Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/Q5UcPTnQziJjh81qWShrHeYNOjc.roa
File:                     Q5UcPTnQziJjh81qWShrHeYNOjc.roa (raw, json)
Hash identifier:          rQhg8UdWVpzNYZWGokVd4Pwnvp3meqwhRx0osL8xrxA=
Subject key identifier:   43:95:1C:3D:39:D0:CE:22:63:87:CD:6A:59:28:6B:1D:E6:0D:3A:37
Certificate issuer:       /CN=237f7db033314c473cda194e0df79f1c375da3f4
Certificate serial:       0BB6F066
Authority key identifier: 23:7F:7D:B0:33:31:4C:47:3C:DA:19:4E:0D:F7:9F:1C:37:5D:A3:F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I399sDMxTEc82hlODfefHDddo_Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/Q5UcPTnQziJjh81qWShrHeYNOjc.roa
Signing time:             Wed 16 Feb 2022 08:25:50 +0000
ROA not before:           Wed 16 Feb 2022 08:25:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3225
IP address blocks:        91.140.220.0/22 maxlen: 22
                          91.140.224.0/24 maxlen: 24
                          91.140.224.0/22 maxlen: 22
                          91.140.228.0/22 maxlen: 22
                          91.140.234.0/24 maxlen: 24
                          91.140.238.0/24 maxlen: 24
                          91.140.239.0/24 maxlen: 24
                          91.140.236.0/24 maxlen: 24
                          91.140.242.0/24 maxlen: 24
                          91.140.244.0/22 maxlen: 22
                          91.140.249.0/24 maxlen: 24
                          91.140.248.0/22 maxlen: 22
                          91.140.252.0/24 maxlen: 24
                          91.140.252.0/22 maxlen: 22
                          91.140.255.0/24 maxlen: 24
                          91.140.164.0/22 maxlen: 22
                          185.16.4.0/22 maxlen: 22
                          91.140.160.0/22 maxlen: 22
                          91.140.172.0/22 maxlen: 22
                          94.187.224.0/19 maxlen: 19
                          91.140.180.0/22 maxlen: 22
                          94.187.224.0/22 maxlen: 22
                          91.140.192.0/22 maxlen: 22
                          94.187.232.0/22 maxlen: 22
                          91.140.188.0/22 maxlen: 22
                          94.187.228.0/22 maxlen: 22
                          94.187.236.0/22 maxlen: 22
                          91.140.196.0/22 maxlen: 22
                          94.187.240.0/22 maxlen: 22
                          91.140.203.0/24 maxlen: 24
                          94.187.244.0/22 maxlen: 22
                          91.140.204.0/22 maxlen: 22
                          91.140.202.0/24 maxlen: 24
                          91.140.212.0/22 maxlen: 22
                          94.187.252.0/22 maxlen: 22
                          94.187.248.0/22 maxlen: 22
                          91.140.208.0/22 maxlen: 22
                          91.140.128.0/22 maxlen: 22
                          91.140.128.0/17 maxlen: 17
                          91.140.132.0/22 maxlen: 22
                          91.140.152.0/22 maxlen: 22
                          91.140.148.0/22 maxlen: 22
                          194.54.248.0/22 maxlen: 22
                          194.54.252.0/22 maxlen: 22
                          194.54.192.0/22 maxlen: 22
                          194.54.194.0/23 maxlen: 23
                          194.54.196.0/22 maxlen: 22
                          194.54.204.0/22 maxlen: 22
                          194.54.212.0/22 maxlen: 22
                          194.54.216.0/22 maxlen: 22
                          194.54.220.0/22 maxlen: 22
                          194.54.224.0/22 maxlen: 22
                          194.54.232.0/22 maxlen: 22
                          194.54.228.0/22 maxlen: 22
                          194.54.236.0/22 maxlen: 22
                          194.54.240.0/22 maxlen: 22
                          2a01:7780::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 196538470 (0xbb6f066)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=237f7db033314c473cda194e0df79f1c375da3f4
        Validity
            Not Before: Feb 16 08:25:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=43951c3d39d0ce226387cd6a59286b1de60d3a37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:ac:c9:b1:b7:64:a5:ac:10:ef:17:9a:c0:58:
                    51:48:4f:7f:f2:f6:10:df:fb:5c:43:c4:9e:75:b2:
                    2f:2b:0b:1d:fb:9f:05:a5:1f:a6:58:d3:ce:bb:f9:
                    c0:eb:96:a7:32:72:37:5a:e8:01:53:5a:7a:9e:62:
                    b1:a3:9a:b7:f6:eb:03:90:9e:8c:01:57:3f:73:89:
                    b4:ab:5c:80:66:8f:4e:ff:a6:31:4c:92:20:ca:29:
                    d7:8b:5f:a6:e1:bb:c0:49:b5:00:27:10:dc:45:ba:
                    95:34:30:3b:71:bc:f6:c3:fc:c8:15:56:2f:8b:3f:
                    83:dd:6a:eb:d8:25:06:04:38:7a:ec:e3:fa:c6:c7:
                    ac:90:f5:2f:f3:4a:ac:09:fa:3f:0b:95:8b:cb:6e:
                    7a:82:c2:06:6c:b3:98:6c:6a:89:d3:18:d0:56:23:
                    d2:b4:ae:4e:4c:e5:f9:ee:19:b5:b7:46:aa:ab:4b:
                    a7:28:69:e5:f4:38:74:66:e7:5f:89:2e:ef:b3:8c:
                    ba:90:bd:ab:95:6c:cd:7a:33:28:d8:30:3b:a2:4f:
                    54:f5:ea:bd:cd:62:ab:7a:cf:84:bd:ac:50:80:98:
                    7d:9b:96:70:28:64:7e:7a:86:c3:42:59:38:ac:b9:
                    fc:7a:5c:5f:41:93:da:04:f0:c7:90:4b:ed:e6:6d:
                    d9:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:95:1C:3D:39:D0:CE:22:63:87:CD:6A:59:28:6B:1D:E6:0D:3A:37
            X509v3 Authority Key Identifier:
                keyid:23:7F:7D:B0:33:31:4C:47:3C:DA:19:4E:0D:F7:9F:1C:37:5D:A3:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I399sDMxTEc82hlODfefHDddo_Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/Q5UcPTnQziJjh81qWShrHeYNOjc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/I399sDMxTEc82hlODfefHDddo_Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.140.128.0/17
                  94.187.224.0/19
                  185.16.4.0/22
                  194.54.192.0/21
                  194.54.204.0/22
                  194.54.212.0-194.54.243.255
                  194.54.248.0/21
                IPv6:
                  2a01:7780::/32

    Signature Algorithm: sha256WithRSAEncryption
         5a:95:cf:81:88:30:46:d5:7d:07:92:67:01:63:d9:73:39:0a:
         bb:91:d5:a3:91:2c:62:2c:7c:67:a3:2b:fc:6d:60:5b:4e:b4:
         17:47:8d:84:41:f0:14:22:6c:39:d1:d2:ca:8e:d0:ae:17:73:
         90:4f:e7:15:38:40:c3:ce:2b:0e:a4:1c:8e:4a:42:fb:35:0a:
         e9:6b:d5:8d:a4:93:88:38:89:5f:20:9c:f1:2c:a1:15:6c:c5:
         e0:c7:de:33:e0:3a:68:58:5d:68:b7:8d:b3:b3:b1:6a:75:c5:
         5d:3f:2a:3a:f5:f0:0d:45:d5:87:fc:04:54:7c:ef:42:40:10:
         d4:6f:db:bc:94:ff:85:88:22:7b:8c:ce:c1:b8:9b:23:b3:f3:
         09:22:aa:e8:52:43:2e:2b:45:ce:3b:60:0f:b8:4b:bd:43:39:
         32:0a:41:14:26:c8:4f:8c:92:5f:fc:36:29:09:39:dd:e3:69:
         ea:7e:fd:57:05:0c:ea:82:e8:24:c7:98:2f:de:cc:66:82:89:
         4c:82:7c:8e:ad:c5:dd:64:65:95:81:1f:a6:c9:cb:79:44:a7:
         78:91:56:ce:28:1a:95:34:13:0e:22:98:24:9d:1d:f3:81:bf:
         db:07:0a:25:da:d1:8e:f4:ca:18:45:11:94:6c:7f:44:41:db:
         92:3e:77:28
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIEC7bwZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MzdmN2RiMDMzMzE0YzQ3M2NkYTE5NGUwZGY3OWYxYzM3NWRhM2Y0MB4XDTIyMDIx
NjA4MjU1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDM5NTFjM2QzOWQw
Y2UyMjYzODdjZDZhNTkyODZiMWRlNjBkM2EzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMmsybG3ZKWsEO8XmsBYUUhPf/L2EN/7XEPEnnWyLysLHfuf
BaUfpljTzrv5wOuWpzJyN1roAVNaep5isaOat/brA5CejAFXP3OJtKtcgGaPTv+m
MUySIMop14tfpuG7wEm1ACcQ3EW6lTQwO3G89sP8yBVWL4s/g91q69glBgQ4euzj
+sbHrJD1L/NKrAn6PwuVi8tueoLCBmyzmGxqidMY0FYj0rSuTkzl+e4ZtbdGqqtL
pyhp5fQ4dGbnX4ku77OMupC9q5VszXozKNgwO6JPVPXqvc1iq3rPhL2sUICYfZuW
cChkfnqGw0JZOKy5/HpcX0GT2gTwx5BL7eZt2SMCAwEAAaOCAkQwggJAMB0GA1Ud
DgQWBBRDlRw9OdDOImOHzWpZKGsd5g06NzAfBgNVHSMEGDAWgBQjf32wMzFMRzza
GU4N958cN12j9DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0kzOTlzRE14VEVjODJobE9EZmVmSERkZG9fUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODgvZWVmNTU3LTBlMTAtNDBjZS1hNDhmLWVlMDYwMzk0OWY5My8x
L1E1VWNQVG5RemlKamg4MXFXU2hySGVZTk9qYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
ZWVmNTU3LTBlMTAtNDBjZS1hNDhmLWVlMDYwMzk0OWY5My8xL0kzOTlzRE14VEVj
ODJobE9EZmVmSERkZG9fUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBa
BggrBgEFBQcBBwEB/wRLMEkwOAQCAAEwMgMEB1uMgAMEBV674AMEArkQBAMEA8I2
wAMEAsI2zDAMAwQCwjbUAwQCwjbwAwQDwjb4MA0EAgACMAcDBQAqAXeAMA0GCSqG
SIb3DQEBCwUAA4IBAQBalc+BiDBG1X0HkmcBY9lzOQq7kdWjkSxiLHxnoyv8bWBb
TrQXR42EQfAUImw50dLKjtCuF3OQT+cVOEDDzisOpByOSkL7NQrpa9WNpJOIOIlf
IJzxLKEVbMXgx94z4DpoWF1ot42zs7FqdcVdPyo69fANRdWH/ARUfO9CQBDUb9u8
lP+FiCJ7jM7BuJsjs/MJIqroUkMuK0XOO2APuEu9QzkyCkEUJshPjJJf/DYpCTnd
42nqfv1XBQzqgugkx5gv3sxmgolMgnyOrcXdZGWVgR+myct5RKd4kVbOKBqVNBMO
IpgknR3zgb/bBwol2tGO9MoYRRGUbH9EQduSPnco
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:58 2024 by rpki-client on console-ams.rpki-client.org