Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/cABXjneyPBXi9qGOPXD3004EV5c.roa
File:                     cABXjneyPBXi9qGOPXD3004EV5c.roa (raw, json)
Hash identifier:          MMsKPrRrklw0MWcuB8+Z1b30UZaAgvEXqMkeqTXBJRA=
Subject key identifier:   70:00:57:8E:77:B2:3C:15:E2:F6:A1:8E:3D:70:F7:D3:4E:04:57:97
Certificate issuer:       /CN=237f7db033314c473cda194e0df79f1c375da3f4
Certificate serial:       018239AA120FB120B8F3E4F8F0758F132A35
Authority key identifier: 23:7F:7D:B0:33:31:4C:47:3C:DA:19:4E:0D:F7:9F:1C:37:5D:A3:F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I399sDMxTEc82hlODfefHDddo_Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/cABXjneyPBXi9qGOPXD3004EV5c.roa
Signing time:             Tue 26 Jul 2022 08:40:23 +0000
ROA not before:           Tue 26 Jul 2022 08:40:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3225
IP address blocks:        91.140.221.0/24 maxlen: 24
                          91.140.220.0/24 maxlen: 24
                          91.140.224.0/24 maxlen: 24
                          91.140.222.0/24 maxlen: 24
                          91.140.223.0/24 maxlen: 24
                          91.140.224.0/22 maxlen: 22
                          91.140.226.0/24 maxlen: 24
                          91.140.233.0/24 maxlen: 24
                          91.140.228.0/22 maxlen: 22
                          91.140.232.0/24 maxlen: 24
                          91.140.240.0/24 maxlen: 24
                          91.140.235.0/24 maxlen: 24
                          91.140.234.0/24 maxlen: 24
                          91.140.238.0/24 maxlen: 24
                          91.140.239.0/24 maxlen: 24
                          91.140.236.0/24 maxlen: 24
                          91.140.237.0/24 maxlen: 24
                          91.140.242.0/24 maxlen: 24
                          91.140.241.0/24 maxlen: 24
                          91.140.244.0/22 maxlen: 22
                          91.140.246.0/24 maxlen: 24
                          91.140.248.0/24 maxlen: 24
                          91.140.249.0/24 maxlen: 24
                          91.140.248.0/22 maxlen: 22
                          91.140.252.0/24 maxlen: 24
                          91.140.253.0/24 maxlen: 24
                          91.140.250.0/24 maxlen: 24
                          91.140.252.0/22 maxlen: 22
                          91.140.251.0/24 maxlen: 24
                          91.140.255.0/24 maxlen: 24
                          91.140.254.0/24 maxlen: 24
                          91.140.164.0/22 maxlen: 22
                          185.16.4.0/22 maxlen: 22
                          91.140.160.0/22 maxlen: 22
                          91.140.172.0/22 maxlen: 22
                          94.187.224.0/19 maxlen: 24
                          91.140.180.0/22 maxlen: 22
                          91.140.192.0/22 maxlen: 22
                          94.187.232.0/22 maxlen: 22
                          91.140.188.0/22 maxlen: 22
                          94.187.228.0/22 maxlen: 22
                          94.187.236.0/22 maxlen: 22
                          91.140.196.0/22 maxlen: 22
                          94.187.240.0/22 maxlen: 22
                          91.140.201.0/24 maxlen: 24
                          91.140.200.0/22 maxlen: 22
                          91.140.203.0/24 maxlen: 24
                          94.187.244.0/22 maxlen: 22
                          91.140.204.0/22 maxlen: 22
                          91.140.202.0/24 maxlen: 24
                          91.140.212.0/22 maxlen: 22
                          94.187.252.0/22 maxlen: 22
                          91.140.207.0/24 maxlen: 24
                          94.187.248.0/22 maxlen: 22
                          91.140.208.0/22 maxlen: 22
                          91.140.128.0/22 maxlen: 22
                          91.140.128.0/17 maxlen: 17
                          91.140.132.0/22 maxlen: 22
                          91.140.140.0/22 maxlen: 22
                          91.140.152.0/22 maxlen: 22
                          91.140.148.0/22 maxlen: 22
                          194.54.241.0/24 maxlen: 24
                          194.54.244.0/22 maxlen: 22
                          194.54.243.0/24 maxlen: 24
                          194.54.248.0/22 maxlen: 22
                          194.54.252.0/22 maxlen: 22
                          194.54.192.0/19 maxlen: 24
                          194.54.192.0/18 maxlen: 18
                          194.54.194.0/23 maxlen: 23
                          194.54.196.0/22 maxlen: 22
                          194.54.204.0/22 maxlen: 22
                          194.54.200.0/22 maxlen: 22
                          194.54.202.0/24 maxlen: 24
                          194.54.209.0/24 maxlen: 24
                          194.54.208.0/22 maxlen: 22
                          194.54.208.0/24 maxlen: 24
                          194.54.212.0/22 maxlen: 22
                          194.54.216.0/22 maxlen: 22
                          194.54.224.0/19 maxlen: 19
                          194.54.220.0/24 maxlen: 24
                          194.54.220.0/22 maxlen: 22
                          194.54.224.0/22 maxlen: 22
                          194.54.232.0/22 maxlen: 22
                          194.54.228.0/22 maxlen: 22
                          194.54.234.0/24 maxlen: 24
                          194.54.236.0/22 maxlen: 22
                          194.54.240.0/22 maxlen: 24
                          2a01:7780::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:39:aa:12:0f:b1:20:b8:f3:e4:f8:f0:75:8f:13:2a:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=237f7db033314c473cda194e0df79f1c375da3f4
        Validity
            Not Before: Jul 26 08:40:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7000578e77b23c15e2f6a18e3d70f7d34e045797
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:ce:b1:50:ae:04:c0:aa:c9:27:8f:f2:f0:f3:
                    66:4c:18:1b:08:0e:ac:35:15:3b:c6:64:fd:97:29:
                    3f:0c:8f:3c:11:fb:4f:d2:26:5a:66:29:cd:a3:74:
                    ce:34:13:43:f0:0f:9c:7a:1b:f2:e1:51:36:3a:c2:
                    81:70:09:0f:e9:4a:2b:05:54:97:f9:80:45:03:ac:
                    db:07:b1:9f:17:ea:48:a9:07:e1:58:4b:31:93:d2:
                    99:2e:9e:83:c8:0a:37:be:32:70:97:03:ed:c4:b5:
                    36:9b:32:dd:bc:f3:a5:b3:32:08:c6:b7:a8:7f:3a:
                    a6:3b:8e:33:8e:7e:c3:ce:c9:e9:70:df:a8:56:06:
                    76:6b:95:b2:bb:db:76:98:44:90:06:00:bb:3d:7a:
                    dc:09:58:a0:30:cb:11:5f:94:49:4e:3e:5e:cf:f1:
                    d5:e5:39:e7:13:03:49:d1:70:e3:d7:e9:4c:57:be:
                    c1:2b:8d:d1:27:d6:6b:6f:61:5c:1a:07:5c:13:eb:
                    07:5f:5c:8a:c7:4c:39:66:46:fb:b5:e8:f6:90:01:
                    1e:c3:ec:c8:25:f6:d2:6e:1a:ee:0d:ac:e4:e6:bf:
                    0b:96:d0:19:95:3b:ca:8d:76:da:fc:53:57:11:c3:
                    7d:ef:c0:87:31:36:a5:fe:7c:88:43:2e:23:21:04:
                    18:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:00:57:8E:77:B2:3C:15:E2:F6:A1:8E:3D:70:F7:D3:4E:04:57:97
            X509v3 Authority Key Identifier:
                keyid:23:7F:7D:B0:33:31:4C:47:3C:DA:19:4E:0D:F7:9F:1C:37:5D:A3:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I399sDMxTEc82hlODfefHDddo_Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/cABXjneyPBXi9qGOPXD3004EV5c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/I399sDMxTEc82hlODfefHDddo_Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.140.128.0/17
                  94.187.224.0/19
                  185.16.4.0/22
                  194.54.192.0/18
                IPv6:
                  2a01:7780::/32

    Signature Algorithm: sha256WithRSAEncryption
         04:1d:f2:3c:e1:b6:c7:2c:49:b6:8a:26:53:fb:cd:d7:82:b5:
         e9:4a:93:1e:b7:d4:02:73:67:04:41:8f:92:3e:9e:31:bb:62:
         c2:79:09:dd:9f:7c:60:7b:db:61:25:bf:0b:b1:a8:46:17:53:
         cc:1a:5a:c2:de:ff:da:76:99:54:c8:1c:2b:f3:85:05:4c:36:
         cb:42:5f:f3:5c:5c:fb:f5:fb:aa:51:a0:94:18:50:41:f5:ab:
         92:ce:b4:64:d5:e1:8e:fb:13:c5:8e:67:32:fd:a0:b1:ee:df:
         56:4f:8a:b1:c5:b3:4c:16:ef:06:46:51:86:d2:82:d8:7c:8f:
         41:a9:9e:45:4a:1d:72:60:c5:b4:64:14:6c:30:ed:7a:78:7a:
         ed:c2:30:e7:20:c2:03:28:9f:df:57:b3:58:cc:82:31:21:be:
         9d:30:84:10:26:5c:c0:2a:35:1c:14:8d:28:c7:e9:82:6c:e0:
         85:42:f5:85:37:e2:38:c2:7e:4c:95:41:30:06:58:99:d0:39:
         78:c4:d0:2d:a0:9d:98:1a:7d:dc:d3:d1:e3:44:15:89:79:a7:
         18:da:ff:fb:53:bd:fe:20:09:37:0e:e5:1e:c3:c9:02:9d:65:
         4d:37:7b:07:4c:5a:51:50:fe:d8:88:a4:21:67:ac:7f:82:0d:
         90:ac:39:78
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYI5qhIPsSC48+T48HWPEyo1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzN2Y3ZGIwMzMzMTRjNDczY2RhMTk0ZTBkZjc5ZjFjMzc1
ZGEzZjQwHhcNMjIwNzI2MDg0MDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDAwNTc4ZTc3YjIzYzE1ZTJmNmExOGUzZDcwZjdkMzRlMDQ1Nzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuM6xUK4EwKrJJ4/y8PNmTBgbCA6s
NRU7xmT9lyk/DI88EftP0iZaZinNo3TONBND8A+cehvy4VE2OsKBcAkP6UorBVSX
+YBFA6zbB7GfF+pIqQfhWEsxk9KZLp6DyAo3vjJwlwPtxLU2mzLdvPOlszIIxreo
fzqmO44zjn7DzsnpcN+oVgZ2a5Wyu9t2mESQBgC7PXrcCVigMMsRX5RJTj5ez/HV
5TnnEwNJ0XDj1+lMV77BK43RJ9Zrb2FcGgdcE+sHX1yKx0w5Zkb7tej2kAEew+zI
JfbSbhruDazk5r8LltAZlTvKjXba/FNXEcN978CHMTal/nyIQy4jIQQYAwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHAAV453sjwV4vahjj1w99NOBFeXMB8GA1UdIwQY
MBaAFCN/fbAzMUxHPNoZTg33nxw3XaP0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTM5OXNETXhURWM4MmhsT0RmZWZIRGRkb19RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9lZWY1NTctMGUxMC00MGNlLWE0OGYt
ZWUwNjAzOTQ5ZjkzLzEvY0FCWGpuZXlQQlhpOXFHT1BYRDMwMDRFVjVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9lZWY1NTctMGUxMC00MGNlLWE0OGYtZWUwNjAzOTQ5Zjkz
LzEvSTM5OXNETXhURWM4MmhsT0RmZWZIRGRkb19RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQHW4yAAwQF
XrvgAwQCuRAEAwQGwjbAMA0EAgACMAcDBQAqAXeAMA0GCSqGSIb3DQEBCwUAA4IB
AQAEHfI84bbHLEm2iiZT+83XgrXpSpMet9QCc2cEQY+SPp4xu2LCeQndn3xge9th
Jb8LsahGF1PMGlrC3v/adplUyBwr84UFTDbLQl/zXFz79fuqUaCUGFBB9auSzrRk
1eGO+xPFjmcy/aCx7t9WT4qxxbNMFu8GRlGG0oLYfI9BqZ5FSh1yYMW0ZBRsMO16
eHrtwjDnIMIDKJ/fV7NYzIIxIb6dMIQQJlzAKjUcFI0ox+mCbOCFQvWFN+I4wn5M
lUEwBliZ0Dl4xNAtoJ2YGn3c09HjRBWJeacY2v/7U73+IAk3DuUew8kCnWVNN3sH
TFpRUP7YiKQhZ6x/gg2QrDl4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:58 2024 by rpki-client on console-fra.rpki-client.org