Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/004284-d4a7-4962-9697-f23b077edb96/1/ETtG_XQrKrGqy2tML6kZHK2x95M.roa
File:                     ETtG_XQrKrGqy2tML6kZHK2x95M.roa (raw, json)
Hash identifier:          C7B2EgTIAbOahWVLhvXtnMuAUwnaMpMlj4VlFn+uveI=
Subject key identifier:   11:3B:46:FD:74:2B:2A:B1:AA:CB:6B:4C:2F:A9:19:1C:AD:B1:F7:93
Certificate issuer:       /CN=83fb34b21a0ef8c40191c0e07c3b4524e323b2cf
Certificate serial:       0489EBDD
Authority key identifier: 83:FB:34:B2:1A:0E:F8:C4:01:91:C0:E0:7C:3B:45:24:E3:23:B2:CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g_s0shoO-MQBkcDgfDtFJOMjss8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/004284-d4a7-4962-9697-f23b077edb96/1/ETtG_XQrKrGqy2tML6kZHK2x95M.roa
Signing time:             Tue 19 Apr 2022 09:37:11 +0000
ROA not before:           Tue 19 Apr 2022 09:37:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     6712
IP address blocks:        91.204.196.0/22 maxlen: 22
                          91.204.196.0/23 maxlen: 23
                          91.204.196.0/24 maxlen: 24
                          91.204.198.0/24 maxlen: 24
                          91.204.198.0/23 maxlen: 23
                          91.204.197.0/24 maxlen: 24
                          91.204.199.0/24 maxlen: 24
                          91.246.134.0/24 maxlen: 24
                          91.246.133.0/24 maxlen: 24
                          91.246.135.0/24 maxlen: 24
                          91.246.134.0/23 maxlen: 23
                          91.246.136.0/21 maxlen: 21
                          91.246.139.0/24 maxlen: 24
                          91.246.136.0/24 maxlen: 24
                          91.246.136.0/23 maxlen: 23
                          91.246.138.0/24 maxlen: 24
                          91.246.138.0/23 maxlen: 23
                          91.246.137.0/24 maxlen: 24
                          91.246.140.0/24 maxlen: 24
                          91.246.140.0/23 maxlen: 23
                          91.246.142.0/24 maxlen: 24
                          91.246.142.0/23 maxlen: 23
                          91.246.141.0/24 maxlen: 24
                          91.246.143.0/24 maxlen: 24
                          91.246.145.0/24 maxlen: 24
                          91.246.144.0/21 maxlen: 21
                          91.246.144.0/23 maxlen: 23
                          91.246.144.0/24 maxlen: 24
                          91.246.146.0/24 maxlen: 24
                          91.246.147.0/24 maxlen: 24
                          91.246.151.0/24 maxlen: 24
                          91.246.146.0/23 maxlen: 23
                          91.246.149.0/24 maxlen: 24
                          91.246.148.0/24 maxlen: 24
                          91.246.148.0/23 maxlen: 23
                          91.246.150.0/23 maxlen: 23
                          91.246.150.0/24 maxlen: 24
                          91.246.152.0/21 maxlen: 21
                          91.246.152.0/24 maxlen: 24
                          91.246.152.0/23 maxlen: 23
                          91.246.158.0/24 maxlen: 24
                          91.246.159.0/24 maxlen: 24
                          91.246.158.0/23 maxlen: 23
                          91.246.154.0/23 maxlen: 23
                          91.246.154.0/24 maxlen: 24
                          91.246.153.0/24 maxlen: 24
                          91.246.156.0/24 maxlen: 24
                          91.246.156.0/23 maxlen: 23
                          91.246.157.0/24 maxlen: 24
                          91.246.155.0/24 maxlen: 24
                          91.246.132.0/24 maxlen: 24
                          91.246.131.0/24 maxlen: 24
                          91.246.130.0/23 maxlen: 23
                          91.246.130.0/24 maxlen: 24
                          91.246.132.0/23 maxlen: 23
                          91.246.129.0/24 maxlen: 24
                          91.246.128.0/24 maxlen: 24
                          91.246.128.0/23 maxlen: 23
                          91.246.128.0/21 maxlen: 21
                          91.246.128.0/19 maxlen: 19

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 76147677 (0x489ebdd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=83fb34b21a0ef8c40191c0e07c3b4524e323b2cf
        Validity
            Not Before: Apr 19 09:37:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=113b46fd742b2ab1aacb6b4c2fa9191cadb1f793
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:13:d7:47:58:5e:84:8d:a8:3f:a5:f0:3d:61:
                    7a:46:38:98:03:21:74:de:51:10:2a:af:36:91:8e:
                    8d:ea:f1:79:e5:29:f6:b5:e2:f8:dd:21:4f:8c:68:
                    46:58:51:d7:b8:d5:ce:0f:85:c1:44:e5:4a:16:44:
                    ed:b2:20:3e:b5:97:fd:97:23:61:d1:c6:fc:ac:bc:
                    b0:10:4f:bf:ac:21:d9:d1:bb:7a:6e:a4:fe:eb:17:
                    aa:72:07:ef:9a:62:6a:28:84:0e:4a:c3:84:77:3e:
                    52:cb:40:85:7a:f4:87:9f:4a:80:49:31:f1:c9:65:
                    fe:02:fb:60:68:8d:1f:d3:f2:2a:76:fc:3a:aa:60:
                    56:cb:d8:97:3d:00:16:be:9d:00:c4:e3:fe:e2:b8:
                    3e:48:55:0b:cf:17:67:a1:e7:1b:38:c4:1a:57:07:
                    8d:d2:dc:da:a0:02:3b:4f:2d:e1:16:f9:5f:ae:fb:
                    2f:a1:b9:ee:ef:9e:45:81:87:4d:6a:4d:fc:ef:01:
                    e6:c6:60:a9:c3:4e:74:04:48:28:18:b4:1e:d9:d1:
                    e3:a4:aa:5d:ea:37:b9:87:15:bb:c3:02:a9:13:ff:
                    fb:60:c8:d3:2d:4a:5d:9d:c0:b2:a2:3c:96:b2:0b:
                    10:40:0b:a6:04:e0:e6:19:dd:92:3e:35:6d:44:7c:
                    1d:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:3B:46:FD:74:2B:2A:B1:AA:CB:6B:4C:2F:A9:19:1C:AD:B1:F7:93
            X509v3 Authority Key Identifier:
                keyid:83:FB:34:B2:1A:0E:F8:C4:01:91:C0:E0:7C:3B:45:24:E3:23:B2:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g_s0shoO-MQBkcDgfDtFJOMjss8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/004284-d4a7-4962-9697-f23b077edb96/1/ETtG_XQrKrGqy2tML6kZHK2x95M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/004284-d4a7-4962-9697-f23b077edb96/1/g_s0shoO-MQBkcDgfDtFJOMjss8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.204.196.0/22
                  91.246.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         88:96:a3:c1:e2:b7:f7:9a:e7:ff:69:76:46:59:c1:7b:c1:b6:
         65:e5:93:6c:b9:2f:d1:41:f9:01:10:4a:43:0a:21:ef:52:42:
         2e:e5:38:2d:1a:8b:9d:f4:ab:3c:12:fd:67:b0:fc:e6:75:d8:
         c6:64:73:a2:4f:fb:a2:d5:1f:97:49:d6:4d:bb:0e:5f:c1:23:
         4b:36:a4:54:e6:bb:dd:29:75:69:ac:9c:d1:0d:13:27:65:d6:
         16:8d:cc:fb:af:b4:ab:1f:ba:ed:0b:e5:48:fd:f8:7e:3a:3c:
         d4:1c:e1:7d:8a:28:ad:61:fe:89:8c:15:dc:6c:10:19:b7:7d:
         ae:b7:4b:6d:0e:db:15:66:77:16:9d:40:b1:d9:d5:32:86:cf:
         e3:36:7d:4d:0f:62:c0:72:76:5c:6c:9a:d3:16:79:05:e2:14:
         eb:72:0e:da:10:e2:83:ee:c4:62:1e:7e:b2:a0:91:c9:22:3c:
         f7:35:3b:47:ec:aa:8c:57:d3:fb:c5:d4:f6:88:d0:88:1e:27:
         55:98:c1:9b:ff:61:a0:f3:86:cc:d5:13:82:47:96:66:77:84:
         b2:05:18:a2:f9:e6:7d:e6:a1:69:3c:fc:85:a2:18:78:af:38:
         25:aa:e3:12:35:ae:7e:d1:55:c6:0c:9b:0a:85:db:32:bf:5d:
         6f:b1:1a:2b
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBInr3TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
M2ZiMzRiMjFhMGVmOGM0MDE5MWMwZTA3YzNiNDUyNGUzMjNiMmNmMB4XDTIyMDQx
OTA5MzcxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTEzYjQ2ZmQ3NDJi
MmFiMWFhY2I2YjRjMmZhOTE5MWNhZGIxZjc5MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKoT10dYXoSNqD+l8D1hekY4mAMhdN5RECqvNpGOjerxeeUp
9rXi+N0hT4xoRlhR17jVzg+FwUTlShZE7bIgPrWX/ZcjYdHG/Ky8sBBPv6wh2dG7
em6k/usXqnIH75piaiiEDkrDhHc+UstAhXr0h59KgEkx8cll/gL7YGiNH9PyKnb8
OqpgVsvYlz0AFr6dAMTj/uK4PkhVC88XZ6HnGzjEGlcHjdLc2qACO08t4Rb5X677
L6G57u+eRYGHTWpN/O8B5sZgqcNOdARIKBi0HtnR46SqXeo3uYcVu8MCqRP/+2DI
0y1KXZ3AsqI8lrILEEALpgTg5hndkj41bUR8HTUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQRO0b9dCsqsarLa0wvqRkcrbH3kzAfBgNVHSMEGDAWgBSD+zSyGg74xAGR
wOB8O0Uk4yOyzzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dfczBzaG9PLU1RQmtjRGdmRHRGSk9NanNzOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzMvMDA0Mjg0LWQ0YTctNDk2Mi05Njk3LWYyM2IwNzdlZGI5Ni8x
L0VUdEdfWFFyS3JHcXkydE1MNmtaSEsyeDk1TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzMv
MDA0Mjg0LWQ0YTctNDk2Mi05Njk3LWYyM2IwNzdlZGI5Ni8xL2dfczBzaG9PLU1R
QmtjRGdmRHRGSk9NanNzOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlvMxAMEBVv2gDANBgkqhkiG9w0B
AQsFAAOCAQEAiJajweK395rn/2l2RlnBe8G2ZeWTbLkv0UH5ARBKQwoh71JCLuU4
LRqLnfSrPBL9Z7D85nXYxmRzok/7otUfl0nWTbsOX8EjSzakVOa73Sl1aayc0Q0T
J2XWFo3M+6+0qx+67QvlSP34fjo81BzhfYoorWH+iYwV3GwQGbd9rrdLbQ7bFWZ3
Fp1AsdnVMobP4zZ9TQ9iwHJ2XGya0xZ5BeIU63IO2hDig+7EYh5+sqCRySI89zU7
R+yqjFfT+8XU9ojQiB4nVZjBm/9hoPOGzNUTgkeWZneEsgUYovnmfeahaTz8haIY
eK84JarjEjWuftFVxgybCoXbMr9db7EaKw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:56 2024 by rpki-client on console-fra.rpki-client.org