Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/6cXR4EXU_9GlZDX44lFBDjmZgKQ.roa
File:                     6cXR4EXU_9GlZDX44lFBDjmZgKQ.roa (raw, json)
Hash identifier:          7XjqJewREpZU/jPATFdTBTBge7oT/K+Lxv43Gr0Vjhk=
Subject key identifier:   E9:C5:D1:E0:45:D4:FF:D1:A5:64:35:F8:E2:51:41:0E:39:99:80:A4
Certificate issuer:       /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial:       01E1AE3A
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/6cXR4EXU_9GlZDX44lFBDjmZgKQ.roa
Signing time:             Wed 09 Mar 2022 20:49:57 +0000
ROA not before:           Wed 09 Mar 2022 20:49:57 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        104.249.29.0/24 maxlen: 24
                          104.249.30.0/23 maxlen: 23
                          104.249.36.0/24 maxlen: 24
                          104.239.10.0/23 maxlen: 23
                          104.239.13.0/24 maxlen: 24
                          104.249.55.0/24 maxlen: 24
                          104.239.28.0/24 maxlen: 24
                          104.239.30.0/23 maxlen: 23
                          104.249.60.0/23 maxlen: 23
                          104.167.0.0/24 maxlen: 24
                          104.167.10.0/24 maxlen: 24
                          216.173.120.0/24 maxlen: 24
                          104.238.4.0/24 maxlen: 24
                          104.238.5.0/24 maxlen: 24
                          104.238.8.0/24 maxlen: 24
                          104.238.7.0/24 maxlen: 24
                          104.238.10.0/24 maxlen: 24
                          104.238.9.0/24 maxlen: 24
                          104.238.14.0/24 maxlen: 24
                          104.238.20.0/24 maxlen: 24
                          104.238.19.0/24 maxlen: 24
                          216.173.76.0/24 maxlen: 24
                          216.173.82.0/24 maxlen: 24
                          216.173.102.0/24 maxlen: 24
                          216.173.104.0/24 maxlen: 24
                          216.173.103.0/24 maxlen: 24
                          216.173.105.0/24 maxlen: 24
                          216.173.109.0/24 maxlen: 24
                          216.173.108.0/24 maxlen: 24
                          216.173.111.0/24 maxlen: 24
                          216.173.110.0/24 maxlen: 24
                          216.173.106.0/24 maxlen: 24
                          216.173.107.0/24 maxlen: 24
                          104.239.92.0/23 maxlen: 23
                          104.239.96.0/23 maxlen: 23
                          104.239.98.0/24 maxlen: 24
                          104.239.94.0/24 maxlen: 24
                          104.239.101.0/24 maxlen: 24
                          104.239.105.0/24 maxlen: 24
                          104.239.104.0/24 maxlen: 24
                          104.239.111.0/24 maxlen: 24
                          104.239.106.0/24 maxlen: 24
                          104.239.108.0/24 maxlen: 24
                          104.239.107.0/24 maxlen: 24
                          104.239.124.0/23 maxlen: 23
                          104.239.126.0/24 maxlen: 24
                          104.239.44.0/24 maxlen: 24
                          104.239.70.0/23 maxlen: 23
                          104.239.68.0/23 maxlen: 23
                          104.239.76.0/23 maxlen: 23
                          104.239.73.0/24 maxlen: 24
                          104.239.75.0/24 maxlen: 24
                          104.239.78.0/24 maxlen: 24
                          104.239.84.0/23 maxlen: 23
                          104.239.80.0/23 maxlen: 23
                          104.239.82.0/24 maxlen: 24
                          104.239.90.0/23 maxlen: 23
                          104.239.86.0/24 maxlen: 24
                          104.239.88.0/24 maxlen: 24
                          104.233.20.0/24 maxlen: 24
                          104.233.24.0/23 maxlen: 23
                          104.233.26.0/24 maxlen: 24
                          138.128.148.0/24 maxlen: 24
                          138.128.151.0/24 maxlen: 24
                          138.128.157.0/24 maxlen: 24
                          138.128.159.0/24 maxlen: 24
                          138.128.153.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 31567418 (0x1e1ae3a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
        Validity
            Not Before: Mar  9 20:49:57 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e9c5d1e045d4ffd1a56435f8e251410e399980a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:4d:59:16:e4:01:73:61:5e:03:b6:d6:fa:46:
                    a6:ae:7c:e8:f2:08:24:bf:df:70:c6:af:f5:a6:53:
                    40:16:8a:e0:45:d5:36:e1:cc:c9:d1:66:93:91:7f:
                    ad:4b:36:22:e0:ce:0e:1d:11:d1:a5:c8:fe:78:7e:
                    09:f5:5c:3e:b6:f8:61:09:cc:bf:31:f2:80:33:09:
                    00:b5:11:da:a2:5d:03:dd:c3:5b:79:4e:a1:61:fa:
                    d7:89:8c:f5:b1:99:54:37:4b:6a:38:7a:4c:b7:ea:
                    9a:9f:70:81:4a:c1:ac:6f:9c:42:9c:ec:29:78:a7:
                    ef:af:ea:29:3d:73:dd:04:39:2f:d2:8d:b9:bd:78:
                    e1:83:51:5e:9f:4c:78:e0:12:8b:a6:cb:3f:e7:fc:
                    44:dc:84:71:b3:51:e7:7b:5c:98:13:a9:11:b1:51:
                    20:6e:9d:e8:ee:0b:75:a2:37:8e:48:f9:3d:c6:9d:
                    4b:60:d3:63:42:57:5d:1b:2c:ab:5b:8f:d4:df:e5:
                    cf:d6:8f:88:b7:c7:cb:7f:7a:3a:6f:84:49:23:73:
                    b4:06:5d:d4:2a:80:59:69:2e:ff:17:64:15:ad:5e:
                    4f:b5:d4:f4:ff:06:c3:9c:c7:66:22:51:bd:8b:2b:
                    0f:a8:a4:ee:17:0d:a7:fd:cd:ea:d0:32:00:b3:5d:
                    85:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:C5:D1:E0:45:D4:FF:D1:A5:64:35:F8:E2:51:41:0E:39:99:80:A4
            X509v3 Authority Key Identifier:
                keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/6cXR4EXU_9GlZDX44lFBDjmZgKQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.167.0.0/24
                  104.167.10.0/24
                  104.233.20.0/24
                  104.233.24.0-104.233.26.255
                  104.238.4.0/23
                  104.238.7.0-104.238.10.255
                  104.238.14.0/24
                  104.238.19.0-104.238.20.255
                  104.239.10.0/23
                  104.239.13.0/24
                  104.239.28.0/24
                  104.239.30.0/23
                  104.239.44.0/24
                  104.239.68.0/22
                  104.239.73.0/24
                  104.239.75.0-104.239.78.255
                  104.239.80.0-104.239.82.255
                  104.239.84.0-104.239.86.255
                  104.239.88.0/24
                  104.239.90.0-104.239.94.255
                  104.239.96.0-104.239.98.255
                  104.239.101.0/24
                  104.239.104.0-104.239.108.255
                  104.239.111.0/24
                  104.239.124.0-104.239.126.255
                  104.249.29.0-104.249.31.255
                  104.249.36.0/24
                  104.249.55.0/24
                  104.249.60.0/23
                  138.128.148.0/24
                  138.128.151.0/24
                  138.128.153.0/24
                  138.128.157.0/24
                  138.128.159.0/24
                  216.173.76.0/24
                  216.173.82.0/24
                  216.173.102.0-216.173.111.255
                  216.173.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:5e:ca:4f:d3:9b:6a:50:ea:a1:d4:2a:af:e6:de:e9:55:29:
         44:39:58:01:68:0e:08:2f:e4:b4:91:47:2e:41:00:f7:02:bc:
         e3:38:23:9e:3d:96:32:95:00:a9:a3:12:ab:78:2a:0d:f8:5a:
         fb:53:24:16:c5:f9:2a:31:45:c9:69:e3:30:b2:8a:74:0c:6b:
         ef:e0:23:31:a9:e2:92:61:cc:bd:e6:f7:d5:ae:f2:db:7b:bf:
         28:32:12:3c:8b:83:87:18:91:08:e2:3e:1f:2a:fc:53:56:42:
         d1:8e:a8:f5:09:b0:de:be:d8:31:89:40:f0:5b:dc:be:c1:63:
         2f:75:33:aa:11:ab:7a:46:4c:b5:1e:99:76:b3:fa:91:96:ca:
         af:0d:4b:da:e5:1d:c7:3b:43:bc:7b:31:3a:2e:f5:70:34:17:
         6e:8c:f7:e0:76:3b:d2:ea:7c:57:1a:c7:8f:00:9c:f6:53:62:
         aa:ab:37:1e:90:5f:ad:78:3b:25:c0:59:ea:d3:84:89:0c:4b:
         27:46:0d:f6:ca:3e:3f:71:ed:0b:65:82:a1:82:b7:c5:55:e3:
         e0:b0:ef:9d:2d:b3:52:25:90:47:79:e7:52:f6:b3:71:79:5e:
         a3:ce:f5:6c:9c:c3:7c:6b:b0:26:29:07:21:3a:cf:8a:67:96:
         8e:93:99:33
-----BEGIN CERTIFICATE-----
MIIGNzCCBR+gAwIBAgIEAeGuOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDU4MWU2NzNkODBmNzQ3NDkzNmIyMTMzN2VhZmNjMWJkYzM4NWU5MB4XDTIyMDMw
OTIwNDk1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTljNWQxZTA0NWQ0
ZmZkMWE1NjQzNWY4ZTI1MTQxMGUzOTk5ODBhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMxNWRbkAXNhXgO21vpGpq586PIIJL/fcMav9aZTQBaK4EXV
NuHMydFmk5F/rUs2IuDODh0R0aXI/nh+CfVcPrb4YQnMvzHygDMJALUR2qJdA93D
W3lOoWH614mM9bGZVDdLajh6TLfqmp9wgUrBrG+cQpzsKXin76/qKT1z3QQ5L9KN
ub144YNRXp9MeOASi6bLP+f8RNyEcbNR53tcmBOpEbFRIG6d6O4LdaI3jkj5Pcad
S2DTY0JXXRssq1uP1N/lz9aPiLfHy396Om+ESSNztAZd1CqAWWku/xdkFa1eT7XU
9P8Gw5zHZiJRvYsrD6ik7hcNp/3N6tAyALNdhUcCAwEAAaOCA1EwggNNMB0GA1Ud
DgQWBBTpxdHgRdT/0aVkNfjiUUEOOZmApDAfBgNVHSMEGDAWgBRgWB5nPYD3R0k2
shM36vzBvcOF6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lGZ2VaejJBOTBkSk5ySVROLXI4d2IzRGhlay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvZmRkNjMzLWM2NTgtNDljNS05ZThmLWZiMDc5NTVmM2FhYS8x
LzZjWFI0RVhVXzlHbFpEWDQ0bEZCRGptWmdLUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
ZmRkNjMzLWM2NTgtNDljNS05ZThmLWZiMDc5NTVmM2FhYS8xL1lGZ2VaejJBOTBk
Sk5ySVROLXI4d2IzRGhlay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AWUGCCsGAQUFBwEHAQH/BIIBVDCCAVAwggFMBAIAATCCAUQDBABopwADBABopwoD
BABo6RQwDAMEA2jpGAMEAGjpGgMEAWjuBDAMAwQAaO4HAwQAaO4KAwQAaO4OMAwD
BABo7hMDBABo7hQDBAFo7woDBABo7w0DBABo7xwDBAFo7x4DBABo7ywDBAJo70QD
BABo70kwDAMEAGjvSwMEAGjvTjAMAwQEaO9QAwQAaO9SMAwDBAJo71QDBABo71YD
BABo71gwDAMEAWjvWgMEAGjvXjAMAwQFaO9gAwQAaO9iAwQAaO9lMAwDBANo72gD
BABo72wDBABo728wDAMEAmjvfAMEAGjvfjAMAwQAaPkdAwQFaPkAAwQAaPkkAwQA
aPk3AwQBaPk8AwQAioCUAwQAioCXAwQAioCZAwQAioCdAwQAioCfAwQA2K1MAwQA
2K1SMAwDBAHYrWYDBATYrWADBADYrXgwDQYJKoZIhvcNAQELBQADggEBABteyk/T
m2pQ6qHUKq/m3ulVKUQ5WAFoDggv5LSRRy5BAPcCvOM4I549ljKVAKmjEqt4Kg34
WvtTJBbF+SoxRclp4zCyinQMa+/gIzGp4pJhzL3m99Wu8tt7vygyEjyLg4cYkQji
Ph8q/FNWQtGOqPUJsN6+2DGJQPBb3L7BYy91M6oRq3pGTLUemXaz+pGWyq8NS9rl
Hcc7Q7x7MTou9XA0F26M9+B2O9LqfFcax48AnPZTYqqrNx6QX614OyXAWerThIkM
SydGDfbKPj9x7QtlgqGCt8VV4+Cw750ts1IlkEd551L2s3F5XqPO9Wycw3xrsCYp
ByE6z4pnlo6TmTM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:44 2024 by rpki-client on console-ams.rpki-client.org