Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/gaGuQCZ-aCXlwwCb6fkPAGPYBRc.roa
File:                     gaGuQCZ-aCXlwwCb6fkPAGPYBRc.roa (raw, json)
Hash identifier:          GW2+nUUV02z1aAGjeGRdDbaz7hqcBCJQe5YZDo1Z5vE=
Subject key identifier:   81:A1:AE:40:26:7E:68:25:E5:C3:00:9B:E9:F9:0F:00:63:D8:05:17
Certificate issuer:       /CN=8f3818554a51808eefb829ec7465a3222f270123
Certificate serial:       165790C2
Authority key identifier: 8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/gaGuQCZ-aCXlwwCb6fkPAGPYBRc.roa
Signing time:             Fri 03 Jun 2022 16:41:28 +0000
ROA not before:           Fri 03 Jun 2022 16:41:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8641
IP address blocks:        213.208.160.0/21 maxlen: 21
                          213.208.168.0/23 maxlen: 23
                          213.208.170.0/24 maxlen: 24
                          213.208.172.0/22 maxlen: 22
                          213.208.176.0/21 maxlen: 21
                          213.208.186.0/23 maxlen: 23
                          213.208.184.0/24 maxlen: 24
                          213.208.188.0/22 maxlen: 22
                          81.26.144.0/21 maxlen: 21
                          81.26.144.0/24 maxlen: 24
                          81.26.152.0/22 maxlen: 22
                          185.106.107.0/24 maxlen: 24
                          77.94.162.0/24 maxlen: 24
                          77.94.160.0/19 maxlen: 19
                          84.47.128.0/22 maxlen: 22
                          77.94.175.0/24 maxlen: 24
                          84.47.135.0/24 maxlen: 24
                          84.47.134.0/23 maxlen: 23
                          84.47.136.0/24 maxlen: 24
                          84.47.140.0/22 maxlen: 22
                          84.47.144.0/23 maxlen: 23
                          84.47.152.0/23 maxlen: 23
                          85.91.96.0/21 maxlen: 21
                          84.47.147.0/24 maxlen: 24
                          77.94.189.0/24 maxlen: 24
                          84.47.148.0/22 maxlen: 22
                          84.47.156.0/22 maxlen: 22
                          84.47.160.0/24 maxlen: 24
                          84.47.161.0/24 maxlen: 24
                          84.47.162.0/24 maxlen: 24
                          84.47.163.0/24 maxlen: 24
                          84.47.160.0/22 maxlen: 22
                          85.91.112.0/22 maxlen: 22
                          84.47.164.0/23 maxlen: 23
                          84.47.168.0/21 maxlen: 21
                          85.91.118.0/23 maxlen: 23
                          213.135.64.0/22 maxlen: 22
                          213.135.70.0/23 maxlen: 23
                          85.91.122.0/24 maxlen: 24
                          84.47.176.0/24 maxlen: 24
                          213.135.69.0/24 maxlen: 24
                          84.47.177.0/24 maxlen: 24
                          84.47.176.0/23 maxlen: 23
                          85.91.120.0/23 maxlen: 23
                          84.47.181.0/24 maxlen: 24
                          213.135.72.0/23 maxlen: 23
                          84.47.182.0/23 maxlen: 23
                          84.47.186.0/23 maxlen: 23
                          213.135.77.0/24 maxlen: 24
                          213.135.80.0/24 maxlen: 24
                          84.47.190.0/23 maxlen: 23
                          213.135.79.0/24 maxlen: 24
                          213.135.80.0/21 maxlen: 21
                          213.135.88.0/22 maxlen: 22
                          2a02:bc8::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 374837442 (0x165790c2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f3818554a51808eefb829ec7465a3222f270123
        Validity
            Not Before: Jun  3 16:41:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=81a1ae40267e6825e5c3009be9f90f0063d80517
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:60:11:13:c2:fd:5c:a8:f0:75:17:03:d6:e8:
                    9d:5c:77:c4:45:b7:21:ec:f4:0a:ca:ad:7c:16:3d:
                    6a:6e:7e:15:f5:46:d0:fd:f1:7d:80:09:3d:14:8e:
                    b4:ab:ca:92:34:66:b9:60:ee:a3:bc:c8:91:5f:21:
                    9d:86:ba:1c:ee:d6:91:c4:64:72:53:63:cc:60:76:
                    d1:7b:e5:83:b6:f6:10:42:25:55:51:36:d0:49:72:
                    80:6d:01:8d:f4:75:08:0a:33:cd:ee:4c:b4:6f:ef:
                    8b:7f:db:67:17:c6:44:5d:79:72:15:9d:08:16:11:
                    85:fc:b0:66:ed:3e:b1:e3:bf:7c:68:9e:e2:17:7f:
                    7d:b9:98:f7:93:7a:b9:12:67:67:ce:f2:0d:66:d0:
                    88:b6:96:42:b5:3b:db:e3:46:9c:9c:00:1f:11:aa:
                    59:39:fe:f0:83:0d:c3:36:09:43:3e:ff:d9:2f:e1:
                    50:0a:85:33:27:bc:e9:53:5d:03:84:a7:d2:19:86:
                    8a:f1:63:d0:ea:7e:ae:01:13:39:d5:44:ca:a1:5d:
                    f7:e6:3a:fd:01:55:56:cd:01:5d:7b:38:76:ba:42:
                    15:1b:fd:2a:95:0e:20:e9:1d:55:0e:01:a3:39:52:
                    38:72:ff:bc:14:39:49:63:aa:af:89:74:1f:4c:58:
                    f1:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:A1:AE:40:26:7E:68:25:E5:C3:00:9B:E9:F9:0F:00:63:D8:05:17
            X509v3 Authority Key Identifier:
                keyid:8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/gaGuQCZ-aCXlwwCb6fkPAGPYBRc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/jzgYVUpRgI7vuCnsdGWjIi8nASM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.94.160.0/19
                  81.26.144.0-81.26.155.255
                  84.47.128.0/22
                  84.47.134.0-84.47.136.255
                  84.47.140.0-84.47.145.255
                  84.47.147.0-84.47.153.255
                  84.47.156.0-84.47.165.255
                  84.47.168.0-84.47.177.255
                  84.47.181.0-84.47.183.255
                  84.47.186.0/23
                  84.47.190.0/23
                  85.91.96.0/21
                  85.91.112.0/22
                  85.91.118.0-85.91.122.255
                  185.106.107.0/24
                  213.135.64.0/22
                  213.135.69.0-213.135.73.255
                  213.135.77.0/24
                  213.135.79.0-213.135.91.255
                  213.208.160.0-213.208.170.255
                  213.208.172.0-213.208.184.255
                  213.208.186.0-213.208.191.255
                IPv6:
                  2a02:bc8::/29

    Signature Algorithm: sha256WithRSAEncryption
         0e:74:b4:0f:f6:93:90:a4:11:b2:90:a0:b3:ae:e4:42:b3:7e:
         1c:d4:b4:ef:dc:be:d4:d7:67:ed:ad:ce:8a:00:4b:bb:e2:9c:
         6c:af:64:f2:fa:cf:31:fe:3b:a4:f4:63:96:42:d4:84:ea:83:
         40:a4:19:d3:97:e5:9d:63:6e:df:f0:5f:ef:92:9f:0a:21:15:
         75:b3:a3:d9:8b:67:c4:42:f7:80:b6:d5:05:2b:fd:a4:d3:34:
         74:85:c4:a7:61:e3:62:da:cd:6f:22:fa:c7:b1:04:44:09:2a:
         7e:e6:60:fc:6a:2f:81:3e:c6:f3:82:93:da:9b:06:49:12:9b:
         06:b8:26:e4:a2:e5:9d:a5:26:67:94:74:81:43:20:d0:3c:fd:
         e3:bb:5b:a7:3c:8b:6e:6e:c4:25:15:bd:1f:32:ed:25:6e:6c:
         c3:9b:12:01:e6:27:eb:8a:0f:99:92:f6:35:f3:c1:72:ad:7c:
         91:6a:a5:2f:6d:4d:0c:10:f1:3b:2e:3b:36:21:02:69:79:72:
         f4:11:98:3e:39:84:03:19:10:da:03:e7:9a:d6:61:0a:c1:b2:
         55:66:f7:23:53:aa:70:14:fc:2d:12:84:f6:13:e8:d8:3c:82:
         72:3d:49:93:d7:59:fb:71:2c:ed:5a:ce:3a:80:45:e6:4a:01:
         7c:5a:1d:f5
-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgIEFleQwjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZjM4MTg1NTRhNTE4MDhlZWZiODI5ZWM3NDY1YTMyMjJmMjcwMTIzMB4XDTIyMDYw
MzE2NDEyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODFhMWFlNDAyNjdl
NjgyNWU1YzMwMDliZTlmOTBmMDA2M2Q4MDUxNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALpgERPC/Vyo8HUXA9bonVx3xEW3Iez0CsqtfBY9am5+FfVG
0P3xfYAJPRSOtKvKkjRmuWDuo7zIkV8hnYa6HO7WkcRkclNjzGB20Xvlg7b2EEIl
VVE20ElygG0BjfR1CAozze5MtG/vi3/bZxfGRF15chWdCBYRhfywZu0+seO/fGie
4hd/fbmY95N6uRJnZ87yDWbQiLaWQrU72+NGnJwAHxGqWTn+8IMNwzYJQz7/2S/h
UAqFMye86VNdA4Sn0hmGivFj0Op+rgETOdVEyqFd9+Y6/QFVVs0BXXs4drpCFRv9
KpUOIOkdVQ4BozlSOHL/vBQ5SWOqr4l0H0xY8SECAwEAAaOCAwYwggMCMB0GA1Ud
DgQWBBSBoa5AJn5oJeXDAJvp+Q8AY9gFFzAfBgNVHSMEGDAWgBSPOBhVSlGAju+4
Kex0ZaMiLycBIzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2p6Z1lWVXBSZ0k3dnVDbnNkR1dqSWk4bkFTTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDYvMDlkYmE0LTFjOTMtNDlkNi04ODg4LWJmYjRiYTMwZTQ1YS8x
L2dhR3VRQ1otYUNYbHd3Q2I2ZmtQQUdQWUJSYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYv
MDlkYmE0LTFjOTMtNDlkNi04ODg4LWJmYjRiYTMwZTQ1YS8xL2p6Z1lWVXBSZ0k3
dnVDbnNkR1dqSWk4bkFTTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
ARoGCCsGAQUFBwEHAQH/BIIBCTCCAQUwgfMEAgABMIHsAwQFTV6gMAwDBARRGpAD
BAJRGpgDBAJUL4AwDAMEAVQvhgMEAFQviDAMAwQCVC+MAwQBVC+QMAwDBABUL5MD
BAFUL5gwDAMEAlQvnAMEAVQvpDAMAwQDVC+oAwQBVC+wMAwDBABUL7UDBANUL7AD
BAFUL7oDBAFUL74DBANVW2ADBAJVW3AwDAMEAVVbdgMEAFVbegMEALlqawMEAtWH
QDAMAwQA1YdFAwQB1YdIAwQA1YdNMAwDBADVh08DBALVh1gwDAMEBdXQoAMEANXQ
qjAMAwQC1dCsAwQA1dC4MAwDBAHV0LoDBAbV0IAwDQQCAAIwBwMFAyoCC8gwDQYJ
KoZIhvcNAQELBQADggEBAA50tA/2k5CkEbKQoLOu5EKzfhzUtO/cvtTXZ+2tzooA
S7vinGyvZPL6zzH+O6T0Y5ZC1ITqg0CkGdOX5Z1jbt/wX++SnwohFXWzo9mLZ8RC
94C21QUr/aTTNHSFxKdh42LazW8i+sexBEQJKn7mYPxqL4E+xvOCk9qbBkkSmwa4
JuSi5Z2lJmeUdIFDINA8/eO7W6c8i25uxCUVvR8y7SVubMObEgHmJ+uKD5mS9jXz
wXKtfJFqpS9tTQwQ8TsuOzYhAml5cvQRmD45hAMZENoD55rWYQrBslVm9yNTqnAU
/C0ShPYT6Ng8gnI9SZPXWftxLO1azjqAReZKAXxaHfU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:36 2024 by rpki-client on console-fra.rpki-client.org