Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/Ul75CZRa8C3bTy2cZE5FxvvmsQ4.roa
File:                     Ul75CZRa8C3bTy2cZE5FxvvmsQ4.roa (raw, json)
Hash identifier:          dRYNIeyPq8XHHmpAH9KrzNjkyW2pjQGepgfHsrY3vjQ=
Subject key identifier:   52:5E:F9:09:94:5A:F0:2D:DB:4F:2D:9C:64:4E:45:C6:FB:E6:B1:0E
Certificate issuer:       /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial:       0184807A86EB3D79DA7397B86376E5F0521E
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/Ul75CZRa8C3bTy2cZE5FxvvmsQ4.roa
Signing time:             Wed 16 Nov 2022 12:47:04 +0000
ROA not before:           Wed 16 Nov 2022 12:47:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        85.153.125.0/24 maxlen: 24
                          85.153.124.0/24 maxlen: 24
                          85.153.120.0/24 maxlen: 24
                          85.153.119.0/24 maxlen: 24
                          85.153.121.0/24 maxlen: 24
                          85.153.123.0/24 maxlen: 24
                          85.153.122.0/24 maxlen: 24
                          85.153.126.0/24 maxlen: 24
                          85.153.68.0/22 maxlen: 22
                          85.153.66.0/24 maxlen: 24
                          85.153.65.0/24 maxlen: 24
                          85.153.67.0/24 maxlen: 24
                          85.153.75.0/24 maxlen: 24
                          85.153.73.0/24 maxlen: 24
                          85.153.72.0/24 maxlen: 24
                          85.153.74.0/24 maxlen: 24
                          85.153.83.0/24 maxlen: 24
                          85.153.82.0/24 maxlen: 24
                          85.153.84.0/22 maxlen: 22
                          85.153.80.0/24 maxlen: 24
                          85.153.81.0/24 maxlen: 24
                          85.153.88.0/22 maxlen: 22
                          85.153.92.0/24 maxlen: 24
                          85.153.93.0/24 maxlen: 24
                          85.153.95.0/24 maxlen: 24
                          85.153.94.0/24 maxlen: 24
                          85.153.112.0/24 maxlen: 24
                          85.153.108.0/22 maxlen: 22
                          85.153.113.0/24 maxlen: 24
                          85.153.114.0/24 maxlen: 24
                          85.153.116.0/24 maxlen: 24
                          85.153.115.0/24 maxlen: 24
                          85.153.118.0/24 maxlen: 24
                          85.153.117.0/24 maxlen: 24
                          85.153.16.0/22 maxlen: 22
                          85.153.12.0/22 maxlen: 22
                          85.153.24.0/22 maxlen: 22
                          85.153.29.0/24 maxlen: 24
                          85.153.28.0/24 maxlen: 24
                          85.153.30.0/24 maxlen: 24
                          85.153.32.0/24 maxlen: 24
                          85.153.34.0/24 maxlen: 24
                          85.153.36.0/22 maxlen: 22
                          85.153.35.0/24 maxlen: 24
                          85.153.41.0/24 maxlen: 24
                          85.153.42.0/24 maxlen: 24
                          85.153.40.0/24 maxlen: 24
                          85.153.47.0/24 maxlen: 24
                          85.153.46.0/24 maxlen: 24
                          85.153.56.0/24 maxlen: 24
                          85.153.52.0/22 maxlen: 22
                          85.153.59.0/24 maxlen: 24
                          85.153.60.0/22 maxlen: 22
                          85.115.204.0/24 maxlen: 24
                          85.115.206.0/24 maxlen: 24
                          85.115.205.0/24 maxlen: 24
                          85.115.207.0/24 maxlen: 24
                          85.153.4.0/24 maxlen: 24
                          85.153.7.0/24 maxlen: 24
                          85.153.6.0/24 maxlen: 24
                          85.153.8.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:80:7a:86:eb:3d:79:da:73:97:b8:63:76:e5:f0:52:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
        Validity
            Not Before: Nov 16 12:47:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=525ef909945af02ddb4f2d9c644e45c6fbe6b10e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:65:41:bc:bc:4a:5e:bc:cd:65:be:98:c7:09:
                    47:76:1e:69:16:26:d4:cb:94:ca:eb:d5:05:08:2a:
                    ef:d3:91:a4:43:0b:49:55:2d:cc:e7:bb:be:ad:d8:
                    ca:e9:fd:40:0f:1c:b9:51:01:18:a4:95:52:9f:98:
                    6c:66:13:58:e1:ef:d1:40:47:96:17:1a:51:b2:b4:
                    c6:a4:bc:6d:fd:64:33:0f:ce:7c:ed:fa:83:bb:63:
                    7b:f1:8f:47:4c:2e:d2:20:04:fb:4a:4c:42:44:86:
                    5f:14:52:df:05:cc:59:e2:32:b2:18:37:b4:c6:dd:
                    83:5b:2d:c3:6b:fa:f7:1a:23:c7:9f:cf:b7:5d:bc:
                    d7:22:1e:3f:4b:0e:0e:9f:1b:96:3c:1b:4f:d3:67:
                    c1:0f:b8:a0:bb:1a:f7:d8:e4:3b:fa:1c:ec:b1:75:
                    82:42:a0:6c:2f:1b:2f:e5:73:c0:c8:ed:7a:ca:ea:
                    40:8e:c3:f6:f4:2f:b9:5c:1e:49:f1:b0:0f:4e:54:
                    92:df:1b:15:1d:9d:95:67:04:1e:94:d1:df:84:0c:
                    4c:21:ef:9d:b1:0f:b9:90:2d:1b:70:a9:0a:fe:28:
                    e0:81:cf:7e:71:47:45:5f:d0:17:1c:24:b5:66:44:
                    6f:b7:8e:f0:62:e6:10:0b:d3:c6:68:8c:67:b3:75:
                    b6:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:5E:F9:09:94:5A:F0:2D:DB:4F:2D:9C:64:4E:45:C6:FB:E6:B1:0E
            X509v3 Authority Key Identifier:
                keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/Ul75CZRa8C3bTy2cZE5FxvvmsQ4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.115.204.0/22
                  85.153.4.0/24
                  85.153.6.0-85.153.8.255
                  85.153.12.0-85.153.19.255
                  85.153.24.0-85.153.30.255
                  85.153.32.0/24
                  85.153.34.0-85.153.42.255
                  85.153.46.0/23
                  85.153.52.0-85.153.56.255
                  85.153.59.0-85.153.63.255
                  85.153.65.0-85.153.75.255
                  85.153.80.0/20
                  85.153.108.0-85.153.126.255

    Signature Algorithm: sha256WithRSAEncryption
         4e:f8:ba:24:e5:1e:c0:be:33:b6:f9:e0:f9:ce:b0:b4:e2:72:
         24:07:4c:4a:92:0a:c7:de:e4:84:e4:22:c2:bb:36:b5:92:2b:
         2e:6a:92:55:9b:d0:49:dc:f0:21:56:28:bd:19:08:71:34:b4:
         d9:40:06:46:7f:c0:5d:7e:a4:9a:70:1b:5c:99:40:c2:ca:55:
         85:94:9a:2a:86:d6:bf:b9:7e:f4:91:26:44:49:f0:b8:45:8d:
         2f:e7:ce:98:a1:3e:a9:73:3e:9c:c0:b4:e4:b4:fd:25:8d:32:
         7d:e1:31:c8:fd:41:b0:94:ed:0f:52:67:ce:32:24:06:40:e7:
         0f:25:7f:8f:cc:b8:cc:c0:7c:18:cc:a0:e5:32:f1:a4:51:74:
         21:5c:80:5d:98:7f:33:76:a2:96:af:ba:a0:88:bb:1a:f2:7a:
         b3:2a:57:c2:5a:23:70:80:89:df:ac:e3:9c:fc:c3:78:25:32:
         d2:95:44:6d:59:7d:84:52:f2:fe:2c:b6:f0:9c:db:b2:eb:1f:
         7a:13:e5:44:06:20:37:53:47:69:c8:00:fb:ad:11:ce:79:52:
         c0:30:d9:fa:23:18:10:d6:8b:de:56:4e:45:8a:be:66:15:be:
         55:76:a7:c1:41:d9:6b:70:b3:66:ba:bb:b9:e5:00:66:73:82:
         12:19:d7:98
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAYSAeobrPXnac5e4Y3bl8FIeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjIxMTE2MTI0NzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjVlZjkwOTk0NWFmMDJkZGI0ZjJkOWM2NDRlNDVjNmZiZTZiMTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WVBvLxKXrzNZb6YxwlHdh5pFibU
y5TK69UFCCrv05GkQwtJVS3M57u+rdjK6f1ADxy5UQEYpJVSn5hsZhNY4e/RQEeW
FxpRsrTGpLxt/WQzD8587fqDu2N78Y9HTC7SIAT7SkxCRIZfFFLfBcxZ4jKyGDe0
xt2DWy3Da/r3GiPHn8+3XbzXIh4/Sw4OnxuWPBtP02fBD7iguxr32OQ7+hzssXWC
QqBsLxsv5XPAyO16yupAjsP29C+5XB5J8bAPTlSS3xsVHZ2VZwQelNHfhAxMIe+d
sQ+5kC0bcKkK/ijggc9+cUdFX9AXHCS1ZkRvt47wYuYQC9PGaIxns3W27QIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFFJe+QmUWvAt208tnGRORcb75rEOMB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEvVWw3NUNaUmE4QzNiVHkyY1pFNUZ4dnZtc1E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4DBAJV
c8wDBABVmQQwDAMEAVWZBgMEAFWZCDAMAwQCVZkMAwQCVZkQMAwDBANVmRgDBABV
mR4DBABVmSAwDAMEAVWZIgMEAFWZKgMEAVWZLjAMAwQCVZk0AwQAVZk4MAwDBABV
mTsDBAZVmQAwDAMEAFWZQQMEAlWZSAMEBFWZUDAMAwQCVZlsAwQAVZl+MA0GCSqG
SIb3DQEBCwUAA4IBAQBO+Lok5R7AvjO2+eD5zrC04nIkB0xKkgrH3uSE5CLCuza1
kisuapJVm9BJ3PAhVii9GQhxNLTZQAZGf8BdfqSacBtcmUDCylWFlJoqhta/uX70
kSZESfC4RY0v586YoT6pcz6cwLTktP0ljTJ94THI/UGwlO0PUmfOMiQGQOcPJX+P
zLjMwHwYzKDlMvGkUXQhXIBdmH8zdqKWr7qgiLsa8nqzKlfCWiNwgInfrOOc/MN4
JTLSlURtWX2EUvL+LLbwnNuy6x96E+VEBiA3U0dpyAD7rRHOeVLAMNn6IxgQ1ove
Vk5Fir5mFb5VdqfBQdlrcLNmuru55QBmc4ISGdeY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:43 2024 by rpki-client on console-fra.rpki-client.org