Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/otGv1x49BhyYESGq0F7BJWL_v8s.roa
File:                     otGv1x49BhyYESGq0F7BJWL_v8s.roa (raw, json)
Hash identifier:          my+idwhl1YvY3+4qypRYRfK0poyUI5Vpr22JxgNTTB0=
Subject key identifier:   A2:D1:AF:D7:1E:3D:06:1C:98:11:21:AA:D0:5E:C1:25:62:FF:BF:CB
Certificate issuer:       /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial:       0184E6E1ADF70A0849B29147ACF81456999A
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/otGv1x49BhyYESGq0F7BJWL_v8s.roa
Signing time:             Tue 06 Dec 2022 10:01:00 +0000
ROA not before:           Tue 06 Dec 2022 10:01:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12741
IP address blocks:        77.252.0.0/14 maxlen: 14
                          159.205.0.0/16 maxlen: 16
                          193.19.104.0/23 maxlen: 23
                          89.171.0.0/16 maxlen: 16
                          62.87.128.0/17 maxlen: 17
                          178.16.116.0/24 maxlen: 24
                          178.16.121.0/24 maxlen: 24
                          178.16.125.0/24 maxlen: 24
                          62.181.160.0/19 maxlen: 19
                          213.134.128.0/19 maxlen: 19
                          87.204.0.0/15 maxlen: 15
                          62.244.128.0/19 maxlen: 19
                          82.143.128.0/18 maxlen: 18
                          62.89.64.0/18 maxlen: 18
                          77.65.188.0/24 maxlen: 24
                          77.65.193.0/24 maxlen: 24
                          77.65.209.0/24 maxlen: 24
                          213.241.0.0/17 maxlen: 17
                          178.36.0.0/15 maxlen: 15
                          213.238.64.0/18 maxlen: 18
                          213.241.89.0/24 maxlen: 24
                          83.238.0.0/16 maxlen: 16
                          62.233.128.0/17 maxlen: 17
                          213.17.244.0/24 maxlen: 24
                          81.210.0.0/17 maxlen: 17
                          5.226.135.0/24 maxlen: 24
                          213.186.64.0/19 maxlen: 19
                          77.65.134.0/24 maxlen: 24
                          212.106.0.0/19 maxlen: 19
                          77.65.155.0/24 maxlen: 24
                          77.65.171.0/24 maxlen: 24
                          213.146.32.0/19 maxlen: 19
                          78.8.0.0/14 maxlen: 14
                          62.111.128.0/17 maxlen: 17
                          37.128.0.0/17 maxlen: 17
                          85.128.0.0/17 maxlen: 17
                          62.148.64.0/19 maxlen: 19
                          84.40.128.0/17 maxlen: 17
                          81.168.128.0/17 maxlen: 17
                          81.219.0.0/16 maxlen: 16
                          193.91.16.0/20 maxlen: 20
                          195.114.160.0/19 maxlen: 19
                          85.202.54.0/24 maxlen: 24
                          85.202.59.0/24 maxlen: 24
                          213.195.128.0/18 maxlen: 18
                          217.30.128.0/19 maxlen: 19
                          213.17.128.0/17 maxlen: 17
                          5.226.92.0/24 maxlen: 24
                          213.216.64.0/18 maxlen: 18
                          193.192.173.0/24 maxlen: 24
                          93.159.0.0/18 maxlen: 18
                          193.192.181.0/24 maxlen: 24
                          193.192.190.0/24 maxlen: 24
                          193.192.188.0/24 maxlen: 24
                          62.111.250.0/24 maxlen: 24
                          5.226.64.0/18 maxlen: 18
                          87.105.0.0/16 maxlen: 16
                          2001:41b0::/32 maxlen: 48
                          2001:41b0:22b:100::/56 maxlen: 56
                          2001:16b0::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:e6:e1:ad:f7:0a:08:49:b2:91:47:ac:f8:14:56:99:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
        Validity
            Not Before: Dec  6 10:01:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a2d1afd71e3d061c981121aad05ec12562ffbfcb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:2b:09:64:c5:e6:10:74:78:31:f0:d4:bb:0b:
                    2a:aa:f2:81:da:d6:e9:c5:18:ae:3b:4c:50:7b:e6:
                    30:41:5b:a9:ec:fa:14:c8:42:92:bc:7b:b2:9b:94:
                    12:43:99:8b:a8:f1:ab:ec:41:c3:13:37:16:72:aa:
                    c9:04:de:15:4e:1c:e0:86:e2:fb:b6:94:88:30:e8:
                    d7:da:5f:73:4a:b4:12:d0:4d:58:38:af:ca:f4:6b:
                    f7:92:b0:2f:34:ed:79:2b:54:5d:ef:e8:f7:85:74:
                    2c:ac:ba:47:d2:16:16:fc:91:24:09:ec:e5:49:c0:
                    21:59:03:31:a9:c3:68:9c:05:df:1b:85:86:38:d0:
                    04:3b:f7:26:11:21:a0:17:d0:a4:c9:4b:c8:68:61:
                    9e:d2:76:d0:ab:e4:5a:e9:ef:8c:9e:fa:c0:6a:74:
                    e6:81:4d:8f:b5:78:82:ef:f0:c3:c2:7a:55:17:61:
                    5b:95:19:d5:27:e6:0e:17:c9:8c:1e:7e:a6:ac:ba:
                    09:85:fd:d6:44:87:ee:5c:e2:7d:8c:40:6c:b5:36:
                    45:b7:27:f4:ad:c6:e7:a1:7f:61:23:3b:ae:b6:71:
                    cf:d3:26:ae:f5:7f:06:fb:0b:ea:0a:0c:78:b9:c4:
                    0b:85:84:31:02:91:f3:82:f4:2d:61:fa:b8:f6:75:
                    0d:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:D1:AF:D7:1E:3D:06:1C:98:11:21:AA:D0:5E:C1:25:62:FF:BF:CB
            X509v3 Authority Key Identifier:
                keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/otGv1x49BhyYESGq0F7BJWL_v8s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.226.64.0/18
                  5.226.135.0/24
                  37.128.0.0/17
                  62.87.128.0/17
                  62.89.64.0/18
                  62.111.128.0/17
                  62.148.64.0/19
                  62.181.160.0/19
                  62.233.128.0/17
                  62.244.128.0/19
                  77.65.134.0/24
                  77.65.155.0/24
                  77.65.171.0/24
                  77.65.188.0/24
                  77.65.193.0/24
                  77.65.209.0/24
                  77.252.0.0/14
                  78.8.0.0/14
                  81.168.128.0/17
                  81.210.0.0/17
                  81.219.0.0/16
                  82.143.128.0/18
                  83.238.0.0/16
                  84.40.128.0/17
                  85.128.0.0/17
                  85.202.54.0/24
                  85.202.59.0/24
                  87.105.0.0/16
                  87.204.0.0/15
                  89.171.0.0/16
                  93.159.0.0/18
                  159.205.0.0/16
                  178.16.116.0/24
                  178.16.121.0/24
                  178.16.125.0/24
                  178.36.0.0/15
                  193.19.104.0/23
                  193.91.16.0/20
                  193.192.173.0/24
                  193.192.181.0/24
                  193.192.188.0/24
                  193.192.190.0/24
                  195.114.160.0/19
                  212.106.0.0/19
                  213.17.128.0/17
                  213.134.128.0/19
                  213.146.32.0/19
                  213.186.64.0/19
                  213.195.128.0/18
                  213.216.64.0/18
                  213.238.64.0/18
                  213.241.0.0/17
                  217.30.128.0/19
                IPv6:
                  2001:16b0::/32
                  2001:41b0::/32

    Signature Algorithm: sha256WithRSAEncryption
         1a:3b:fc:3c:32:d7:da:f9:e7:4a:43:0a:b9:97:26:3e:7e:df:
         52:3c:56:e0:4e:8f:d4:df:6c:b1:0a:95:c1:42:f6:7f:3c:b1:
         1f:22:6f:cc:b0:49:b5:90:71:bb:5e:57:58:e1:82:ae:81:24:
         3f:8d:33:31:61:cf:de:52:d4:c3:1b:c8:9c:21:f4:58:17:62:
         c4:4c:1d:ba:bf:3f:c1:0b:ba:cc:79:24:b0:71:32:9f:de:72:
         b9:ef:01:57:fc:7d:09:96:1b:cd:d7:7c:30:38:25:88:b2:14:
         c3:1c:53:35:ef:1c:21:d9:8e:3d:a6:38:e7:89:ea:ea:04:fd:
         67:2b:82:96:28:ae:2f:2e:e5:c8:ea:58:54:6c:7c:92:11:50:
         52:53:59:5d:33:d7:7b:10:cd:79:a2:20:87:7c:49:f8:9b:f3:
         6b:d9:72:5d:f6:f1:37:84:ea:51:7d:17:19:54:db:f9:82:74:
         b3:18:23:94:f1:99:f3:0d:2c:cd:b7:56:30:1f:c4:87:06:59:
         c7:b8:38:df:56:09:55:28:2f:43:e1:2a:1c:13:e4:c3:26:6b:
         59:a7:8a:81:57:b6:93:5e:c1:53:cb:28:9d:71:6c:fd:7b:0c:
         7f:89:d7:41:b6:16:bf:7c:ea:aa:fa:46:10:d5:57:77:bb:7d:
         7b:1e:14:bc
-----BEGIN CERTIFICATE-----
MIIGTDCCBTSgAwIBAgISAYTm4a33CghJspFHrPgUVpmaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OTU0NDk5OTc3Mjc4YTc1NTcwYjM0MDNmNGQzYWEwMGIx
YjM2ZTgwHhcNMjIxMjA2MTAwMTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmQxYWZkNzFlM2QwNjFjOTgxMTIxYWFkMDVlYzEyNTYyZmZiZmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSsJZMXmEHR4MfDUuwsqqvKB2tbp
xRiuO0xQe+YwQVup7PoUyEKSvHuym5QSQ5mLqPGr7EHDEzcWcqrJBN4VThzghuL7
tpSIMOjX2l9zSrQS0E1YOK/K9Gv3krAvNO15K1Rd7+j3hXQsrLpH0hYW/JEkCezl
ScAhWQMxqcNonAXfG4WGONAEO/cmESGgF9CkyUvIaGGe0nbQq+Ra6e+MnvrAanTm
gU2PtXiC7/DDwnpVF2FblRnVJ+YOF8mMHn6mrLoJhf3WRIfuXOJ9jEBstTZFtyf0
rcbnoX9hIzuutnHP0yau9X8G+wvqCgx4ucQLhYQxApHzgvQtYfq49nUNSwIDAQAB
o4IDWDCCA1QwHQYDVR0OBBYEFKLRr9cePQYcmBEhqtBewSVi/7/LMB8GA1UdIwQY
MBaAFLmVRJmXcninVXCzQD9NOqALGzboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAt
MDI0YjE2NTVjMjQ3LzEvb3RHdjF4NDlCaHlZRVNHcTBGN0JKV0xfdjhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAtMDI0YjE2NTVjMjQ3
LzEvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbAYIKwYBBQUHAQcBAf8EggFbMIIBVzCCAT0EAgABMIIB
NQMEBgXiQAMEAAXihwMEByWAAAMEBz5XgAMEBj5ZQAMEBz5vgAMEBT6UQAMEBT61
oAMEBz7pgAMEBT70gAMEAE1BhgMEAE1BmwMEAE1BqwMEAE1BvAMEAE1BwQMEAE1B
0QMDAk38AwMCTggDBAdRqIADBAdR0gADAwBR2wMEBlKPgAMDAFPuAwQHVCiAAwQH
VYAAAwQAVco2AwQAVco7AwMAV2kDAwFXzAMDAFmrAwQGXZ8AAwMAn80DBACyEHQD
BACyEHkDBACyEH0DAwGyJAMEAcETaAMEBMFbEAMEAMHArQMEAMHAtQMEAMHAvAME
AMHAvgMEBcNyoAMEBdRqAAMEB9URgAMEBdWGgAMEBdWSIAMEBdW6QAMEBtXDgAME
BtXYQAMEBtXuQAMEB9XxAAMEBdkegDAUBAIAAjAOAwUAIAEWsAMFACABQbAwDQYJ
KoZIhvcNAQELBQADggEBABo7/Dwy19r550pDCrmXJj5+31I8VuBOj9TfbLEKlcFC
9n88sR8ib8ywSbWQcbteV1jhgq6BJD+NMzFhz95S1MMbyJwh9FgXYsRMHbq/P8EL
usx5JLBxMp/ecrnvAVf8fQmWG83XfDA4JYiyFMMcUzXvHCHZjj2mOOeJ6uoE/Wcr
gpYori8u5cjqWFRsfJIRUFJTWV0z13sQzXmiIId8Sfib82vZcl328TeE6lF9FxlU
2/mCdLMYI5TxmfMNLM23VjAfxIcGWce4ON9WCVUoL0PhKhwT5MMma1mnioFXtpNe
wVPLKJ1xbP17DH+J10G2Fr986qr6RhDVV3e7fXseFLw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:47 2024 by rpki-client on console-fra.rpki-client.org