Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/ImHAQuuKR_4da6axXlZ2HoLC0fQ.roa
File:                     ImHAQuuKR_4da6axXlZ2HoLC0fQ.roa (raw, json)
Hash identifier:          1SYATTKp8t8MYBjSFp1Dvpzdg7f5mVmJ3f5Yr+LRlEk=
Subject key identifier:   22:61:C0:42:EB:8A:47:FE:1D:6B:A6:B1:5E:56:76:1E:82:C2:D1:F4
Certificate issuer:       /CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Certificate serial:       1268DA66
Authority key identifier: 41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/ImHAQuuKR_4da6axXlZ2HoLC0fQ.roa
Signing time:             Wed 25 May 2022 12:47:14 +0000
ROA not before:           Wed 25 May 2022 12:47:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     198610
IP address blocks:        45.80.68.0/24 maxlen: 24
                          45.80.69.0/24 maxlen: 24
                          45.80.70.0/24 maxlen: 24
                          45.80.71.0/24 maxlen: 24
                          45.147.176.0/24 maxlen: 24
                          45.147.177.0/24 maxlen: 24
                          45.147.178.0/24 maxlen: 24
                          45.147.179.0/24 maxlen: 24
                          5.181.109.0/24 maxlen: 24
                          5.181.110.0/24 maxlen: 24
                          5.181.111.0/24 maxlen: 24
                          5.181.108.0/24 maxlen: 24
                          45.141.77.0/24 maxlen: 24
                          45.141.78.0/24 maxlen: 24
                          45.141.76.0/24 maxlen: 24
                          45.67.57.0/24 maxlen: 24
                          45.67.58.0/24 maxlen: 24
                          45.141.79.0/24 maxlen: 24
                          45.67.56.0/24 maxlen: 24
                          45.67.59.0/24 maxlen: 24
                          185.19.204.0/24 maxlen: 24
                          185.19.205.0/24 maxlen: 24
                          185.19.206.0/24 maxlen: 24
                          185.19.207.0/24 maxlen: 24
                          193.168.46.0/24 maxlen: 24
                          193.168.47.0/24 maxlen: 24
                          193.168.48.0/24 maxlen: 24
                          45.12.16.0/24 maxlen: 24
                          45.12.17.0/24 maxlen: 24
                          45.12.18.0/24 maxlen: 24
                          45.12.19.0/24 maxlen: 24
                          95.214.61.0/24 maxlen: 24
                          95.214.62.0/24 maxlen: 24
                          95.214.63.0/24 maxlen: 24
                          95.214.60.0/24 maxlen: 24
                          81.200.112.0/24 maxlen: 24
                          81.200.113.0/24 maxlen: 24
                          213.139.208.0/24 maxlen: 24
                          81.200.114.0/24 maxlen: 24
                          213.139.209.0/24 maxlen: 24
                          81.200.115.0/24 maxlen: 24
                          81.200.116.0/24 maxlen: 24
                          81.200.118.0/24 maxlen: 24
                          213.139.210.0/24 maxlen: 24
                          213.139.211.0/24 maxlen: 24
                          81.200.117.0/24 maxlen: 24
                          81.200.119.0/24 maxlen: 24
                          91.106.206.0/24 maxlen: 24
                          91.106.200.0/21 maxlen: 21
                          91.106.200.0/24 maxlen: 24
                          91.106.201.0/24 maxlen: 24
                          91.106.202.0/24 maxlen: 24
                          91.106.203.0/24 maxlen: 24
                          91.106.204.0/24 maxlen: 24
                          91.106.205.0/24 maxlen: 24
                          91.106.207.0/24 maxlen: 24
                          62.113.97.0/24 maxlen: 24
                          62.113.98.0/24 maxlen: 24
                          62.113.96.0/24 maxlen: 24
                          62.113.104.0/24 maxlen: 24
                          62.113.105.0/24 maxlen: 24
                          62.113.99.0/24 maxlen: 24
                          62.113.100.0/24 maxlen: 24
                          62.113.101.0/24 maxlen: 24
                          62.113.102.0/24 maxlen: 24
                          62.113.103.0/24 maxlen: 24
                          62.113.110.0/24 maxlen: 24
                          62.113.111.0/24 maxlen: 24
                          62.113.106.0/24 maxlen: 24
                          62.113.107.0/24 maxlen: 24
                          62.113.108.0/24 maxlen: 24
                          62.113.109.0/24 maxlen: 24
                          193.200.72.0/24 maxlen: 24
                          193.200.73.0/24 maxlen: 24
                          193.200.74.0/24 maxlen: 24
                          193.200.75.0/24 maxlen: 24
                          217.172.24.0/24 maxlen: 24
                          217.172.27.0/24 maxlen: 24
                          217.172.25.0/24 maxlen: 24
                          217.172.26.0/24 maxlen: 24
                          185.78.30.0/24 maxlen: 24
                          185.78.28.0/22 maxlen: 22
                          185.78.31.0/24 maxlen: 24
                          185.78.28.0/24 maxlen: 24
                          185.78.29.0/24 maxlen: 24
                          45.84.224.0/24 maxlen: 24
                          45.84.225.0/24 maxlen: 24
                          45.84.226.0/24 maxlen: 24
                          45.84.227.0/24 maxlen: 24
                          185.225.34.0/24 maxlen: 24
                          185.225.35.0/24 maxlen: 24
                          185.225.32.0/24 maxlen: 24
                          185.225.33.0/24 maxlen: 24
                          185.50.24.0/24 maxlen: 24
                          185.50.24.0/22 maxlen: 22
                          45.90.32.0/24 maxlen: 24
                          45.90.33.0/24 maxlen: 24
                          45.90.34.0/24 maxlen: 24
                          45.90.35.0/24 maxlen: 24
                          5.101.153.244/32 maxlen: 32
                          87.236.17.122/32 maxlen: 32
                          5.101.153.242/32 maxlen: 32
                          185.50.25.0/24 maxlen: 24
                          185.50.26.0/24 maxlen: 24
                          185.50.27.0/24 maxlen: 24
                          45.130.42.0/24 maxlen: 24
                          45.130.43.0/24 maxlen: 24
                          45.130.40.0/24 maxlen: 24
                          45.130.41.0/24 maxlen: 24
                          193.176.76.0/24 maxlen: 24
                          193.176.77.0/24 maxlen: 24
                          193.176.78.0/24 maxlen: 24
                          193.176.79.0/24 maxlen: 24
                          5.101.154.191/32 maxlen: 32
                          31.129.98.0/24 maxlen: 24
                          31.129.96.0/24 maxlen: 24
                          87.236.16.0/24 maxlen: 24
                          87.236.17.0/24 maxlen: 24
                          87.236.16.0/21 maxlen: 21
                          87.236.21.0/24 maxlen: 24
                          87.236.22.0/24 maxlen: 24
                          87.236.23.0/24 maxlen: 24
                          87.236.18.0/24 maxlen: 24
                          87.236.19.0/24 maxlen: 24
                          87.236.20.0/24 maxlen: 24
                          5.101.152.0/24 maxlen: 24
                          5.101.152.0/21 maxlen: 21
                          5.101.153.0/24 maxlen: 24
                          5.101.154.0/24 maxlen: 24
                          5.101.155.0/24 maxlen: 24
                          5.101.156.0/24 maxlen: 24
                          5.101.157.0/24 maxlen: 24
                          5.101.158.0/24 maxlen: 24
                          5.101.159.0/24 maxlen: 24
                          2a04:bac0::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 308861542 (0x1268da66)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
        Validity
            Not Before: May 25 12:47:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2261c042eb8a47fe1d6ba6b15e56761e82c2d1f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:65:cb:a1:d3:8e:20:d1:3f:c3:ee:b4:34:2b:
                    b5:c4:06:7a:46:64:95:5c:f1:7b:de:19:24:44:56:
                    21:02:3f:74:02:48:89:08:71:72:91:ec:44:fb:68:
                    12:5d:aa:bf:ea:e7:71:9c:a8:74:1a:2e:e3:b5:bb:
                    57:62:d5:c7:bb:11:dc:de:48:c5:52:1f:9e:85:29:
                    2f:41:67:18:1f:22:88:61:8e:7f:30:49:6d:f7:ff:
                    a7:db:a4:73:43:58:09:04:a1:6f:af:51:c5:2a:db:
                    d6:4c:fb:4e:5a:84:1e:3e:d8:53:91:7f:0f:86:ea:
                    28:8c:f8:4c:2e:b7:4a:a1:df:d3:af:c3:18:40:17:
                    3e:23:31:8d:45:1e:5f:d7:75:94:f3:5f:08:26:5f:
                    f9:99:3f:20:37:90:ff:32:ef:f8:07:a2:07:15:90:
                    22:1a:4c:ba:67:ab:aa:3a:a6:1d:64:c7:ed:11:8e:
                    b9:95:87:42:61:5a:f8:ae:be:65:d1:af:95:76:40:
                    9d:c5:49:0a:87:f2:13:42:c0:17:ec:40:d0:4f:46:
                    d6:1d:8e:ad:87:33:cd:75:3e:32:52:3d:e1:e4:2c:
                    3f:d7:5f:3f:2b:3c:e5:84:f7:c4:f9:3e:3b:94:b1:
                    fd:02:c9:ed:eb:3e:ad:c1:9a:17:46:d0:46:63:9f:
                    c4:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:61:C0:42:EB:8A:47:FE:1D:6B:A6:B1:5E:56:76:1E:82:C2:D1:F4
            X509v3 Authority Key Identifier:
                keyid:41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/ImHAQuuKR_4da6axXlZ2HoLC0fQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.101.152.0/21
                  5.181.108.0/22
                  31.129.96.0/24
                  31.129.98.0/24
                  45.12.16.0/22
                  45.67.56.0/22
                  45.80.68.0/22
                  45.84.224.0/22
                  45.90.32.0/22
                  45.130.40.0/22
                  45.141.76.0/22
                  45.147.176.0/22
                  62.113.96.0/20
                  81.200.112.0/21
                  87.236.16.0/21
                  91.106.200.0/21
                  95.214.60.0/22
                  185.19.204.0/22
                  185.50.24.0/22
                  185.78.28.0/22
                  185.225.32.0/22
                  193.168.46.0-193.168.48.255
                  193.176.76.0/22
                  193.200.72.0/22
                  213.139.208.0/22
                  217.172.24.0/22
                IPv6:
                  2a04:bac0::/29

    Signature Algorithm: sha256WithRSAEncryption
         ad:be:0a:ea:91:4f:97:e5:47:b3:1a:c1:98:59:29:25:8d:d1:
         e9:15:7d:3d:46:ce:81:8d:cb:d5:b5:2b:b7:3d:d6:55:59:ff:
         19:c1:ef:48:2c:72:7e:ed:d4:41:0d:77:44:98:41:e1:4f:bb:
         0b:a9:50:f0:ac:24:da:27:ba:4a:4b:12:1e:34:e9:06:c1:e7:
         1b:fd:d9:b0:2a:d8:2e:dd:d4:72:8a:67:85:41:f6:46:ba:ee:
         e8:fc:84:19:aa:4f:01:05:66:9d:b6:0d:df:84:5d:be:85:ae:
         04:35:55:87:9d:7d:55:ee:75:6b:51:fe:85:17:9d:54:15:44:
         6c:fe:6f:30:27:f4:9a:82:86:cc:ff:7c:11:3c:02:8e:e0:bc:
         89:c3:25:32:08:ea:55:a0:7f:0d:ce:2d:7b:84:0f:0a:16:00:
         67:d8:38:e1:07:95:f8:46:c9:49:75:45:6d:b8:bb:0f:f8:59:
         27:94:68:7f:e0:91:64:56:b0:1e:38:a2:89:f8:54:8a:03:be:
         f4:54:5f:83:4e:ab:a3:23:c1:d0:2c:2e:d8:f2:44:bf:7e:f2:
         45:ba:0f:f5:4e:ce:8a:4c:ec:fb:37:10:74:e0:9b:b3:1c:28:
         dd:70:cb:03:26:2e:13:9f:08:01:d8:e3:41:ce:2b:09:65:b9:
         43:b6:d8:c6
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgIEEmjaZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MTczZWViOGQwMmY1ZjY0Nzg4YjNmZGM3OGQ2YmFiOGE1NWZkMTZhMB4XDTIyMDUy
NTEyNDcxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjI2MWMwNDJlYjhh
NDdmZTFkNmJhNmIxNWU1Njc2MWU4MmMyZDFmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBly6HTjiDRP8PutDQrtcQGekZklVzxe94ZJERWIQI/dAJI
iQhxcpHsRPtoEl2qv+rncZyodBou47W7V2LVx7sR3N5IxVIfnoUpL0FnGB8iiGGO
fzBJbff/p9ukc0NYCQShb69RxSrb1kz7TlqEHj7YU5F/D4bqKIz4TC63SqHf06/D
GEAXPiMxjUUeX9d1lPNfCCZf+Zk/IDeQ/zLv+AeiBxWQIhpMumerqjqmHWTH7RGO
uZWHQmFa+K6+ZdGvlXZAncVJCofyE0LAF+xA0E9G1h2OrYczzXU+MlI94eQsP9df
Pys85YT3xPk+O5Sx/QLJ7es+rcGaF0bQRmOfxEECAwEAAaOCArswggK3MB0GA1Ud
DgQWBBQiYcBC64pH/h1rprFeVnYegsLR9DAfBgNVHSMEGDAWgBRBc+640C9fZHiL
P9x41rq4pV/RajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FYUHV1TkF2WDJSNGl6X2NlTmE2dUtWZjBXby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvNDg5MmE5LTNiMzctNGQzOS05YzJiLWQ4M2VkMTQwZDI4ZC8x
L0ltSEFRdXVLUl80ZGE2YXhYbFoySG9MQzBmUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
NDg5MmE5LTNiMzctNGQzOS05YzJiLWQ4M2VkMTQwZDI4ZC8xL1FYUHV1TkF2WDJS
NGl6X2NlTmE2dUtWZjBXby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
0AYIKwYBBQUHAQcBAf8EgcAwgb0wgasEAgABMIGkAwQDBWWYAwQCBbVsAwQAH4Fg
AwQAH4FiAwQCLQwQAwQCLUM4AwQCLVBEAwQCLVTgAwQCLVogAwQCLYIoAwQCLY1M
AwQCLZOwAwQEPnFgAwQDUchwAwQDV+wQAwQDW2rIAwQCX9Y8AwQCuRPMAwQCuTIY
AwQCuU4cAwQCueEgMAwDBAHBqC4DBADBqDADBALBsEwDBALByEgDBALVi9ADBALZ
rBgwDQQCAAIwBwMFAyoEusAwDQYJKoZIhvcNAQELBQADggEBAK2+CuqRT5flR7Ma
wZhZKSWN0ekVfT1GzoGNy9W1K7c91lVZ/xnB70gscn7t1EENd0SYQeFPuwupUPCs
JNonukpLEh406QbB5xv92bAq2C7d1HKKZ4VB9ka67uj8hBmqTwEFZp22Dd+EXb6F
rgQ1VYedfVXudWtR/oUXnVQVRGz+bzAn9JqChsz/fBE8Ao7gvInDJTII6lWgfw3O
LXuEDwoWAGfYOOEHlfhGyUl1RW24uw/4WSeUaH/gkWRWsB44oon4VIoDvvRUX4NO
q6MjwdAsLtjyRL9+8kW6D/VOzopM7Ps3EHTgm7McKN1wywMmLhOfCAHY40HOKwll
uUO22MY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:20 2024 by rpki-client on console-ams.rpki-client.org