Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/f8314e-a3bc-45e9-a9f5-4c98d9a51405/1/oQ7_grrkcO4DYVA4OzNftGTQlf8.roa
File:                     oQ7_grrkcO4DYVA4OzNftGTQlf8.roa (raw, json)
Hash identifier:          /bGTa8VTNWNc44cPL2kwB13izpurJHPJcabifE7YXMQ=
Subject key identifier:   A1:0E:FF:82:BA:E4:70:EE:03:61:50:38:3B:33:5F:B4:64:D0:95:FF
Certificate issuer:       /CN=c441738baab988b1d68693bb05e29bfbb4f0f671
Certificate serial:       01836942807286A7408CC15313F570534090
Authority key identifier: C4:41:73:8B:AA:B9:88:B1:D6:86:93:BB:05:E2:9B:FB:B4:F0:F6:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xEFzi6q5iLHWhpO7BeKb-7Tw9nE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/f8314e-a3bc-45e9-a9f5-4c98d9a51405/1/oQ7_grrkcO4DYVA4OzNftGTQlf8.roa
Signing time:             Fri 23 Sep 2022 07:31:49 +0000
ROA not before:           Fri 23 Sep 2022 07:31:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39912
IP address blocks:        92.63.208.0/22 maxlen: 24
                          195.137.238.0/23 maxlen: 23
                          195.137.238.0/24 maxlen: 24
                          92.63.212.0/24 maxlen: 24
                          92.63.218.0/24 maxlen: 24
                          92.63.217.0/24 maxlen: 24
                          92.63.214.0/23 maxlen: 23
                          92.63.216.0/21 maxlen: 21
                          81.94.48.0/22 maxlen: 22
                          81.94.56.0/24 maxlen: 24
                          81.94.56.0/21 maxlen: 21
                          81.94.52.0/23 maxlen: 24
                          81.94.54.0/24 maxlen: 24
                          95.143.80.0/20 maxlen: 20
                          213.139.252.0/22 maxlen: 22
                          195.140.136.0/22 maxlen: 22
                          78.142.96.0/20 maxlen: 24
                          78.142.112.0/22 maxlen: 22
                          78.142.116.0/23 maxlen: 23
                          78.142.122.0/23 maxlen: 23
                          78.142.124.0/22 maxlen: 22
                          77.220.112.0/22 maxlen: 22
                          77.220.111.0/24 maxlen: 24
                          77.220.120.0/21 maxlen: 21
                          92.42.16.0/22 maxlen: 22
                          91.206.224.0/23 maxlen: 23
                          77.220.96.0/20 maxlen: 20
                          77.220.105.0/24 maxlen: 24
                          93.185.128.0/20 maxlen: 24
                          195.16.224.0/21 maxlen: 21
                          195.16.232.0/22 maxlen: 24
                          195.16.236.0/23 maxlen: 23
                          195.16.238.0/24 maxlen: 24
                          195.16.246.0/23 maxlen: 23
                          195.16.245.0/24 maxlen: 24
                          195.16.242.0/23 maxlen: 23
                          195.16.241.0/24 maxlen: 24
                          195.16.251.0/24 maxlen: 24
                          195.16.253.0/24 maxlen: 24
                          195.16.254.0/23 maxlen: 23
                          37.186.4.0/24 maxlen: 24
                          37.186.0.0/22 maxlen: 22
                          78.142.64.0/23 maxlen: 23
                          37.186.6.0/23 maxlen: 23
                          37.186.8.0/21 maxlen: 21
                          78.142.68.0/22 maxlen: 22
                          37.186.16.0/21 maxlen: 21
                          78.142.72.0/21 maxlen: 21
                          2a00:eb0::/32 maxlen: 32
                          2a01:100::/32 maxlen: 48
                          2a01:f8::/32 maxlen: 32
                          2a00:e98::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:69:42:80:72:86:a7:40:8c:c1:53:13:f5:70:53:40:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c441738baab988b1d68693bb05e29bfbb4f0f671
        Validity
            Not Before: Sep 23 07:31:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a10eff82bae470ee036150383b335fb464d095ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:b7:90:ea:ae:9c:92:2e:ff:d5:b9:d3:75:81:
                    c8:75:3f:ad:bc:b1:2c:31:73:c8:80:bb:39:2f:78:
                    3e:7e:7e:4e:18:df:8e:97:7d:ad:09:c5:5b:98:c6:
                    83:34:50:8d:ca:76:0f:4f:ea:4d:b7:6b:f2:36:77:
                    ef:60:7f:90:07:80:9d:cf:9e:e7:26:e2:29:ce:70:
                    91:0d:b3:c7:b1:77:44:d4:88:42:04:ac:75:0a:8a:
                    a1:d2:90:02:84:2a:c8:d1:cd:a4:4e:30:4a:1b:42:
                    12:1f:d7:76:60:71:6b:ae:6e:69:e4:ae:7d:48:57:
                    32:0d:9b:ec:2a:47:c3:94:c4:a9:55:3a:4b:97:c3:
                    2b:8d:a2:f5:74:60:d3:a5:db:16:7f:0e:a8:10:79:
                    75:dd:23:93:e8:92:8a:ab:8f:f0:b8:04:26:8b:cc:
                    d7:86:4c:f2:8d:12:71:15:8d:e5:e1:17:55:73:f5:
                    93:b3:f9:a9:ca:41:55:65:60:ba:fd:9c:b8:72:39:
                    97:a1:6d:1f:4a:70:a1:6e:26:43:29:93:d9:65:43:
                    08:f0:60:b0:f0:3d:1e:d5:01:9a:a7:d4:ae:b2:d2:
                    12:c4:b1:25:a1:e9:c8:e0:68:85:65:4c:94:c3:cd:
                    a0:ea:64:cd:4d:f6:de:72:a5:d8:11:61:2a:db:fa:
                    61:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:0E:FF:82:BA:E4:70:EE:03:61:50:38:3B:33:5F:B4:64:D0:95:FF
            X509v3 Authority Key Identifier:
                keyid:C4:41:73:8B:AA:B9:88:B1:D6:86:93:BB:05:E2:9B:FB:B4:F0:F6:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xEFzi6q5iLHWhpO7BeKb-7Tw9nE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/f8314e-a3bc-45e9-a9f5-4c98d9a51405/1/oQ7_grrkcO4DYVA4OzNftGTQlf8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/f8314e-a3bc-45e9-a9f5-4c98d9a51405/1/xEFzi6q5iLHWhpO7BeKb-7Tw9nE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.186.0.0-37.186.4.255
                  37.186.6.0-37.186.23.255
                  77.220.96.0-77.220.115.255
                  77.220.120.0/21
                  78.142.64.0/23
                  78.142.68.0-78.142.79.255
                  78.142.96.0-78.142.117.255
                  78.142.122.0-78.142.127.255
                  81.94.48.0-81.94.54.255
                  81.94.56.0/21
                  91.206.224.0/23
                  92.42.16.0/22
                  92.63.208.0-92.63.212.255
                  92.63.214.0-92.63.223.255
                  93.185.128.0/20
                  95.143.80.0/20
                  195.16.224.0-195.16.238.255
                  195.16.241.0-195.16.243.255
                  195.16.245.0-195.16.247.255
                  195.16.251.0/24
                  195.16.253.0-195.16.255.255
                  195.137.238.0/23
                  195.140.136.0/22
                  213.139.252.0/22
                IPv6:
                  2a00:e98::/32
                  2a00:eb0::/32
                  2a01:f8::/32
                  2a01:100::/32

    Signature Algorithm: sha256WithRSAEncryption
         50:62:6b:25:c1:32:62:8c:c3:f3:ca:f8:9c:df:26:c1:e6:26:
         13:6a:5c:2b:22:70:b8:1e:f4:1a:5b:f5:51:52:ff:7d:b4:40:
         63:41:99:b0:9f:d8:a7:22:5d:26:0c:c3:3a:b5:ed:75:fc:6b:
         98:2a:f9:5e:bb:ae:e1:09:a3:63:e0:d9:58:b3:90:2e:c1:1e:
         40:bd:cf:72:e0:34:25:55:f6:04:95:77:47:af:56:f5:ff:14:
         d0:c1:fb:3c:bc:f7:45:34:e9:79:4c:2c:93:68:d5:66:75:c9:
         6d:09:d9:4b:2f:24:48:ab:02:d5:0c:19:e8:f4:c0:9e:07:fc:
         da:c5:38:c3:d4:62:3c:bf:5c:a9:e3:a9:bb:20:d3:45:00:e1:
         ac:fb:88:87:ba:c1:01:1a:21:0d:89:8a:3c:1c:57:02:78:3d:
         67:24:b1:3a:e8:52:b0:d9:65:53:e2:a9:86:53:c2:e5:ba:51:
         b9:48:ed:c8:ce:16:5a:7c:bf:d4:82:d4:ca:ab:3d:f4:c6:7b:
         34:f7:77:ac:b6:88:17:f2:05:ae:18:25:a2:f5:dc:a5:15:f2:
         b7:3f:fe:a7:a5:3e:ab:c0:a7:32:51:da:90:3b:d8:3c:e6:de:
         0c:8e:09:14:84:c6:80:d9:e8:76:7b:c6:14:5b:d0:26:c5:04:
         6d:e3:03:e9
-----BEGIN CERTIFICATE-----
MIIGGTCCBQGgAwIBAgISAYNpQoByhqdAjMFTE/VwU0CQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NDE3MzhiYWFiOTg4YjFkNjg2OTNiYjA1ZTI5YmZiYjRm
MGY2NzEwHhcNMjIwOTIzMDczMTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTBlZmY4MmJhZTQ3MGVlMDM2MTUwMzgzYjMzNWZiNDY0ZDA5NWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7eQ6q6cki7/1bnTdYHIdT+tvLEs
MXPIgLs5L3g+fn5OGN+Ol32tCcVbmMaDNFCNynYPT+pNt2vyNnfvYH+QB4Cdz57n
JuIpznCRDbPHsXdE1IhCBKx1Coqh0pAChCrI0c2kTjBKG0ISH9d2YHFrrm5p5K59
SFcyDZvsKkfDlMSpVTpLl8MrjaL1dGDTpdsWfw6oEHl13SOT6JKKq4/wuAQmi8zX
hkzyjRJxFY3l4RdVc/WTs/mpykFVZWC6/Zy4cjmXoW0fSnChbiZDKZPZZUMI8GCw
8D0e1QGap9SustISxLEloenI4GiFZUyUw82g6mTNTfbecqXYEWEq2/phvQIDAQAB
o4IDJTCCAyEwHQYDVR0OBBYEFKEO/4K65HDuA2FQODszX7Rk0JX/MB8GA1UdIwQY
MBaAFMRBc4uquYix1oaTuwXim/u08PZxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEVGemk2cTVpTEhXaHBPN0JlS2ItN1R3OW5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9mODMxNGUtYTNiYy00NWU5LWE5ZjUt
NGM5OGQ5YTUxNDA1LzEvb1E3X2dycmtjTzREWVZBNE96TmZ0R1RRbGY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9mODMxNGUtYTNiYy00NWU5LWE5ZjUtNGM5OGQ5YTUxNDA1
LzEveEVGemk2cTVpTEhXaHBPN0JlS2ItN1R3OW5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOQYIKwYBBQUHAQcBAf8EggEoMIIBJDCB/QQCAAEwgfYw
CwMDASW6AwQAJboEMAwDBAElugYDBAMluhAwDAMEBU3cYAMEAk3ccAMEA03ceAME
AU6OQDAMAwQCTo5EAwQETo5AMAwDBAVOjmADBAFOjnQwDAMEAU6OegMEB06OADAM
AwQEUV4wAwQAUV42AwQDUV44AwQBW87gAwQCXCoQMAwDBARcP9ADBABcP9QwDAME
AVw/1gMEBVw/wAMEBF25gAMEBF+PUDAMAwQFwxDgAwQAwxDuMAwDBADDEPEDBALD
EPAwDAMEAMMQ9QMEA8MQ8AMEAMMQ+zALAwQAwxD9AwMAwxADBAHDie4DBALDjIgD
BALVi/wwIgQCAAIwHAMFACoADpgDBQAqAA6wAwUAKgEA+AMFACoBAQAwDQYJKoZI
hvcNAQELBQADggEBAFBiayXBMmKMw/PK+JzfJsHmJhNqXCsicLge9Bpb9VFS/320
QGNBmbCf2KciXSYMwzq17XX8a5gq+V67ruEJo2Pg2VizkC7BHkC9z3LgNCVV9gSV
d0evVvX/FNDB+zy890U06XlMLJNo1WZ1yW0J2UsvJEirAtUMGej0wJ4H/NrFOMPU
Yjy/XKnjqbsg00UA4az7iIe6wQEaIQ2JijwcVwJ4PWcksTroUrDZZVPiqYZTwuW6
UblI7cjOFlp8v9SC1MqrPfTGezT3d6y2iBfyBa4YJaL13KUV8rc//qelPqvApzJR
2pA72Dzm3gyOCRSExoDZ6HZ7xhRb0CbFBG3jA+k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:38 2024 by rpki-client on console-fra.rpki-client.org