Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/ftp4WCJPGW4u32PgAtrtBbIajx0.roa
File:                     ftp4WCJPGW4u32PgAtrtBbIajx0.roa (raw, json)
Hash identifier:          1nRl6kw7cpqxagz0MEdaju18KOyMDij+9brW/IWdwYg=
Subject key identifier:   7E:DA:78:58:22:4F:19:6E:2E:DF:63:E0:02:DA:ED:05:B2:1A:8F:1D
Certificate issuer:       /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial:       01830225A61AE41FFE25F0E2169C0A52B0AA
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/ftp4WCJPGW4u32PgAtrtBbIajx0.roa
Signing time:             Sat 03 Sep 2022 06:59:25 +0000
ROA not before:           Sat 03 Sep 2022 06:59:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58224
IP address blocks:        212.16.78.0/24 maxlen: 24
                          212.16.80.0/24 maxlen: 24
                          212.16.79.0/24 maxlen: 24
                          212.16.85.0/24 maxlen: 24
                          212.16.89.0/24 maxlen: 24
                          212.16.87.0/24 maxlen: 24
                          212.16.86.0/24 maxlen: 24
                          212.16.94.0/24 maxlen: 24
                          212.16.93.0/24 maxlen: 24
                          212.16.92.0/24 maxlen: 24
                          185.29.220.0/22 maxlen: 24
                          212.80.0.0/24 maxlen: 24
                          212.80.11.0/24 maxlen: 24
                          212.80.10.0/24 maxlen: 24
                          212.80.9.0/24 maxlen: 24
                          212.80.8.0/24 maxlen: 24
                          212.80.7.0/24 maxlen: 24
                          212.80.6.0/24 maxlen: 24
                          212.80.24.0/24 maxlen: 24
                          212.80.23.0/24 maxlen: 24
                          212.80.22.0/24 maxlen: 24
                          212.80.21.0/24 maxlen: 24
                          212.80.20.0/24 maxlen: 24
                          212.80.19.0/24 maxlen: 24
                          212.80.18.0/24 maxlen: 24
                          212.80.29.0/24 maxlen: 24
                          185.24.148.0/22 maxlen: 24
                          46.38.136.0/22 maxlen: 24
                          46.38.144.0/21 maxlen: 24
                          46.38.143.0/24 maxlen: 24
                          46.38.142.0/24 maxlen: 24
                          46.38.141.0/24 maxlen: 24
                          46.38.152.0/22 maxlen: 24
                          46.38.158.0/24 maxlen: 24
                          46.38.157.0/24 maxlen: 24
                          46.38.156.0/24 maxlen: 24
                          46.38.132.0/22 maxlen: 24
                          46.38.130.0/24 maxlen: 24
                          46.38.128.0/24 maxlen: 24
                          109.94.165.0/24 maxlen: 24
                          109.94.164.0/23 maxlen: 23
                          185.143.74.0/23 maxlen: 23
                          185.143.72.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:02:25:a6:1a:e4:1f:fe:25:f0:e2:16:9c:0a:52:b0:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
        Validity
            Not Before: Sep  3 06:59:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7eda7858224f196e2edf63e002daed05b21a8f1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:40:0c:53:60:a2:21:9b:31:33:54:41:bb:91:
                    3f:0a:7f:89:f2:7b:29:1f:d0:57:97:94:8f:1b:4b:
                    9e:e4:a8:aa:66:2e:56:aa:94:fb:e4:52:5e:5a:c3:
                    7c:db:03:4a:e1:23:12:93:94:7f:e4:81:4d:79:06:
                    74:6b:69:3c:38:0c:96:05:35:f7:d1:65:96:d0:c1:
                    85:0d:89:11:79:20:bc:ea:3d:36:89:1c:53:c8:69:
                    cc:74:f0:98:21:da:a6:e2:f8:fb:01:ba:99:bc:47:
                    11:13:d2:e8:69:25:57:fd:86:d0:84:f4:d3:c9:75:
                    f6:27:06:d1:39:66:22:22:32:77:90:5e:e8:49:db:
                    86:42:56:71:fd:b2:d1:c2:23:6f:d4:87:f3:e1:2f:
                    80:7c:08:a8:a3:90:d7:5e:6f:0b:ce:c1:8a:e4:fc:
                    fa:3d:99:82:78:f7:bd:70:05:9a:6d:dd:0f:84:1e:
                    f8:b8:1b:7a:dd:2e:d8:cd:c4:57:cc:03:94:2d:c6:
                    f5:ee:51:9e:02:e7:21:a8:27:2e:17:ed:51:55:7b:
                    e7:f8:7d:22:07:e4:e2:e5:8f:ad:7b:41:be:2d:0c:
                    80:05:af:52:c0:76:63:c3:23:a4:8b:cd:52:28:dc:
                    60:2a:3b:31:45:90:19:03:c7:02:b7:a2:03:b1:3c:
                    1d:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:DA:78:58:22:4F:19:6E:2E:DF:63:E0:02:DA:ED:05:B2:1A:8F:1D
            X509v3 Authority Key Identifier:
                keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/ftp4WCJPGW4u32PgAtrtBbIajx0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.38.128.0/24
                  46.38.130.0/24
                  46.38.132.0-46.38.139.255
                  46.38.141.0-46.38.158.255
                  109.94.164.0/23
                  185.24.148.0/22
                  185.29.220.0/22
                  185.143.72.0/22
                  212.16.78.0-212.16.80.255
                  212.16.85.0-212.16.87.255
                  212.16.89.0/24
                  212.16.92.0-212.16.94.255
                  212.80.0.0/24
                  212.80.6.0-212.80.11.255
                  212.80.18.0-212.80.24.255
                  212.80.29.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:f2:2f:6b:75:d0:01:58:e2:33:e0:3c:f2:ed:1d:eb:75:c4:
         42:cd:17:e6:83:9c:66:30:91:05:88:ba:e1:2c:c4:6e:89:9b:
         87:ba:02:9f:39:6c:b1:81:57:19:49:8b:5f:d7:6d:e5:a5:e2:
         93:fe:c8:1c:ee:fa:50:29:0f:f5:47:e8:11:b5:b5:e0:c2:95:
         17:2a:99:20:46:ff:85:c7:5f:c8:e8:6d:68:25:1a:dd:ed:a4:
         1d:74:b6:77:80:d4:4a:0b:85:5d:bf:b2:93:ac:9c:08:ee:72:
         de:c5:58:d5:f4:03:60:b8:2a:92:d8:1d:36:e4:7d:36:44:81:
         36:0a:f0:46:f6:ef:0d:f0:05:56:f8:ab:bd:78:84:79:d7:de:
         82:d7:5e:c8:3a:82:80:8c:2f:c9:47:ea:cb:c3:18:d8:59:72:
         71:d3:3d:a7:71:87:4d:58:25:c6:06:1a:7b:13:72:77:8d:b1:
         40:10:37:2e:4b:84:07:4f:5a:f1:07:41:62:e6:bc:48:02:c7:
         64:ac:99:ee:c2:38:0d:5b:41:a2:e5:7a:9e:ac:bc:5c:21:ab:
         56:e1:c9:8e:7d:17:b6:4d:51:56:ec:ee:30:d5:2b:fc:ca:3d:
         82:7d:79:b7:95:e1:b3:d6:19:f0:66:7a:74:de:0e:69:3d:7b:
         27:b5:94:81
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYMCJaYa5B/+JfDiFpwKUrCqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjIwOTAzMDY1OTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWRhNzg1ODIyNGYxOTZlMmVkZjYzZTAwMmRhZWQwNWIyMWE4ZjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEAMU2CiIZsxM1RBu5E/Cn+J8nsp
H9BXl5SPG0ue5KiqZi5WqpT75FJeWsN82wNK4SMSk5R/5IFNeQZ0a2k8OAyWBTX3
0WWW0MGFDYkReSC86j02iRxTyGnMdPCYIdqm4vj7AbqZvEcRE9LoaSVX/YbQhPTT
yXX2JwbROWYiIjJ3kF7oSduGQlZx/bLRwiNv1Ifz4S+AfAioo5DXXm8LzsGK5Pz6
PZmCePe9cAWabd0PhB74uBt63S7YzcRXzAOULcb17lGeAuchqCcuF+1RVXvn+H0i
B+Ti5Y+te0G+LQyABa9SwHZjwyOki81SKNxgKjsxRZAZA8cCt6IDsTwdNQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFH7aeFgiTxluLt9j4ALa7QWyGo8dMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvZnRwNFdDSlBHVzR1MzJQZ0F0cnRCYklhangwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBnwQCAAEwgZgDBAAu
JoADBAAuJoIwDAMEAi4mhAMEAi4miDAMAwQALiaNAwQALiaeAwQBbV6kAwQCuRiU
AwQCuR3cAwQCuY9IMAwDBAHUEE4DBADUEFAwDAMEANQQVQMEA9QQUAMEANQQWTAM
AwQC1BBcAwQA1BBeAwQA1FAAMAwDBAHUUAYDBALUUAgwDAMEAdRQEgMEANRQGAME
ANRQHTANBgkqhkiG9w0BAQsFAAOCAQEAmfIva3XQAVjiM+A88u0d63XEQs0X5oOc
ZjCRBYi64SzEbombh7oCnzlssYFXGUmLX9dt5aXik/7IHO76UCkP9UfoEbW14MKV
FyqZIEb/hcdfyOhtaCUa3e2kHXS2d4DUSguFXb+yk6ycCO5y3sVY1fQDYLgqktgd
NuR9NkSBNgrwRvbvDfAFVvirvXiEedfegtdeyDqCgIwvyUfqy8MY2FlycdM9p3GH
TVglxgYaexNyd42xQBA3LkuEB09a8QdBYua8SALHZKyZ7sI4DVtBouV6nqy8XCGr
VuHJjn0Xtk1RVuzuMNUr/Mo9gn15t5Xhs9YZ8GZ6dN4OaT17J7WUgQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:06 2024 by rpki-client on console-ams.rpki-client.org