Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/j1_qGzfS_6vDcY4uyStNbIkQhwY.roa
File:                     j1_qGzfS_6vDcY4uyStNbIkQhwY.roa (raw, json)
Hash identifier:          OXItPtBzJVn+8K84pOFKPiNMk7mrha4AIKMN/pnAIlA=
Subject key identifier:   8F:5F:EA:1B:37:D2:FF:AB:C3:71:8E:2E:C9:2B:4D:6C:89:10:87:06
Certificate issuer:       /CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Certificate serial:       37EC0992
Authority key identifier: 87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/j1_qGzfS_6vDcY4uyStNbIkQhwY.roa
Signing time:             Wed 16 Feb 2022 14:52:39 +0000
ROA not before:           Wed 16 Feb 2022 14:52:39 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     57809
IP address blocks:        192.214.192.0/19 maxlen: 19
                          185.87.100.0/22 maxlen: 22
                          23.90.192.0/18 maxlen: 18
                          185.20.16.0/22 maxlen: 22
                          185.134.156.0/22 maxlen: 22
                          45.133.68.0/22 maxlen: 22
                          185.133.80.0/22 maxlen: 22
                          79.99.160.0/21 maxlen: 21
                          92.119.232.0/22 maxlen: 22
                          185.197.108.0/22 maxlen: 22
                          5.183.248.0/22 maxlen: 22
                          45.89.76.0/22 maxlen: 22
                          45.92.180.0/22 maxlen: 22
                          185.48.252.0/22 maxlen: 22
                          45.129.218.0/24 maxlen: 24
                          185.163.136.0/22 maxlen: 22
                          45.129.216.0/24 maxlen: 24
                          45.129.217.0/24 maxlen: 24
                          185.241.140.0/22 maxlen: 22
                          94.154.4.0/24 maxlen: 24
                          88.218.12.0/22 maxlen: 22
                          185.191.36.0/22 maxlen: 22
                          185.163.212.0/22 maxlen: 22
                          185.86.88.0/22 maxlen: 22
                          45.86.96.0/22 maxlen: 22
                          185.163.220.0/22 maxlen: 22
                          31.204.80.0/21 maxlen: 21
                          185.163.228.0/22 maxlen: 22
                          94.187.128.0/19 maxlen: 19
                          2.59.144.0/22 maxlen: 22
                          185.186.88.0/22 maxlen: 22
                          185.169.156.0/22 maxlen: 22
                          185.132.64.0/22 maxlen: 22
                          185.135.176.0/22 maxlen: 22
                          45.142.108.0/22 maxlen: 22
                          195.216.140.0/22 maxlen: 22
                          46.18.120.0/22 maxlen: 22
                          46.18.124.0/24 maxlen: 24
                          46.18.125.0/24 maxlen: 24
                          46.18.126.0/23 maxlen: 23
                          185.254.8.0/22 maxlen: 22
                          185.138.116.0/22 maxlen: 22
                          5.10.128.0/21 maxlen: 21
                          45.80.252.0/22 maxlen: 22
                          185.98.116.0/22 maxlen: 22
                          45.152.16.0/22 maxlen: 22
                          62.192.156.0/22 maxlen: 22
                          2a00:41e0::/29 maxlen: 32
                          2a05:b780::/29 maxlen: 29
                          2a01:648::/29 maxlen: 32
                          2a00:6780::/29 maxlen: 32
                          2a05:c100::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 938215826 (0x37ec0992)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
        Validity
            Not Before: Feb 16 14:52:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8f5fea1b37d2ffabc3718e2ec92b4d6c89108706
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:32:f6:90:19:c5:bc:f2:d5:66:95:25:f9:0b:
                    6e:90:d5:be:d0:4b:da:4c:56:c0:a5:09:a7:a3:eb:
                    6b:fd:c4:eb:d6:0a:80:01:30:63:ee:0c:4a:1b:75:
                    69:01:82:c3:9b:fb:0a:d8:c3:5a:ba:e7:7a:48:7d:
                    c5:9d:62:84:e7:cd:3e:cb:52:66:c0:be:0e:f1:30:
                    c5:d5:7d:34:bb:84:7f:69:6c:93:35:b9:10:17:f5:
                    7d:5c:b8:96:de:20:35:bf:cc:b0:5f:af:14:41:46:
                    3c:27:c1:63:6e:ac:4a:ec:54:81:50:08:d2:a4:02:
                    25:c9:60:82:e0:e5:e9:34:fa:88:b9:19:91:65:a8:
                    77:52:0e:68:0a:47:6d:e0:48:02:c4:40:91:5d:3d:
                    fc:0c:f8:b1:6a:5c:85:e1:84:d3:45:e8:ad:ce:7b:
                    34:18:2c:8f:1d:09:4b:29:41:9b:ec:73:ae:05:6d:
                    f5:72:f9:47:0c:5d:fc:0d:14:d4:85:26:de:96:99:
                    4c:11:ae:e2:13:d4:fe:08:28:40:2f:f8:50:e0:4f:
                    e9:f6:f7:fe:77:cb:e0:d7:8b:54:03:c2:05:3c:d4:
                    56:9c:ba:66:ac:6b:d9:d1:20:d4:bb:92:02:da:25:
                    af:5b:e5:81:2d:cc:ae:3f:3b:c3:84:2b:23:2d:ac:
                    67:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:5F:EA:1B:37:D2:FF:AB:C3:71:8E:2E:C9:2B:4D:6C:89:10:87:06
            X509v3 Authority Key Identifier:
                keyid:87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/j1_qGzfS_6vDcY4uyStNbIkQhwY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.59.144.0/22
                  5.10.128.0/21
                  5.183.248.0/22
                  23.90.192.0/18
                  31.204.80.0/21
                  45.80.252.0/22
                  45.86.96.0/22
                  45.89.76.0/22
                  45.92.180.0/22
                  45.129.216.0-45.129.218.255
                  45.133.68.0/22
                  45.142.108.0/22
                  45.152.16.0/22
                  46.18.120.0/21
                  62.192.156.0/22
                  79.99.160.0/21
                  88.218.12.0/22
                  92.119.232.0/22
                  94.154.4.0/24
                  94.187.128.0/19
                  185.20.16.0/22
                  185.48.252.0/22
                  185.86.88.0/22
                  185.87.100.0/22
                  185.98.116.0/22
                  185.132.64.0/22
                  185.133.80.0/22
                  185.134.156.0/22
                  185.135.176.0/22
                  185.138.116.0/22
                  185.163.136.0/22
                  185.163.212.0/22
                  185.163.220.0/22
                  185.163.228.0/22
                  185.169.156.0/22
                  185.186.88.0/22
                  185.191.36.0/22
                  185.197.108.0/22
                  185.241.140.0/22
                  185.254.8.0/22
                  192.214.192.0/19
                  195.216.140.0/22
                IPv6:
                  2a00:41e0::/29
                  2a00:6780::/29
                  2a01:648::/29
                  2a05:b780::/29
                  2a05:c100::/29

    Signature Algorithm: sha256WithRSAEncryption
         11:17:41:c4:57:5b:eb:9e:72:a7:f5:a1:f7:c2:b2:cd:2d:49:
         8a:00:cc:0f:9b:45:ee:6c:b5:37:06:77:68:5d:56:8d:38:7f:
         27:17:62:da:39:28:5b:b7:3f:f5:42:e7:bb:3e:33:8b:03:7b:
         e3:f5:b4:8e:77:f3:63:7f:f3:ee:e3:1a:bb:59:a5:43:b2:8b:
         ee:15:ce:77:7e:ff:41:45:9e:ca:a7:e5:8f:e4:84:e2:9c:32:
         66:cb:56:17:6c:ae:10:b8:dd:ba:60:a8:5e:79:5b:96:7b:2e:
         5c:ef:c0:ea:2f:5a:d4:0f:e6:cd:1e:fa:1f:25:b9:fe:49:94:
         38:e3:15:71:36:51:c7:14:90:09:e7:93:26:b5:3e:09:c5:48:
         b8:b8:97:51:a3:13:75:21:2f:72:7b:c0:47:82:f2:ee:88:00:
         69:35:8c:0f:51:47:90:f3:5f:82:c1:6e:31:1a:dc:e0:37:cf:
         e1:d6:60:75:60:36:cf:11:ea:5e:51:d3:2c:29:e7:9f:1a:1a:
         f4:5a:22:2c:d5:7d:05:03:8e:60:64:db:3d:09:49:2d:66:d2:
         60:28:99:d9:0b:5c:8e:c1:af:a5:fb:90:bc:6e:58:84:34:f2:
         36:29:b8:58:28:63:1c:34:3d:4d:d6:e0:e7:05:b7:69:4d:9d:
         9c:a0:77:aa
-----BEGIN CERTIFICATE-----
MIIGIjCCBQqgAwIBAgIEN+wJkjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
N2Q5OTAxMzE0NjdiNzdkMTExNjJiNzlmYmUzYjA2Y2E4YWIyZDM5MB4XDTIyMDIx
NjE0NTIzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGY1ZmVhMWIzN2Qy
ZmZhYmMzNzE4ZTJlYzkyYjRkNmM4OTEwODcwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMUy9pAZxbzy1WaVJfkLbpDVvtBL2kxWwKUJp6Pra/3E69YK
gAEwY+4MSht1aQGCw5v7CtjDWrrnekh9xZ1ihOfNPstSZsC+DvEwxdV9NLuEf2ls
kzW5EBf1fVy4lt4gNb/MsF+vFEFGPCfBY26sSuxUgVAI0qQCJclgguDl6TT6iLkZ
kWWod1IOaApHbeBIAsRAkV09/Az4sWpcheGE00Xorc57NBgsjx0JSylBm+xzrgVt
9XL5Rwxd/A0U1IUm3paZTBGu4hPU/ggoQC/4UOBP6fb3/nfL4NeLVAPCBTzUVpy6
Zqxr2dEg1LuSAtolr1vlgS3Mrj87w4QrIy2sZ7UCAwEAAaOCAzwwggM4MB0GA1Ud
DgQWBBSPX+obN9L/q8Nxji7JK01siRCHBjAfBgNVHSMEGDAWgBSH2ZATFGe3fREW
K3n747BsqKstOTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2g5bVFFeFJudDMwUkZpdDUtLU93YktpckxUay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvNWRlYTk3LTdlZjctNGRiMC05NGJjLWI4ZThiMzRkYjI5MC8x
L2oxX3FHemZTXzZ2RGNZNHV5U3ROYklrUWh3WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
NWRlYTk3LTdlZjctNGRiMC05NGJjLWI4ZThiMzRkYjI5MC8xL2g5bVFFeFJudDMw
UkZpdDUtLU93YktpckxUay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AVAGCCsGAQUFBwEHAQH/BIIBPzCCATswggEMBAIAATCCAQQDBAICO5ADBAMFCoAD
BAIFt/gDBAYXWsADBAMfzFADBAItUPwDBAItVmADBAItWUwDBAItXLQwDAMEAy2B
2AMEAC2B2gMEAi2FRAMEAi2ObAMEAi2YEAMEAy4SeAMEAj7AnAMEA09joAMEAlja
DAMEAlx36AMEAF6aBAMEBV67gAMEArkUEAMEArkw/AMEArlWWAMEArlXZAMEArli
dAMEArmEQAMEArmFUAMEArmGnAMEArmHsAMEArmKdAMEArmjiAMEArmj1AMEArmj
3AMEArmj5AMEArmpnAMEArm6WAMEArm/JAMEArnFbAMEArnxjAMEArn+CAMEBcDW
wAMEAsPYjDApBAIAAjAjAwUDKgBB4AMFAyoAZ4ADBQMqAQZIAwUDKgW3gAMFAyoF
wQAwDQYJKoZIhvcNAQELBQADggEBABEXQcRXW+uecqf1offCss0tSYoAzA+bRe5s
tTcGd2hdVo04fycXYto5KFu3P/VC57s+M4sDe+P1tI5382N/8+7jGrtZpUOyi+4V
znd+/0FFnsqn5Y/khOKcMmbLVhdsrhC43bpgqF55W5Z7LlzvwOovWtQP5s0e+h8l
uf5JlDjjFXE2UccUkAnnkya1PgnFSLi4l1GjE3UhL3J7wEeC8u6IAGk1jA9RR5Dz
X4LBbjEa3OA3z+HWYHVgNs8R6l5R0ywp558aGvRaIizVfQUDjmBk2z0JSS1m0mAo
mdkLXI7Br6X7kLxuWIQ08jYpuFgoYxw0PU3W4OcFt2lNnZygd6o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:15 2024 by rpki-client on console-ams.rpki-client.org