Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/PkWyIh9pSP1geyAG9PEMXhgyMpQ.roa
File:                     PkWyIh9pSP1geyAG9PEMXhgyMpQ.roa (raw, json)
Hash identifier:          3VPSaSchNvxDznsTU9wTZSnzwhYn+DnmJhNKjtmlJuo=
Subject key identifier:   3E:45:B2:22:1F:69:48:FD:60:7B:20:06:F4:F1:0C:5E:18:32:32:94
Certificate issuer:       /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial:       39EE1263
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/PkWyIh9pSP1geyAG9PEMXhgyMpQ.roa
Signing time:             Fri 22 Apr 2022 14:49:33 +0000
ROA not before:           Fri 22 Apr 2022 14:49:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1103
IP address blocks:        145.97.16.0/22 maxlen: 22
                          145.97.20.0/22 maxlen: 22
                          145.97.24.0/21 maxlen: 21
                          145.124.0.0/15 maxlen: 15
                          145.23.0.0/19 maxlen: 19
                          145.23.0.0/16 maxlen: 16
                          145.97.48.0/20 maxlen: 20
                          194.171.0.0/16 maxlen: 16
                          145.107.0.0/16 maxlen: 22
                          145.33.0.0/16 maxlen: 16
                          145.20.0.0/16 maxlen: 16
                          145.97.128.0/18 maxlen: 18
                          145.138.0.0/16 maxlen: 16
                          145.74.0.0/15 maxlen: 15
                          145.37.0.0/16 maxlen: 16
                          145.144.0.0/12 maxlen: 12
                          145.97.64.0/18 maxlen: 18
                          145.76.0.0/16 maxlen: 16
                          145.116.128.0/18 maxlen: 18
                          145.103.0.0/16 maxlen: 16
                          145.140.0.0/14 maxlen: 14
                          145.2.0.0/15 maxlen: 15
                          145.109.128.0/17 maxlen: 17
                          145.96.0.0/16 maxlen: 16
                          145.116.64.0/18 maxlen: 18
                          145.116.224.0/19 maxlen: 19
                          145.127.0.0/17 maxlen: 17
                          145.100.0.0/15 maxlen: 15
                          145.90.0.0/16 maxlen: 16
                          145.90.10.0/23 maxlen: 23
                          145.117.0.0/16 maxlen: 16
                          145.19.0.0/16 maxlen: 16
                          145.116.192.0/20 maxlen: 20
                          145.120.0.0/14 maxlen: 14
                          145.9.0.0/16 maxlen: 16
                          145.28.0.0/15 maxlen: 15
                          145.92.0.0/15 maxlen: 15
                          145.146.0.0/16 maxlen: 25
                          145.48.0.0/15 maxlen: 15
                          145.102.0.0/16 maxlen: 16
                          145.38.0.0/15 maxlen: 15
                          145.116.0.0/20 maxlen: 20
                          145.52.0.0/16 maxlen: 16
                          145.116.16.0/21 maxlen: 21
                          145.116.24.0/21 maxlen: 21
                          145.136.0.0/15 maxlen: 15
                          145.126.0.0/16 maxlen: 16
                          145.108.0.0/16 maxlen: 16
                          145.44.0.0/16 maxlen: 16
                          145.98.0.0/16 maxlen: 16
                          145.0.0.0/16 maxlen: 16
                          145.97.192.0/18 maxlen: 18
                          145.91.0.0/16 maxlen: 16
                          145.118.0.0/16 maxlen: 16
                          145.81.0.0/16 maxlen: 16
                          145.95.0.0/16 maxlen: 16
                          145.24.0.0/16 maxlen: 16
                          145.88.0.0/15 maxlen: 15
                          145.51.0.0/16 maxlen: 16
                          195.169.0.0/16 maxlen: 16
                          2001:610::/29 maxlen: 29
                          2001:610:130::/48 maxlen: 64
                          2001:610::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 971903587 (0x39ee1263)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
        Validity
            Not Before: Apr 22 14:49:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3e45b2221f6948fd607b2006f4f10c5e18323294
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:0d:80:7b:4a:83:10:53:a0:b6:3b:f0:4b:c0:
                    fb:80:2d:0f:09:7c:0c:89:31:a2:38:7b:b0:c4:f4:
                    91:e3:7c:09:15:08:4f:bd:d5:c9:d3:88:58:da:de:
                    ab:b9:85:5f:8c:f4:57:f0:2b:dc:92:17:c9:47:17:
                    64:85:c3:70:45:64:9b:1f:b0:40:0b:65:b6:7d:67:
                    25:8a:f9:e3:98:90:51:08:45:6b:15:4c:61:e1:ae:
                    af:c0:65:47:5f:01:08:8d:9f:4d:f9:5d:a8:fc:93:
                    79:2b:ec:95:8f:2b:74:6a:2a:db:04:5b:3b:ab:91:
                    04:bb:bf:34:97:07:cd:7f:1e:e1:45:91:f7:db:b9:
                    51:cf:4f:e6:b5:d0:16:3c:3c:18:5f:bd:e6:93:d7:
                    01:e8:13:27:89:53:90:0e:49:fc:23:ab:de:90:aa:
                    92:a6:91:bf:15:10:9c:24:d6:22:be:25:5a:a5:23:
                    e5:76:aa:97:71:ec:cd:95:52:63:b4:9b:9b:3b:b4:
                    83:5f:e0:8c:98:69:df:28:9f:70:b6:ae:66:98:6a:
                    0e:72:63:d1:3d:21:39:e3:1b:b4:03:c3:3c:2b:e9:
                    df:7c:c1:a9:46:b5:ed:e2:22:ec:eb:cd:b4:c3:c2:
                    cd:51:ed:39:f5:29:09:f1:19:3c:14:a4:02:47:4d:
                    50:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:45:B2:22:1F:69:48:FD:60:7B:20:06:F4:F1:0C:5E:18:32:32:94
            X509v3 Authority Key Identifier:
                keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/PkWyIh9pSP1geyAG9PEMXhgyMpQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  145.0.0.0/16
                  145.2.0.0/15
                  145.9.0.0/16
                  145.19.0.0-145.20.255.255
                  145.23.0.0-145.24.255.255
                  145.28.0.0/15
                  145.33.0.0/16
                  145.37.0.0-145.39.255.255
                  145.44.0.0/16
                  145.48.0.0/15
                  145.51.0.0-145.52.255.255
                  145.74.0.0-145.76.255.255
                  145.81.0.0/16
                  145.88.0.0-145.93.255.255
                  145.95.0.0-145.96.255.255
                  145.97.16.0/20
                  145.97.48.0-145.98.255.255
                  145.100.0.0/14
                  145.107.0.0-145.108.255.255
                  145.109.128.0/17
                  145.116.0.0/19
                  145.116.64.0-145.116.207.255
                  145.116.224.0-145.118.255.255
                  145.120.0.0-145.127.127.255
                  145.136.0.0-145.138.255.255
                  145.140.0.0-145.159.255.255
                  194.171.0.0/16
                  195.169.0.0/16
                IPv6:
                  2001:610::/29

    Signature Algorithm: sha256WithRSAEncryption
         7e:be:cf:8a:a4:b1:90:47:3a:c7:da:8c:26:17:a2:66:dc:6a:
         96:77:3e:a2:e6:22:a4:98:4b:d6:44:0c:ae:47:b9:8a:d0:b0:
         c5:7e:20:d1:b0:7e:83:94:b4:3a:0c:4c:91:a6:7f:6b:5a:a5:
         48:29:ba:27:12:60:91:5e:fe:26:8b:7d:5b:81:6e:29:3a:97:
         b5:c4:b1:97:4e:99:8b:c4:db:a7:16:6c:5f:be:ed:fc:26:97:
         6b:79:81:40:c0:bd:9a:c3:1b:44:d0:a3:dc:99:8c:9f:95:a2:
         20:6e:02:45:3b:fb:bc:11:98:fc:c9:16:e3:68:1c:9a:dc:79:
         39:dc:58:07:3d:22:9a:5f:42:a9:35:e8:48:8a:62:3a:7d:25:
         3a:33:35:aa:39:41:55:84:4b:c6:a0:a4:98:fa:24:da:ae:3c:
         62:d4:d9:9d:7f:d8:41:38:5f:af:6a:5c:67:47:41:95:ae:81:
         54:e9:98:80:5f:3b:af:c7:fc:67:56:ed:2e:26:b4:72:cf:8e:
         f7:cf:ef:d4:0d:0b:62:2a:a7:73:f3:50:9c:1b:7d:4b:f9:05:
         17:ed:4d:f5:22:40:5b:6b:0c:0c:bd:1b:6e:ac:93:bf:a1:ab:
         f5:10:d8:17:8c:be:6e:a1:b9:f6:b1:c4:d6:01:34:f8:33:18:
         b9:6f:eb:e6
-----BEGIN CERTIFICATE-----
MIIF9jCCBN6gAwIBAgIEOe4SYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NzczZGIxNzc5NWQyYmYxYjRiNTM0NWM1YjI5MzkwZGJhZjQ1MjNlMB4XDTIyMDQy
MjE0NDkzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2U0NWIyMjIxZjY5
NDhmZDYwN2IyMDA2ZjRmMTBjNWUxODMyMzI5NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL8NgHtKgxBToLY78EvA+4AtDwl8DIkxojh7sMT0keN8CRUI
T73VydOIWNreq7mFX4z0V/Ar3JIXyUcXZIXDcEVkmx+wQAtltn1nJYr545iQUQhF
axVMYeGur8BlR18BCI2fTfldqPyTeSvslY8rdGoq2wRbO6uRBLu/NJcHzX8e4UWR
99u5Uc9P5rXQFjw8GF+95pPXAegTJ4lTkA5J/COr3pCqkqaRvxUQnCTWIr4lWqUj
5Xaql3HszZVSY7Sbmzu0g1/gjJhp3yifcLauZphqDnJj0T0hOeMbtAPDPCvp33zB
qUa17eIi7OvNtMPCzVHtOfUpCfEZPBSkAkdNUOMCAwEAAaOCAxAwggMMMB0GA1Ud
DgQWBBQ+RbIiH2lI/WB7IAb08QxeGDIylDAfBgNVHSMEGDAWgBQXc9sXeV0r8bS1
NFxbKTkNuvRSPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0YzUGJGM2xkS19HMHRUUmNXeWs1RGJyMFVqNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmQvZjc3Y2JkLTg5M2ItNDYxNi05ZDc2LTU0ODYxZjIzMjQ5ZC8x
L1BrV3lJaDlwU1AxZ2V5QUc5UEVNWGhneU1wUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmQv
Zjc3Y2JkLTg5M2ItNDYxNi05ZDc2LTU0ODYxZjIzMjQ5ZC8xL0YzUGJGM2xkS19H
MHRUUmNXeWs1RGJyMFVqNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
ASQGCCsGAQUFBwEHAQH/BIIBEzCCAQ8wgf0EAgABMIH2AwMAkQADAwGRAgMDAJEJ
MAoDAwCREwMDAJEUMAoDAwCRFwMDAJEYAwMBkRwDAwCRITAKAwMAkSUDAwORIAMD
AJEsAwMBkTAwCgMDAJEzAwMAkTQwCgMDAZFKAwMAkUwDAwCRUTAKAwMDkVgDAwGR
XDAKAwMAkV8DAwCRYAMEBJFhEDALAwQEkWEwAwMAkWIDAwKRZDAKAwMAkWsDAwCR
bAMEB5FtgAMEBZF0ADAMAwQGkXRAAwQEkXTAMAsDBAWRdOADAwCRdjALAwMDkXgD
BAeRfwAwCgMDA5GIAwMAkYowCgMDApGMAwMFkYADAwDCqwMDAMOpMA0EAgACMAcD
BQMgAQYQMA0GCSqGSIb3DQEBCwUAA4IBAQB+vs+KpLGQRzrH2owmF6Jm3GqWdz6i
5iKkmEvWRAyuR7mK0LDFfiDRsH6DlLQ6DEyRpn9rWqVIKbonEmCRXv4mi31bgW4p
Ope1xLGXTpmLxNunFmxfvu38JpdreYFAwL2awxtE0KPcmYyflaIgbgJFO/u8EZj8
yRbjaBya3Hk53FgHPSKaX0KpNehIimI6fSU6MzWqOUFVhEvGoKSY+iTarjxi1Nmd
f9hBOF+valxnR0GVroFU6ZiAXzuvx/xnVu0uJrRyz473z+/UDQtiKqdz81CcG31L
+QUX7U31IkBbawwMvRturJO/oav1ENgXjL5uobn2scTWATT4Mxi5b+vm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:09 2024 by rpki-client on console-fra.rpki-client.org