Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/gu7ry1tX3hjscx2mDM2zaqtSfDo.roa
File:                     gu7ry1tX3hjscx2mDM2zaqtSfDo.roa (raw, json)
Hash identifier:          sQGEVHBaEe5WZBH3Bpm+JEocJKA0orSvTjpROs2ef2U=
Subject key identifier:   82:EE:EB:CB:5B:57:DE:18:EC:73:1D:A6:0C:CD:B3:6A:AB:52:7C:3A
Certificate issuer:       /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial:       0182C9EC41EA7C183013A82082E4F12BF829
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/gu7ry1tX3hjscx2mDM2zaqtSfDo.roa
Signing time:             Tue 23 Aug 2022 08:57:59 +0000
ROA not before:           Tue 23 Aug 2022 08:57:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     52116
IP address blocks:        188.255.130.0/24 maxlen: 24
                          188.255.208.0/24 maxlen: 24
                          188.255.213.0/24 maxlen: 24
                          188.255.216.0/24 maxlen: 24
                          188.255.219.0/24 maxlen: 24
                          188.255.236.0/24 maxlen: 24
                          188.255.238.0/24 maxlen: 24
                          188.255.239.0/24 maxlen: 24
                          188.255.246.0/24 maxlen: 24
                          188.255.244.0/23 maxlen: 23
                          188.255.248.0/24 maxlen: 24
                          188.255.252.0/24 maxlen: 24
                          188.255.247.0/24 maxlen: 24
                          188.255.250.0/23 maxlen: 23
                          188.255.190.0/24 maxlen: 24
                          212.69.12.0/24 maxlen: 24
                          178.253.207.0/24 maxlen: 24
                          178.253.210.0/24 maxlen: 24
                          178.253.213.0/24 maxlen: 24
                          178.253.219.0/24 maxlen: 24
                          178.253.214.0/24 maxlen: 24
                          178.253.222.0/24 maxlen: 24
                          93.186.64.0/24 maxlen: 24
                          93.186.67.0/24 maxlen: 24
                          93.186.71.0/24 maxlen: 24
                          93.186.72.0/24 maxlen: 24
                          212.69.6.0/24 maxlen: 24
                          212.69.7.0/24 maxlen: 24
                          178.253.236.0/24 maxlen: 24
                          178.253.240.0/24 maxlen: 24
                          81.18.49.0/24 maxlen: 24
                          81.18.50.0/24 maxlen: 24
                          81.18.55.0/24 maxlen: 24
                          81.18.52.0/23 maxlen: 23
                          81.18.61.0/24 maxlen: 24
                          79.175.103.0/24 maxlen: 24
                          79.175.116.0/24 maxlen: 24
                          79.175.118.0/24 maxlen: 24
                          79.175.115.0/24 maxlen: 24
                          188.255.254.0/24 maxlen: 24
                          188.255.255.0/24 maxlen: 24
                          178.219.11.0/24 maxlen: 24
                          178.219.8.0/23 maxlen: 23
                          185.47.88.0/24 maxlen: 24
                          185.47.89.0/24 maxlen: 24
                          185.47.90.0/24 maxlen: 24
                          77.105.18.0/23 maxlen: 23
                          77.105.31.0/24 maxlen: 24
                          80.74.173.0/24 maxlen: 24
                          77.105.11.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:c9:ec:41:ea:7c:18:30:13:a8:20:82:e4:f1:2b:f8:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
        Validity
            Not Before: Aug 23 08:57:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=82eeebcb5b57de18ec731da60ccdb36aab527c3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:76:60:1e:84:a7:65:a0:3f:cc:31:7c:7a:87:
                    86:e4:4a:94:f6:91:d3:e6:6c:7c:31:68:1c:2c:fd:
                    88:bf:ad:e8:f7:57:a2:e3:4c:05:64:8b:04:d2:5f:
                    6a:24:d5:8d:6c:ff:8f:9a:3b:3f:34:4b:1f:34:65:
                    03:c7:ed:c3:bc:94:23:05:c2:a8:e9:d2:7c:7d:2c:
                    38:5b:2d:e2:17:10:33:43:b5:f1:ea:b5:d8:ce:9d:
                    99:b5:e3:fe:75:68:ec:25:50:3c:2b:68:ef:6b:72:
                    d0:53:6a:83:38:88:60:42:98:88:d8:fc:e1:f0:2d:
                    02:25:a4:98:7a:0f:66:a6:1e:5a:f4:4b:72:06:b3:
                    8e:d2:8e:f1:40:06:b1:d7:ae:f8:8b:75:56:dc:66:
                    69:c9:b3:c4:59:78:d1:63:f8:c4:db:db:dd:c3:e1:
                    51:2b:24:e3:33:c0:4d:62:78:5e:c5:b1:35:6e:a4:
                    2e:2a:85:cb:b0:a6:06:d7:c7:c4:b7:88:9f:f9:6c:
                    0f:03:3d:47:41:f2:a7:13:c2:15:37:36:53:eb:f5:
                    19:4d:69:77:6f:29:0e:15:36:02:f9:e8:16:d3:d7:
                    11:6b:9b:57:7c:c1:f1:15:d7:80:03:32:5d:73:b3:
                    86:82:f3:35:d1:a7:cc:49:47:67:b9:e8:3a:8d:8c:
                    c0:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:EE:EB:CB:5B:57:DE:18:EC:73:1D:A6:0C:CD:B3:6A:AB:52:7C:3A
            X509v3 Authority Key Identifier:
                keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/gu7ry1tX3hjscx2mDM2zaqtSfDo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.105.11.0/24
                  77.105.18.0/23
                  77.105.31.0/24
                  79.175.103.0/24
                  79.175.115.0-79.175.116.255
                  79.175.118.0/24
                  80.74.173.0/24
                  81.18.49.0-81.18.50.255
                  81.18.52.0/23
                  81.18.55.0/24
                  81.18.61.0/24
                  93.186.64.0/24
                  93.186.67.0/24
                  93.186.71.0-93.186.72.255
                  178.219.8.0/23
                  178.219.11.0/24
                  178.253.207.0/24
                  178.253.210.0/24
                  178.253.213.0-178.253.214.255
                  178.253.219.0/24
                  178.253.222.0/24
                  178.253.236.0/24
                  178.253.240.0/24
                  185.47.88.0-185.47.90.255
                  188.255.130.0/24
                  188.255.190.0/24
                  188.255.208.0/24
                  188.255.213.0/24
                  188.255.216.0/24
                  188.255.219.0/24
                  188.255.236.0/24
                  188.255.238.0/23
                  188.255.244.0-188.255.248.255
                  188.255.250.0-188.255.252.255
                  188.255.254.0/23
                  212.69.6.0/23
                  212.69.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:93:95:e6:5d:5a:ae:7a:d0:2c:09:0c:df:b9:cf:7c:b3:fb:
         04:ec:9b:5b:3d:34:c9:7f:65:13:e9:b0:00:b2:8c:9d:dc:ff:
         e0:b9:ee:70:12:cf:ab:77:24:2e:0d:d7:95:a4:46:b2:a1:69:
         ce:b1:2a:9c:c7:65:90:15:81:d4:80:d5:99:a7:27:35:75:63:
         06:78:52:ed:af:c5:bf:8f:d9:8c:9e:3d:7d:f6:f7:0a:23:8f:
         53:b8:1e:ea:3c:ad:37:51:d0:a1:78:9c:54:1b:95:fb:73:e4:
         05:f0:70:a6:00:cb:7d:f3:57:37:e2:aa:4d:a4:e3:30:cb:57:
         20:ec:85:fe:e3:8a:9a:26:f7:39:1e:27:85:b3:6e:e6:6b:e3:
         5e:89:4c:1e:86:bb:5d:36:e7:6f:76:12:ad:ae:bc:ba:82:6f:
         ef:59:da:8d:7d:85:f5:70:55:c3:44:bb:2d:7a:97:24:2f:d4:
         b1:78:e6:17:ea:57:3c:6c:b4:dd:b7:16:8a:b0:e9:c1:20:76:
         a3:00:02:e3:1f:9d:85:2d:b5:64:81:0a:d4:60:ab:8b:0d:8b:
         69:e4:00:32:77:bd:c6:40:15:20:6a:1b:e3:79:6d:53:66:98:
         ff:52:ee:59:ce:08:09:27:85:09:8c:0d:bf:b7:38:e8:60:71:
         7b:14:71:2e
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgISAYLJ7EHqfBgwE6ggguTxK/gpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjIwODIzMDg1NzU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmVlZWJjYjViNTdkZTE4ZWM3MzFkYTYwY2NkYjM2YWFiNTI3YzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknZgHoSnZaA/zDF8eoeG5EqU9pHT
5mx8MWgcLP2Iv63o91ei40wFZIsE0l9qJNWNbP+Pmjs/NEsfNGUDx+3DvJQjBcKo
6dJ8fSw4Wy3iFxAzQ7Xx6rXYzp2ZteP+dWjsJVA8K2jva3LQU2qDOIhgQpiI2Pzh
8C0CJaSYeg9mph5a9EtyBrOO0o7xQAax1674i3VW3GZpybPEWXjRY/jE29vdw+FR
KyTjM8BNYnhexbE1bqQuKoXLsKYG18fEt4if+WwPAz1HQfKnE8IVNzZT6/UZTWl3
bykOFTYC+egW09cRa5tXfMHxFdeAAzJdc7OGgvM10afMSUdnueg6jYzAGQIDAQAB
o4IDIzCCAx8wHQYDVR0OBBYEFILu68tbV94Y7HMdpgzNs2qrUnw6MB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvZ3U3cnkxdFgzaGpzY3gybURNMnphcXRTZkRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNwYIKwYBBQUHAQcBAf8EggEmMIIBIjCCAR4EAgABMIIB
FgMEAE1pCwMEAU1pEgMEAE1pHwMEAE+vZzAMAwQAT69zAwQAT690AwQAT692AwQA
UEqtMAwDBABREjEDBABREjIDBAFREjQDBABREjcDBABREj0DBABdukADBABdukMw
DAMEAF26RwMEAF26SAMEAbLbCAMEALLbCwMEALL9zwMEALL90jAMAwQAsv3VAwQA
sv3WAwQAsv3bAwQAsv3eAwQAsv3sAwQAsv3wMAwDBAO5L1gDBAC5L1oDBAC8/4ID
BAC8/74DBAC8/9ADBAC8/9UDBAC8/9gDBAC8/9sDBAC8/+wDBAG8/+4wDAMEArz/
9AMEALz/+DAMAwQBvP/6AwQAvP/8AwQBvP/+AwQB1EUGAwQA1EUMMA0GCSqGSIb3
DQEBCwUAA4IBAQCTk5XmXVquetAsCQzfuc98s/sE7JtbPTTJf2UT6bAAsoyd3P/g
ue5wEs+rdyQuDdeVpEayoWnOsSqcx2WQFYHUgNWZpyc1dWMGeFLtr8W/j9mMnj19
9vcKI49TuB7qPK03UdCheJxUG5X7c+QF8HCmAMt981c34qpNpOMwy1cg7IX+44qa
Jvc5HieFs27ma+NeiUwehrtdNudvdhKtrry6gm/vWdqNfYX1cFXDRLstepckL9Sx
eOYX6lc8bLTdtxaKsOnBIHajAALjH52FLbVkgQrUYKuLDYtp5AAyd73GQBUgahvj
eW1TZpj/Uu5ZzggJJ4UJjA2/tzjoYHF7FHEu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:05 2024 by rpki-client on console-ams.rpki-client.org