Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/c00a5b-6a59-41dd-b13b-73495fc08fc4/1/DFnQE2fPg99Iy19x5_1NdHUH_Jk.roa
File:                     DFnQE2fPg99Iy19x5_1NdHUH_Jk.roa (raw, json)
Hash identifier:          B9QFXixhvoY3hbrv0Ni3PGsPM6svjN8E8f0hrT4zb94=
Subject key identifier:   0C:59:D0:13:67:CF:83:DF:48:CB:5F:71:E7:FD:4D:74:75:07:FC:99
Certificate issuer:       /CN=2ee6d560a08a013f3fe0e66dadaf6fd02beaf43f
Certificate serial:       1D925C1C
Authority key identifier: 2E:E6:D5:60:A0:8A:01:3F:3F:E0:E6:6D:AD:AF:6F:D0:2B:EA:F4:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LubVYKCKAT8_4OZtra9v0Cvq9D8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/c00a5b-6a59-41dd-b13b-73495fc08fc4/1/DFnQE2fPg99Iy19x5_1NdHUH_Jk.roa
Signing time:             Mon 04 Jul 2022 16:28:25 +0000
ROA not before:           Mon 04 Jul 2022 16:28:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     199610
IP address blocks:        31.214.192.0/22 maxlen: 22
                          31.214.196.0/22 maxlen: 22
                          31.214.202.0/23 maxlen: 23
                          31.214.204.0/22 maxlen: 22
                          31.214.208.0/22 maxlen: 22
                          31.214.216.0/22 maxlen: 22
                          31.214.220.0/23 maxlen: 23
                          31.214.224.0/22 maxlen: 22
                          31.214.227.0/24 maxlen: 24
                          31.214.232.0/21 maxlen: 21
                          134.255.208.0/23 maxlen: 23
                          134.255.212.0/23 maxlen: 23
                          134.255.214.0/24 maxlen: 24
                          134.255.240.0/24 maxlen: 24
                          134.255.251.0/24 maxlen: 24
                          134.255.198.0/24 maxlen: 24
                          31.214.134.0/23 maxlen: 23
                          31.214.136.0/24 maxlen: 24
                          31.214.142.0/23 maxlen: 23
                          31.214.148.0/24 maxlen: 24
                          45.140.128.0/23 maxlen: 23
                          31.214.158.0/23 maxlen: 23
                          45.140.130.0/23 maxlen: 32
                          31.214.160.0/21 maxlen: 21
                          31.214.160.0/24 maxlen: 24
                          31.214.130.0/23 maxlen: 23
                          31.214.128.0/24 maxlen: 24
                          37.10.96.0/21 maxlen: 21
                          37.10.104.0/22 maxlen: 32
                          37.10.115.0/24 maxlen: 24
                          37.10.118.0/23 maxlen: 23
                          37.10.124.0/24 maxlen: 24
                          37.10.125.0/24 maxlen: 24
                          37.10.120.0/22 maxlen: 32
                          37.10.126.0/24 maxlen: 24
                          37.10.127.0/24 maxlen: 24
                          45.159.4.0/22 maxlen: 32
                          5.83.160.0/22 maxlen: 22
                          5.83.160.0/21 maxlen: 21
                          5.83.164.0/22 maxlen: 22
                          5.83.172.0/22 maxlen: 23
                          5.83.168.0/22 maxlen: 22
                          5.83.174.0/23 maxlen: 24
                          46.251.230.0/23 maxlen: 23
                          46.251.230.0/24 maxlen: 24
                          46.251.231.0/24 maxlen: 24
                          46.251.228.0/24 maxlen: 24
                          46.251.229.0/24 maxlen: 24
                          46.251.232.0/23 maxlen: 23
                          185.9.104.0/22 maxlen: 22
                          46.251.234.0/24 maxlen: 24
                          46.251.238.0/24 maxlen: 24
                          46.251.235.0/24 maxlen: 24
                          46.251.236.0/24 maxlen: 24
                          46.251.240.0/21 maxlen: 21
                          46.251.248.0/24 maxlen: 24
                          109.230.243.0/24 maxlen: 24
                          109.230.248.0/23 maxlen: 23
                          95.156.220.0/23 maxlen: 23
                          95.156.224.0/24 maxlen: 24
                          85.190.152.0/24 maxlen: 24
                          85.190.148.0/24 maxlen: 24
                          85.190.150.0/24 maxlen: 24
                          85.190.151.0/24 maxlen: 24
                          85.190.149.0/24 maxlen: 24
                          85.190.158.0/24 maxlen: 24
                          85.190.153.0/24 maxlen: 24
                          85.190.154.0/24 maxlen: 24
                          85.190.155.0/24 maxlen: 24
                          95.156.238.0/24 maxlen: 24
                          85.190.157.0/24 maxlen: 24
                          95.156.239.0/24 maxlen: 24
                          85.190.156.0/23 maxlen: 23
                          85.190.159.0/24 maxlen: 24
                          85.190.156.0/24 maxlen: 24
                          85.190.160.0/20 maxlen: 20
                          95.156.250.0/24 maxlen: 24
                          109.230.197.0/24 maxlen: 24
                          5.62.96.0/19 maxlen: 19
                          109.230.208.0/24 maxlen: 24
                          109.230.211.0/24 maxlen: 24
                          195.82.158.0/23 maxlen: 23
                          109.230.214.0/24 maxlen: 24
                          95.156.193.0/24 maxlen: 24
                          95.156.194.0/24 maxlen: 24
                          95.156.198.0/24 maxlen: 24
                          5.62.126.0/24 maxlen: 24
                          5.62.127.0/24 maxlen: 24
                          95.156.210.0/23 maxlen: 23
                          85.190.128.0/19 maxlen: 19
                          95.156.209.0/24 maxlen: 24
                          95.156.213.0/24 maxlen: 24
                          109.230.240.0/23 maxlen: 23
                          5.62.64.0/21 maxlen: 21
                          5.62.67.0/24 maxlen: 24
                          194.169.211.0/24 maxlen: 24
                          217.114.192.0/21 maxlen: 21
                          128.0.112.0/23 maxlen: 23
                          128.0.114.0/23 maxlen: 24
                          5.101.160.0/21 maxlen: 21
                          5.101.166.0/24 maxlen: 24
                          2a03:4d45::/32 maxlen: 128
                          2a03:4d44::/32 maxlen: 128
                          2a03:4d47::/32 maxlen: 128
                          2a03:4d40::/32 maxlen: 128
                          2a03:4d43::/32 maxlen: 128
                          2a03:4d41:600::/40 maxlen: 40
                          2a03:4d41::/32 maxlen: 128
                          2a03:4d42::/32 maxlen: 128
                          2a03:4d41:200::/40 maxlen: 40
                          2a03:4d41:400::/40 maxlen: 40
                          2a03:4d41:700::/40 maxlen: 40
                          2a03:4d41:500::/40 maxlen: 40
                          2a03:4d41:100::/40 maxlen: 40
                          2a03:4d41::/40 maxlen: 40
                          2a03:4d41:300::/40 maxlen: 40
                          2a03:4d41:900::/40 maxlen: 40
                          2a03:4d41:600::/44 maxlen: 44
                          2a03:4d41:100::/44 maxlen: 44
                          2a03:4d41:300::/44 maxlen: 44
                          2a03:4d41:200::/44 maxlen: 44
                          2a03:4d41::/44 maxlen: 44
                          2a03:4d41:400::/44 maxlen: 44
                          2a03:4d41:500::/44 maxlen: 44
                          2a03:4d41:610::/44 maxlen: 44
                          2a03:4d41:510::/44 maxlen: 44
                          2a03:4d41:210::/44 maxlen: 44
                          2a03:4d41:10::/44 maxlen: 44

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 496131100 (0x1d925c1c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ee6d560a08a013f3fe0e66dadaf6fd02beaf43f
        Validity
            Not Before: Jul  4 16:28:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0c59d01367cf83df48cb5f71e7fd4d747507fc99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:c1:e3:61:34:de:fd:d7:18:6b:6c:c1:b2:b7:
                    97:0d:b4:72:9c:44:89:47:11:21:f7:82:c6:43:a9:
                    b7:8b:9b:9d:95:a9:89:9a:3d:57:cf:02:90:85:23:
                    fd:42:ef:52:9c:b8:8b:19:c4:e4:6d:63:4d:5d:38:
                    5f:16:8d:7e:d3:98:9a:01:5a:ec:96:88:98:7c:0e:
                    a5:56:93:1e:c4:48:7f:a2:36:c3:99:9b:44:b4:ab:
                    dd:7b:25:c1:10:cb:4f:d8:0f:50:d4:bb:b1:e0:6a:
                    1f:5e:d5:17:05:1f:ea:71:b1:5c:93:35:33:f9:56:
                    bf:ec:42:45:b0:70:ac:c3:da:08:60:1c:ae:98:aa:
                    1d:29:5b:03:17:d2:76:cb:92:8a:c0:74:f0:0a:47:
                    af:c6:3d:c8:a1:9d:9e:cf:27:17:7f:08:e4:d0:c0:
                    65:09:f1:a7:5a:a3:78:11:ea:94:eb:29:c2:bb:09:
                    6d:91:e8:00:07:aa:e3:ec:2f:0f:f2:bd:f8:53:a4:
                    14:93:23:05:29:24:2d:16:58:9e:22:80:38:56:af:
                    c2:0c:bb:68:bd:3e:53:53:98:5f:de:bc:5f:27:c6:
                    dc:93:02:9d:f8:4b:e0:02:7b:11:01:aa:cb:5f:fc:
                    7a:a9:05:96:be:f0:8c:0b:70:c2:ac:97:f7:b4:f1:
                    4f:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:59:D0:13:67:CF:83:DF:48:CB:5F:71:E7:FD:4D:74:75:07:FC:99
            X509v3 Authority Key Identifier:
                keyid:2E:E6:D5:60:A0:8A:01:3F:3F:E0:E6:6D:AD:AF:6F:D0:2B:EA:F4:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LubVYKCKAT8_4OZtra9v0Cvq9D8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/c00a5b-6a59-41dd-b13b-73495fc08fc4/1/DFnQE2fPg99Iy19x5_1NdHUH_Jk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/c00a5b-6a59-41dd-b13b-73495fc08fc4/1/LubVYKCKAT8_4OZtra9v0Cvq9D8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.62.64.0/21
                  5.62.96.0/19
                  5.83.160.0/20
                  5.101.160.0/21
                  31.214.128.0/24
                  31.214.130.0/23
                  31.214.134.0-31.214.136.255
                  31.214.142.0/23
                  31.214.148.0/24
                  31.214.158.0-31.214.167.255
                  31.214.192.0/21
                  31.214.202.0-31.214.211.255
                  31.214.216.0-31.214.221.255
                  31.214.224.0/22
                  31.214.232.0/21
                  37.10.96.0-37.10.107.255
                  37.10.115.0/24
                  37.10.118.0-37.10.127.255
                  45.140.128.0/22
                  45.159.4.0/22
                  46.251.228.0-46.251.236.255
                  46.251.238.0/24
                  46.251.240.0-46.251.248.255
                  85.190.128.0-85.190.175.255
                  95.156.193.0-95.156.194.255
                  95.156.198.0/24
                  95.156.209.0-95.156.211.255
                  95.156.213.0/24
                  95.156.220.0/23
                  95.156.224.0/24
                  95.156.238.0/23
                  95.156.250.0/24
                  109.230.197.0/24
                  109.230.208.0/24
                  109.230.211.0/24
                  109.230.214.0/24
                  109.230.240.0/23
                  109.230.243.0/24
                  109.230.248.0/23
                  128.0.112.0/22
                  134.255.198.0/24
                  134.255.208.0/23
                  134.255.212.0-134.255.214.255
                  134.255.240.0/24
                  134.255.251.0/24
                  185.9.104.0/22
                  194.169.211.0/24
                  195.82.158.0/23
                  217.114.192.0/21
                IPv6:
                  2a03:4d40::-2a03:4d45:ffff:ffff:ffff:ffff:ffff:ffff
                  2a03:4d47::/32

    Signature Algorithm: sha256WithRSAEncryption
         53:43:f5:af:4a:61:0f:3d:41:4d:96:bc:74:8b:97:92:68:93:
         56:f5:09:d4:12:4e:46:3a:89:68:78:0b:87:f2:e4:5a:2b:12:
         ae:4e:41:42:66:3c:e5:ef:35:e9:cc:a8:8d:f4:27:c4:80:24:
         74:bd:13:3b:0d:76:cf:fb:96:1e:61:9b:6f:ac:18:a7:83:63:
         7f:88:9f:62:e4:21:a8:80:57:1c:30:35:04:4a:5a:3e:a0:d3:
         ce:b0:25:83:6d:12:89:dd:0c:e8:c0:2d:5c:e0:22:83:b3:03:
         45:07:5e:22:53:c7:e0:ec:5c:d1:f5:54:20:29:f9:81:9e:c2:
         86:03:18:70:20:d8:d4:3e:b0:bd:47:31:22:61:91:57:86:e2:
         be:b4:8c:e2:7d:1f:bd:53:a2:48:3d:c6:12:cc:b1:78:53:05:
         5e:e0:8b:93:ac:65:0e:ae:ea:e5:bf:c9:19:89:b8:86:04:5b:
         e2:0f:29:07:c8:9c:aa:61:e0:c6:7a:15:de:ff:5f:24:ad:52:
         1d:92:10:c1:38:8d:e3:0a:9a:1a:76:6b:e5:e3:97:0b:f1:a5:
         bb:30:cc:98:80:06:87:36:c7:86:de:a9:7d:2b:52:aa:f0:ad:
         4f:61:fd:51:4f:78:a7:22:1f:f5:1b:08:32:78:0a:b4:15:52:
         c0:e7:2c:f5
-----BEGIN CERTIFICATE-----
MIIGmDCCBYCgAwIBAgIEHZJcHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZWU2ZDU2MGEwOGEwMTNmM2ZlMGU2NmRhZGFmNmZkMDJiZWFmNDNmMB4XDTIyMDcw
NDE2MjgyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGM1OWQwMTM2N2Nm
ODNkZjQ4Y2I1ZjcxZTdmZDRkNzQ3NTA3ZmM5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKjB42E03v3XGGtswbK3lw20cpxEiUcRIfeCxkOpt4ubnZWp
iZo9V88CkIUj/ULvUpy4ixnE5G1jTV04XxaNftOYmgFa7JaImHwOpVaTHsRIf6I2
w5mbRLSr3XslwRDLT9gPUNS7seBqH17VFwUf6nGxXJM1M/lWv+xCRbBwrMPaCGAc
rpiqHSlbAxfSdsuSisB08ApHr8Y9yKGdns8nF38I5NDAZQnxp1qjeBHqlOspwrsJ
bZHoAAeq4+wvD/K9+FOkFJMjBSkkLRZYniKAOFavwgy7aL0+U1OYX968XyfG3JMC
nfhL4AJ7EQGqy1/8eqkFlr7wjAtwwqyX97TxT3kCAwEAAaOCA7IwggOuMB0GA1Ud
DgQWBBQMWdATZ8+D30jLX3Hn/U10dQf8mTAfBgNVHSMEGDAWgBQu5tVgoIoBPz/g
5m2tr2/QK+r0PzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0x1YlZZS0NLQVQ4XzRPWnRyYTl2MEN2cTlEOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvYzAwYTViLTZhNTktNDFkZC1iMTNiLTczNDk1ZmMwOGZjNC8x
L0RGblFFMmZQZzk5SXkxOXg1XzFOZEhVSF9Kay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
YzAwYTViLTZhNTktNDFkZC1iMTNiLTczNDk1ZmMwOGZjNC8xL0x1YlZZS0NLQVQ4
XzRPWnRyYTl2MEN2cTlEOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AcYGCCsGAQUFBwEHAQH/BIIBtTCCAbEwggGOBAIAATCCAYYDBAMFPkADBAUFPmAD
BAQFU6ADBAMFZaADBAAf1oADBAEf1oIwDAMEAR/WhgMEAB/WiAMEAR/WjgMEAB/W
lDAMAwQBH9aeAwQDH9agAwQDH9bAMAwDBAEf1soDBAIf1tAwDAMEAx/W2AMEAR/W
3AMEAh/W4AMEAx/W6DAMAwQFJQpgAwQCJQpoAwQAJQpzMAwDBAElCnYDBAclCgAD
BAItjIADBAItnwQwDAMEAi775AMEAC777AMEAC777jAMAwQELvvwAwQALvv4MAwD
BAdVvoADBARVvqAwDAMEAF+cwQMEAF+cwgMEAF+cxjAMAwQAX5zRAwQCX5zQAwQA
X5zVAwQBX5zcAwQAX5zgAwQBX5zuAwQAX5z6AwQAbebFAwQAbebQAwQAbebTAwQA
bebWAwQBbebwAwQAbebzAwQBbeb4AwQCgABwAwQAhv/GAwQBhv/QMAwDBAKG/9QD
BACG/9YDBACG//ADBACG//sDBAK5CWgDBADCqdMDBAHDUp4DBAPZcsAwHQQCAAIw
FzAOAwUGKgNNQAMFASoDTUQDBQAqA01HMA0GCSqGSIb3DQEBCwUAA4IBAQBTQ/Wv
SmEPPUFNlrx0i5eSaJNW9QnUEk5GOoloeAuH8uRaKxKuTkFCZjzl7zXpzKiN9CfE
gCR0vRM7DXbP+5YeYZtvrBing2N/iJ9i5CGogFccMDUESlo+oNPOsCWDbRKJ3Qzo
wC1c4CKDswNFB14iU8fg7FzR9VQgKfmBnsKGAxhwINjUPrC9RzEiYZFXhuK+tIzi
fR+9U6JIPcYSzLF4UwVe4IuTrGUOrurlv8kZibiGBFviDykHyJyqYeDGehXe/18k
rVIdkhDBOI3jCpoadmvl45cL8aW7MMyYgAaHNseG3ql9K1Kq8K1PYf1RT3inIh/1
GwgyeAq0FVLA5yz1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:22 2024 by rpki-client on console-ams.rpki-client.org