Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/JLKviHy8Jy5lmWc4k457solizg8.roa
File:                     JLKviHy8Jy5lmWc4k457solizg8.roa (raw, json)
Hash identifier:          rezowA5OVTh4PBwW4+5IRZ/fP1Yf83EBRw+LjQgRv08=
Subject key identifier:   24:B2:AF:88:7C:BC:27:2E:65:99:67:38:93:8E:7B:B2:89:62:CE:0F
Certificate issuer:       /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial:       3ABCEFDF
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/JLKviHy8Jy5lmWc4k457solizg8.roa
Signing time:             Tue 28 Jun 2022 10:12:02 +0000
ROA not before:           Tue 28 Jun 2022 10:12:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58224
IP address blocks:        212.16.71.0/24 maxlen: 24
                          212.16.78.0/24 maxlen: 24
                          212.16.80.0/24 maxlen: 24
                          212.16.79.0/24 maxlen: 24
                          212.16.85.0/24 maxlen: 24
                          212.16.89.0/24 maxlen: 24
                          212.16.87.0/24 maxlen: 24
                          212.16.86.0/24 maxlen: 24
                          212.16.94.0/24 maxlen: 24
                          212.16.92.0/23 maxlen: 24
                          185.29.220.0/22 maxlen: 24
                          212.80.4.0/24 maxlen: 24
                          212.80.2.0/24 maxlen: 24
                          212.80.0.0/24 maxlen: 24
                          212.80.10.0/24 maxlen: 24
                          212.80.9.0/24 maxlen: 24
                          212.80.8.0/24 maxlen: 24
                          212.80.7.0/24 maxlen: 24
                          212.80.6.0/24 maxlen: 24
                          212.80.24.0/24 maxlen: 24
                          212.80.22.0/23 maxlen: 24
                          212.80.18.0/23 maxlen: 24
                          212.80.29.0/24 maxlen: 24
                          185.24.149.0/24 maxlen: 24
                          185.24.151.0/24 maxlen: 24
                          185.24.150.0/24 maxlen: 24
                          46.38.136.0/22 maxlen: 24
                          46.38.144.0/22 maxlen: 22
                          46.38.143.0/24 maxlen: 24
                          46.38.142.0/24 maxlen: 24
                          46.38.141.0/24 maxlen: 24
                          46.38.152.0/22 maxlen: 24
                          46.38.148.0/22 maxlen: 24
                          46.38.158.0/24 maxlen: 24
                          46.38.156.0/24 maxlen: 24
                          46.38.132.0/22 maxlen: 24
                          46.38.130.0/24 maxlen: 24
                          46.38.128.0/24 maxlen: 24
                          109.94.165.0/24 maxlen: 24
                          109.94.164.0/24 maxlen: 24
                          185.143.74.0/23 maxlen: 23
                          185.143.72.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 985460703 (0x3abcefdf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
        Validity
            Not Before: Jun 28 10:12:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=24b2af887cbc272e65996738938e7bb28962ce0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:63:e1:5a:91:ef:ed:65:ca:58:c2:e0:fd:a6:
                    76:64:ca:af:5c:ff:ce:37:df:af:af:71:83:3a:94:
                    c2:41:4f:67:a7:93:af:e4:4e:6d:f1:8e:84:af:54:
                    15:b9:5e:ad:fb:ac:32:da:8e:bf:8f:16:38:46:ef:
                    89:1b:1d:22:41:39:3a:80:96:2d:70:d6:81:bd:65:
                    a5:98:92:16:cc:c5:49:c6:a8:9c:f9:37:d7:26:6f:
                    3f:63:97:09:f6:11:9a:8a:85:bb:05:56:32:0a:d8:
                    a4:57:96:e2:3e:28:b6:48:36:ad:f5:04:0c:a1:b2:
                    e0:0c:c1:84:4c:d4:4d:91:0c:21:3c:26:9c:df:56:
                    68:68:d2:7e:69:df:dc:e6:73:b8:37:94:24:be:2b:
                    54:aa:25:d1:7b:b6:3e:8e:96:eb:7f:a9:b6:5a:28:
                    9f:fa:5b:d6:74:28:2e:2f:50:48:50:9f:bf:37:52:
                    24:89:bb:c7:2e:ec:fe:25:b1:75:cb:50:2a:53:cf:
                    1f:7f:9b:11:3e:26:68:b1:56:14:76:a6:13:e2:44:
                    b3:11:67:e3:a1:b8:fa:57:bb:25:a3:e1:2f:26:16:
                    61:0f:bf:23:17:00:68:e4:30:2b:40:1c:91:6f:57:
                    3d:29:0c:57:60:d9:85:bd:f2:c2:a7:f7:8a:47:46:
                    d3:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:B2:AF:88:7C:BC:27:2E:65:99:67:38:93:8E:7B:B2:89:62:CE:0F
            X509v3 Authority Key Identifier:
                keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/JLKviHy8Jy5lmWc4k457solizg8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.38.128.0/24
                  46.38.130.0/24
                  46.38.132.0-46.38.139.255
                  46.38.141.0-46.38.156.255
                  46.38.158.0/24
                  109.94.164.0/23
                  185.24.149.0-185.24.151.255
                  185.29.220.0/22
                  185.143.72.0/22
                  212.16.71.0/24
                  212.16.78.0-212.16.80.255
                  212.16.85.0-212.16.87.255
                  212.16.89.0/24
                  212.16.92.0-212.16.94.255
                  212.80.0.0/24
                  212.80.2.0/24
                  212.80.4.0/24
                  212.80.6.0-212.80.10.255
                  212.80.18.0/23
                  212.80.22.0-212.80.24.255
                  212.80.29.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:0b:39:55:84:55:6c:d2:aa:e3:49:de:f1:48:ea:21:4a:f7:
         ff:ae:7e:b4:2f:0d:40:1a:af:1a:86:b4:ef:b3:8a:27:e6:f4:
         a4:2a:b0:54:33:c6:2e:ac:df:8d:2b:20:47:a0:7c:ef:bc:b0:
         22:8e:f8:bb:6c:5e:c3:59:90:ba:5f:78:bd:9a:f4:28:10:5d:
         74:06:0e:14:a4:4f:b8:a8:34:da:b7:90:91:e9:9c:43:c8:5d:
         d1:26:3b:aa:3c:df:57:f9:b5:85:8a:73:af:5f:b6:34:ee:f8:
         59:ae:29:6a:01:e2:7e:10:16:66:2c:b0:9d:51:0f:80:9c:6b:
         a7:4b:88:07:54:b7:73:d0:d7:28:42:31:40:b6:e8:72:9e:1c:
         b5:10:11:e1:a0:48:95:ca:61:9b:8b:75:b5:8b:a9:f0:13:fa:
         f2:af:20:03:e2:64:fe:80:9d:da:02:d3:b8:8e:b7:9b:f4:b4:
         57:b1:bd:95:3d:21:42:84:16:ff:6e:3a:87:b1:3e:4c:1e:1f:
         7e:e4:dd:69:e1:0c:e8:4a:cd:05:97:56:30:e9:35:c1:b5:b2:
         6a:d6:4f:df:a4:98:86:eb:ef:26:57:11:63:91:e8:f6:b1:7b:
         b2:c4:8e:4a:f6:7f:95:9c:75:ee:73:77:d0:a2:df:37:7d:35:
         59:5d:65:14
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgIEOrzv3zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NzI5NDVmNTcxMDMxNTNhMDc4NTRlNzRlMjI3ZjJhZWMxYzVmNDMwMB4XDTIyMDYy
ODEwMTIwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjRiMmFmODg3Y2Jj
MjcyZTY1OTk2NzM4OTM4ZTdiYjI4OTYyY2UwZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJZj4VqR7+1lyljC4P2mdmTKr1z/zjffr69xgzqUwkFPZ6eT
r+RObfGOhK9UFblerfusMtqOv48WOEbviRsdIkE5OoCWLXDWgb1lpZiSFszFScao
nPk31yZvP2OXCfYRmoqFuwVWMgrYpFeW4j4otkg2rfUEDKGy4AzBhEzUTZEMITwm
nN9WaGjSfmnf3OZzuDeUJL4rVKol0Xu2Po6W63+ptloon/pb1nQoLi9QSFCfvzdS
JIm7xy7s/iWxdctQKlPPH3+bET4maLFWFHamE+JEsxFn46G4+le7JaPhLyYWYQ+/
IxcAaOQwK0AckW9XPSkMV2DZhb3ywqf3ikdG0yMCAwEAAaOCAsYwggLCMB0GA1Ud
DgQWBBQksq+IfLwnLmWZZziTjnuyiWLODzAfBgNVHSMEGDAWgBS3KUX1cQMVOgeF
TnTiJ/KuwcX0MDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3R5bEY5WEVERlRvSGhVNTA0aWZ5cnNIRjlEQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjEvNWY2OTA2LTNmYjAtNGRmZi04ZDAxLTJhMDljYzUzYTgwNS8x
L0pMS3ZpSHk4Snk1bG1XYzRrNDU3c29saXpnOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEv
NWY2OTA2LTNmYjAtNGRmZi04ZDAxLTJhMDljYzUzYTgwNS8xL3R5bEY5WEVERlRv
SGhVNTA0aWZ5cnNIRjlEQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
2wYIKwYBBQUHAQcBAf8EgcswgcgwgcUEAgABMIG+AwQALiaAAwQALiaCMAwDBAIu
JoQDBAIuJogwDAMEAC4mjQMEAC4mnAMEAC4mngMEAW1epDAMAwQAuRiVAwQDuRiQ
AwQCuR3cAwQCuY9IAwQA1BBHMAwDBAHUEE4DBADUEFAwDAMEANQQVQMEA9QQUAME
ANQQWTAMAwQC1BBcAwQA1BBeAwQA1FAAAwQA1FACAwQA1FAEMAwDBAHUUAYDBADU
UAoDBAHUUBIwDAMEAdRQFgMEANRQGAMEANRQHTANBgkqhkiG9w0BAQsFAAOCAQEA
WAs5VYRVbNKq40ne8UjqIUr3/65+tC8NQBqvGoa077OKJ+b0pCqwVDPGLqzfjSsg
R6B877ywIo74u2xew1mQul94vZr0KBBddAYOFKRPuKg02reQkemcQ8hd0SY7qjzf
V/m1hYpzr1+2NO74Wa4pagHifhAWZiywnVEPgJxrp0uIB1S3c9DXKEIxQLbocp4c
tRAR4aBIlcphm4t1tYup8BP68q8gA+Jk/oCd2gLTuI63m/S0V7G9lT0hQoQW/246
h7E+TB4ffuTdaeEM6ErNBZdWMOk1wbWyatZP36SYhuvvJlcRY5Ho9rF7ssSOSvZ/
lZx17nN30KLfN301WV1lFA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:06 2024 by rpki-client on console-ams.rpki-client.org