Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/gnxRHnFmMGZxisOkddm0aSTp80s.roa
File:                     gnxRHnFmMGZxisOkddm0aSTp80s.roa (raw, json)
Hash identifier:          Yxz05+3B4236kfW9lHOTaSh5HYvrnUBVPtA1XHKeq8I=
Subject key identifier:   82:7C:51:1E:71:66:30:66:71:8A:C3:A4:75:D9:B4:69:24:E9:F3:4B
Certificate issuer:       /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial:       17E97558
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/gnxRHnFmMGZxisOkddm0aSTp80s.roa
Signing time:             Sat 09 Apr 2022 18:53:20 +0000
ROA not before:           Sat 09 Apr 2022 18:53:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58272
IP address blocks:        188.72.119.0/24 maxlen: 24
                          37.18.0.0/24 maxlen: 24
                          185.4.150.0/24 maxlen: 24
                          37.18.15.0/24 maxlen: 24
                          185.4.149.0/24 maxlen: 24
                          185.4.148.0/24 maxlen: 24
                          185.4.151.0/24 maxlen: 24
                          188.72.83.0/24 maxlen: 24
                          188.72.81.0/24 maxlen: 24
                          188.72.80.0/24 maxlen: 24
                          188.72.85.0/24 maxlen: 24
                          188.72.84.0/24 maxlen: 24
                          188.72.86.0/24 maxlen: 24
                          188.72.88.0/24 maxlen: 24
                          188.72.90.0/24 maxlen: 24
                          37.18.63.0/24 maxlen: 24
                          37.230.187.0/24 maxlen: 24
                          178.170.231.0/24 maxlen: 24
                          178.170.139.0/24 maxlen: 24
                          178.170.137.0/24 maxlen: 24
                          178.170.140.0/24 maxlen: 24
                          217.150.90.0/24 maxlen: 24
                          217.150.89.0/24 maxlen: 24
                          217.150.88.0/24 maxlen: 24
                          217.150.91.0/24 maxlen: 24
                          217.150.94.0/24 maxlen: 24
                          217.150.93.0/24 maxlen: 24
                          217.150.92.0/24 maxlen: 24
                          178.170.146.0/24 maxlen: 24
                          217.150.95.0/24 maxlen: 24
                          46.243.149.0/24 maxlen: 24
                          141.101.248.0/24 maxlen: 24
                          141.101.255.0/24 maxlen: 24
                          46.243.139.0/24 maxlen: 24
                          46.243.138.0/24 maxlen: 24
                          37.230.134.0/24 maxlen: 24
                          37.230.170.0/24 maxlen: 24
                          37.230.171.0/24 maxlen: 24
                          37.230.176.0/24 maxlen: 24
                          37.230.183.0/24 maxlen: 24
                          37.230.182.0/24 maxlen: 24
                          46.243.204.0/24 maxlen: 24
                          46.243.213.0/24 maxlen: 24
                          46.243.208.0/24 maxlen: 24
                          46.243.207.0/24 maxlen: 24
                          46.243.214.0/24 maxlen: 24
                          46.243.217.0/24 maxlen: 24
                          46.243.216.0/24 maxlen: 24
                          46.243.222.0/24 maxlen: 24
                          46.243.221.0/24 maxlen: 24
                          46.243.225.0/24 maxlen: 24
                          46.243.223.0/24 maxlen: 24
                          46.243.232.0/24 maxlen: 24
                          46.243.233.0/24 maxlen: 24
                          46.243.240.0/24 maxlen: 24
                          46.243.236.0/24 maxlen: 24
                          46.243.235.0/24 maxlen: 24
                          46.243.234.0/24 maxlen: 24
                          46.243.238.0/24 maxlen: 24
                          46.243.237.0/24 maxlen: 24
                          46.243.243.0/24 maxlen: 24
                          46.243.242.0/24 maxlen: 24
                          46.243.241.0/24 maxlen: 24
                          46.243.246.0/24 maxlen: 24
                          37.230.129.0/24 maxlen: 24
                          46.243.250.0/24 maxlen: 24
                          37.230.128.0/24 maxlen: 24
                          46.243.249.0/24 maxlen: 24
                          46.243.248.0/24 maxlen: 24
                          46.243.247.0/24 maxlen: 24
                          37.230.131.0/24 maxlen: 24
                          46.243.251.0/24 maxlen: 24
                          128.0.71.0/24 maxlen: 24
                          141.101.191.0/24 maxlen: 24
                          141.101.132.0/24 maxlen: 24
                          141.101.133.0/24 maxlen: 24
                          141.101.135.0/24 maxlen: 24
                          141.101.145.0/24 maxlen: 24
                          141.101.143.0/24 maxlen: 24
                          141.101.148.0/24 maxlen: 24
                          141.101.147.0/24 maxlen: 24
                          141.101.150.0/24 maxlen: 24
                          141.101.149.0/24 maxlen: 24
                          141.101.155.0/24 maxlen: 24
                          141.101.154.0/24 maxlen: 24
                          141.101.153.0/24 maxlen: 24
                          141.101.159.0/24 maxlen: 24
                          141.101.158.0/24 maxlen: 24
                          141.101.156.0/24 maxlen: 24
                          141.101.162.0/24 maxlen: 24
                          141.101.161.0/24 maxlen: 24
                          141.101.160.0/24 maxlen: 24
                          141.101.166.0/24 maxlen: 24
                          141.101.165.0/24 maxlen: 24
                          141.101.164.0/24 maxlen: 24
                          141.101.168.0/24 maxlen: 24
                          141.101.167.0/24 maxlen: 24
                          141.101.171.0/24 maxlen: 24
                          141.101.170.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 401175896 (0x17e97558)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
        Validity
            Not Before: Apr  9 18:53:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=827c511e71663066718ac3a475d9b46924e9f34b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:0c:8b:2f:1d:cb:bf:67:a1:b4:1f:f0:9c:ec:
                    d3:ea:83:b4:ea:67:f3:86:fc:19:3a:3d:6f:73:21:
                    06:bd:88:a2:98:9c:b3:9e:fe:7a:5b:4e:f9:94:48:
                    94:f5:34:25:32:9d:88:2e:7b:0d:3f:36:cd:a1:28:
                    08:aa:45:86:d0:8c:27:52:27:d2:77:2c:e5:80:19:
                    15:46:f1:0d:f6:d4:aa:fe:66:8a:a8:e5:67:82:43:
                    99:41:e8:10:13:0c:06:e8:d5:af:9e:ef:c1:fd:af:
                    c1:67:bf:2f:96:c9:bc:c6:d6:c8:43:bf:57:57:a4:
                    e6:10:d0:2b:e7:9b:06:2a:b4:2a:f1:8e:00:30:a3:
                    91:91:44:56:cf:f5:67:27:17:92:c8:f4:0a:f3:72:
                    d8:fa:0e:c9:74:6e:16:17:d6:0d:f6:30:0b:5f:5c:
                    3c:e0:30:0b:12:89:10:e0:2a:a0:3d:ef:11:47:01:
                    83:c9:6f:e6:ea:0e:39:82:b1:7a:64:eb:d2:8c:04:
                    fc:29:e2:c2:aa:1e:a8:24:82:59:3c:d6:3e:0e:43:
                    bd:83:0e:6b:ef:36:52:ac:b7:4e:f1:57:1c:94:a8:
                    46:75:ad:fe:74:9e:89:7d:22:95:8f:26:82:58:bf:
                    34:45:76:fc:0f:eb:a0:5c:5a:b6:ae:97:8a:a9:b4:
                    ac:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:7C:51:1E:71:66:30:66:71:8A:C3:A4:75:D9:B4:69:24:E9:F3:4B
            X509v3 Authority Key Identifier:
                keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/gnxRHnFmMGZxisOkddm0aSTp80s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.18.0.0/24
                  37.18.15.0/24
                  37.18.63.0/24
                  37.230.128.0/23
                  37.230.131.0/24
                  37.230.134.0/24
                  37.230.170.0/23
                  37.230.176.0/24
                  37.230.182.0/23
                  37.230.187.0/24
                  46.243.138.0/23
                  46.243.149.0/24
                  46.243.204.0/24
                  46.243.207.0-46.243.208.255
                  46.243.213.0-46.243.214.255
                  46.243.216.0/23
                  46.243.221.0-46.243.223.255
                  46.243.225.0/24
                  46.243.232.0-46.243.238.255
                  46.243.240.0/22
                  46.243.246.0-46.243.251.255
                  128.0.71.0/24
                  141.101.132.0/23
                  141.101.135.0/24
                  141.101.143.0/24
                  141.101.145.0/24
                  141.101.147.0-141.101.150.255
                  141.101.153.0-141.101.156.255
                  141.101.158.0-141.101.162.255
                  141.101.164.0-141.101.168.255
                  141.101.170.0/23
                  141.101.191.0/24
                  141.101.248.0/24
                  141.101.255.0/24
                  178.170.137.0/24
                  178.170.139.0-178.170.140.255
                  178.170.146.0/24
                  178.170.231.0/24
                  185.4.148.0/22
                  188.72.80.0/23
                  188.72.83.0-188.72.86.255
                  188.72.88.0/24
                  188.72.90.0/24
                  188.72.119.0/24
                  217.150.88.0/21

    Signature Algorithm: sha256WithRSAEncryption
         3c:61:34:d4:4e:22:66:03:2c:dc:58:ef:96:75:47:81:74:e2:
         1c:9c:0d:a6:eb:39:7f:db:0c:a6:f7:53:7e:3f:7d:ac:1d:1e:
         fb:ff:f1:d1:06:a7:dc:a4:5d:33:b4:5a:48:96:c0:c0:02:55:
         b2:46:3d:e9:51:f2:32:1c:a2:8b:f1:7f:59:23:97:dc:14:05:
         a3:9f:88:10:ee:23:85:4c:69:d8:05:2f:28:24:86:55:2c:ba:
         44:33:0c:4e:14:35:68:34:61:f8:79:7a:db:1f:5e:3e:d9:4c:
         59:06:59:3b:42:12:38:15:5d:8b:5d:33:e2:79:aa:a1:b2:92:
         fe:f0:34:13:13:b2:70:ad:92:62:07:04:3c:3d:6c:b6:ea:0d:
         48:03:58:ee:c2:ea:b9:41:27:9e:4e:f8:77:ec:40:2e:d2:c1:
         c7:db:cf:48:f5:8b:5b:30:f4:3f:1f:4b:a6:19:a7:1d:26:5d:
         a5:96:ea:99:73:44:f0:36:d9:ce:0d:d9:fb:b3:b5:0a:33:3d:
         04:73:2d:58:d0:98:90:19:00:08:e1:fb:86:f5:bd:cf:f3:45:
         c1:ac:98:65:62:72:44:02:8c:ee:0d:80:a2:82:3c:72:f1:90:
         66:62:87:ea:7c:37:f6:dc:a9:22:67:70:5f:f6:5f:07:4d:99:
         8d:02:7f:35
-----BEGIN CERTIFICATE-----
MIIGWTCCBUGgAwIBAgIEF+l1WDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ODg1ZTg4NGMyZmM3YTc1ZDEyZGQxZGVhNDljZTIzNDljNDcwNjdlMB4XDTIyMDQw
OTE4NTMyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODI3YzUxMWU3MTY2
MzA2NjcxOGFjM2E0NzVkOWI0NjkyNGU5ZjM0YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALkMiy8dy79nobQf8Jzs0+qDtOpn84b8GTo9b3MhBr2Iopic
s57+eltO+ZRIlPU0JTKdiC57DT82zaEoCKpFhtCMJ1In0ncs5YAZFUbxDfbUqv5m
iqjlZ4JDmUHoEBMMBujVr57vwf2vwWe/L5bJvMbWyEO/V1ek5hDQK+ebBiq0KvGO
ADCjkZFEVs/1ZycXksj0CvNy2PoOyXRuFhfWDfYwC19cPOAwCxKJEOAqoD3vEUcB
g8lv5uoOOYKxemTr0owE/CniwqoeqCSCWTzWPg5DvYMOa+82Uqy3TvFXHJSoRnWt
/nSeiX0ilY8mgli/NEV2/A/roFxatq6Xiqm0rI0CAwEAAaOCA3MwggNvMB0GA1Ud
DgQWBBSCfFEecWYwZnGKw6R12bRpJOnzSzAfBgNVHSMEGDAWgBRYheiEwvx6ddEt
0d6knOI0nEcGfjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dJWG9oTUw4ZW5YUkxkSGVwSnppTkp4SEJuNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvNmMwYmY3LTVmMTMtNDRhMi05OTg5LThjOTU4MWQ5NmQ4Zi8x
L2dueFJIbkZtTUdaeGlzT2tkZG0wYVNUcDgwcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
NmMwYmY3LTVmMTMtNDRhMi05OTg5LThjOTU4MWQ5NmQ4Zi8xL1dJWG9oTUw4ZW5Y
UkxkSGVwSnppTkp4SEJuNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AYcGCCsGAQUFBwEHAQH/BIIBdjCCAXIwggFuBAIAATCCAWYDBAAlEgADBAAlEg8D
BAAlEj8DBAEl5oADBAAl5oMDBAAl5oYDBAEl5qoDBAAl5rADBAEl5rYDBAAl5rsD
BAEu84oDBAAu85UDBAAu88wwDAMEAC7zzwMEAC7z0DAMAwQALvPVAwQALvPWAwQB
LvPYMAwDBAAu890DBAUu88ADBAAu8+EwDAMEAy7z6AMEAC7z7gMEAi7z8DAMAwQB
LvP2AwQCLvP4AwQAgABHAwQBjWWEAwQAjWWHAwQAjWWPAwQAjWWRMAwDBACNZZMD
BACNZZYwDAMEAI1lmQMEAI1lnDAMAwQBjWWeAwQAjWWiMAwDBAKNZaQDBACNZagD
BAGNZaoDBACNZb8DBACNZfgDBACNZf8DBACyqokwDAMEALKqiwMEALKqjAMEALKq
kgMEALKq5wMEArkElAMEAbxIUDAMAwQAvEhTAwQAvEhWAwQAvEhYAwQAvEhaAwQA
vEh3AwQD2ZZYMA0GCSqGSIb3DQEBCwUAA4IBAQA8YTTUTiJmAyzcWO+WdUeBdOIc
nA2m6zl/2wym91N+P32sHR77//HRBqfcpF0ztFpIlsDAAlWyRj3pUfIyHKKL8X9Z
I5fcFAWjn4gQ7iOFTGnYBS8oJIZVLLpEMwxOFDVoNGH4eXrbH14+2UxZBlk7QhI4
FV2LXTPieaqhspL+8DQTE7JwrZJiBwQ8PWy26g1IA1juwuq5QSeeTvh37EAu0sHH
289I9YtbMPQ/H0umGacdJl2lluqZc0TwNtnODdn7s7UKMz0Ecy1Y0JiQGQAI4fuG
9b3P80XBrJhlYnJEAozuDYCigjxy8ZBmYofqfDf23KkiZ3Bf9l8HTZmNAn81
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:33 2024 by rpki-client on console-ams.rpki-client.org