Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/wWCUFV3ut8ICQ3aizFU_K-LXITM.roa
File:                     wWCUFV3ut8ICQ3aizFU_K-LXITM.roa (raw, json)
Hash identifier:          QskADMC5zytz6MTSPIQeG19X2MUIesgu8JbRvdKPFy8=
Subject key identifier:   C1:60:94:15:5D:EE:B7:C2:02:43:76:A2:CC:55:3F:2B:E2:D7:21:33
Certificate issuer:       /CN=c2d2a234e224bf87996f2f0df559ead882f9e651
Certificate serial:       17079341
Authority key identifier: C2:D2:A2:34:E2:24:BF:87:99:6F:2F:0D:F5:59:EA:D8:82:F9:E6:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wtKiNOIkv4eZby8N9Vnq2IL55lE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/wWCUFV3ut8ICQ3aizFU_K-LXITM.roa
Signing time:             Fri 04 Mar 2022 10:35:59 +0000
ROA not before:           Fri 04 Mar 2022 10:35:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50926
IP address blocks:        185.70.92.0/22 maxlen: 22
                          188.164.192.0/21 maxlen: 21
                          188.164.192.0/24 maxlen: 24
                          188.164.197.0/24 maxlen: 24
                          188.164.199.0/24 maxlen: 24
                          94.127.186.0/24 maxlen: 24
                          188.164.198.0/24 maxlen: 24
                          94.127.185.0/24 maxlen: 24
                          94.127.184.0/24 maxlen: 24
                          188.164.196.0/24 maxlen: 24
                          188.164.195.0/24 maxlen: 24
                          188.164.194.0/24 maxlen: 24
                          188.164.193.0/24 maxlen: 24
                          94.127.191.0/24 maxlen: 24
                          94.127.190.0/24 maxlen: 24
                          94.127.188.0/24 maxlen: 24
                          94.127.187.0/24 maxlen: 24
                          149.62.172.0/22 maxlen: 22
                          149.62.168.0/21 maxlen: 21
                          149.62.168.0/22 maxlen: 22
                          195.5.116.0/23 maxlen: 23
                          91.200.140.0/22 maxlen: 22
                          188.95.112.0/21 maxlen: 21
                          185.176.9.0/24 maxlen: 24
                          185.176.8.0/24 maxlen: 24
                          185.176.11.0/24 maxlen: 24
                          185.176.10.0/24 maxlen: 24
                          84.246.213.0/24 maxlen: 24
                          84.246.212.0/24 maxlen: 24
                          84.246.211.0/24 maxlen: 24
                          84.246.210.0/24 maxlen: 24
                          84.246.209.0/24 maxlen: 24
                          84.246.208.0/21 maxlen: 21
                          84.246.208.0/24 maxlen: 24
                          109.68.84.0/24 maxlen: 24
                          109.68.82.0/24 maxlen: 24
                          84.246.215.0/24 maxlen: 24
                          109.68.80.0/24 maxlen: 24
                          109.68.80.0/21 maxlen: 21
                          84.246.214.0/24 maxlen: 24
                          91.213.46.0/24 maxlen: 24
                          31.24.152.0/21 maxlen: 21
                          31.24.152.0/24 maxlen: 24
                          31.24.159.0/24 maxlen: 24
                          31.24.158.0/24 maxlen: 24
                          31.24.157.0/24 maxlen: 24
                          31.24.156.0/24 maxlen: 24
                          31.24.155.0/24 maxlen: 24
                          31.24.154.0/24 maxlen: 24
                          91.142.208.0/20 maxlen: 20
                          185.222.156.0/22 maxlen: 22
                          5.175.42.0/24 maxlen: 24
                          5.175.41.0/24 maxlen: 24
                          5.175.40.0/24 maxlen: 24
                          5.175.40.0/21 maxlen: 21
                          5.175.44.0/24 maxlen: 24
                          5.175.43.0/24 maxlen: 24
                          5.175.47.0/24 maxlen: 24
                          5.175.46.0/24 maxlen: 24
                          31.24.43.0/24 maxlen: 24
                          31.24.40.0/24 maxlen: 24
                          31.24.40.0/21 maxlen: 21
                          31.24.46.0/24 maxlen: 24
                          31.24.45.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 386372417 (0x17079341)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2d2a234e224bf87996f2f0df559ead882f9e651
        Validity
            Not Before: Mar  4 10:35:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c16094155deeb7c2024376a2cc553f2be2d72133
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:fd:06:69:20:bc:a5:ae:2c:e3:85:08:3d:ff:
                    54:62:be:e4:f1:85:00:f8:80:5c:07:b1:03:c2:04:
                    a3:b5:99:f9:df:e0:5c:cb:a3:9e:0a:05:81:c8:62:
                    b4:fe:49:5e:a7:89:1d:b3:35:ce:85:9c:4b:32:23:
                    22:72:e2:c9:95:79:a8:1a:c5:24:69:68:81:9f:61:
                    fa:e2:e6:8c:5a:73:c7:cc:f2:71:4f:10:c9:b8:66:
                    a1:9f:64:e6:38:00:a6:c9:ee:ef:33:6e:9a:f8:3f:
                    93:cb:eb:d8:c5:df:a0:cd:d5:2e:cc:ff:05:61:e0:
                    1f:5d:45:4a:1e:bc:8a:23:77:cf:50:4f:96:26:9e:
                    1f:f1:3a:8d:cc:7e:00:b6:8f:94:68:10:39:51:fd:
                    a6:53:ab:60:e4:76:af:16:bf:fe:0c:47:54:f6:a1:
                    81:92:ff:74:87:d4:c3:83:e7:f4:bf:43:5d:04:7a:
                    d4:1d:b8:28:e9:87:77:2a:91:9c:54:f7:b5:27:df:
                    2d:b3:6e:1f:d4:36:c2:66:70:42:d9:fc:67:71:ab:
                    52:89:70:ee:77:9e:5c:6a:18:89:98:34:71:fb:df:
                    8d:0e:e1:81:5d:c9:8d:f5:50:3f:11:67:17:34:8c:
                    64:9b:b9:ad:85:92:29:33:7f:2b:8a:47:2e:3c:6d:
                    38:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:60:94:15:5D:EE:B7:C2:02:43:76:A2:CC:55:3F:2B:E2:D7:21:33
            X509v3 Authority Key Identifier:
                keyid:C2:D2:A2:34:E2:24:BF:87:99:6F:2F:0D:F5:59:EA:D8:82:F9:E6:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtKiNOIkv4eZby8N9Vnq2IL55lE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/wWCUFV3ut8ICQ3aizFU_K-LXITM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/wtKiNOIkv4eZby8N9Vnq2IL55lE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.175.40.0/21
                  31.24.40.0/21
                  31.24.152.0/21
                  84.246.208.0/21
                  91.142.208.0/20
                  91.200.140.0/22
                  91.213.46.0/24
                  94.127.184.0-94.127.188.255
                  94.127.190.0/23
                  109.68.80.0/21
                  149.62.168.0/21
                  185.70.92.0/22
                  185.176.8.0/22
                  185.222.156.0/22
                  188.95.112.0/21
                  188.164.192.0/21
                  195.5.116.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5d:b6:1b:dd:02:58:a0:9d:47:44:b9:e7:30:2d:45:d0:2d:b4:
         36:4a:6c:a7:10:58:e5:73:dc:55:ef:54:94:6f:fe:c3:29:5f:
         fd:44:ec:b7:66:2d:f9:b4:06:56:47:82:d2:01:3e:54:e6:95:
         07:05:f4:cb:e2:d1:f0:5c:ed:25:c5:33:9a:dd:8e:bb:3d:55:
         ac:1c:8a:e0:a2:a5:e0:e4:68:c2:2c:e2:4d:7b:08:a7:73:d0:
         06:41:f6:31:7a:db:df:6d:80:cd:bf:92:49:fd:20:bd:71:54:
         98:c0:b7:30:ec:6c:71:b5:1c:f3:31:92:63:2c:b6:56:91:14:
         16:cc:9b:c1:31:93:f9:1e:2a:51:39:36:a3:23:d8:a6:d0:2d:
         02:21:f9:05:f2:1a:a0:ef:51:84:c8:df:2d:a7:79:2b:39:a6:
         18:d2:f2:07:23:5b:34:ef:dd:21:d2:d0:5a:6d:8c:1a:5e:f3:
         a6:91:16:74:0d:2d:ae:6f:ae:a6:18:fe:9f:d1:c4:84:62:e2:
         56:e7:86:3b:75:d2:db:08:e3:a5:5b:7f:94:fd:95:d7:8d:cd:
         4e:19:b9:ce:44:17:7f:5c:8d:8f:f4:66:7c:a6:18:36:ba:c9:
         7a:32:31:9c:2a:5e:61:f4:56:45:af:9a:48:e9:51:6d:8d:d0:
         3a:21:f8:09
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgIEFweTQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MmQyYTIzNGUyMjRiZjg3OTk2ZjJmMGRmNTU5ZWFkODgyZjllNjUxMB4XDTIyMDMw
NDEwMzU1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzE2MDk0MTU1ZGVl
YjdjMjAyNDM3NmEyY2M1NTNmMmJlMmQ3MjEzMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOj9BmkgvKWuLOOFCD3/VGK+5PGFAPiAXAexA8IEo7WZ+d/g
XMujngoFgchitP5JXqeJHbM1zoWcSzIjInLiyZV5qBrFJGlogZ9h+uLmjFpzx8zy
cU8QybhmoZ9k5jgApsnu7zNumvg/k8vr2MXfoM3VLsz/BWHgH11FSh68iiN3z1BP
liaeH/E6jcx+ALaPlGgQOVH9plOrYOR2rxa//gxHVPahgZL/dIfUw4Pn9L9DXQR6
1B24KOmHdyqRnFT3tSffLbNuH9Q2wmZwQtn8Z3GrUolw7neeXGoYiZg0cfvfjQ7h
gV3JjfVQPxFnFzSMZJu5rYWSKTN/K4pHLjxtOJ0CAwEAAaOCAnIwggJuMB0GA1Ud
DgQWBBTBYJQVXe63wgJDdqLMVT8r4tchMzAfBgNVHSMEGDAWgBTC0qI04iS/h5lv
Lw31WerYgvnmUTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3d0S2lOT0lrdjRlWmJ5OE45Vm5xMklMNTVsRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvZDFlZTRiLWU4OGEtNGU0MS1hNjE2LTRiMjQ4ZGE2Yzk2Yy8x
L3dXQ1VGVjN1dDhJQ1EzYWl6RlVfSy1MWElUTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
ZDFlZTRiLWU4OGEtNGU0MS1hNjE2LTRiMjQ4ZGE2Yzk2Yy8xL3d0S2lOT0lrdjRl
WmJ5OE45Vm5xMklMNTVsRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
hwYIKwYBBQUHAQcBAf8EeDB2MHQEAgABMG4DBAMFrygDBAMfGCgDBAMfGJgDBANU
9tADBARbjtADBAJbyIwDBABb1S4wDAMEA15/uAMEAF5/vAMEAV5/vgMEA21EUAME
A5U+qAMEArlGXAMEArmwCAMEArnenAMEA7xfcAMEA7ykwAMEAcMFdDANBgkqhkiG
9w0BAQsFAAOCAQEAXbYb3QJYoJ1HRLnnMC1F0C20NkpspxBY5XPcVe9UlG/+wylf
/UTst2Yt+bQGVkeC0gE+VOaVBwX0y+LR8FztJcUzmt2Ouz1VrByK4KKl4ORowizi
TXsIp3PQBkH2MXrb322Azb+SSf0gvXFUmMC3MOxscbUc8zGSYyy2VpEUFsybwTGT
+R4qUTk2oyPYptAtAiH5BfIaoO9RhMjfLad5KzmmGNLyByNbNO/dIdLQWm2MGl7z
ppEWdA0trm+uphj+n9HEhGLiVueGO3XS2wjjpVt/lP2V143NThm5zkQXf1yNj/Rm
fKYYNrrJejIxnCpeYfRWRa+aSOlRbY3QOiH4CQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:45 2024 by rpki-client on console-ams.rpki-client.org