Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/r70dAAK4NVWH9vNf1PRQ_9AgXY0.roa
File:                     r70dAAK4NVWH9vNf1PRQ_9AgXY0.roa (raw, json)
Hash identifier:          MQLM24VixqeNW2BVaRNgQjjEzEppJWENLSXi1WN7gYY=
Subject key identifier:   AF:BD:1D:00:02:B8:35:55:87:F6:F3:5F:D4:F4:50:FF:D0:20:5D:8D
Certificate issuer:       /CN=237f7db033314c473cda194e0df79f1c375da3f4
Certificate serial:       0BD34683
Authority key identifier: 23:7F:7D:B0:33:31:4C:47:3C:DA:19:4E:0D:F7:9F:1C:37:5D:A3:F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I399sDMxTEc82hlODfefHDddo_Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/r70dAAK4NVWH9vNf1PRQ_9AgXY0.roa
Signing time:             Tue 22 Feb 2022 08:38:31 +0000
ROA not before:           Tue 22 Feb 2022 08:38:31 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3225
IP address blocks:        91.140.220.0/22 maxlen: 22
                          91.140.224.0/24 maxlen: 24
                          91.140.224.0/22 maxlen: 22
                          91.140.233.0/24 maxlen: 24
                          91.140.228.0/22 maxlen: 22
                          91.140.234.0/24 maxlen: 24
                          91.140.238.0/24 maxlen: 24
                          91.140.239.0/24 maxlen: 24
                          91.140.236.0/24 maxlen: 24
                          91.140.237.0/24 maxlen: 24
                          91.140.242.0/24 maxlen: 24
                          91.140.244.0/22 maxlen: 22
                          91.140.249.0/24 maxlen: 24
                          91.140.248.0/22 maxlen: 22
                          91.140.252.0/24 maxlen: 24
                          91.140.252.0/22 maxlen: 22
                          91.140.255.0/24 maxlen: 24
                          91.140.164.0/22 maxlen: 22
                          185.16.4.0/22 maxlen: 22
                          91.140.160.0/22 maxlen: 22
                          91.140.172.0/22 maxlen: 22
                          94.187.224.0/19 maxlen: 19
                          91.140.180.0/22 maxlen: 22
                          94.187.224.0/22 maxlen: 22
                          91.140.192.0/22 maxlen: 22
                          94.187.232.0/22 maxlen: 22
                          91.140.188.0/22 maxlen: 22
                          94.187.228.0/22 maxlen: 22
                          94.187.236.0/22 maxlen: 22
                          91.140.196.0/22 maxlen: 22
                          94.187.240.0/22 maxlen: 22
                          91.140.203.0/24 maxlen: 24
                          94.187.244.0/22 maxlen: 22
                          91.140.204.0/22 maxlen: 22
                          91.140.202.0/24 maxlen: 24
                          91.140.212.0/22 maxlen: 22
                          94.187.252.0/22 maxlen: 22
                          94.187.248.0/22 maxlen: 22
                          91.140.208.0/22 maxlen: 22
                          91.140.128.0/22 maxlen: 22
                          91.140.128.0/17 maxlen: 17
                          91.140.132.0/22 maxlen: 22
                          91.140.136.0/22 maxlen: 22
                          91.140.152.0/22 maxlen: 22
                          91.140.148.0/22 maxlen: 22
                          194.54.248.0/22 maxlen: 22
                          194.54.252.0/22 maxlen: 22
                          194.54.192.0/22 maxlen: 22
                          194.54.194.0/23 maxlen: 23
                          194.54.196.0/22 maxlen: 22
                          194.54.204.0/22 maxlen: 22
                          194.54.212.0/22 maxlen: 22
                          194.54.216.0/22 maxlen: 22
                          194.54.220.0/22 maxlen: 22
                          194.54.224.0/22 maxlen: 22
                          194.54.232.0/22 maxlen: 22
                          194.54.228.0/22 maxlen: 22
                          194.54.236.0/22 maxlen: 22
                          194.54.240.0/22 maxlen: 22
                          2a01:7780::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 198395523 (0xbd34683)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=237f7db033314c473cda194e0df79f1c375da3f4
        Validity
            Not Before: Feb 22 08:38:31 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=afbd1d0002b8355587f6f35fd4f450ffd0205d8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:3d:15:4f:84:49:7a:dc:09:b1:56:f7:5c:11:
                    9a:e7:2f:b0:ee:4d:50:fa:31:e5:97:04:7e:64:f6:
                    d3:1d:98:aa:10:35:c3:b9:53:ab:0d:1f:4d:0b:62:
                    91:00:5a:40:12:d5:f5:73:84:96:dc:db:40:dd:9d:
                    a6:ee:3f:fc:73:e2:61:27:e4:ef:fb:9c:ae:d5:f3:
                    0a:f9:e2:e0:93:01:cc:1e:34:92:9c:40:58:ba:f9:
                    f9:40:8a:b6:cc:12:ff:dc:37:28:55:d9:3d:c6:97:
                    bb:36:76:f6:3c:c2:b2:b2:8b:0e:71:9c:dd:c3:aa:
                    e3:79:c5:d3:60:20:bc:b2:f2:7f:27:d4:8c:c7:64:
                    54:22:8b:57:be:8a:75:34:72:5c:6d:c5:f2:33:eb:
                    03:74:0d:fc:bd:ce:44:79:6e:ee:db:da:42:ec:4c:
                    27:a9:72:f3:12:34:30:f3:5a:c6:be:5a:11:2f:c4:
                    8c:68:b9:2b:fa:8c:a5:91:78:5c:20:f3:1f:b5:55:
                    a4:bd:1f:c7:fe:7d:24:9e:36:3a:b9:77:7e:8d:c0:
                    fc:07:c5:df:5e:34:4e:8d:36:bf:85:04:67:88:7a:
                    84:f0:f1:e1:ea:81:f1:77:5d:3f:4e:02:17:6a:54:
                    94:de:8c:d0:c5:0f:18:e0:c1:9f:57:35:28:12:29:
                    a1:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:BD:1D:00:02:B8:35:55:87:F6:F3:5F:D4:F4:50:FF:D0:20:5D:8D
            X509v3 Authority Key Identifier:
                keyid:23:7F:7D:B0:33:31:4C:47:3C:DA:19:4E:0D:F7:9F:1C:37:5D:A3:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I399sDMxTEc82hlODfefHDddo_Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/r70dAAK4NVWH9vNf1PRQ_9AgXY0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/I399sDMxTEc82hlODfefHDddo_Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.140.128.0/17
                  94.187.224.0/19
                  185.16.4.0/22
                  194.54.192.0/21
                  194.54.204.0/22
                  194.54.212.0-194.54.243.255
                  194.54.248.0/21
                IPv6:
                  2a01:7780::/32

    Signature Algorithm: sha256WithRSAEncryption
         43:03:01:64:e8:80:77:d8:91:2e:b8:8d:98:ef:6e:87:16:20:
         0f:83:c7:a6:dc:a7:bc:67:78:c6:ba:6c:80:62:37:52:06:41:
         10:29:a3:75:b5:ef:f8:4a:e7:e9:0d:4e:32:4b:41:3b:8c:b1:
         26:49:e8:6f:6d:13:67:cd:35:dd:2a:70:7d:8c:14:64:66:cd:
         89:2b:0c:82:49:c7:57:92:bc:d0:d9:e8:c3:66:b6:82:9b:e2:
         9b:34:99:df:1b:a2:40:e9:61:9b:14:07:0b:a6:0e:76:38:06:
         61:1a:7b:06:f4:9a:28:c2:43:2d:e3:c6:48:a7:b8:6d:5d:6f:
         a5:c1:ff:3d:34:2b:7a:04:7d:ba:4d:9e:95:36:7e:82:e8:43:
         91:b8:87:26:60:14:cc:02:94:ae:41:ea:73:24:92:cc:0f:41:
         b0:de:f1:c9:5e:fd:7f:11:95:0e:3e:1e:4e:32:41:25:a9:88:
         92:b4:93:79:22:9d:ff:d0:26:09:5f:89:71:41:75:d5:92:71:
         e2:ac:19:a2:70:c9:b7:46:a7:9a:a9:31:d5:9f:44:60:b9:bb:
         53:a2:6c:87:fd:64:ef:5a:58:d7:c8:ec:53:a7:75:f5:24:4c:
         83:f7:d9:73:d2:fb:a5:ed:ed:ae:a7:06:83:e1:f4:93:4a:73:
         fa:b4:92:b4
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIEC9NGgzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MzdmN2RiMDMzMzE0YzQ3M2NkYTE5NGUwZGY3OWYxYzM3NWRhM2Y0MB4XDTIyMDIy
MjA4MzgzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWZiZDFkMDAwMmI4
MzU1NTg3ZjZmMzVmZDRmNDUwZmZkMDIwNWQ4ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK89FU+ESXrcCbFW91wRmucvsO5NUPox5ZcEfmT20x2YqhA1
w7lTqw0fTQtikQBaQBLV9XOEltzbQN2dpu4//HPiYSfk7/ucrtXzCvni4JMBzB40
kpxAWLr5+UCKtswS/9w3KFXZPcaXuzZ29jzCsrKLDnGc3cOq43nF02AgvLLyfyfU
jMdkVCKLV76KdTRyXG3F8jPrA3QN/L3ORHlu7tvaQuxMJ6ly8xI0MPNaxr5aES/E
jGi5K/qMpZF4XCDzH7VVpL0fx/59JJ42Orl3fo3A/AfF3140To02v4UEZ4h6hPDx
4eqB8XddP04CF2pUlN6M0MUPGODBn1c1KBIpoYUCAwEAAaOCAkQwggJAMB0GA1Ud
DgQWBBSvvR0AArg1VYf281/U9FD/0CBdjTAfBgNVHSMEGDAWgBQjf32wMzFMRzza
GU4N958cN12j9DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0kzOTlzRE14VEVjODJobE9EZmVmSERkZG9fUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODgvZWVmNTU3LTBlMTAtNDBjZS1hNDhmLWVlMDYwMzk0OWY5My8x
L3I3MGRBQUs0TlZXSDl2TmYxUFJRXzlBZ1hZMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
ZWVmNTU3LTBlMTAtNDBjZS1hNDhmLWVlMDYwMzk0OWY5My8xL0kzOTlzRE14VEVj
ODJobE9EZmVmSERkZG9fUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBa
BggrBgEFBQcBBwEB/wRLMEkwOAQCAAEwMgMEB1uMgAMEBV674AMEArkQBAMEA8I2
wAMEAsI2zDAMAwQCwjbUAwQCwjbwAwQDwjb4MA0EAgACMAcDBQAqAXeAMA0GCSqG
SIb3DQEBCwUAA4IBAQBDAwFk6IB32JEuuI2Y726HFiAPg8em3Ke8Z3jGumyAYjdS
BkEQKaN1te/4SufpDU4yS0E7jLEmSehvbRNnzTXdKnB9jBRkZs2JKwyCScdXkrzQ
2ejDZraCm+KbNJnfG6JA6WGbFAcLpg52OAZhGnsG9JoowkMt48ZIp7htXW+lwf89
NCt6BH26TZ6VNn6C6EORuIcmYBTMApSuQepzJJLMD0Gw3vHJXv1/EZUOPh5OMkEl
qYiStJN5Ip3/0CYJX4lxQXXVknHirBmicMm3RqeaqTHVn0RgubtTomyH/WTvWljX
yOxTp3X1JEyD99lz0vul7e2upwaD4fSTSnP6tJK0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:58 2024 by rpki-client on console-ams.rpki-client.org