Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/H_jxGCuthoG1LbvusXjv7wOoX8A.roa
File:                     H_jxGCuthoG1LbvusXjv7wOoX8A.roa (raw, json)
Hash identifier:          PJl76u2jjGeIyRUiHuGZ+kojmv7YGRus+GG3haPiPd0=
Subject key identifier:   1F:F8:F1:18:2B:AD:86:81:B5:2D:BB:EE:B1:78:EF:EF:03:A8:5F:C0
Certificate issuer:       /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial:       3A7F6D1C
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/H_jxGCuthoG1LbvusXjv7wOoX8A.roa
Signing time:             Wed 01 Jun 2022 07:28:04 +0000
ROA not before:           Wed 01 Jun 2022 07:28:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58224
IP address blocks:        212.16.71.0/24 maxlen: 24
                          212.16.78.0/24 maxlen: 24
                          212.16.80.0/24 maxlen: 24
                          212.16.79.0/24 maxlen: 24
                          212.16.85.0/24 maxlen: 24
                          212.16.89.0/24 maxlen: 24
                          212.16.87.0/24 maxlen: 24
                          212.16.86.0/24 maxlen: 24
                          212.16.94.0/24 maxlen: 24
                          212.16.92.0/23 maxlen: 24
                          185.29.220.0/22 maxlen: 24
                          212.80.4.0/24 maxlen: 24
                          212.80.2.0/24 maxlen: 24
                          212.80.0.0/24 maxlen: 24
                          212.80.10.0/24 maxlen: 24
                          212.80.9.0/24 maxlen: 24
                          212.80.8.0/24 maxlen: 24
                          212.80.7.0/24 maxlen: 24
                          212.80.6.0/24 maxlen: 24
                          212.80.24.0/24 maxlen: 24
                          212.80.22.0/23 maxlen: 24
                          212.80.20.0/23 maxlen: 23
                          212.80.18.0/23 maxlen: 24
                          212.80.29.0/24 maxlen: 24
                          185.24.149.0/24 maxlen: 24
                          185.24.151.0/24 maxlen: 24
                          185.24.150.0/24 maxlen: 24
                          46.38.136.0/22 maxlen: 24
                          46.38.144.0/22 maxlen: 22
                          46.38.143.0/24 maxlen: 24
                          46.38.142.0/24 maxlen: 24
                          46.38.141.0/24 maxlen: 24
                          46.38.152.0/22 maxlen: 24
                          46.38.148.0/22 maxlen: 24
                          46.38.158.0/24 maxlen: 24
                          46.38.156.0/24 maxlen: 24
                          46.38.132.0/22 maxlen: 24
                          46.38.130.0/24 maxlen: 24
                          46.38.128.0/24 maxlen: 24
                          109.94.165.0/24 maxlen: 24
                          109.94.164.0/24 maxlen: 24
                          185.143.74.0/23 maxlen: 23
                          185.143.72.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 981429532 (0x3a7f6d1c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
        Validity
            Not Before: Jun  1 07:28:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1ff8f1182bad8681b52dbbeeb178efef03a85fc0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:51:dd:74:a1:5b:2d:b7:d0:82:ef:a2:db:88:
                    c4:17:f9:12:f1:99:9d:bd:b5:2f:83:9b:a7:98:f3:
                    80:22:bc:12:33:22:f6:36:dd:0a:f2:9f:56:f9:ec:
                    9a:03:f0:6a:9d:5f:6a:0a:99:6b:37:37:d2:1f:3c:
                    d7:90:b0:57:b6:2e:9f:a8:20:49:96:f1:10:6d:47:
                    0a:4d:92:f6:40:4e:ce:5a:3f:d7:04:ea:be:84:82:
                    d1:9c:cd:7a:50:3c:0b:0d:25:b5:bd:63:e7:a4:1c:
                    49:c7:1c:93:4b:f6:de:2a:af:ae:41:17:80:f4:6d:
                    76:64:f9:29:20:11:12:0b:50:c5:a3:36:05:fd:fb:
                    f1:f2:4f:e0:6c:61:8c:b8:55:24:97:81:fa:ff:49:
                    69:d7:26:1f:d6:d1:05:ec:3e:4f:13:eb:fb:45:af:
                    a4:97:39:16:40:8e:7e:17:93:88:a3:8a:8a:de:1f:
                    19:23:44:69:da:8d:a8:6c:b9:60:16:18:c9:ae:d9:
                    2f:c5:4c:81:df:d7:a1:b0:74:d3:f3:b0:24:c7:ad:
                    a0:48:0c:29:43:94:2c:8c:39:7b:1f:07:8f:1c:3f:
                    76:d2:91:ce:bf:1e:15:fb:3d:fe:61:29:59:00:48:
                    b2:1a:7b:47:79:91:3f:1c:4a:57:5e:3f:2c:f4:0f:
                    6d:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:F8:F1:18:2B:AD:86:81:B5:2D:BB:EE:B1:78:EF:EF:03:A8:5F:C0
            X509v3 Authority Key Identifier:
                keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/H_jxGCuthoG1LbvusXjv7wOoX8A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.38.128.0/24
                  46.38.130.0/24
                  46.38.132.0-46.38.139.255
                  46.38.141.0-46.38.156.255
                  46.38.158.0/24
                  109.94.164.0/23
                  185.24.149.0-185.24.151.255
                  185.29.220.0/22
                  185.143.72.0/22
                  212.16.71.0/24
                  212.16.78.0-212.16.80.255
                  212.16.85.0-212.16.87.255
                  212.16.89.0/24
                  212.16.92.0-212.16.94.255
                  212.80.0.0/24
                  212.80.2.0/24
                  212.80.4.0/24
                  212.80.6.0-212.80.10.255
                  212.80.18.0-212.80.24.255
                  212.80.29.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:6a:8e:12:cd:55:dd:b6:3a:20:da:a7:fb:7f:61:b0:54:c2:
         cf:85:25:86:48:41:60:37:5c:6c:ac:0d:56:06:c7:11:d1:d3:
         38:3e:89:59:70:9b:a1:b3:27:19:99:62:e5:07:c1:77:d6:5e:
         58:2e:60:86:a5:58:9d:a8:a2:c2:ca:05:cc:b1:b3:ed:3c:c5:
         6c:ae:d9:56:5f:8f:62:dd:a4:8e:ab:81:09:52:30:47:18:bb:
         92:00:36:c3:a6:bb:e6:24:85:15:81:f2:8f:8e:45:95:ec:6d:
         c8:fc:0a:fe:8c:74:b2:c4:fe:18:8a:c9:b6:86:03:2c:0b:94:
         bc:2c:ad:6e:fb:7a:fc:6a:7e:64:1c:12:cb:b2:a9:39:b5:1a:
         f7:5a:cd:c1:35:ac:c5:19:99:f7:97:a3:02:19:b3:b4:97:b0:
         ed:23:d8:1a:10:3f:60:1a:78:29:0c:49:9a:8c:6f:bd:4b:9d:
         7a:57:62:77:e1:a4:41:1a:cf:00:ac:eb:4d:f4:5d:6c:19:1f:
         f0:bd:50:56:d3:16:55:74:5a:46:c1:e2:d3:b1:a4:96:f0:6c:
         e3:6f:10:6c:a5:c1:eb:e7:2f:1b:97:bf:1f:e5:03:53:c6:11:
         20:67:6a:68:af:e2:a0:16:41:d5:db:c3:77:63:f6:ed:df:26:
         cf:7c:51:8d
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgIEOn9tHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NzI5NDVmNTcxMDMxNTNhMDc4NTRlNzRlMjI3ZjJhZWMxYzVmNDMwMB4XDTIyMDYw
MTA3MjgwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWZmOGYxMTgyYmFk
ODY4MWI1MmRiYmVlYjE3OGVmZWYwM2E4NWZjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJlR3XShWy230ILvotuIxBf5EvGZnb21L4Obp5jzgCK8EjMi
9jbdCvKfVvnsmgPwap1fagqZazc30h8815CwV7Yun6ggSZbxEG1HCk2S9kBOzlo/
1wTqvoSC0ZzNelA8Cw0ltb1j56QcSccck0v23iqvrkEXgPRtdmT5KSAREgtQxaM2
Bf378fJP4GxhjLhVJJeB+v9JadcmH9bRBew+TxPr+0WvpJc5FkCOfheTiKOKit4f
GSNEadqNqGy5YBYYya7ZL8VMgd/XobB00/OwJMetoEgMKUOULIw5ex8Hjxw/dtKR
zr8eFfs9/mEpWQBIshp7R3mRPxxKV14/LPQPbZkCAwEAAaOCAsAwggK8MB0GA1Ud
DgQWBBQf+PEYK62GgbUtu+6xeO/vA6hfwDAfBgNVHSMEGDAWgBS3KUX1cQMVOgeF
TnTiJ/KuwcX0MDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3R5bEY5WEVERlRvSGhVNTA0aWZ5cnNIRjlEQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjEvNWY2OTA2LTNmYjAtNGRmZi04ZDAxLTJhMDljYzUzYTgwNS8x
L0hfanhHQ3V0aG9HMUxidnVzWGp2N3dPb1g4QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEv
NWY2OTA2LTNmYjAtNGRmZi04ZDAxLTJhMDljYzUzYTgwNS8xL3R5bEY5WEVERlRv
SGhVNTA0aWZ5cnNIRjlEQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
1QYIKwYBBQUHAQcBAf8EgcUwgcIwgb8EAgABMIG4AwQALiaAAwQALiaCMAwDBAIu
JoQDBAIuJogwDAMEAC4mjQMEAC4mnAMEAC4mngMEAW1epDAMAwQAuRiVAwQDuRiQ
AwQCuR3cAwQCuY9IAwQA1BBHMAwDBAHUEE4DBADUEFAwDAMEANQQVQMEA9QQUAME
ANQQWTAMAwQC1BBcAwQA1BBeAwQA1FAAAwQA1FACAwQA1FAEMAwDBAHUUAYDBADU
UAowDAMEAdRQEgMEANRQGAMEANRQHTANBgkqhkiG9w0BAQsFAAOCAQEAcWqOEs1V
3bY6INqn+39hsFTCz4UlhkhBYDdcbKwNVgbHEdHTOD6JWXCbobMnGZli5QfBd9Ze
WC5ghqVYnaiiwsoFzLGz7TzFbK7ZVl+PYt2kjquBCVIwRxi7kgA2w6a75iSFFYHy
j45FlextyPwK/ox0ssT+GIrJtoYDLAuUvCytbvt6/Gp+ZBwSy7KpObUa91rNwTWs
xRmZ95ejAhmztJew7SPYGhA/YBp4KQxJmoxvvUudeldid+GkQRrPAKzrTfRdbBkf
8L1QVtMWVXRaRsHi07GklvBs428QbKXB6+cvG5e/H+UDU8YRIGdqaK/ioBZB1dvD
d2P27d8mz3xRjQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:06 2024 by rpki-client on console-ams.rpki-client.org