Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/wjxKPuVnznClD84xClh244xtg4c.roa
File:                     wjxKPuVnznClD84xClh244xtg4c.roa (raw, json)
Hash identifier:          6szFMvBConXkXxt1Mga4EURdQ+5mrs51a4RwpdbIZkQ=
Subject key identifier:   C2:3C:4A:3E:E5:67:CE:70:A5:0F:CE:31:0A:58:76:E3:8C:6D:83:87
Certificate issuer:       /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial:       0183F663FFA8774CC869F2F1A64962D1ED57
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/wjxKPuVnznClD84xClh244xtg4c.roa
Signing time:             Thu 20 Oct 2022 17:14:52 +0000
ROA not before:           Thu 20 Oct 2022 17:14:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7029
IP address blocks:        104.249.30.0/23 maxlen: 23
                          104.239.10.0/23 maxlen: 23
                          104.249.36.0/24 maxlen: 24
                          104.239.13.0/24 maxlen: 24
                          104.239.30.0/23 maxlen: 23
                          104.249.55.0/24 maxlen: 24
                          104.239.28.0/24 maxlen: 24
                          104.249.60.0/23 maxlen: 23
                          216.173.120.0/24 maxlen: 24
                          104.238.4.0/24 maxlen: 24
                          104.238.8.0/24 maxlen: 24
                          104.238.10.0/24 maxlen: 24
                          104.238.9.0/24 maxlen: 24
                          104.238.5.0/24 maxlen: 24
                          104.238.7.0/24 maxlen: 24
                          104.238.14.0/24 maxlen: 24
                          104.238.19.0/24 maxlen: 24
                          104.238.20.0/24 maxlen: 24
                          216.173.76.0/24 maxlen: 24
                          216.173.82.0/24 maxlen: 24
                          216.173.103.0/24 maxlen: 24
                          216.173.102.0/24 maxlen: 24
                          216.173.105.0/24 maxlen: 24
                          216.173.104.0/24 maxlen: 24
                          216.173.111.0/24 maxlen: 24
                          216.173.106.0/24 maxlen: 24
                          216.173.108.0/24 maxlen: 24
                          216.173.107.0/24 maxlen: 24
                          216.173.110.0/24 maxlen: 24
                          216.173.109.0/24 maxlen: 24
                          104.239.94.0/24 maxlen: 24
                          104.239.98.0/24 maxlen: 24
                          104.239.92.0/23 maxlen: 23
                          104.239.96.0/23 maxlen: 23
                          104.239.101.0/24 maxlen: 24
                          104.239.104.0/24 maxlen: 24
                          104.239.105.0/24 maxlen: 24
                          104.239.107.0/24 maxlen: 24
                          104.239.106.0/24 maxlen: 24
                          104.239.108.0/24 maxlen: 24
                          104.239.111.0/24 maxlen: 24
                          104.239.124.0/23 maxlen: 23
                          104.239.126.0/24 maxlen: 24
                          104.239.44.0/24 maxlen: 24
                          104.239.73.0/24 maxlen: 24
                          104.239.75.0/24 maxlen: 24
                          104.239.78.0/24 maxlen: 24
                          104.239.76.0/23 maxlen: 23
                          104.239.82.0/24 maxlen: 24
                          104.239.80.0/23 maxlen: 23
                          104.239.84.0/23 maxlen: 23
                          104.239.86.0/24 maxlen: 24
                          104.239.88.0/24 maxlen: 24
                          104.239.90.0/23 maxlen: 23
                          104.233.20.0/24 maxlen: 24
                          104.233.24.0/23 maxlen: 23
                          104.233.26.0/24 maxlen: 24
                          138.128.151.0/24 maxlen: 24
                          138.128.157.0/24 maxlen: 24
                          138.128.159.0/24 maxlen: 24
                          138.128.153.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:f6:63:ff:a8:77:4c:c8:69:f2:f1:a6:49:62:d1:ed:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
        Validity
            Not Before: Oct 20 17:14:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c23c4a3ee567ce70a50fce310a5876e38c6d8387
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:fa:5f:8e:bb:e5:13:c9:b5:5b:bc:08:17:79:
                    ee:7f:71:2d:0b:88:ce:d6:b6:bd:d4:cc:f7:fe:46:
                    29:89:42:8c:4b:52:7e:6f:99:ce:6c:1e:b9:bf:81:
                    f0:28:27:43:b5:f2:ea:97:20:8b:2d:4d:28:ad:b1:
                    91:5e:dc:42:ca:6f:f4:5a:20:68:28:6f:6c:be:12:
                    45:06:5b:23:1d:17:80:97:09:7b:e7:a4:5a:33:50:
                    82:70:7a:ed:cd:e9:f5:dd:6d:52:f1:4f:8e:51:de:
                    99:bd:97:7b:90:05:ed:9e:55:b2:67:ca:c6:f5:83:
                    d3:61:b1:c0:a5:bf:3c:e2:0e:19:f8:ea:33:e5:47:
                    c0:7f:de:22:df:78:29:f5:44:9a:2b:73:52:91:64:
                    a4:f1:9d:77:eb:73:d6:fc:60:df:66:f4:f9:e4:55:
                    df:f6:85:67:86:cc:44:c2:51:05:b5:3d:6f:04:59:
                    79:40:9c:1a:dd:45:7d:2d:a5:8c:ec:07:75:ee:83:
                    45:c1:ab:8f:48:6c:22:6f:d6:22:6f:15:fe:ec:77:
                    1a:37:30:34:b4:77:57:e2:c2:95:e7:da:f9:b3:cf:
                    23:b2:c0:34:13:b7:9f:fb:46:80:b6:dc:a9:ec:56:
                    41:e9:e2:e5:97:17:93:a8:40:43:53:4e:58:b1:40:
                    1b:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:3C:4A:3E:E5:67:CE:70:A5:0F:CE:31:0A:58:76:E3:8C:6D:83:87
            X509v3 Authority Key Identifier:
                keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/wjxKPuVnznClD84xClh244xtg4c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.233.20.0/24
                  104.233.24.0-104.233.26.255
                  104.238.4.0/23
                  104.238.7.0-104.238.10.255
                  104.238.14.0/24
                  104.238.19.0-104.238.20.255
                  104.239.10.0/23
                  104.239.13.0/24
                  104.239.28.0/24
                  104.239.30.0/23
                  104.239.44.0/24
                  104.239.73.0/24
                  104.239.75.0-104.239.78.255
                  104.239.80.0-104.239.82.255
                  104.239.84.0-104.239.86.255
                  104.239.88.0/24
                  104.239.90.0-104.239.94.255
                  104.239.96.0-104.239.98.255
                  104.239.101.0/24
                  104.239.104.0-104.239.108.255
                  104.239.111.0/24
                  104.239.124.0-104.239.126.255
                  104.249.30.0/23
                  104.249.36.0/24
                  104.249.55.0/24
                  104.249.60.0/23
                  138.128.151.0/24
                  138.128.153.0/24
                  138.128.157.0/24
                  138.128.159.0/24
                  216.173.76.0/24
                  216.173.82.0/24
                  216.173.102.0-216.173.111.255
                  216.173.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:fc:77:24:d5:b1:d6:bc:43:d6:7b:d9:f9:b7:a3:41:6b:25:
         ec:58:c2:32:a6:f2:18:f4:e0:80:29:a3:db:03:6c:d2:da:14:
         12:aa:66:cd:16:71:d5:9c:6b:73:06:b2:57:c0:5e:ab:63:bb:
         b8:87:1f:e1:7a:1a:15:0d:da:f0:29:3a:5c:47:a2:88:b1:82:
         e1:66:68:5a:53:37:87:7c:d6:4e:ac:1e:f2:cd:2b:a6:39:27:
         9c:2c:0f:e9:39:3c:16:3d:66:b8:a1:9d:43:6c:b5:68:8a:a1:
         ce:db:8f:ed:41:76:06:b3:94:d3:57:4b:40:82:97:3f:47:f2:
         75:f1:20:d4:1f:9f:86:50:ab:81:eb:62:66:49:bc:db:d8:a5:
         67:76:6b:1d:5c:dc:7d:43:44:bd:78:6e:28:2a:7b:d6:17:69:
         bb:c7:14:fb:b0:a2:d7:9c:ef:dd:1a:a4:31:a8:c7:f3:7d:0d:
         69:e3:3b:60:8e:dd:58:a1:8f:21:87:19:15:4c:aa:c4:e6:a4:
         d4:31:0e:43:31:3d:38:43:8e:b9:41:56:8e:5c:9e:ee:c7:1a:
         1c:6e:5d:97:f2:86:7a:f6:3b:56:ab:8c:c4:75:43:22:ae:ec:
         fd:b4:3e:f4:a5:b8:0f:5c:0c:9d:65:a3:de:49:21:58:a1:ad:
         64:c4:5c:87
-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgISAYP2Y/+od0zIafLxpkli0e1XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjIxMDIwMTcxNDUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjNjNGEzZWU1NjdjZTcwYTUwZmNlMzEwYTU4NzZlMzhjNmQ4Mzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvpfjrvlE8m1W7wIF3nuf3EtC4jO
1ra91Mz3/kYpiUKMS1J+b5nObB65v4HwKCdDtfLqlyCLLU0orbGRXtxCym/0WiBo
KG9svhJFBlsjHReAlwl756RaM1CCcHrtzen13W1S8U+OUd6ZvZd7kAXtnlWyZ8rG
9YPTYbHApb884g4Z+Ooz5UfAf94i33gp9USaK3NSkWSk8Z1363PW/GDfZvT55FXf
9oVnhsxEwlEFtT1vBFl5QJwa3UV9LaWM7Ad17oNFwauPSGwib9YibxX+7HcaNzA0
tHdX4sKV59r5s88jssA0E7ef+0aAttyp7FZB6eLllxeTqEBDU05YsUAbDwIDAQAB
o4IDMTCCAy0wHQYDVR0OBBYEFMI8Sj7lZ85wpQ/OMQpYduOMbYOHMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvd2p4S1B1Vm56bkNsRDg0eENsaDI0NHh0ZzRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRQYIKwYBBQUHAQcBAf8EggE0MIIBMDCCASwEAgABMIIB
JAMEAGjpFDAMAwQDaOkYAwQAaOkaAwQBaO4EMAwDBABo7gcDBABo7goDBABo7g4w
DAMEAGjuEwMEAGjuFAMEAWjvCgMEAGjvDQMEAGjvHAMEAWjvHgMEAGjvLAMEAGjv
STAMAwQAaO9LAwQAaO9OMAwDBARo71ADBABo71IwDAMEAmjvVAMEAGjvVgMEAGjv
WDAMAwQBaO9aAwQAaO9eMAwDBAVo72ADBABo72IDBABo72UwDAMEA2jvaAMEAGjv
bAMEAGjvbzAMAwQCaO98AwQAaO9+AwQBaPkeAwQAaPkkAwQAaPk3AwQBaPk8AwQA
ioCXAwQAioCZAwQAioCdAwQAioCfAwQA2K1MAwQA2K1SMAwDBAHYrWYDBATYrWAD
BADYrXgwDQYJKoZIhvcNAQELBQADggEBAFP8dyTVsda8Q9Z72fm3o0FrJexYwjKm
8hj04IApo9sDbNLaFBKqZs0WcdWca3MGslfAXqtju7iHH+F6GhUN2vApOlxHooix
guFmaFpTN4d81k6sHvLNK6Y5J5wsD+k5PBY9ZrihnUNstWiKoc7bj+1BdgazlNNX
S0CClz9H8nXxINQfn4ZQq4HrYmZJvNvYpWd2ax1c3H1DRL14bigqe9YXabvHFPuw
otec790apDGox/N9DWnjO2CO3VihjyGHGRVMqsTmpNQxDkMxPThDjrlBVo5cnu7H
GhxuXZfyhnr2O1arjMR1QyKu7P20PvSluA9cDJ1lo95JIVihrWTEXIc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org