Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/PWPBydULk3xauRS2-dZ_eriMuHw.roa
File:                     PWPBydULk3xauRS2-dZ_eriMuHw.roa (raw, json)
Hash identifier:          winneU9O5xKLxMspjXXhXT66c+HO4FWPA/1pzlo2QXs=
Subject key identifier:   3D:63:C1:C9:D5:0B:93:7C:5A:B9:14:B6:F9:D6:7F:7A:B8:8C:B8:7C
Certificate issuer:       /CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Certificate serial:       0598A5B2
Authority key identifier: 2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/PWPBydULk3xauRS2-dZ_eriMuHw.roa
Signing time:             Tue 14 Jun 2022 05:30:44 +0000
ROA not before:           Tue 14 Jun 2022 05:30:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50810
IP address blocks:        5.201.128.0/21 maxlen: 21
                          5.201.128.0/18 maxlen: 18
                          5.201.142.0/23 maxlen: 23
                          5.201.144.0/21 maxlen: 21
                          5.201.152.0/22 maxlen: 22
                          5.201.156.0/22 maxlen: 22
                          5.201.160.0/23 maxlen: 23
                          92.114.16.0/20 maxlen: 24
                          5.201.168.0/22 maxlen: 22
                          92.114.22.0/23 maxlen: 23
                          92.114.24.0/21 maxlen: 21
                          89.43.0.0/21 maxlen: 21
                          89.43.4.0/22 maxlen: 22
                          89.43.10.0/23 maxlen: 23
                          89.43.8.0/22 maxlen: 22
                          89.43.12.0/23 maxlen: 23
                          89.37.0.0/20 maxlen: 20
                          89.37.0.0/24 maxlen: 24
                          89.37.8.0/24 maxlen: 24
                          89.37.8.0/22 maxlen: 22
                          92.114.28.0/22 maxlen: 22
                          185.22.30.0/23 maxlen: 23
                          185.103.84.0/22 maxlen: 22
                          185.103.85.0/24 maxlen: 24
                          188.213.74.0/24 maxlen: 24
                          188.213.75.0/24 maxlen: 24
                          188.213.72.0/24 maxlen: 24
                          188.213.73.0/24 maxlen: 24
                          188.213.76.0/22 maxlen: 22
                          37.156.16.0/21 maxlen: 21
                          37.156.24.0/22 maxlen: 22
                          185.135.228.0/22 maxlen: 22
                          37.156.31.0/24 maxlen: 24
                          37.156.30.0/23 maxlen: 23
                          185.182.221.0/24 maxlen: 24
                          185.182.220.0/22 maxlen: 22
                          185.182.222.0/23 maxlen: 23
                          185.176.32.0/22 maxlen: 22
                          188.213.64.0/20 maxlen: 21
                          185.136.100.0/22 maxlen: 22
                          89.37.15.0/24 maxlen: 24
                          89.37.14.0/24 maxlen: 24
                          185.175.76.0/23 maxlen: 23
                          185.175.78.0/23 maxlen: 23
                          94.101.128.0/21 maxlen: 21
                          94.101.128.0/20 maxlen: 24
                          185.162.40.0/22 maxlen: 22
                          94.101.136.0/22 maxlen: 22
                          94.101.139.0/24 maxlen: 24
                          94.101.140.0/23 maxlen: 23
                          94.101.142.0/23 maxlen: 23
                          94.101.142.0/24 maxlen: 24
                          2a00:5ca0::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 93889970 (0x598a5b2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
        Validity
            Not Before: Jun 14 05:30:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3d63c1c9d50b937c5ab914b6f9d67f7ab88cb87c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:2c:91:fc:2a:94:ad:4f:27:bb:00:fc:b9:aa:
                    e7:d2:d2:d4:73:59:e8:0d:db:62:8b:aa:0c:ee:42:
                    f4:e7:bb:bd:e8:f5:1a:09:6d:f1:8b:d0:79:b0:15:
                    e0:37:61:3d:67:11:68:86:56:92:3d:5c:7d:b0:1d:
                    9e:81:f4:34:50:e1:95:8b:41:bd:60:ca:3f:17:95:
                    6c:70:48:68:d8:0e:2e:31:a3:67:44:f3:04:0f:20:
                    c2:8a:cb:c5:40:7a:d7:ea:d7:07:e9:f5:f9:cb:51:
                    cf:71:97:cf:f1:50:b6:34:e8:ee:a6:f6:af:62:9d:
                    a6:69:38:27:4c:d5:32:d7:ed:65:7b:bc:0e:69:66:
                    3a:3d:78:5a:52:03:d3:5e:23:8d:29:b5:4f:fc:8a:
                    37:87:82:03:e2:34:b8:3c:ee:b5:96:86:3a:69:3f:
                    35:e5:c0:86:24:dd:4c:34:5c:81:08:e0:48:ac:a3:
                    c2:08:38:e1:a4:8d:e1:ed:c4:03:ed:6f:3f:05:3e:
                    52:96:a5:b9:14:71:de:4d:f7:fe:db:59:0f:00:85:
                    4a:a9:53:f4:fb:a5:62:f3:de:2d:89:b8:b4:9d:bf:
                    6b:f9:52:08:3f:99:f0:16:62:c5:9d:a0:d9:bf:7c:
                    d5:98:3b:c3:9d:4f:0a:60:57:ec:8a:4a:31:66:19:
                    36:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:63:C1:C9:D5:0B:93:7C:5A:B9:14:B6:F9:D6:7F:7A:B8:8C:B8:7C
            X509v3 Authority Key Identifier:
                keyid:2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/PWPBydULk3xauRS2-dZ_eriMuHw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/L2pDTEtdI5xObkG35YXI1Y-Jlas.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.201.128.0/18
                  37.156.16.0-37.156.27.255
                  37.156.30.0/23
                  89.37.0.0/20
                  89.43.0.0-89.43.13.255
                  92.114.16.0/20
                  94.101.128.0/20
                  185.22.30.0/23
                  185.103.84.0/22
                  185.135.228.0/22
                  185.136.100.0/22
                  185.162.40.0/22
                  185.175.76.0/22
                  185.176.32.0/22
                  185.182.220.0/22
                  188.213.64.0/20
                IPv6:
                  2a00:5ca0::/32

    Signature Algorithm: sha256WithRSAEncryption
         13:97:b9:2b:a8:45:8c:0a:04:60:d8:26:99:9b:e0:93:61:0b:
         99:be:de:f2:83:09:ab:90:62:35:e2:81:18:e4:fb:25:5b:39:
         dc:fe:b0:e6:c1:e2:79:53:13:70:d5:34:b1:3c:14:7b:14:69:
         c9:50:4e:7a:8e:d5:15:0f:da:45:63:56:56:9c:4f:2c:14:7d:
         8c:fe:27:92:49:b8:0b:13:c8:ab:0d:98:e6:47:c5:1a:21:ba:
         83:21:c0:8d:e7:23:2e:0a:1f:75:b8:ad:d0:ca:f4:6b:ba:56:
         2c:9c:39:ee:ba:a2:45:eb:ce:0c:fc:57:cf:15:cc:ec:f9:14:
         6b:da:2e:8c:82:43:36:f5:e4:88:92:19:70:47:07:d8:f9:8f:
         1f:6c:1c:f3:0e:e3:e8:bf:38:ac:ad:9a:17:d7:59:b3:ea:5c:
         37:1e:2f:98:0b:d3:cb:f8:d7:e3:61:47:b0:a6:9b:62:67:3c:
         55:ff:f3:aa:35:2b:33:6c:e5:4a:93:67:8a:25:5c:6f:68:3e:
         4c:bd:ad:03:2b:60:57:49:02:84:93:8e:0c:8a:c1:51:14:74:
         8a:0b:40:18:62:20:da:94:f3:8c:1f:94:61:67:c8:ab:e6:5a:
         b2:a7:91:eb:f3:0b:02:18:0d:29:05:2f:fc:85:ee:4e:1b:d7:
         83:e3:51:0d
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgIEBZilsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZjZhNDM0YzRiNWQyMzljNGU2ZTQxYjdlNTg1YzhkNThmODk5NWFiMB4XDTIyMDYx
NDA1MzA0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2Q2M2MxYzlkNTBi
OTM3YzVhYjkxNGI2ZjlkNjdmN2FiODhjYjg3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJoskfwqlK1PJ7sA/Lmq59LS1HNZ6A3bYouqDO5C9Oe7vej1
Gglt8YvQebAV4DdhPWcRaIZWkj1cfbAdnoH0NFDhlYtBvWDKPxeVbHBIaNgOLjGj
Z0TzBA8gworLxUB61+rXB+n1+ctRz3GXz/FQtjTo7qb2r2Kdpmk4J0zVMtftZXu8
DmlmOj14WlID014jjSm1T/yKN4eCA+I0uDzutZaGOmk/NeXAhiTdTDRcgQjgSKyj
wgg44aSN4e3EA+1vPwU+UpaluRRx3k33/ttZDwCFSqlT9PulYvPeLYm4tJ2/a/lS
CD+Z8BZixZ2g2b981Zg7w51PCmBX7IpKMWYZNiUCAwEAAaOCAoQwggKAMB0GA1Ud
DgQWBBQ9Y8HJ1QuTfFq5FLb51n96uIy4fDAfBgNVHSMEGDAWgBQvakNMS10jnE5u
QbflhcjVj4mVqzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0wycERURXRkSTV4T2JrRzM1WVhJMVktSmxhcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTUvOThhYmU1LWJkMDEtNDY0Zi05NmFiLTQwYjZkNjdmY2Q5NC8x
L1BXUEJ5ZFVMazN4YXVSUzItZFpfZXJpTXVIdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTUv
OThhYmU1LWJkMDEtNDY0Zi05NmFiLTQwYjZkNjdmY2Q5NC8xL0wycERURXRkSTV4
T2JrRzM1WVhJMVktSmxhcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
mQYIKwYBBQUHAQcBAf8EgYkwgYYwdQQCAAEwbwMEBgXJgDAMAwQEJZwQAwQCJZwY
AwQBJZweAwQEWSUAMAsDAwBZKwMEAVkrDAMEBFxyEAMEBF5lgAMEAbkWHgMEArln
VAMEArmH5AMEArmIZAMEArmiKAMEArmvTAMEArmwIAMEArm23AMEBLzVQDANBAIA
AjAHAwUAKgBcoDANBgkqhkiG9w0BAQsFAAOCAQEAE5e5K6hFjAoEYNgmmZvgk2EL
mb7e8oMJq5BiNeKBGOT7JVs53P6w5sHieVMTcNU0sTwUexRpyVBOeo7VFQ/aRWNW
VpxPLBR9jP4nkkm4CxPIqw2Y5kfFGiG6gyHAjecjLgofdbit0Mr0a7pWLJw57rqi
RevODPxXzxXM7PkUa9oujIJDNvXkiJIZcEcH2PmPH2wc8w7j6L84rK2aF9dZs+pc
Nx4vmAvTy/jX42FHsKabYmc8Vf/zqjUrM2zlSpNniiVcb2g+TL2tAytgV0kChJOO
DIrBURR0igtAGGIg2pTzjB+UYWfIq+ZasqeR6/MLAhgNKQUv/IXuThvXg+NRDQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:19 2024 by rpki-client on console-ams.rpki-client.org