
                  155.190.192.0-155.190.197.255
                  155.190.201.0-155.190.203.255
                  155.190.232.0/24
                  155.190.238.0/24
                  185.60.84.0/22
                IPv6:
                  2a04:e4c0:10::-2a04:e4c0:18:ffff:ffff:ffff:ffff:ffff
                  2a04:e4c0:20::-2a04:e4c0:25:ffff:ffff:ffff:ffff:ffff
                  2a04:e4c0:30::/47
                  2a04:e4c0:40::-2a04:e4c0:49:ffff:ffff:ffff:ffff:ffff
                  2a04:e4c0:51::-2a04:e4c0:56:ffff:ffff:ffff:ffff:ffff
                  2a04:e4c0:59::/48
                  2a04:e4c0:60::/46
                  2a04:e4c4:1::-2a04:e4c4:4:ffff:ffff:ffff:ffff:ffff
                  2a04:e4c7:fffd::-2a04:e4c7:ffff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         54:d2:cb:84:d0:b9:d8:ef:44:ff:ad:c3:b5:b6:65:6d:94:93:
         b2:08:18:31:18:d1:ab:ce:3e:f1:2a:bc:44:68:c3:97:21:a9:
         84:c7:78:42:c3:54:64:b3:40:c9:d3:61:2f:63:d1:83:57:49:
         18:55:32:66:63:77:3a:cc:3f:df:ed:04:85:00:c1:db:e6:2e:
         59:91:9d:5c:aa:ab:27:5b:8c:7a:65:2a:94:dd:4d:9b:15:22:
         58:2b:28:4d:6e:c4:3c:fd:4b:0e:94:1a:7b:12:0a:43:2f:96:
         10:9d:97:3a:08:c2:53:2d:ab:34:c0:d5:00:40:25:44:d4:1a:
         7f:62:41:01:80:33:23:b7:15:d2:d0:d9:c4:52:c9:13:8c:2a:
         f4:3d:ad:05:0b:cc:40:5e:19:01:f0:bf:3d:15:bd:42:1d:65:
         ff:55:8a:5d:f8:71:ff:ab:79:29:e8:d6:de:e6:2d:f1:c3:02:
         91:af:91:bc:9a:23:d4:67:f3:e7:73:d2:f5:80:44:a9:b8:1a:
         d4:71:71:a3:d4:66:bc:ad:d3:7f:1d:83:d4:79:69:7e:76:f7:
         26:d3:1b:1e:f8:97:92:4d:ac:f4:45:cd:e8:40:b1:5c:a1:03:
         3d:81:fc:5a:22:63:b6:92:c7:41:9f:dd:02:5d:4d:cf:86:65:
         d8:8e:c4:dc
-----BEGIN CERTIFICATE-----
MIIGUTCCBTmgAwIBAgISAYUVsm32NNb052wUTSIHS/GnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MTMzZGNhZjJiMWViZjVkYWRlNWEzM2FhMWIyZmI5OWQy
Njg5YmEwHhcNMjIxMjE1MTIxMTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGM0MTMyNmUwYmJiYTE3Yzk4YmMyYWQ5YmI3MGRjYzU3YzhhZDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzp5uV0c1FrwiA5aZPwV0m0g9bulL
fi3KHwYnA2wZ0uYcpEKvAW6/QO6loobMM9sI9cQjRaXyOCFTZNK2VzTKO9yyZolo
f0OB1c+xdr3ZDTtsqEJiY4pv8lHXiufvKKh4DhLfIPSGKmf+9zU1Q0OLugB6rwrt
lpPOOkXktwdwrchpaKT8rC+ujOUveU4PotDBZz1cKv5+lCBCs7PR9Bx6Aim4ZYDz
yACBt0obcTRCsPut8phPt7H5H8xIDRVdd96ma9ZFx0fL7KKA6Me56dYrFHZCskj6
DTxesMenb3HQDqGV0N/KjWXiCmQZ5ZTHwRib66tuEsoODiinrm8mVtGuzQIDAQAB
o4IDXTCCA1kwHQYDVR0OBBYEFI3EEybgu7oXyYvCrZu3DcxXyK06MB8GA1UdIwQY
MBaAFOcTPcrysev12t5aM6obL7mdJom6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXhNOXl2S3g2X1hhM2xvenFoc3Z1WjBtaWJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi81ZTRkZjgtYWU4Yy00NGE3LWJkNmUt
MTljZTQ2YTQyZmE0LzEvamNRVEp1Qzd1aGZKaThLdG03Y056RmZJclRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi81ZTRkZjgtYWU4Yy00NGE3LWJkNmUtMTljZTQ2YTQyZmE0
LzEvNXhNOXl2S3g2X1hhM2xvenFoc3Z1WjBtaWJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBcQYIKwYBBQUHAQcBAf8EggFgMIIBXDCBvgQCAAEwgbcD
BACScAoDBACScCkDBACScDwwDAMEB5JwgAMEApJwiAMEAJJwqgMEAJJwrgMEAJJw
uzALAwMBm74DBACbvgQDBAGbvggDBACbvg8wDAMEAJu+EQMEAJu+FgMEAZu+HDAM
AwQFm74gAwQCm74wMAwDBACbvjUDBAObvjAwDAMEAJu+OQMEAJu+OjAMAwQGm77A
AwQBm77EMAwDBACbvskDBAKbvsgDBACbvugDBACbvu4DBAK5PFQwgZgEAgACMIGR
MBIDBwQqBOTAABADBwAqBOTAABgwEgMHBSoE5MAAIAMHASoE5MAAJAMHASoE5MAA
MDASAwcGKgTkwABAAwcBKgTkwABIMBIDBwAqBOTAAFEDBwAqBOTAAFYDBwAqBOTA
AFkDBwIqBOTAAGAwEgMHACoE5MQAAQMHACoE5MQABDAQAwcAKgTkx//9AwUDKgTk
wDANBgkqhkiG9w0BAQsFAAOCAQEAVNLLhNC52O9E/63DtbZlbZSTsggYMRjRq84+
8Sq8RGjDlyGphMd4QsNUZLNAydNhL2PRg1dJGFUyZmN3Osw/3+0EhQDB2+YuWZGd
XKqrJ1uMemUqlN1NmxUiWCsoTW7EPP1LDpQaexIKQy+WEJ2XOgjCUy2rNMDVAEAl
RNQaf2JBAYAzI7cV0tDZxFLJE4wq9D2tBQvMQF4ZAfC/PRW9Qh1l/1WKXfhx/6t5
KejW3uYt8cMCka+RvJoj1Gfz53PS9YBEqbga1HFxo9RmvK3Tfx2D1Hlpfnb3JtMb
HviXkk2s9EXN6ECxXKEDPYH8WiJjtpLHQZ/dAl1Nz4Zl2I7E3A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:41 2024 by rpki-client on console-fra.rpki-client.org