Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/da5YtX69udmHpXoy3ChdCXG7NhY.roa
File:                     da5YtX69udmHpXoy3ChdCXG7NhY.roa (raw, json)
Hash identifier:          K9F4W44pLWTotsoGTOC/ECdwRn6hRsg1Q+jY1H03QLU=
Subject key identifier:   75:AE:58:B5:7E:BD:B9:D9:87:A5:7A:32:DC:28:5D:09:71:BB:36:16
Certificate issuer:       /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial:       1897ED99
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/da5YtX69udmHpXoy3ChdCXG7NhY.roa
Signing time:             Tue 14 Jun 2022 08:51:44 +0000
ROA not before:           Tue 14 Jun 2022 08:51:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58272
IP address blocks:        37.230.187.0/24 maxlen: 24
                          188.72.119.0/24 maxlen: 24
                          178.170.231.0/24 maxlen: 24
                          178.170.139.0/24 maxlen: 24
                          178.170.137.0/24 maxlen: 24
                          217.150.90.0/24 maxlen: 24
                          217.150.89.0/24 maxlen: 24
                          217.150.88.0/24 maxlen: 24
                          217.150.91.0/24 maxlen: 24
                          178.170.140.0/24 maxlen: 24
                          217.150.94.0/24 maxlen: 24
                          217.150.93.0/24 maxlen: 24
                          217.150.92.0/24 maxlen: 24
                          217.150.95.0/24 maxlen: 24
                          46.243.149.0/24 maxlen: 24
                          37.18.0.0/24 maxlen: 24
                          185.4.150.0/24 maxlen: 24
                          37.18.15.0/24 maxlen: 24
                          185.4.149.0/24 maxlen: 24
                          185.4.148.0/24 maxlen: 24
                          185.4.151.0/24 maxlen: 24
                          141.101.248.0/24 maxlen: 24
                          141.101.255.0/24 maxlen: 24
                          46.243.139.0/24 maxlen: 24
                          46.243.138.0/24 maxlen: 24
                          37.230.134.0/24 maxlen: 24
                          37.230.151.0/24 maxlen: 24
                          188.72.73.0/24 maxlen: 24
                          188.72.83.0/24 maxlen: 24
                          188.72.81.0/24 maxlen: 24
                          188.72.80.0/24 maxlen: 24
                          188.72.85.0/24 maxlen: 24
                          188.72.84.0/24 maxlen: 24
                          37.230.163.0/24 maxlen: 24
                          188.72.86.0/24 maxlen: 24
                          37.230.170.0/24 maxlen: 24
                          37.230.171.0/24 maxlen: 24
                          37.230.176.0/24 maxlen: 24
                          37.230.183.0/24 maxlen: 24
                          37.230.182.0/24 maxlen: 24
                          46.243.204.0/24 maxlen: 24
                          46.243.214.0/24 maxlen: 24
                          46.243.217.0/24 maxlen: 24
                          46.243.216.0/24 maxlen: 24
                          46.243.222.0/24 maxlen: 24
                          46.243.221.0/24 maxlen: 24
                          46.243.225.0/24 maxlen: 24
                          46.243.223.0/24 maxlen: 24
                          46.243.232.0/24 maxlen: 24
                          46.243.233.0/24 maxlen: 24
                          37.18.63.0/24 maxlen: 24
                          46.243.240.0/24 maxlen: 24
                          46.243.236.0/24 maxlen: 24
                          46.243.235.0/24 maxlen: 24
                          46.243.234.0/24 maxlen: 24
                          46.243.238.0/24 maxlen: 24
                          46.243.237.0/24 maxlen: 24
                          46.243.243.0/24 maxlen: 24
                          46.243.242.0/24 maxlen: 24
                          46.243.241.0/24 maxlen: 24
                          46.243.246.0/24 maxlen: 24
                          46.243.250.0/24 maxlen: 24
                          46.243.249.0/24 maxlen: 24
                          46.243.248.0/24 maxlen: 24
                          46.243.247.0/24 maxlen: 24
                          37.230.131.0/24 maxlen: 24
                          46.243.251.0/24 maxlen: 24
                          128.0.71.0/24 maxlen: 24
                          141.101.179.0/24 maxlen: 24
                          141.101.191.0/24 maxlen: 24
                          141.101.132.0/24 maxlen: 24
                          141.101.133.0/24 maxlen: 24
                          141.101.135.0/24 maxlen: 24
                          141.101.145.0/24 maxlen: 24
                          141.101.143.0/24 maxlen: 24
                          141.101.148.0/24 maxlen: 24
                          141.101.147.0/24 maxlen: 24
                          141.101.150.0/24 maxlen: 24
                          141.101.149.0/24 maxlen: 24
                          141.101.155.0/24 maxlen: 24
                          141.101.154.0/24 maxlen: 24
                          141.101.153.0/24 maxlen: 24
                          141.101.159.0/24 maxlen: 24
                          141.101.158.0/24 maxlen: 24
                          141.101.156.0/24 maxlen: 24
                          141.101.162.0/24 maxlen: 24
                          141.101.161.0/24 maxlen: 24
                          141.101.160.0/24 maxlen: 24
                          141.101.166.0/24 maxlen: 24
                          141.101.165.0/24 maxlen: 24
                          141.101.164.0/24 maxlen: 24
                          141.101.168.0/24 maxlen: 24
                          141.101.167.0/24 maxlen: 24
                          141.101.171.0/24 maxlen: 24
                          141.101.170.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 412609945 (0x1897ed99)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
        Validity
            Not Before: Jun 14 08:51:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=75ae58b57ebdb9d987a57a32dc285d0971bb3616
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:b7:50:01:9a:04:a0:c3:82:03:7f:9e:12:4f:
                    03:56:1f:39:09:f2:fc:e4:c6:8d:70:c2:cc:e4:78:
                    1a:5b:ed:14:f1:9f:b6:f8:9d:b1:79:a1:21:0e:5a:
                    d4:ff:49:35:90:3d:8b:f5:d5:cd:b2:72:5f:41:33:
                    4f:5e:f4:6b:06:2c:58:40:11:ce:37:61:42:31:b5:
                    f0:2e:90:c4:80:a2:42:1b:1c:7b:69:fc:6f:3b:0c:
                    1f:3a:ea:15:f1:b2:fb:95:5d:eb:d5:fe:0a:b8:fd:
                    dc:d0:23:3c:70:dd:67:63:dc:dd:e1:5b:f4:8c:f1:
                    2c:75:bf:77:c3:2e:6b:0e:74:a2:69:16:fd:b3:d1:
                    10:cc:c8:0c:42:2f:db:e7:4d:b6:aa:70:3c:fb:1d:
                    0f:e2:4f:b8:be:3e:3f:84:7d:39:5b:4b:79:d9:f7:
                    a7:43:9a:93:6c:ec:4e:2f:09:34:11:31:f3:a5:73:
                    d6:d3:3a:c1:8c:5c:71:8a:3f:aa:68:e4:d7:a7:7f:
                    38:e3:cf:98:e3:88:69:11:a1:52:a7:c2:db:df:bd:
                    ca:ae:a8:da:94:89:13:10:6b:7b:9b:80:3c:26:ec:
                    d8:92:d0:c5:27:b9:5c:fa:15:e7:df:43:f3:9a:81:
                    fa:eb:3e:75:9d:f0:f5:72:03:5d:55:6f:68:df:9e:
                    bd:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:AE:58:B5:7E:BD:B9:D9:87:A5:7A:32:DC:28:5D:09:71:BB:36:16
            X509v3 Authority Key Identifier:
                keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/da5YtX69udmHpXoy3ChdCXG7NhY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.18.0.0/24
                  37.18.15.0/24
                  37.18.63.0/24
                  37.230.131.0/24
                  37.230.134.0/24
                  37.230.151.0/24
                  37.230.163.0/24
                  37.230.170.0/23
                  37.230.176.0/24
                  37.230.182.0/23
                  37.230.187.0/24
                  46.243.138.0/23
                  46.243.149.0/24
                  46.243.204.0/24
                  46.243.214.0/24
                  46.243.216.0/23
                  46.243.221.0-46.243.223.255
                  46.243.225.0/24
                  46.243.232.0-46.243.238.255
                  46.243.240.0/22
                  46.243.246.0-46.243.251.255
                  128.0.71.0/24
                  141.101.132.0/23
                  141.101.135.0/24
                  141.101.143.0/24
                  141.101.145.0/24
                  141.101.147.0-141.101.150.255
                  141.101.153.0-141.101.156.255
                  141.101.158.0-141.101.162.255
                  141.101.164.0-141.101.168.255
                  141.101.170.0/23
                  141.101.179.0/24
                  141.101.191.0/24
                  141.101.248.0/24
                  141.101.255.0/24
                  178.170.137.0/24
                  178.170.139.0-178.170.140.255
                  178.170.231.0/24
                  185.4.148.0/22
                  188.72.73.0/24
                  188.72.80.0/23
                  188.72.83.0-188.72.86.255
                  188.72.119.0/24
                  217.150.88.0/21

    Signature Algorithm: sha256WithRSAEncryption
         67:a0:9c:9e:86:f0:b7:6e:3a:a4:8f:69:94:13:1c:c4:3f:0f:
         e9:75:0f:9a:0d:50:a8:26:a4:d2:80:c6:35:20:2a:57:a7:5d:
         c5:2e:1c:9d:f6:04:15:00:ba:1c:f0:4a:5b:a7:af:36:40:be:
         58:7e:e5:4d:b2:bc:e6:76:70:7b:9e:ca:a9:de:78:0f:fe:6f:
         e5:d2:8f:9b:7f:7f:c3:06:8a:f6:5d:92:5c:e4:e8:1a:38:fa:
         54:d0:14:09:38:eb:56:27:d8:43:85:81:ae:42:83:c8:20:6b:
         c0:82:f0:00:3c:15:56:ae:23:fc:bb:25:67:d2:d1:dc:19:f0:
         64:28:26:c3:7c:29:b5:7a:1e:e8:e2:b7:fb:7d:81:55:bf:82:
         5d:80:ce:fe:8b:9f:64:22:25:8e:69:92:b1:d7:0c:88:ec:28:
         67:2a:54:21:71:cd:0b:79:5c:1d:14:25:0d:40:06:74:8a:be:
         87:ce:d9:40:24:89:14:77:bf:83:21:fb:71:68:50:fe:50:f8:
         ee:3b:de:21:b9:d0:fb:37:1d:d7:cf:3d:f3:9e:d1:c4:f0:97:
         ea:b2:e7:d7:41:93:5c:2d:cf:55:fe:30:7f:99:2c:bc:93:26:
         7c:3d:1e:a8:05:51:f1:bd:a2:61:1f:87:4a:d1:96:e9:05:c8:
         91:52:60:14
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIEGJftmTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ODg1ZTg4NGMyZmM3YTc1ZDEyZGQxZGVhNDljZTIzNDljNDcwNjdlMB4XDTIyMDYx
NDA4NTE0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzVhZTU4YjU3ZWJk
YjlkOTg3YTU3YTMyZGMyODVkMDk3MWJiMzYxNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKe3UAGaBKDDggN/nhJPA1YfOQny/OTGjXDCzOR4GlvtFPGf
tvidsXmhIQ5a1P9JNZA9i/XVzbJyX0EzT170awYsWEARzjdhQjG18C6QxICiQhsc
e2n8bzsMHzrqFfGy+5Vd69X+Crj93NAjPHDdZ2Pc3eFb9IzxLHW/d8Muaw50omkW
/bPREMzIDEIv2+dNtqpwPPsdD+JPuL4+P4R9OVtLedn3p0Oak2zsTi8JNBEx86Vz
1tM6wYxccYo/qmjk16d/OOPPmOOIaRGhUqfC29+9yq6o2pSJExBre5uAPCbs2JLQ
xSe5XPoV599D85qB+us+dZ3w9XIDXVVvaN+evQUCAwEAAaOCA10wggNZMB0GA1Ud
DgQWBBR1rli1fr252YelejLcKF0Jcbs2FjAfBgNVHSMEGDAWgBRYheiEwvx6ddEt
0d6knOI0nEcGfjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dJWG9oTUw4ZW5YUkxkSGVwSnppTkp4SEJuNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvNmMwYmY3LTVmMTMtNDRhMi05OTg5LThjOTU4MWQ5NmQ4Zi8x
L2RhNVl0WDY5dWRtSHBYb3kzQ2hkQ1hHN05oWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
NmMwYmY3LTVmMTMtNDRhMi05OTg5LThjOTU4MWQ5NmQ4Zi8xL1dJWG9oTUw4ZW5Y
UkxkSGVwSnppTkp4SEJuNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AXEGCCsGAQUFBwEHAQH/BIIBYDCCAVwwggFYBAIAATCCAVADBAAlEgADBAAlEg8D
BAAlEj8DBAAl5oMDBAAl5oYDBAAl5pcDBAAl5qMDBAEl5qoDBAAl5rADBAEl5rYD
BAAl5rsDBAEu84oDBAAu85UDBAAu88wDBAAu89YDBAEu89gwDAMEAC7z3QMEBS7z
wAMEAC7z4TAMAwQDLvPoAwQALvPuAwQCLvPwMAwDBAEu8/YDBAIu8/gDBACAAEcD
BAGNZYQDBACNZYcDBACNZY8DBACNZZEwDAMEAI1lkwMEAI1lljAMAwQAjWWZAwQA
jWWcMAwDBAGNZZ4DBACNZaIwDAMEAo1lpAMEAI1lqAMEAY1lqgMEAI1lswMEAI1l
vwMEAI1l+AMEAI1l/wMEALKqiTAMAwQAsqqLAwQAsqqMAwQAsqrnAwQCuQSUAwQA
vEhJAwQBvEhQMAwDBAC8SFMDBAC8SFYDBAC8SHcDBAPZllgwDQYJKoZIhvcNAQEL
BQADggEBAGegnJ6G8LduOqSPaZQTHMQ/D+l1D5oNUKgmpNKAxjUgKlenXcUuHJ32
BBUAuhzwSlunrzZAvlh+5U2yvOZ2cHueyqneeA/+b+XSj5t/f8MGivZdklzk6Bo4
+lTQFAk461Yn2EOFga5Cg8gga8CC8AA8FVauI/y7JWfS0dwZ8GQoJsN8KbV6Huji
t/t9gVW/gl2Azv6Ln2QiJY5pkrHXDIjsKGcqVCFxzQt5XB0UJQ1ABnSKvofO2UAk
iRR3v4Mh+3FoUP5Q+O473iG50Ps3HdfPPfOe0cTwl+qy59dBk1wtz1X+MH+ZLLyT
Jnw9HqgFUfG9omEfh0rRlukFyJFSYBQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:38 2024 by rpki-client on console-fra.rpki-client.org