Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/bK1gG6PPt8xnuLY5X7MxH88rbRk.roa
File:                     bK1gG6PPt8xnuLY5X7MxH88rbRk.roa (raw, json)
Hash identifier:          tsN/Z+RDDqktSZV26SLhxKPDZ1F/+/vAHf+UClIWeMQ=
Subject key identifier:   6C:AD:60:1B:A3:CF:B7:CC:67:B8:B6:39:5F:B3:31:1F:CF:2B:6D:19
Certificate issuer:       /CN=8817aafec61c3a6b024b6a9f54ffb764ca3df922
Certificate serial:       34FC8C45
Authority key identifier: 88:17:AA:FE:C6:1C:3A:6B:02:4B:6A:9F:54:FF:B7:64:CA:3D:F9:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/bK1gG6PPt8xnuLY5X7MxH88rbRk.roa
Signing time:             Sat 01 Jan 2022 05:57:45 +0000
ROA not before:           Sat 01 Jan 2022 05:57:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12654
IP address blocks:        84.205.71.0/24 maxlen: 24
                          84.205.70.0/24 maxlen: 24
                          84.205.69.0/24 maxlen: 24
                          84.205.68.0/24 maxlen: 24
                          84.205.67.0/24 maxlen: 24
                          84.205.66.0/24 maxlen: 24
                          84.205.65.0/24 maxlen: 24
                          84.205.77.0/24 maxlen: 24
                          84.205.78.0/24 maxlen: 24
                          84.205.76.0/24 maxlen: 24
                          84.205.75.0/24 maxlen: 24
                          84.205.74.0/24 maxlen: 24
                          84.205.73.0/24 maxlen: 24
                          84.205.72.0/24 maxlen: 24
                          84.205.85.0/24 maxlen: 24
                          84.205.84.0/24 maxlen: 24
                          84.205.82.0/24 maxlen: 24
                          84.205.81.0/24 maxlen: 24
                          84.205.80.0/24 maxlen: 24
                          84.205.79.0/24 maxlen: 24
                          84.205.91.0/24 maxlen: 24
                          84.205.90.0/24 maxlen: 24
                          84.205.89.0/24 maxlen: 24
                          84.205.88.0/24 maxlen: 24
                          84.205.87.0/24 maxlen: 24
                          84.205.86.0/24 maxlen: 24
                          84.205.95.0/24 maxlen: 24
                          84.205.94.0/24 maxlen: 24
                          84.205.93.0/24 maxlen: 24
                          84.205.92.0/24 maxlen: 24
                          84.205.64.0/24 maxlen: 24
                          93.175.152.0/24 maxlen: 24
                          93.175.151.0/24 maxlen: 24
                          93.175.150.0/24 maxlen: 24
                          93.175.149.0/24 maxlen: 24
                          93.175.148.0/24 maxlen: 24
                          93.175.146.0/24 maxlen: 24
                          93.175.153.0/24 maxlen: 24
                          2001:7fb:ff13::/48 maxlen: 48
                          2001:7fb:fe13::/48 maxlen: 48
                          2001:7fb:ff02::/48 maxlen: 48
                          2001:7fb:fd02::/48 maxlen: 48
                          2001:7fb:fe10::/48 maxlen: 48
                          2001:7fb:ff10::/48 maxlen: 48
                          2001:7fb:ff17::/48 maxlen: 48
                          2001:7fb:fe17::/48 maxlen: 48
                          2001:7fb:ff06::/48 maxlen: 48
                          2001:7fb:fe06::/48 maxlen: 48
                          2001:7fb:fe03::/48 maxlen: 48
                          2001:7fb:ff0d::/48 maxlen: 48
                          2001:7fb:fe0d::/48 maxlen: 48
                          2001:7fb:fe14::/48 maxlen: 48
                          2001:7fb:ff14::/48 maxlen: 48
                          2001:7fb:ff00::/48 maxlen: 48
                          2001:7fb:fe00::/48 maxlen: 48
                          2001:7fb:ff0a::/48 maxlen: 48
                          2001:7fb:fe0a::/48 maxlen: 48
                          2001:7fb:ff07::/48 maxlen: 48
                          2001:7fb:fe07::/48 maxlen: 48
                          2001:7fb:ff18::/48 maxlen: 48
                          2001:7fb:fe18::/48 maxlen: 48
                          2001:7fb:fe04::/48 maxlen: 48
                          2001:7fb:ff04::/48 maxlen: 48
                          2001:7fb:ff0e::/48 maxlen: 48
                          2001:7fb:fe0e::/48 maxlen: 48
                          2001:7fb:fe0b::/48 maxlen: 48
                          2001:7fb:ff0b::/48 maxlen: 48
                          2001:7fb:ff15::/48 maxlen: 48
                          2001:7fb:fe15::/48 maxlen: 48
                          2001:7fb:ff01::/48 maxlen: 48
                          2001:7fb:fe01::/48 maxlen: 48
                          2001:7fb:ff12::/48 maxlen: 48
                          2001:7fb:fe12::/48 maxlen: 48
                          2001:7fb:fe0f::/48 maxlen: 48
                          2001:7fb:ff0f::/48 maxlen: 48
                          2001:7fb:fe05::/48 maxlen: 48
                          2001:7fb:ff05::/48 maxlen: 48
                          2001:7fb:fe0c::/48 maxlen: 48
                          2001:7fb:ff0c::/48 maxlen: 48
                          2001:7fb:ff16::/48 maxlen: 48
                          2001:7fb:fe16::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 888966213 (0x34fc8c45)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8817aafec61c3a6b024b6a9f54ffb764ca3df922
        Validity
            Not Before: Jan  1 05:57:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6cad601ba3cfb7cc67b8b6395fb3311fcf2b6d19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:fe:ae:cf:ac:b8:13:84:99:a2:dd:41:9c:78:
                    79:d9:8f:9e:cf:00:dc:8c:32:df:e6:9f:de:6f:99:
                    2b:36:74:82:38:46:7d:a3:11:37:e1:bf:ad:ff:1e:
                    49:77:c7:6d:27:01:4e:55:0f:b1:19:b2:e5:6f:ba:
                    68:58:c4:b7:c3:c3:83:7d:c1:67:1e:82:d5:ef:d1:
                    bb:7d:71:ad:76:18:3b:aa:53:77:7f:ae:9c:fe:f7:
                    99:53:cf:fd:a6:32:8f:5c:0a:b5:9a:b1:06:d3:61:
                    88:08:31:cb:52:32:40:8f:6a:b2:53:20:65:67:0f:
                    80:e2:20:e2:a6:15:49:d9:bb:bd:b1:8e:29:26:f7:
                    6f:1b:ec:78:3a:8d:ed:b0:ca:6d:3f:6d:58:ed:38:
                    a8:55:1f:4b:d4:2e:45:f3:55:c4:56:85:2c:79:33:
                    a0:d6:47:8e:17:8f:e2:57:bb:a1:f1:4b:08:19:01:
                    89:6c:05:b2:a1:cc:d2:ba:e4:44:05:5d:9b:a7:14:
                    9c:f6:45:47:07:8b:5c:55:b2:4a:27:97:d7:88:4f:
                    ba:cd:c7:ae:67:e0:d1:d2:08:66:bc:91:01:14:29:
                    8d:08:4b:43:9a:1a:f5:88:1a:b5:d6:c7:fc:83:e0:
                    da:f9:83:4b:de:21:54:a3:72:51:f1:7e:f9:eb:4a:
                    22:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:AD:60:1B:A3:CF:B7:CC:67:B8:B6:39:5F:B3:31:1F:CF:2B:6D:19
            X509v3 Authority Key Identifier:
                keyid:88:17:AA:FE:C6:1C:3A:6B:02:4B:6A:9F:54:FF:B7:64:CA:3D:F9:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/bK1gG6PPt8xnuLY5X7MxH88rbRk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.205.64.0-84.205.82.255
                  84.205.84.0-84.205.95.255
                  93.175.146.0/24
                  93.175.148.0-93.175.153.255
                IPv6:
                  2001:7fb:fd02::/48
                  2001:7fb:fe00::/47
                  2001:7fb:fe03::-2001:7fb:fe07:ffff:ffff:ffff:ffff:ffff
                  2001:7fb:fe0a::-2001:7fb:fe10:ffff:ffff:ffff:ffff:ffff
                  2001:7fb:fe12::-2001:7fb:fe18:ffff:ffff:ffff:ffff:ffff
                  2001:7fb:ff00::-2001:7fb:ff02:ffff:ffff:ffff:ffff:ffff
                  2001:7fb:ff04::/46
                  2001:7fb:ff0a::-2001:7fb:ff10:ffff:ffff:ffff:ffff:ffff
                  2001:7fb:ff12::-2001:7fb:ff18:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         9f:90:d4:69:7e:da:ff:21:72:03:e8:7a:92:8a:7a:f6:18:da:
         39:4d:69:5c:50:3a:9e:54:71:a1:ee:05:43:a9:62:71:9f:44:
         db:c4:d3:41:a3:a2:d7:ee:04:5e:f7:56:88:b4:10:1c:a1:dd:
         42:df:54:62:c0:30:17:5f:65:f7:80:be:14:c3:b9:a5:8d:13:
         5a:36:af:a1:b1:dc:69:38:b4:04:a4:a1:f6:a0:a8:68:ce:4d:
         27:58:a6:46:60:84:59:67:a9:c4:e3:ae:f4:c1:ab:59:1c:19:
         74:2e:55:3e:7d:2d:67:d9:b8:14:4d:05:4a:2f:22:ac:14:78:
         bc:6a:36:a7:3f:66:ba:97:61:7c:0f:07:a7:d8:b7:ca:ee:25:
         d8:75:43:f9:1c:0e:8a:34:ee:a2:60:68:13:74:7f:fc:d9:86:
         0e:53:ca:23:ed:0e:b1:94:8e:7e:26:8a:6f:f0:c3:a1:00:b1:
         a2:f5:4f:85:25:cc:32:03:db:10:a1:b2:7b:46:25:20:d1:67:
         df:69:a3:dc:67:bc:2f:5c:62:6c:f3:cf:ff:b8:56:8e:52:26:
         c7:1f:bf:27:1c:79:1e:32:2e:df:82:b7:99:02:dc:51:d4:45:
         c8:4f:09:f1:a9:84:50:95:d5:98:e7:b0:b0:94:dc:e4:24:a7:
         f6:1a:b8:5b
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgIENPyMRTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ODE3YWFmZWM2MWMzYTZiMDI0YjZhOWY1NGZmYjc2NGNhM2RmOTIyMB4XDTIyMDEw
MTA1NTc0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmNhZDYwMWJhM2Nm
YjdjYzY3YjhiNjM5NWZiMzMxMWZjZjJiNmQxOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALj+rs+suBOEmaLdQZx4edmPns8A3Iwy3+af3m+ZKzZ0gjhG
faMRN+G/rf8eSXfHbScBTlUPsRmy5W+6aFjEt8PDg33BZx6C1e/Ru31xrXYYO6pT
d3+unP73mVPP/aYyj1wKtZqxBtNhiAgxy1IyQI9qslMgZWcPgOIg4qYVSdm7vbGO
KSb3bxvseDqN7bDKbT9tWO04qFUfS9QuRfNVxFaFLHkzoNZHjheP4le7ofFLCBkB
iWwFsqHM0rrkRAVdm6cUnPZFRweLXFWySieX14hPus3Hrmfg0dIIZryRARQpjQhL
Q5oa9YgatdbH/IPg2vmDS94hVKNyUfF++etKIjMCAwEAAaOCAtIwggLOMB0GA1Ud
DgQWBBRsrWAbo8+3zGe4tjlfszEfzyttGTAfBgNVHSMEGDAWgBSIF6r+xhw6awJL
ap9U/7dkyj35IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lCZXFfc1ljT21zQ1MycWZWUC0zWk1vOS1TSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzMvZmUyZDcyLWMyZGQtNDZjMS05NDI5LWU2NjM2OTY0OTQxMS8x
L2JLMWdHNlBQdDh4bnVMWTVYN014SDg4cmJSay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzMv
ZmUyZDcyLWMyZGQtNDZjMS05NDI5LWU2NjM2OTY0OTQxMS8xL2lCZXFfc1ljT21z
Q1MycWZWUC0zWk1vOS1TSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
5wYIKwYBBQUHAQcBAf8EgdcwgdQwNgQCAAEwMDAMAwQGVM1AAwQAVM1SMAwDBAJU
zVQDBAVUzUADBABdr5IwDAMEAl2vlAMEAV2vmDCBmQQCAAIwgZIDBwAgAQf7/QID
BwEgAQf7/gAwEgMHACABB/v+AwMHAyABB/v+ADASAwcBIAEH+/4KAwcAIAEH+/4Q
MBIDBwEgAQf7/hIDBwAgAQf7/hgwEQMGACABB/v/AwcAIAEH+/8CAwcCIAEH+/8E
MBIDBwEgAQf7/woDBwAgAQf7/xAwEgMHASABB/v/EgMHACABB/v/GDANBgkqhkiG
9w0BAQsFAAOCAQEAn5DUaX7a/yFyA+h6kop69hjaOU1pXFA6nlRxoe4FQ6licZ9E
28TTQaOi1+4EXvdWiLQQHKHdQt9UYsAwF19l94C+FMO5pY0TWjavobHcaTi0BKSh
9qCoaM5NJ1imRmCEWWepxOOu9MGrWRwZdC5VPn0tZ9m4FE0FSi8irBR4vGo2pz9m
updhfA8Hp9i3yu4l2HVD+RwOijTuomBoE3R//NmGDlPKI+0OsZSOfiaKb/DDoQCx
ovVPhSXMMgPbEKGye0YlINFn32mj3Ge8L1xibPPP/7hWjlImxx+/Jxx5HjIu34K3
mQLcUdRFyE8J8amEUJXVmOewsJTc5CSn9hq4Ww==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:02 2024 by rpki-client on console-fra.rpki-client.org