Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/clbYHcmUPR9w52vhgRqfBJ1GqBI.roa
File:                     clbYHcmUPR9w52vhgRqfBJ1GqBI.roa (raw, json)
Hash identifier:          3lABaeKUvVWpuSlItwJgpa66tVWAKh/l5nrg9ExBXEY=
Subject key identifier:   72:56:D8:1D:C9:94:3D:1F:70:E7:6B:E1:81:1A:9F:04:9D:46:A8:12
Certificate issuer:       /CN=22c7cda75f4e15e486dee5a6501cbe2018bc0e0f
Certificate serial:       0D6C3CBF
Authority key identifier: 22:C7:CD:A7:5F:4E:15:E4:86:DE:E5:A6:50:1C:BE:20:18:BC:0E:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsfNp19OFeSG3uWmUBy-IBi8Dg8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/clbYHcmUPR9w52vhgRqfBJ1GqBI.roa
Signing time:             Sat 01 Jan 2022 11:00:04 +0000
ROA not before:           Sat 01 Jan 2022 11:00:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16030
IP address blocks:        185.184.148.0/24 maxlen: 24
                          185.184.151.0/24 maxlen: 24
                          185.184.150.0/24 maxlen: 24
                          185.184.149.0/24 maxlen: 24
                          77.75.176.0/24 maxlen: 24
                          77.75.179.0/24 maxlen: 24
                          77.75.178.0/24 maxlen: 24
                          77.75.177.0/24 maxlen: 24
                          77.75.183.0/24 maxlen: 24
                          77.75.182.0/24 maxlen: 24
                          77.75.181.0/24 maxlen: 24
                          77.75.180.0/24 maxlen: 24
                          212.121.229.0/24 maxlen: 24
                          213.148.218.0/24 maxlen: 24
                          212.121.232.0/24 maxlen: 24
                          213.148.219.0/24 maxlen: 24
                          213.148.217.0/24 maxlen: 24
                          212.121.231.0/24 maxlen: 24
                          213.148.216.0/24 maxlen: 24
                          213.148.214.0/24 maxlen: 24
                          213.148.215.0/24 maxlen: 24
                          212.121.230.0/24 maxlen: 24
                          212.121.233.0/24 maxlen: 24
                          212.121.228.0/24 maxlen: 24
                          212.121.227.0/24 maxlen: 24
                          212.121.235.0/24 maxlen: 24
                          212.121.239.0/24 maxlen: 24
                          212.121.238.0/24 maxlen: 24
                          213.148.223.0/24 maxlen: 24
                          212.121.237.0/24 maxlen: 24
                          212.121.240.0/24 maxlen: 24
                          213.148.222.0/24 maxlen: 24
                          212.121.236.0/24 maxlen: 24
                          213.148.221.0/24 maxlen: 24
                          213.148.220.0/24 maxlen: 24
                          212.121.234.0/24 maxlen: 24
                          212.121.246.0/24 maxlen: 24
                          212.121.245.0/24 maxlen: 24
                          212.121.244.0/24 maxlen: 24
                          212.121.243.0/24 maxlen: 24
                          212.121.242.0/24 maxlen: 24
                          212.121.241.0/24 maxlen: 24
                          212.121.250.0/24 maxlen: 24
                          212.121.249.0/24 maxlen: 24
                          212.121.248.0/24 maxlen: 24
                          212.121.247.0/24 maxlen: 24
                          212.121.253.0/24 maxlen: 24
                          212.121.252.0/24 maxlen: 24
                          212.121.251.0/24 maxlen: 24
                          212.121.255.0/24 maxlen: 24
                          212.121.254.0/24 maxlen: 24
                          213.148.192.0/24 maxlen: 24
                          213.148.198.0/24 maxlen: 24
                          213.148.197.0/24 maxlen: 24
                          213.148.196.0/24 maxlen: 24
                          213.148.199.0/24 maxlen: 24
                          213.148.195.0/24 maxlen: 24
                          213.148.194.0/24 maxlen: 24
                          213.148.193.0/24 maxlen: 24
                          213.148.205.0/24 maxlen: 24
                          213.148.204.0/24 maxlen: 24
                          213.148.203.0/24 maxlen: 24
                          213.148.202.0/24 maxlen: 24
                          213.148.206.0/24 maxlen: 24
                          213.148.201.0/24 maxlen: 24
                          213.148.200.0/24 maxlen: 24
                          213.148.208.0/24 maxlen: 24
                          213.148.207.0/24 maxlen: 24
                          213.148.212.0/24 maxlen: 24
                          213.148.211.0/24 maxlen: 24
                          212.121.225.0/24 maxlen: 24
                          213.148.210.0/24 maxlen: 24
                          213.148.213.0/24 maxlen: 24
                          212.121.224.0/24 maxlen: 24
                          213.148.209.0/24 maxlen: 24
                          212.121.226.0/24 maxlen: 24
                          2001:4d10::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 225197247 (0xd6c3cbf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c7cda75f4e15e486dee5a6501cbe2018bc0e0f
        Validity
            Not Before: Jan  1 11:00:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7256d81dc9943d1f70e76be1811a9f049d46a812
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:12:1f:46:24:15:91:01:a3:bc:8b:e7:44:52:
                    87:8f:ec:2d:7b:09:8b:59:ad:31:67:bc:3b:c9:e0:
                    e2:7d:54:e8:ff:17:8f:65:a5:74:d7:5a:72:56:73:
                    b8:e0:41:04:79:53:59:91:38:70:e0:0c:af:6b:c1:
                    2f:d5:68:c1:7d:b4:e5:33:9f:96:2f:34:3e:1e:95:
                    88:dc:a2:30:e3:dc:86:ed:6d:f5:7d:4c:a5:fc:ba:
                    1e:cf:c8:3e:f0:40:88:4a:fb:fc:37:10:a6:32:a0:
                    89:6e:6c:da:e5:44:9b:d9:8a:fc:f3:9e:09:bd:04:
                    d1:90:41:9f:3e:68:bc:53:6c:90:42:74:c6:a4:c1:
                    7a:f8:4e:42:b7:2e:e9:9b:64:a6:04:9a:d3:f7:02:
                    45:0d:1f:e1:6c:c6:43:00:44:ce:b5:cb:15:ad:b1:
                    ff:5d:6a:01:26:ba:1f:2c:ff:49:bf:84:a0:a2:bb:
                    18:e7:d4:89:15:fc:da:fb:37:d0:65:4d:93:db:ef:
                    9a:18:84:32:c7:0b:bb:3c:f8:cd:90:4e:00:5d:35:
                    ad:98:ca:1c:b6:44:7d:f6:39:c3:e7:68:4e:d2:d0:
                    d3:35:51:03:92:52:2f:82:41:60:84:a8:d1:03:3e:
                    cb:c6:5c:c8:12:f7:82:a5:08:21:1a:bd:50:36:c3:
                    60:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:56:D8:1D:C9:94:3D:1F:70:E7:6B:E1:81:1A:9F:04:9D:46:A8:12
            X509v3 Authority Key Identifier:
                keyid:22:C7:CD:A7:5F:4E:15:E4:86:DE:E5:A6:50:1C:BE:20:18:BC:0E:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsfNp19OFeSG3uWmUBy-IBi8Dg8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/clbYHcmUPR9w52vhgRqfBJ1GqBI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/IsfNp19OFeSG3uWmUBy-IBi8Dg8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.75.176.0/21
                  185.184.148.0/22
                  212.121.224.0/19
                  213.148.192.0/19
                IPv6:
                  2001:4d10::/32

    Signature Algorithm: sha256WithRSAEncryption
         72:d3:64:3a:e3:78:b0:96:fb:4a:df:de:17:e6:d8:56:f8:5f:
         72:d0:3f:21:a8:6c:5c:f1:bc:ca:17:8e:f0:fb:21:e7:f2:b9:
         7e:29:b5:46:c3:ac:8a:38:53:e2:54:64:2c:2e:75:d8:ec:8b:
         3f:46:c4:92:04:68:d0:02:a6:16:bb:8f:6e:bf:21:fc:bb:ec:
         00:f1:6c:cc:93:64:1e:ee:b4:a7:fe:67:db:c4:99:50:18:f2:
         dc:7d:63:42:e5:7e:e8:99:23:77:fc:a3:5b:d5:f1:63:13:71:
         18:53:57:8c:d5:ae:f3:a5:3e:e7:b9:f8:0f:44:e5:8e:d2:7a:
         d1:f8:fb:e4:6c:64:55:5c:71:07:74:db:3d:97:78:41:aa:4f:
         39:c1:ba:ea:ae:ce:85:c2:60:f5:5e:b0:89:f8:76:67:5c:2e:
         89:bd:c4:fa:65:7e:25:34:e8:ae:08:4e:75:03:51:e2:38:0a:
         75:79:0a:b1:a8:b3:be:52:07:f7:a8:8a:97:ae:c5:be:91:e8:
         cb:a2:23:7a:f4:06:29:4a:f6:63:72:f3:b4:3c:04:14:b2:0e:
         a0:74:ae:a4:27:ba:16:0b:57:93:90:b8:ee:d0:bd:78:00:7f:
         1e:46:80:2b:a1:4d:96:0c:99:71:1e:c8:03:9a:35:2d:04:2c:
         c9:29:77:6d
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEDWw8vzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM3Y2RhNzVmNGUxNWU0ODZkZWU1YTY1MDFjYmUyMDE4YmMwZTBmMB4XDTIyMDEw
MTExMDAwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzI1NmQ4MWRjOTk0
M2QxZjcwZTc2YmUxODExYTlmMDQ5ZDQ2YTgxMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOASH0YkFZEBo7yL50RSh4/sLXsJi1mtMWe8O8ng4n1U6P8X
j2WldNdaclZzuOBBBHlTWZE4cOAMr2vBL9VowX205TOfli80Ph6ViNyiMOPchu1t
9X1Mpfy6Hs/IPvBAiEr7/DcQpjKgiW5s2uVEm9mK/POeCb0E0ZBBnz5ovFNskEJ0
xqTBevhOQrcu6ZtkpgSa0/cCRQ0f4WzGQwBEzrXLFa2x/11qASa6Hyz/Sb+EoKK7
GOfUiRX82vs30GVNk9vvmhiEMscLuzz4zZBOAF01rZjKHLZEffY5w+doTtLQ0zVR
A5JSL4JBYISo0QM+y8ZcyBL3gqUIIRq9UDbDYOkCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRyVtgdyZQ9H3Dna+GBGp8EnUaoEjAfBgNVHSMEGDAWgBQix82nX04V5Ibe
5aZQHL4gGLwODzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzZk5wMTlPRmVTRzN1V21VQnktSUJpOERnOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2MvYjkyMzMxLTJiYjQtNGE1OS05OTc4LTc1MWIxN2QxYzQzNy8x
L2NsYllIY21VUFI5dzUydmhnUnFmQkoxR3FCSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Mv
YjkyMzMxLTJiYjQtNGE1OS05OTc4LTc1MWIxN2QxYzQzNy8xL0lzZk5wMTlPRmVT
RzN1V21VQnktSUJpOERnOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEA01LsAMEArm4lAMEBdR54AMEBdWU
wDANBAIAAjAHAwUAIAFNEDANBgkqhkiG9w0BAQsFAAOCAQEActNkOuN4sJb7St/e
F+bYVvhfctA/IahsXPG8yheO8Psh5/K5fim1RsOsijhT4lRkLC512OyLP0bEkgRo
0AKmFruPbr8h/LvsAPFszJNkHu60p/5n28SZUBjy3H1jQuV+6Jkjd/yjW9XxYxNx
GFNXjNWu86U+57n4D0TljtJ60fj75GxkVVxxB3TbPZd4QapPOcG66q7OhcJg9V6w
ifh2Z1wuib3E+mV+JTTorghOdQNR4jgKdXkKsaizvlIH96iKl67FvpHoy6IjevQG
KUr2Y3LztDwEFLIOoHSupCe6FgtXk5C47tC9eAB/HkaAK6FNlgyZcR7IA5o1LQQs
ySl3bQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:19 2024 by rpki-client on console-fra.rpki-client.org