Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/K5KeAUHrM2XsKCtvepd8hCGPsFU.roa
File:                     K5KeAUHrM2XsKCtvepd8hCGPsFU.roa (raw, json)
Hash identifier:          XW7pkuTUDzvTq6hoD5WDpFLWPqtvlB96a/Aef6eyZ/Y=
Subject key identifier:   2B:92:9E:01:41:EB:33:65:EC:28:2B:6F:7A:97:7C:84:21:8F:B0:55
Certificate issuer:       /CN=caece41cbc2c30626ef2a28d1839f2d6c4757f3f
Certificate serial:       07047899
Authority key identifier: CA:EC:E4:1C:BC:2C:30:62:6E:F2:A2:8D:18:39:F2:D6:C4:75:7F:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yuzkHLwsMGJu8qKNGDny1sR1fz8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/K5KeAUHrM2XsKCtvepd8hCGPsFU.roa
Signing time:             Sat 01 Jan 2022 09:57:43 +0000
ROA not before:           Sat 01 Jan 2022 09:57:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     15625
IP address blocks:        145.221.179.0/24 maxlen: 24
                          145.221.177.0/24 maxlen: 24
                          145.221.178.0/24 maxlen: 24
                          145.221.176.0/24 maxlen: 24
                          145.221.180.0/24 maxlen: 24
                          145.221.186.0/24 maxlen: 24
                          145.221.184.0/24 maxlen: 24
                          145.221.185.0/24 maxlen: 24
                          145.221.182.0/24 maxlen: 24
                          145.221.183.0/24 maxlen: 24
                          145.221.181.0/24 maxlen: 24
                          145.221.189.0/24 maxlen: 24
                          145.221.190.0/24 maxlen: 24
                          145.221.188.0/24 maxlen: 24
                          145.221.193.0/24 maxlen: 24
                          145.221.208.0/24 maxlen: 24
                          145.221.212.0/24 maxlen: 24
                          145.221.213.0/24 maxlen: 24
                          145.221.210.0/24 maxlen: 24
                          145.221.211.0/24 maxlen: 24
                          145.221.209.0/24 maxlen: 24
                          145.221.219.0/24 maxlen: 24
                          145.221.217.0/24 maxlen: 24
                          145.221.215.0/24 maxlen: 24
                          145.221.216.0/24 maxlen: 24
                          145.221.214.0/24 maxlen: 24
                          145.221.221.0/24 maxlen: 24
                          145.221.220.0/24 maxlen: 24
                          145.221.222.0/24 maxlen: 24
                          145.221.128.0/17 maxlen: 17
                          156.114.130.0/24 maxlen: 24
                          156.114.128.0/19 maxlen: 19
                          156.114.131.0/24 maxlen: 24
                          156.114.128.0/24 maxlen: 24
                          156.114.128.0/18 maxlen: 18
                          156.114.129.0/24 maxlen: 24
                          156.114.132.0/24 maxlen: 24
                          145.221.252.0/24 maxlen: 24
                          145.221.253.0/24 maxlen: 24
                          145.221.255.0/24 maxlen: 24
                          145.221.254.0/24 maxlen: 24
                          145.221.0.0/17 maxlen: 17
                          145.221.0.0/16 maxlen: 16
                          145.221.92.0/24 maxlen: 24
                          145.221.99.0/24 maxlen: 24
                          145.221.38.0/24 maxlen: 24
                          145.221.36.0/24 maxlen: 24
                          145.221.37.0/24 maxlen: 24
                          145.221.40.0/24 maxlen: 24
                          145.221.41.0/24 maxlen: 24
                          145.221.39.0/24 maxlen: 24
                          145.221.43.0/24 maxlen: 24
                          145.221.42.0/24 maxlen: 24
                          156.114.155.0/24 maxlen: 24
                          156.114.163.0/24 maxlen: 24
                          156.114.164.0/24 maxlen: 24
                          156.114.161.0/24 maxlen: 24
                          156.114.162.0/24 maxlen: 24
                          156.114.160.0/19 maxlen: 19
                          156.114.160.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 117733529 (0x7047899)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=caece41cbc2c30626ef2a28d1839f2d6c4757f3f
        Validity
            Not Before: Jan  1 09:57:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2b929e0141eb3365ec282b6f7a977c84218fb055
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:f2:d3:7e:06:7a:62:7f:e8:c5:25:d4:b8:9d:
                    fa:0d:a7:13:ef:fd:23:e4:52:ac:a6:42:ed:e9:a5:
                    f2:2b:5c:4e:bb:5a:65:01:fd:bc:e9:70:ad:0e:4f:
                    5b:37:47:ab:b1:de:62:89:9f:15:b7:23:73:3f:99:
                    27:a0:e7:4f:9c:66:bf:b7:3a:7e:41:70:92:ac:2a:
                    92:a7:f2:74:c8:1e:8b:03:79:dd:0e:9a:c3:5b:0e:
                    79:d5:e7:e8:8a:16:ac:64:c9:45:02:fd:a2:d1:7d:
                    ef:22:14:15:5b:fb:37:03:ac:50:95:78:9b:bc:ae:
                    86:ef:ff:fa:e7:99:fd:ea:04:b8:83:02:f7:52:a8:
                    a0:a8:1c:1b:9b:86:0c:4c:0e:bb:5d:64:79:5e:35:
                    c9:02:1c:37:3c:28:eb:b1:df:6c:60:26:3c:05:69:
                    6e:27:4d:d9:e7:b9:43:ca:96:e7:96:5c:1f:dd:63:
                    9d:1d:c4:86:16:95:44:e4:ec:a6:1a:a0:9d:f1:f2:
                    91:9a:72:76:56:3c:f6:ee:cc:5f:27:28:93:c5:95:
                    bd:35:0c:d0:9c:83:ba:bc:5e:d3:84:7f:7c:06:7e:
                    66:03:89:fb:25:db:be:0f:f4:b0:b4:75:f0:87:37:
                    6c:70:95:a4:9e:a4:19:8d:41:b7:6d:6d:ab:01:62:
                    24:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:92:9E:01:41:EB:33:65:EC:28:2B:6F:7A:97:7C:84:21:8F:B0:55
            X509v3 Authority Key Identifier:
                keyid:CA:EC:E4:1C:BC:2C:30:62:6E:F2:A2:8D:18:39:F2:D6:C4:75:7F:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yuzkHLwsMGJu8qKNGDny1sR1fz8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/K5KeAUHrM2XsKCtvepd8hCGPsFU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/yuzkHLwsMGJu8qKNGDny1sR1fz8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  145.221.0.0/16
                  156.114.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         34:93:b8:cf:55:3b:53:b7:3d:48:70:a3:79:d2:81:c1:73:0d:
         1b:35:18:76:b0:ef:46:c6:b1:0d:e2:0f:11:b2:b3:06:7d:0d:
         2b:d9:f9:24:db:55:7b:04:04:13:27:bb:b7:08:36:4d:7d:4e:
         22:db:f6:35:e1:a9:d3:61:df:ea:10:a2:73:d7:0c:b3:7f:04:
         4b:f7:c8:94:93:6e:50:2a:8e:e1:3c:ea:d6:2d:c6:6b:c7:8c:
         4f:a0:16:0d:51:c5:cf:24:6e:ea:e3:45:c7:8d:ea:ea:ae:cb:
         3c:4b:96:38:bd:2b:fc:95:42:7b:0b:33:47:82:6d:ea:87:24:
         ec:47:62:ab:ae:c6:9a:c8:b1:90:d3:73:e7:b1:61:1e:3a:4d:
         4e:21:4d:92:41:65:01:3a:6d:f0:fb:78:15:f1:a0:c1:15:5d:
         35:fc:b1:f3:13:8a:b6:f5:3e:ed:fa:8d:42:25:05:2c:99:bb:
         06:a8:6e:80:c8:9d:e8:80:35:d5:59:6d:eb:8e:ee:07:1a:56:
         6b:64:52:dd:c4:c7:a1:46:77:32:90:10:36:cd:f0:99:37:a0:
         cd:6b:1b:bd:d6:4d:8b:5b:5e:97:4c:46:e4:9e:88:cd:ce:62:
         62:96:51:5c:c2:7b:b0:52:c3:6d:c2:ba:6d:2c:d1:5d:3a:f9:
         f7:a6:ee:31
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIEBwR4mTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YWVjZTQxY2JjMmMzMDYyNmVmMmEyOGQxODM5ZjJkNmM0NzU3ZjNmMB4XDTIyMDEw
MTA5NTc0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmI5MjllMDE0MWVi
MzM2NWVjMjgyYjZmN2E5NzdjODQyMThmYjA1NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALTy034GemJ/6MUl1Lid+g2nE+/9I+RSrKZC7eml8itcTrta
ZQH9vOlwrQ5PWzdHq7HeYomfFbcjcz+ZJ6DnT5xmv7c6fkFwkqwqkqfydMgeiwN5
3Q6aw1sOedXn6IoWrGTJRQL9otF97yIUFVv7NwOsUJV4m7yuhu//+ueZ/eoEuIMC
91KooKgcG5uGDEwOu11keV41yQIcNzwo67HfbGAmPAVpbidN2ee5Q8qW55ZcH91j
nR3EhhaVROTsphqgnfHykZpydlY89u7MXycok8WVvTUM0JyDurxe04R/fAZ+ZgOJ
+yXbvg/0sLR18Ic3bHCVpJ6kGY1Bt21tqwFiJHMCAwEAAaOCAg4wggIKMB0GA1Ud
DgQWBBQrkp4BQeszZewoK296l3yEIY+wVTAfBgNVHSMEGDAWgBTK7OQcvCwwYm7y
oo0YOfLWxHV/PzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3l1emtITHdzTUdKdThxS05HRG55MXNSMWZ6OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvNjMwY2JlLWNlMDEtNDY0ZC04MmViLWQ4NTFlNDBkNTdiZi8x
L0s1S2VBVUhyTTJYc0tDdHZlcGQ4aENHUHNGVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQv
NjMwY2JlLWNlMDEtNDY0ZC04MmViLWQ4NTFlNDBkNTdiZi8xL3l1emtITHdzTUdK
dThxS05HRG55MXNSMWZ6OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAk
BggrBgEFBQcBBwEB/wQVMBMwEQQCAAEwCwMDAJHdAwQGnHKAMA0GCSqGSIb3DQEB
CwUAA4IBAQA0k7jPVTtTtz1IcKN50oHBcw0bNRh2sO9GxrEN4g8RsrMGfQ0r2fkk
21V7BAQTJ7u3CDZNfU4i2/Y14anTYd/qEKJz1wyzfwRL98iUk25QKo7hPOrWLcZr
x4xPoBYNUcXPJG7q40XHjerqrss8S5Y4vSv8lUJ7CzNHgm3qhyTsR2KrrsaayLGQ
03PnsWEeOk1OIU2SQWUBOm3w+3gV8aDBFV01/LHzE4q29T7t+o1CJQUsmbsGqG6A
yJ3ogDXVWW3rju4HGlZrZFLdxMehRncykBA2zfCZN6DNaxu91k2LW16XTEbknojN
zmJillFcwnuwUsNtwrptLNFdOvn3pu4x
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:22 2024 by rpki-client on console-fra.rpki-client.org