Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/PEpBiEXWXQca-5F8CNWNp5EC1Bg.roa
File:                     PEpBiEXWXQca-5F8CNWNp5EC1Bg.roa (raw, json)
Hash identifier:          kyuVuL8LBwAgG9F9t0JpFbzcKJOR0BETpRRso2xy6TI=
Subject key identifier:   3C:4A:41:88:45:D6:5D:07:1A:FB:91:7C:08:D5:8D:A7:91:02:D4:18
Certificate issuer:       /CN=02bbd4f865a12d79a09a034486ce61ba023882c7
Certificate serial:       0181F2871FB1AE725220736F5CC9CDE0F84A
Authority key identifier: 02:BB:D4:F8:65:A1:2D:79:A0:9A:03:44:86:CE:61:BA:02:38:82:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ArvU-GWhLXmgmgNEhs5hugI4gsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/PEpBiEXWXQca-5F8CNWNp5EC1Bg.roa
Signing time:             Tue 12 Jul 2022 13:09:10 +0000
ROA not before:           Tue 12 Jul 2022 13:09:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     198589
IP address blocks:        37.77.48.0/21 maxlen: 21
                          37.77.49.0/24 maxlen: 24
                          37.77.48.0/24 maxlen: 24
                          37.77.51.0/24 maxlen: 24
                          37.77.50.0/24 maxlen: 24
                          37.77.52.0/24 maxlen: 24
                          37.77.55.0/24 maxlen: 24
                          37.77.54.0/24 maxlen: 24
                          37.77.53.0/24 maxlen: 24
                          5.62.133.0/24 maxlen: 24
                          5.62.137.0/24 maxlen: 24
                          5.62.136.0/24 maxlen: 24
                          5.62.135.0/24 maxlen: 24
                          5.62.134.0/24 maxlen: 24
                          5.62.139.0/24 maxlen: 24
                          5.62.138.0/24 maxlen: 24
                          5.62.140.0/24 maxlen: 24
                          5.62.144.0/24 maxlen: 24
                          5.62.143.0/24 maxlen: 24
                          5.62.144.0/21 maxlen: 21
                          5.62.142.0/24 maxlen: 24
                          5.62.141.0/24 maxlen: 24
                          5.62.145.0/24 maxlen: 24
                          5.62.147.0/24 maxlen: 24
                          5.62.146.0/24 maxlen: 24
                          5.62.151.0/24 maxlen: 24
                          5.62.150.0/24 maxlen: 24
                          5.62.149.0/24 maxlen: 24
                          5.62.148.0/24 maxlen: 24
                          5.62.130.0/24 maxlen: 24
                          5.62.129.0/24 maxlen: 24
                          5.62.128.0/24 maxlen: 24
                          5.62.128.0/20 maxlen: 20
                          5.62.132.0/24 maxlen: 24
                          5.62.131.0/24 maxlen: 24
                          185.69.4.0/22 maxlen: 22
                          185.69.4.0/24 maxlen: 24
                          185.69.7.0/24 maxlen: 24
                          185.69.6.0/24 maxlen: 24
                          185.69.5.0/24 maxlen: 24
                          31.7.83.0/24 maxlen: 24
                          31.7.82.0/24 maxlen: 24
                          31.7.81.0/24 maxlen: 24
                          31.7.80.0/24 maxlen: 24
                          31.7.85.0/24 maxlen: 24
                          31.7.84.0/24 maxlen: 24
                          31.7.86.0/24 maxlen: 24
                          31.7.87.0/24 maxlen: 24
                          2a00:c9e0:0:1::/64 maxlen: 64
                          2a00:c9e0::/32 maxlen: 32
                          2a00:c9e0::/62 maxlen: 62

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:f2:87:1f:b1:ae:72:52:20:73:6f:5c:c9:cd:e0:f8:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02bbd4f865a12d79a09a034486ce61ba023882c7
        Validity
            Not Before: Jul 12 13:09:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3c4a418845d65d071afb917c08d58da79102d418
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:d8:48:dd:33:40:a2:03:a1:2c:f7:91:5b:7a:
                    98:8b:6b:c2:7a:4b:ef:13:8a:19:97:cc:fb:9b:d0:
                    62:24:e6:03:35:ef:ae:a3:6a:1d:f1:f3:a8:5d:6b:
                    56:c8:d1:34:a8:35:6c:3c:80:4b:79:fe:e9:15:56:
                    af:a8:99:5f:9b:4a:ae:71:40:43:90:cf:2b:b9:45:
                    3b:7e:60:87:72:51:de:05:15:93:f2:18:5e:76:6e:
                    08:f5:76:c7:60:7e:20:d1:06:5f:72:b1:6c:e3:2f:
                    cf:e3:21:9d:0c:b0:a5:4a:0d:17:f6:01:7c:57:a8:
                    a2:12:17:0d:71:7e:0a:8d:4e:de:54:57:42:9c:1b:
                    01:86:12:7e:ba:68:52:ac:54:1a:c5:9c:42:ca:96:
                    58:ad:b2:06:13:e4:41:f4:16:89:86:a0:e3:cd:99:
                    f6:2f:9b:e5:9e:18:52:60:4a:f7:e5:32:ee:96:ad:
                    47:a3:31:87:df:0e:c0:2f:90:69:22:dd:66:8b:ba:
                    45:ab:45:91:11:5e:ec:32:b9:90:ab:af:da:5a:30:
                    1d:54:07:d6:35:c2:bc:d3:77:9e:42:5d:97:2c:9a:
                    3c:c3:44:ae:68:e2:45:15:d3:25:37:12:f7:8e:9a:
                    44:5d:59:31:b4:7e:dc:1d:96:2a:58:6c:ba:ff:85:
                    11:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:4A:41:88:45:D6:5D:07:1A:FB:91:7C:08:D5:8D:A7:91:02:D4:18
            X509v3 Authority Key Identifier:
                keyid:02:BB:D4:F8:65:A1:2D:79:A0:9A:03:44:86:CE:61:BA:02:38:82:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArvU-GWhLXmgmgNEhs5hugI4gsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/PEpBiEXWXQca-5F8CNWNp5EC1Bg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/ArvU-GWhLXmgmgNEhs5hugI4gsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.62.128.0-5.62.151.255
                  31.7.80.0/21
                  37.77.48.0/21
                  185.69.4.0/22
                IPv6:
                  2a00:c9e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         87:5e:c4:60:37:80:b5:59:d4:e3:96:21:8f:76:21:90:45:e0:
         76:ee:db:d7:d7:13:29:9f:98:c4:e0:5f:66:fa:a5:54:63:9d:
         40:9a:ba:bb:54:05:bc:77:2e:a6:fa:ef:5e:3c:55:57:8c:f3:
         51:ca:50:77:27:71:bd:51:14:ed:fb:47:99:90:24:40:9d:6f:
         73:fa:27:e5:04:d1:f8:b1:b0:76:d0:71:c5:d8:6a:b7:26:b2:
         ed:95:8f:12:82:fd:0d:e1:47:14:0d:ce:95:1e:62:0b:5a:ed:
         b2:bc:eb:24:ef:23:93:2c:0c:29:c2:d5:4c:98:ab:76:de:98:
         18:97:27:a6:e1:b4:ff:b7:49:7f:b8:25:21:9b:29:22:1e:55:
         a6:a4:36:ad:23:1e:cc:16:57:ce:5d:67:6a:87:c7:4c:98:c9:
         96:f4:24:ff:5f:6a:bf:0a:05:dc:93:0d:a1:04:f4:8b:f3:c0:
         e0:0b:77:da:91:9c:c2:f4:e2:e1:d5:5b:29:9e:3e:01:d3:bb:
         99:64:37:b4:e0:15:b2:bd:97:94:a1:60:16:e4:2a:e6:e3:e2:
         e8:ae:b1:81:d7:d4:5e:22:44:2f:7c:76:83:1f:79:0e:3a:43:
         23:c9:8f:54:4f:8d:a5:bc:8b:55:45:9c:7c:11:74:d4:c3:ef:
         21:2d:05:27
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYHyhx+xrnJSIHNvXMnN4PhKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYmJkNGY4NjVhMTJkNzlhMDlhMDM0NDg2Y2U2MWJhMDIz
ODgyYzcwHhcNMjIwNzEyMTMwOTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzRhNDE4ODQ1ZDY1ZDA3MWFmYjkxN2MwOGQ1OGRhNzkxMDJkNDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9hI3TNAogOhLPeRW3qYi2vCekvv
E4oZl8z7m9BiJOYDNe+uo2od8fOoXWtWyNE0qDVsPIBLef7pFVavqJlfm0qucUBD
kM8ruUU7fmCHclHeBRWT8hhedm4I9XbHYH4g0QZfcrFs4y/P4yGdDLClSg0X9gF8
V6iiEhcNcX4KjU7eVFdCnBsBhhJ+umhSrFQaxZxCypZYrbIGE+RB9BaJhqDjzZn2
L5vlnhhSYEr35TLulq1HozGH3w7AL5BpIt1mi7pFq0WREV7sMrmQq6/aWjAdVAfW
NcK803eeQl2XLJo8w0SuaOJFFdMlNxL3jppEXVkxtH7cHZYqWGy6/4UR2QIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFDxKQYhF1l0HGvuRfAjVjaeRAtQYMB8GA1UdIwQY
MBaAFAK71PhloS15oJoDRIbOYboCOILHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXJ2VS1HV2hMWG1nbWdORWhzNWh1Z0k0Z3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jYjgzYjItMzNiNS00NTYwLTg5MzUt
MGE5ODA0OGNkZjcyLzEvUEVwQmlFWFdYUWNhLTVGOENOV05wNUVDMUJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jYjgzYjItMzNiNS00NTYwLTg5MzUtMGE5ODA0OGNkZjcy
LzEvQXJ2VS1HV2hMWG1nbWdORWhzNWh1Z0k0Z3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgMAwDBAcFPoAD
BAMFPpADBAMfB1ADBAMlTTADBAK5RQQwDQQCAAIwBwMFACoAyeAwDQYJKoZIhvcN
AQELBQADggEBAIdexGA3gLVZ1OOWIY92IZBF4Hbu29fXEymfmMTgX2b6pVRjnUCa
urtUBbx3Lqb67148VVeM81HKUHcncb1RFO37R5mQJECdb3P6J+UE0fixsHbQccXY
arcmsu2VjxKC/Q3hRxQNzpUeYgta7bK86yTvI5MsDCnC1UyYq3bemBiXJ6bhtP+3
SX+4JSGbKSIeVaakNq0jHswWV85dZ2qHx0yYyZb0JP9far8KBdyTDaEE9IvzwOAL
d9qRnML04uHVWymePgHTu5lkN7TgFbK9l5ShYBbkKubj4uiusYHX1F4iRC98doMf
eQ46QyPJj1RPjaW8i1VFnHwRdNTD7yEtBSc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:24 2024 by rpki-client on console-ams.rpki-client.org