Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/24ShfNKb3Nh6AGtJ7iiu9gUMRGc.roa
File:                     24ShfNKb3Nh6AGtJ7iiu9gUMRGc.roa (raw, json)
Hash identifier:          t4z32SwiO7fV3q0HydMFZzoBO4GuRs1fDrHje1x0cYs=
Subject key identifier:   DB:84:A1:7C:D2:9B:DC:D8:7A:00:6B:49:EE:28:AE:F6:05:0C:44:67
Certificate issuer:       /CN=99d5bfad45d7c65a6e343028509fd1892e97b9d0
Certificate serial:       0182FF82D08D8C30435A216C6A730D4D5ED0
Authority key identifier: 99:D5:BF:AD:45:D7:C6:5A:6E:34:30:28:50:9F:D1:89:2E:97:B9:D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/24ShfNKb3Nh6AGtJ7iiu9gUMRGc.roa
Signing time:             Fri 02 Sep 2022 18:42:19 +0000
ROA not before:           Fri 02 Sep 2022 18:42:19 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     13335
IP address blocks:        188.114.98.0/24 maxlen: 24
                          188.114.97.0/24 maxlen: 24
                          188.114.96.0/24 maxlen: 24
                          188.114.104.0/24 maxlen: 24
                          188.114.100.0/24 maxlen: 24
                          188.114.99.0/24 maxlen: 24
                          188.114.101.0/24 maxlen: 24
                          188.114.103.0/24 maxlen: 24
                          188.114.102.0/24 maxlen: 24
                          188.114.111.0/24 maxlen: 24
                          188.114.106.0/23 maxlen: 23
                          188.114.108.0/24 maxlen: 24
                          188.114.110.0/24 maxlen: 24
                          188.114.109.0/24 maxlen: 24
                          141.101.67.0/24 maxlen: 24
                          141.101.66.0/24 maxlen: 24
                          141.101.69.0/24 maxlen: 24
                          141.101.68.0/24 maxlen: 24
                          141.101.71.0/24 maxlen: 24
                          141.101.70.0/24 maxlen: 24
                          141.101.65.0/24 maxlen: 24
                          141.101.74.0/24 maxlen: 24
                          141.101.73.0/24 maxlen: 24
                          141.101.76.0/23 maxlen: 23
                          141.101.75.0/24 maxlen: 24
                          141.101.72.0/24 maxlen: 24
                          141.101.83.0/24 maxlen: 24
                          141.101.82.0/24 maxlen: 24
                          141.101.84.0/24 maxlen: 24
                          141.101.85.0/24 maxlen: 24
                          141.101.88.0/22 maxlen: 22
                          141.101.90.0/24 maxlen: 24
                          141.101.95.0/24 maxlen: 24
                          141.101.94.0/24 maxlen: 24
                          141.101.97.0/24 maxlen: 24
                          141.101.96.0/24 maxlen: 24
                          141.101.98.0/24 maxlen: 24
                          141.101.104.0/24 maxlen: 24
                          141.101.105.0/24 maxlen: 24
                          141.101.100.0/22 maxlen: 22
                          141.101.99.0/24 maxlen: 24
                          141.101.109.0/24 maxlen: 24
                          141.101.108.0/24 maxlen: 24
                          141.101.111.0/24 maxlen: 24
                          141.101.110.0/24 maxlen: 24
                          141.101.112.0/23 maxlen: 23
                          141.101.107.0/24 maxlen: 24
                          141.101.106.0/24 maxlen: 24
                          141.101.112.0/20 maxlen: 20
                          141.101.114.0/23 maxlen: 23
                          141.101.64.0/24 maxlen: 24
                          141.101.120.0/22 maxlen: 22
                          2a06:98c0:1c04::/48 maxlen: 48
                          2a06:98c1:310b::/48 maxlen: 48
                          2a06:98c1:3101::/48 maxlen: 48
                          2a06:98c1:50::/45 maxlen: 45
                          2a06:98c1:3108::/48 maxlen: 48
                          2a06:98c1:3123::/48 maxlen: 48
                          2a06:98c1:310f::/48 maxlen: 48
                          2a06:98c0:1c01::/48 maxlen: 48
                          2a06:98c1:3100::/48 maxlen: 48
                          2a06:98c1:3200::/48 maxlen: 48
                          2a06:98c0:1c05::/48 maxlen: 48
                          2a06:98c0:1c08::/48 maxlen: 48
                          2a06:98c1:3122::/48 maxlen: 48
                          2a06:98c1:3107::/48 maxlen: 48
                          2a06:98c0:1c0c::/48 maxlen: 48
                          2a06:98c1:310e::/48 maxlen: 48
                          2a06:98c0:1c02::/48 maxlen: 48
                          2a06:98c1:3104::/48 maxlen: 48
                          2a06:98c1:3106::/48 maxlen: 48
                          2a06:98c1:3121::/48 maxlen: 48
                          2a06:98c0:1c09::/48 maxlen: 48
                          2a06:98c1:310d::/48 maxlen: 48
                          2a06:98c1:3103::/48 maxlen: 48
                          2a06:98c1:54::/48 maxlen: 48
                          2a06:98c1:310a::/48 maxlen: 48
                          2a06:98c0:1c06::/48 maxlen: 48
                          2a06:98c1:3120::/48 maxlen: 48
                          2a06:98c1:3105::/48 maxlen: 48
                          2a06:98c0:1c0a::/48 maxlen: 48
                          2a06:98c1:310c::/48 maxlen: 48
                          2a06:98c0:1c03::/48 maxlen: 48
                          2a06:98c1:3102::/48 maxlen: 48
                          2a06:98c0:1c07::/48 maxlen: 48
                          2a06:98c0:1c00::/48 maxlen: 48
                          2a06:98c1:3109::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:ff:82:d0:8d:8c:30:43:5a:21:6c:6a:73:0d:4d:5e:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99d5bfad45d7c65a6e343028509fd1892e97b9d0
        Validity
            Not Before: Sep  2 18:42:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=db84a17cd29bdcd87a006b49ee28aef6050c4467
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:21:ea:7d:52:b6:22:2e:25:f3:85:00:49:b5:
                    50:fc:c2:a7:2f:b1:05:85:9b:6f:41:fd:c7:fd:75:
                    a0:ed:3e:a6:ee:ba:36:a9:86:d2:86:4d:65:f3:9d:
                    bc:ca:c1:68:de:27:03:41:44:b3:d8:08:2c:80:6e:
                    2e:0e:fd:63:19:0b:8c:03:ae:97:61:00:0f:3c:f0:
                    4f:ff:c1:61:12:9b:de:68:1d:6e:94:12:7c:5c:63:
                    1c:8e:bb:4d:de:b1:43:88:61:58:f8:d1:f0:91:ea:
                    ba:69:2b:00:6e:39:a6:40:00:9c:2b:6d:db:9e:6f:
                    84:50:23:3f:8c:52:6f:5a:71:f2:62:4b:1b:c4:ca:
                    7a:ad:bd:f5:19:2d:1e:35:40:e7:53:aa:fc:e7:f5:
                    ee:56:5b:05:98:ed:c9:c2:81:2f:77:a7:18:49:ec:
                    fe:03:08:1e:84:42:74:ed:98:be:23:05:25:b0:f0:
                    d9:4c:30:da:99:91:fd:29:6b:9b:dd:fb:ff:c5:5a:
                    5f:ad:f0:29:06:ed:aa:2f:fb:a6:fb:72:6f:a4:01:
                    a0:41:4f:22:2f:fa:be:06:b2:7f:fc:4f:c7:b1:d6:
                    fb:cc:8d:48:b2:35:36:e0:69:f6:93:cc:c8:d4:fc:
                    98:43:f3:ad:57:23:07:c6:38:98:55:81:dd:52:27:
                    f6:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:84:A1:7C:D2:9B:DC:D8:7A:00:6B:49:EE:28:AE:F6:05:0C:44:67
            X509v3 Authority Key Identifier:
                keyid:99:D5:BF:AD:45:D7:C6:5A:6E:34:30:28:50:9F:D1:89:2E:97:B9:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/24ShfNKb3Nh6AGtJ7iiu9gUMRGc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/mdW_rUXXxlpuNDAoUJ_RiS6XudA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.101.64.0-141.101.77.255
                  141.101.82.0-141.101.85.255
                  141.101.88.0/22
                  141.101.94.0-141.101.127.255
                  188.114.96.0-188.114.104.255
                  188.114.106.0-188.114.111.255
                IPv6:
                  2a06:98c0:1c00::-2a06:98c0:1c0a:ffff:ffff:ffff:ffff:ffff
                  2a06:98c0:1c0c::/48
                  2a06:98c1:50::/45
                  2a06:98c1:3100::/44
                  2a06:98c1:3120::/46
                  2a06:98c1:3200::/48

    Signature Algorithm: sha256WithRSAEncryption
         50:8d:50:3a:60:38:31:4c:8e:d3:47:af:3d:5c:8d:9e:f8:e7:
         5e:f3:f8:57:94:de:fb:2a:69:53:9f:4c:1b:e2:5a:50:b6:39:
         13:ad:41:48:85:06:85:1a:f3:a8:7c:66:23:42:07:87:ce:74:
         94:78:a7:23:b3:e0:0d:b1:6b:ea:42:a2:da:d5:ab:11:28:ee:
         78:c1:b1:6b:82:c7:15:ae:18:9c:f8:b7:5a:67:50:ee:3a:c5:
         08:1c:5d:9d:20:e1:2a:96:12:90:d3:2a:98:52:34:5d:73:e3:
         0b:cf:70:48:c9:64:08:94:ce:2e:09:5f:87:b7:6b:08:10:67:
         29:26:5d:13:5c:6e:80:b3:94:4c:b0:01:5a:26:60:29:e1:54:
         ae:a4:84:38:fe:0f:ce:2e:91:ee:ff:7e:32:32:bf:9d:15:80:
         c8:d4:89:7f:11:ec:bc:e4:98:a4:04:42:0a:f4:0b:61:7d:f7:
         7a:ea:21:a4:ce:bd:00:54:cb:b6:08:54:9e:f9:37:84:d6:ad:
         09:ab:b1:3f:cc:ce:ea:e1:fc:15:c9:db:c1:57:55:1d:d2:f4:
         b0:6d:bc:b0:84:13:80:3f:da:23:a2:73:08:25:21:4d:dd:21:
         a0:4d:bc:f1:3b:f9:45:38:1f:76:62:bd:31:e9:75:69:08:70:
         b2:96:8c:7f
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAYL/gtCNjDBDWiFsanMNTV7QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZDViZmFkNDVkN2M2NWE2ZTM0MzAyODUwOWZkMTg5MmU5
N2I5ZDAwHhcNMjIwOTAyMTg0MjE5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjg0YTE3Y2QyOWJkY2Q4N2EwMDZiNDllZTI4YWVmNjA1MGM0NDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCHqfVK2Ii4l84UASbVQ/MKnL7EF
hZtvQf3H/XWg7T6m7ro2qYbShk1l8528ysFo3icDQUSz2AgsgG4uDv1jGQuMA66X
YQAPPPBP/8FhEpveaB1ulBJ8XGMcjrtN3rFDiGFY+NHwkeq6aSsAbjmmQACcK23b
nm+EUCM/jFJvWnHyYksbxMp6rb31GS0eNUDnU6r85/XuVlsFmO3JwoEvd6cYSez+
AwgehEJ07Zi+IwUlsPDZTDDamZH9KWub3fv/xVpfrfApBu2qL/um+3JvpAGgQU8i
L/q+BrJ//E/Hsdb7zI1IsjU24Gn2k8zI1PyYQ/OtVyMHxjiYVYHdUif2HQIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFNuEoXzSm9zYegBrSe4orvYFDERnMB8GA1UdIwQY
MBaAFJnVv61F18ZabjQwKFCf0Ykul7nQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWRXX3JVWFh4bHB1TkRBb1VKX1JpUzZYdWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC84MTcxZTMtMmQyOS00Y2I2LThhOTQt
NzU1MTgwOWNiNzMxLzEvMjRTaGZOS2IzTmg2QUd0SjdpaXU5Z1VNUkdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC84MTcxZTMtMmQyOS00Y2I2LThhOTQtNzU1MTgwOWNiNzMx
LzEvbWRXX3JVWFh4bHB1TkRBb1VKX1JpUzZYdWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDBSBAIAATBMMAwDBAaN
ZUADBAGNZUwwDAMEAY1lUgMEAY1lVAMEAo1lWDAMAwQBjWVeAwQHjWUAMAwDBAW8
cmADBAC8cmgwDAMEAbxyagMEBLxyYDBGBAIAAjBAMBEDBgIqBpjAHAMHACoGmMAc
CgMHACoGmMAcDAMHAyoGmMEAUAMHBCoGmMExAAMHAioGmMExIAMHACoGmMEyADAN
BgkqhkiG9w0BAQsFAAOCAQEAUI1QOmA4MUyO00evPVyNnvjnXvP4V5Te+yppU59M
G+JaULY5E61BSIUGhRrzqHxmI0IHh850lHinI7PgDbFr6kKi2tWrESjueMGxa4LH
Fa4YnPi3WmdQ7jrFCBxdnSDhKpYSkNMqmFI0XXPjC89wSMlkCJTOLglfh7drCBBn
KSZdE1xugLOUTLABWiZgKeFUrqSEOP4Pzi6R7v9+MjK/nRWAyNSJfxHsvOSYpARC
CvQLYX33euohpM69AFTLtghUnvk3hNatCauxP8zO6uH8FcnbwVdVHdL0sG28sIQT
gD/aI6JzCCUhTd0hoE288Tv5RTgfdmK9Mel1aQhwspaMfw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:15 2024 by rpki-client on console-fra.rpki-client.org