Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/PTnlysOq578plZi9ud9cbmdrqbE.roa
File:                     PTnlysOq578plZi9ud9cbmdrqbE.roa (raw, json)
Hash identifier:          uLfAt5ifqIjlYPWDBqodVAwNXg9pZiujy9IGVJ2Pxhs=
Subject key identifier:   3D:39:E5:CA:C3:AA:E7:BF:29:95:98:BD:B9:DF:5C:6E:67:6B:A9:B1
Certificate issuer:       /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial:       39264BB5
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/PTnlysOq578plZi9ud9cbmdrqbE.roa
Signing time:             Thu 20 Jan 2022 06:48:56 +0000
ROA not before:           Thu 20 Jan 2022 06:48:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58224
IP address blocks:        212.16.71.0/24 maxlen: 24
                          212.16.78.0/24 maxlen: 24
                          212.16.80.0/24 maxlen: 24
                          212.16.79.0/24 maxlen: 24
                          212.16.85.0/24 maxlen: 24
                          212.16.89.0/24 maxlen: 24
                          212.16.87.0/24 maxlen: 24
                          212.16.86.0/24 maxlen: 24
                          212.16.94.0/24 maxlen: 24
                          212.16.92.0/23 maxlen: 24
                          185.29.220.0/22 maxlen: 24
                          212.80.4.0/24 maxlen: 24
                          212.80.2.0/24 maxlen: 24
                          212.80.0.0/24 maxlen: 24
                          212.80.10.0/24 maxlen: 24
                          212.80.9.0/24 maxlen: 24
                          212.80.8.0/24 maxlen: 24
                          212.80.7.0/24 maxlen: 24
                          212.80.6.0/24 maxlen: 24
                          212.80.24.0/24 maxlen: 24
                          212.80.22.0/23 maxlen: 24
                          212.80.18.0/23 maxlen: 24
                          212.80.29.0/24 maxlen: 24
                          185.24.151.0/24 maxlen: 24
                          185.24.150.0/24 maxlen: 24
                          46.38.136.0/22 maxlen: 24
                          46.38.144.0/22 maxlen: 22
                          46.38.143.0/24 maxlen: 24
                          46.38.142.0/24 maxlen: 24
                          46.38.141.0/24 maxlen: 24
                          46.38.152.0/22 maxlen: 24
                          46.38.148.0/22 maxlen: 24
                          46.38.158.0/24 maxlen: 24
                          46.38.156.0/24 maxlen: 24
                          46.38.132.0/22 maxlen: 24
                          46.38.130.0/24 maxlen: 24
                          46.38.128.0/24 maxlen: 24
                          109.94.165.0/24 maxlen: 24
                          109.94.164.0/24 maxlen: 24
                          185.143.74.0/23 maxlen: 23
                          185.143.72.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 958811061 (0x39264bb5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
        Validity
            Not Before: Jan 20 06:48:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3d39e5cac3aae7bf299598bdb9df5c6e676ba9b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:7e:dc:62:df:0f:69:52:52:62:5f:37:b9:8f:
                    02:bf:c6:cf:2d:25:f9:38:c4:bf:6e:e6:14:38:ca:
                    65:f3:81:c6:31:82:a5:18:fb:81:ff:9c:01:6a:d9:
                    0d:ae:29:a5:09:cd:16:d4:33:c3:7c:0e:cd:09:16:
                    74:2f:0a:46:e2:e1:8b:3d:0f:5d:48:92:4e:83:ca:
                    ff:1d:99:85:50:f6:5d:67:43:90:d2:12:0c:ba:7f:
                    bd:31:30:6b:7d:fe:ec:d5:91:d7:4b:70:25:e4:88:
                    cd:98:0c:6c:73:60:c3:8c:3e:70:34:84:9a:6e:47:
                    95:53:3e:15:5f:d8:3a:c7:3a:e9:f3:4c:54:7d:ab:
                    b7:16:46:d7:91:9b:2c:86:ca:86:c2:43:02:43:29:
                    c2:68:34:14:5b:f9:5c:ac:cf:03:99:04:f2:04:ba:
                    7b:01:7c:82:77:4a:72:38:e7:8b:94:0b:75:ed:2a:
                    c3:b7:ef:b6:1e:cf:7d:db:92:49:06:a4:4d:da:7f:
                    d1:70:b1:0f:24:da:68:a4:99:29:d4:41:40:1a:b6:
                    d9:63:7c:ac:26:2c:68:73:3b:aa:d8:68:cb:0b:9d:
                    2a:14:e8:71:df:f5:1a:cb:38:a0:ce:2f:57:14:7b:
                    b1:c1:30:8a:60:7c:b7:3e:3f:c0:9e:0f:c1:89:e3:
                    ab:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:39:E5:CA:C3:AA:E7:BF:29:95:98:BD:B9:DF:5C:6E:67:6B:A9:B1
            X509v3 Authority Key Identifier:
                keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/PTnlysOq578plZi9ud9cbmdrqbE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.38.128.0/24
                  46.38.130.0/24
                  46.38.132.0-46.38.139.255
                  46.38.141.0-46.38.156.255
                  46.38.158.0/24
                  109.94.164.0/23
                  185.24.150.0/23
                  185.29.220.0/22
                  185.143.72.0/22
                  212.16.71.0/24
                  212.16.78.0-212.16.80.255
                  212.16.85.0-212.16.87.255
                  212.16.89.0/24
                  212.16.92.0-212.16.94.255
                  212.80.0.0/24
                  212.80.2.0/24
                  212.80.4.0/24
                  212.80.6.0-212.80.10.255
                  212.80.18.0/23
                  212.80.22.0-212.80.24.255
                  212.80.29.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:d6:b1:97:9a:64:36:6a:be:1c:8e:a5:42:4b:52:c8:7b:70:
         2c:fe:1c:b3:71:60:3b:4b:a0:ad:e1:d7:c9:6e:25:ca:9b:c2:
         2e:f6:d7:91:54:cb:ae:f0:75:d5:73:99:a7:27:9c:00:11:f6:
         19:ca:90:77:d6:e6:de:d1:5f:3d:0e:44:1a:36:a2:21:98:3c:
         a5:8c:db:5c:74:a9:f3:af:01:8c:7c:4e:8b:f6:27:3f:36:c5:
         44:1e:41:3d:ad:dd:48:7c:43:69:bf:d9:97:b2:d5:21:13:a0:
         57:b0:7a:c6:80:e7:1e:e9:6a:cb:05:ac:f8:df:3b:59:7b:45:
         a1:fe:75:ac:65:33:f7:03:e1:1d:fc:35:f2:7e:bc:60:be:88:
         92:69:75:e9:54:5a:3a:50:31:58:56:c9:53:27:e4:56:52:a5:
         b6:64:b9:22:2a:bb:e2:b1:a2:e3:4e:fb:0e:7a:bc:0b:e1:79:
         14:43:ce:37:08:7a:22:ce:bf:ba:d7:c6:1e:ef:f5:d8:4f:53:
         f1:65:b5:bf:dd:bf:48:3c:48:bd:9f:20:61:28:d2:2f:f3:a5:
         7e:11:34:d6:c0:e6:c4:44:93:b4:38:59:3f:90:36:d6:f3:6e:
         56:b5:3b:43:42:2f:b6:e2:71:76:76:f8:95:73:87:dc:10:65:
         af:d5:79:93
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgIEOSZLtTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NzI5NDVmNTcxMDMxNTNhMDc4NTRlNzRlMjI3ZjJhZWMxYzVmNDMwMB4XDTIyMDEy
MDA2NDg1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2QzOWU1Y2FjM2Fh
ZTdiZjI5OTU5OGJkYjlkZjVjNmU2NzZiYTliMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALR+3GLfD2lSUmJfN7mPAr/Gzy0l+TjEv27mFDjKZfOBxjGC
pRj7gf+cAWrZDa4ppQnNFtQzw3wOzQkWdC8KRuLhiz0PXUiSToPK/x2ZhVD2XWdD
kNISDLp/vTEwa33+7NWR10twJeSIzZgMbHNgw4w+cDSEmm5HlVM+FV/YOsc66fNM
VH2rtxZG15GbLIbKhsJDAkMpwmg0FFv5XKzPA5kE8gS6ewF8gndKcjjni5QLde0q
w7fvth7PfduSSQakTdp/0XCxDyTaaKSZKdRBQBq22WN8rCYsaHM7qthoywudKhTo
cd/1Gss4oM4vVxR7scEwimB8tz4/wJ4PwYnjq3sCAwEAAaOCAr4wggK6MB0GA1Ud
DgQWBBQ9OeXKw6rnvymVmL2531xuZ2upsTAfBgNVHSMEGDAWgBS3KUX1cQMVOgeF
TnTiJ/KuwcX0MDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3R5bEY5WEVERlRvSGhVNTA0aWZ5cnNIRjlEQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjEvNWY2OTA2LTNmYjAtNGRmZi04ZDAxLTJhMDljYzUzYTgwNS8x
L1BUbmx5c09xNTc4cGxaaTl1ZDljYm1kcnFiRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEv
NWY2OTA2LTNmYjAtNGRmZi04ZDAxLTJhMDljYzUzYTgwNS8xL3R5bEY5WEVERlRv
SGhVNTA0aWZ5cnNIRjlEQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
0wYIKwYBBQUHAQcBAf8EgcMwgcAwgb0EAgABMIG2AwQALiaAAwQALiaCMAwDBAIu
JoQDBAIuJogwDAMEAC4mjQMEAC4mnAMEAC4mngMEAW1epAMEAbkYlgMEArkd3AME
ArmPSAMEANQQRzAMAwQB1BBOAwQA1BBQMAwDBADUEFUDBAPUEFADBADUEFkwDAME
AtQQXAMEANQQXgMEANRQAAMEANRQAgMEANRQBDAMAwQB1FAGAwQA1FAKAwQB1FAS
MAwDBAHUUBYDBADUUBgDBADUUB0wDQYJKoZIhvcNAQELBQADggEBAEfWsZeaZDZq
vhyOpUJLUsh7cCz+HLNxYDtLoK3h18luJcqbwi7215FUy67wddVzmacnnAAR9hnK
kHfW5t7RXz0ORBo2oiGYPKWM21x0qfOvAYx8Tov2Jz82xUQeQT2t3Uh8Q2m/2Zey
1SEToFewesaA5x7passFrPjfO1l7RaH+daxlM/cD4R38NfJ+vGC+iJJpdelUWjpQ
MVhWyVMn5FZSpbZkuSIqu+KxouNO+w56vAvheRRDzjcIeiLOv7rXxh7v9dhPU/Fl
tb/dv0g8SL2fIGEo0i/zpX4RNNbA5sREk7Q4WT+QNtbzbla1O0NCL7bicXZ2+JVz
h9wQZa/VeZM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:06 2024 by rpki-client on console-ams.rpki-client.org