Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/zb69QrGt44WIQ7DPmg_AhSgic1Q.roa
File:                     zb69QrGt44WIQ7DPmg_AhSgic1Q.roa (raw, json)
Hash identifier:          kSBqUpqm2g5Lv2xeqrBwV7AgDkOR1xxGWEy3rM4Idsg=
Subject key identifier:   CD:BE:BD:42:B1:AD:E3:85:88:43:B0:CF:9A:0F:C0:85:28:22:73:54
Certificate issuer:       /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial:       08C7CEA6
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/zb69QrGt44WIQ7DPmg_AhSgic1Q.roa
Signing time:             Tue 05 Apr 2022 17:58:37 +0000
ROA not before:           Tue 05 Apr 2022 17:58:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     28964
IP address blocks:        188.255.206.0/23 maxlen: 23
                          188.255.205.0/24 maxlen: 24
                          188.255.217.0/24 maxlen: 24
                          188.255.228.0/24 maxlen: 24
                          188.255.230.0/23 maxlen: 23
                          109.121.48.0/24 maxlen: 24
                          109.121.49.0/24 maxlen: 24
                          109.121.53.0/24 maxlen: 24
                          109.121.55.0/24 maxlen: 24
                          188.255.253.0/24 maxlen: 24
                          188.255.179.0/24 maxlen: 24
                          188.255.192.0/23 maxlen: 23
                          188.255.190.0/24 maxlen: 24
                          188.255.196.0/22 maxlen: 22
                          188.255.195.0/24 maxlen: 24
                          212.69.21.0/24 maxlen: 24
                          212.69.19.0/24 maxlen: 24
                          212.69.30.0/24 maxlen: 24
                          178.253.193.0/24 maxlen: 24
                          178.253.212.0/24 maxlen: 24
                          178.253.218.0/24 maxlen: 24
                          178.253.215.0/24 maxlen: 24
                          178.253.216.0/24 maxlen: 24
                          178.253.217.0/24 maxlen: 24
                          178.253.220.0/23 maxlen: 23
                          93.186.65.0/24 maxlen: 24
                          93.186.77.0/24 maxlen: 24
                          212.69.3.0/24 maxlen: 24
                          212.69.4.0/24 maxlen: 24
                          212.69.5.0/24 maxlen: 24
                          178.253.238.0/24 maxlen: 24
                          178.253.235.0/24 maxlen: 24
                          109.233.188.0/24 maxlen: 24
                          109.233.190.0/24 maxlen: 24
                          178.253.246.0/24 maxlen: 24
                          178.253.244.0/24 maxlen: 24
                          178.253.245.0/24 maxlen: 24
                          81.18.51.0/24 maxlen: 24
                          81.18.58.0/24 maxlen: 24
                          81.18.56.0/24 maxlen: 24
                          81.18.57.0/24 maxlen: 24
                          81.18.63.0/24 maxlen: 24
                          79.175.120.0/24 maxlen: 24
                          178.219.2.0/24 maxlen: 24
                          178.219.4.0/22 maxlen: 22
                          178.219.15.0/24 maxlen: 24
                          178.219.12.0/23 maxlen: 23
                          185.47.91.0/24 maxlen: 24
                          77.105.22.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 147312294 (0x8c7cea6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
        Validity
            Not Before: Apr  5 17:58:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cdbebd42b1ade3858843b0cf9a0fc08528227354
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:62:64:db:d1:ec:5d:fd:ed:7a:01:54:39:bf:
                    e8:a2:3c:39:22:a7:6a:6e:3b:00:62:83:a5:11:69:
                    35:29:e7:4c:e2:89:c2:15:a7:91:29:ff:e7:e2:f3:
                    46:3c:dc:9b:ae:58:e6:25:0e:3d:70:b1:75:a9:62:
                    fa:4a:fc:55:dd:40:41:7c:f1:ee:a9:8b:db:5d:c4:
                    33:98:72:19:41:49:2e:de:95:8e:ab:b1:91:d5:13:
                    d3:5b:c6:76:f5:43:d4:fc:28:34:f6:65:57:17:03:
                    31:34:60:ef:e2:db:7f:cf:2f:ae:76:5a:c5:c0:3d:
                    87:c2:96:fb:75:93:f0:7d:8f:30:50:32:cf:4f:47:
                    99:60:c9:f9:ba:72:14:38:c9:b6:55:b7:79:74:de:
                    9f:b2:59:47:83:10:8a:06:cd:6e:2b:fc:a0:10:4c:
                    ef:29:f0:3d:2d:93:8b:df:d2:82:3b:9b:a6:b6:18:
                    e0:df:24:82:8f:92:bd:5b:42:80:7f:65:b8:1b:0c:
                    30:75:f8:05:e0:4a:d8:cc:52:82:18:cf:70:4e:e6:
                    00:34:f3:ff:d2:0f:ec:7d:f7:17:63:c2:06:da:67:
                    fd:8d:65:8e:ab:b2:4b:f1:f4:dc:08:51:6f:87:7d:
                    8a:4a:e7:ce:a3:8d:b3:2e:2a:ef:7d:65:71:e5:5e:
                    d9:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:BE:BD:42:B1:AD:E3:85:88:43:B0:CF:9A:0F:C0:85:28:22:73:54
            X509v3 Authority Key Identifier:
                keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/zb69QrGt44WIQ7DPmg_AhSgic1Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.105.22.0/24
                  79.175.120.0/24
                  81.18.51.0/24
                  81.18.56.0-81.18.58.255
                  81.18.63.0/24
                  93.186.65.0/24
                  93.186.77.0/24
                  109.121.48.0/23
                  109.121.53.0/24
                  109.121.55.0/24
                  109.233.188.0/24
                  109.233.190.0/24
                  178.219.2.0/24
                  178.219.4.0/22
                  178.219.12.0/23
                  178.219.15.0/24
                  178.253.193.0/24
                  178.253.212.0/24
                  178.253.215.0-178.253.218.255
                  178.253.220.0/23
                  178.253.235.0/24
                  178.253.238.0/24
                  178.253.244.0-178.253.246.255
                  185.47.91.0/24
                  188.255.179.0/24
                  188.255.190.0/24
                  188.255.192.0/23
                  188.255.195.0-188.255.199.255
                  188.255.205.0-188.255.207.255
                  188.255.217.0/24
                  188.255.228.0/24
                  188.255.230.0/23
                  188.255.253.0/24
                  212.69.3.0-212.69.5.255
                  212.69.19.0/24
                  212.69.21.0/24
                  212.69.30.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:7b:f9:f2:64:04:98:30:c4:09:71:8d:3f:02:98:3f:36:02:
         14:43:6b:69:e2:d3:17:5b:df:8e:8c:4d:aa:de:5d:4f:77:93:
         81:de:e5:9a:cc:e9:53:18:85:4f:7e:66:ee:a3:24:bd:9c:ed:
         a8:24:0f:c1:96:d7:18:b4:d0:a3:e2:b7:02:70:11:b9:a1:b6:
         45:61:b2:cb:88:c6:02:fb:d2:b2:3f:87:c9:aa:b8:ae:0c:9f:
         cb:9e:46:b8:b5:a1:66:44:9a:f7:a2:01:16:80:33:2d:67:30:
         8c:71:f2:b5:84:7d:71:88:ed:b1:db:9f:0e:97:e8:e8:d3:cd:
         56:48:e6:ee:06:90:02:4b:19:3c:bd:72:c7:22:10:af:a5:c0:
         e8:c0:c1:89:db:35:ea:3c:be:d2:cc:32:09:26:45:0c:8b:df:
         6d:8b:ba:15:d7:89:44:24:3a:bf:22:e6:16:f2:13:c6:e0:81:
         58:19:5a:59:7c:b8:bb:73:23:92:14:cb:5b:67:fc:bb:8e:42:
         3b:fc:2c:3b:70:12:56:21:3d:40:22:39:08:de:ea:ef:f4:b4:
         07:4b:25:40:d9:51:6a:72:5f:17:7e:c0:a2:23:40:49:c2:68:
         e0:9f:02:dc:18:d2:6f:1f:77:31:e5:ab:4c:47:98:2e:f5:7d:
         c8:96:a4:e3
-----BEGIN CERTIFICATE-----
MIIGATCCBOmgAwIBAgIECMfOpjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Zjg0ZTQ3MzhhNzBlYTM5YzA4Y2VmMjEwNDMyYWUzOTllYzdlOTE1MB4XDTIyMDQw
NTE3NTgzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2RiZWJkNDJiMWFk
ZTM4NTg4NDNiMGNmOWEwZmMwODUyODIyNzM1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK5iZNvR7F397XoBVDm/6KI8OSKnam47AGKDpRFpNSnnTOKJ
whWnkSn/5+LzRjzcm65Y5iUOPXCxdali+kr8Vd1AQXzx7qmL213EM5hyGUFJLt6V
jquxkdUT01vGdvVD1PwoNPZlVxcDMTRg7+Lbf88vrnZaxcA9h8KW+3WT8H2PMFAy
z09HmWDJ+bpyFDjJtlW3eXTen7JZR4MQigbNbiv8oBBM7ynwPS2Ti9/SgjubprYY
4N8kgo+SvVtCgH9luBsMMHX4BeBK2MxSghjPcE7mADTz/9IP7H33F2PCBtpn/Y1l
jquyS/H03AhRb4d9ikrnzqONsy4q731lceVe2eECAwEAAaOCAxswggMXMB0GA1Ud
DgQWBBTNvr1Csa3jhYhDsM+aD8CFKCJzVDAfBgNVHSMEGDAWgBRvhORzinDqOcCM
7yEEMq45nsfpFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2I0VGtjNHB3NmpuQWpPOGhCREt1T1o3SDZSVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8x
L3piNjlRckd0NDRXSVE3RFBtZ19BaFNnaWMxUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
ZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8xL2I0VGtjNHB3Nmpu
QWpPOGhCREt1T1o3SDZSVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AS8GCCsGAQUFBwEHAQH/BIIBHjCCARowggEWBAIAATCCAQ4DBABNaRYDBABPr3gD
BABREjMwDAMEA1ESOAMEAFESOgMEAFESPwMEAF26QQMEAF26TQMEAW15MAMEAG15
NQMEAG15NwMEAG3pvAMEAG3pvgMEALLbAgMEArLbBAMEAbLbDAMEALLbDwMEALL9
wQMEALL91DAMAwQAsv3XAwQAsv3aAwQBsv3cAwQAsv3rAwQAsv3uMAwDBAKy/fQD
BACy/fYDBAC5L1sDBAC8/7MDBAC8/74DBAG8/8AwDAMEALz/wwMEA7z/wDAMAwQA
vP/NAwQEvP/AAwQAvP/ZAwQAvP/kAwQBvP/mAwQAvP/9MAwDBADURQMDBAHURQQD
BADURRMDBADURRUDBADURR4wDQYJKoZIhvcNAQELBQADggEBAF57+fJkBJgwxAlx
jT8CmD82AhRDa2ni0xdb346MTareXU93k4He5ZrM6VMYhU9+Zu6jJL2c7agkD8GW
1xi00KPitwJwEbmhtkVhssuIxgL70rI/h8mquK4Mn8ueRri1oWZEmveiARaAMy1n
MIxx8rWEfXGI7bHbnw6X6OjTzVZI5u4GkAJLGTy9csciEK+lwOjAwYnbNeo8vtLM
MgkmRQyL322LuhXXiUQkOr8i5hbyE8bggVgZWll8uLtzI5IUy1tn/LuOQjv8LDtw
ElYhPUAiOQje6u/0tAdLJUDZUWpyXxd+wKIjQEnCaOCfAtwY0m8fdzHlq0xHmC71
fciWpOM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:27 2024 by rpki-client on console-fra.rpki-client.org