Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/6b9ee8-924b-4a31-a464-9f99c1477fbe/1/ymPRNHK0_UOWytWrpHO963-taXc.roa
File:                     ymPRNHK0_UOWytWrpHO963-taXc.roa (raw, json)
Hash identifier:          owQOETqQjpxLs0CWIyI5IAFD0pQnbf4PVSAYpONaXPk=
Subject key identifier:   CA:63:D1:34:72:B4:FD:43:96:CA:D5:AB:A4:73:BD:EB:7F:AD:69:77
Certificate issuer:       /CN=681ce4d99ba8ebb91a794abfcbdd15bde09c99f8
Certificate serial:       096B54C3
Authority key identifier: 68:1C:E4:D9:9B:A8:EB:B9:1A:79:4A:BF:CB:DD:15:BD:E0:9C:99:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aBzk2Zuo67kaeUq_y90VveCcmfg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/6b9ee8-924b-4a31-a464-9f99c1477fbe/1/ymPRNHK0_UOWytWrpHO963-taXc.roa
Signing time:             Thu 05 May 2022 09:58:56 +0000
ROA not before:           Thu 05 May 2022 09:58:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     6752
IP address blocks:        80.80.85.0/24 maxlen: 24
                          80.80.84.0/22 maxlen: 22
                          80.80.84.0/24 maxlen: 24
                          80.80.92.0/22 maxlen: 22
                          185.87.36.0/22 maxlen: 22
                          185.33.0.0/22 maxlen: 22
                          194.158.64.0/22 maxlen: 22
                          194.158.64.0/24 maxlen: 24
                          194.158.64.0/19 maxlen: 19
                          194.158.68.0/22 maxlen: 22
                          194.158.78.0/24 maxlen: 24
                          194.158.72.0/23 maxlen: 23
                          194.158.72.0/22 maxlen: 22
                          194.158.76.0/22 maxlen: 22
                          185.87.40.0/22 maxlen: 22
                          185.87.44.0/22 maxlen: 22
                          188.241.26.0/23 maxlen: 23
                          91.187.64.0/19 maxlen: 19
                          91.187.64.0/22 maxlen: 22
                          91.187.68.0/22 maxlen: 22
                          91.187.76.0/22 maxlen: 22
                          91.187.72.0/22 maxlen: 22
                          91.187.84.0/22 maxlen: 22
                          91.187.83.0/24 maxlen: 24
                          91.187.80.0/22 maxlen: 22
                          91.187.88.0/22 maxlen: 22
                          89.150.4.0/22 maxlen: 22
                          89.150.2.0/23 maxlen: 23
                          89.150.8.0/22 maxlen: 22
                          89.150.12.0/22 maxlen: 22
                          91.187.93.0/24 maxlen: 24
                          91.187.92.0/22 maxlen: 22
                          185.194.56.0/22 maxlen: 22
                          46.172.224.0/19 maxlen: 19
                          46.172.232.0/22 maxlen: 22
                          185.4.52.0/22 maxlen: 22
                          185.132.200.0/22 maxlen: 22
                          109.111.96.0/22 maxlen: 22
                          109.111.96.0/19 maxlen: 19
                          109.111.100.0/22 maxlen: 22
                          109.111.104.0/22 maxlen: 22
                          109.111.108.0/22 maxlen: 22
                          109.111.112.0/22 maxlen: 22
                          109.111.111.0/24 maxlen: 24
                          109.111.116.0/22 maxlen: 22
                          85.94.164.0/22 maxlen: 22
                          109.111.124.0/22 maxlen: 22
                          109.111.120.0/22 maxlen: 22
                          85.94.160.0/19 maxlen: 19
                          85.94.160.0/22 maxlen: 22
                          85.94.168.0/22 maxlen: 22
                          85.94.172.0/22 maxlen: 22
                          85.94.176.0/22 maxlen: 22
                          85.94.184.0/22 maxlen: 22
                          85.94.180.0/22 maxlen: 22
                          194.158.80.0/22 maxlen: 22
                          194.158.84.0/22 maxlen: 22
                          194.158.84.0/24 maxlen: 24
                          194.158.85.0/24 maxlen: 24
                          194.158.88.0/22 maxlen: 22
                          194.158.95.0/24 maxlen: 24
                          194.158.92.0/22 maxlen: 22
                          85.94.188.0/22 maxlen: 22
                          46.175.158.0/24 maxlen: 24
                          46.175.157.0/24 maxlen: 24
                          46.175.156.0/24 maxlen: 24
                          46.175.156.0/22 maxlen: 22
                          46.175.159.0/24 maxlen: 24
                          2a02:8060::/31 maxlen: 31

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 158028995 (0x96b54c3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=681ce4d99ba8ebb91a794abfcbdd15bde09c99f8
        Validity
            Not Before: May  5 09:58:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ca63d13472b4fd4396cad5aba473bdeb7fad6977
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:51:07:42:dc:31:c9:5b:16:56:3d:62:17:a4:
                    1d:4b:45:61:2b:c3:11:67:8d:39:f8:af:e5:08:78:
                    7f:be:6a:6b:d9:ca:24:46:56:d8:a0:8c:12:e3:69:
                    9a:f3:c2:d2:39:ac:63:aa:91:59:1e:2b:43:00:a5:
                    87:cc:2c:d7:ee:28:e5:f9:0e:3a:4a:9c:db:05:c5:
                    95:65:7f:17:91:78:72:1d:16:5b:89:bb:db:ef:d8:
                    16:e2:b8:91:f0:9c:22:20:08:62:77:c6:06:b2:3d:
                    3c:cd:26:0d:ae:a7:2a:04:28:3a:08:b2:1a:e6:a5:
                    d1:ef:a8:48:14:e0:28:ad:d2:26:35:9f:53:d7:87:
                    ad:f9:87:e0:5d:d5:a7:0b:ae:68:09:cb:9b:80:b9:
                    e8:e2:3c:b1:1f:f4:d4:2f:ce:d9:cd:76:2e:5e:57:
                    27:1d:e1:ff:a2:32:8f:ed:8a:34:7c:42:44:eb:03:
                    d1:59:b8:be:c7:07:e3:60:f9:aa:4b:51:e2:c6:d0:
                    30:4b:13:51:09:b0:19:9f:5b:00:63:7a:0a:f4:5f:
                    eb:30:da:96:31:d6:c7:d6:52:79:b9:e5:1d:b2:78:
                    bf:96:29:31:f3:77:4a:40:bc:15:55:4f:e2:0b:9b:
                    ec:0b:01:16:f3:dd:24:1f:36:63:a1:c7:f0:e5:12:
                    a0:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:63:D1:34:72:B4:FD:43:96:CA:D5:AB:A4:73:BD:EB:7F:AD:69:77
            X509v3 Authority Key Identifier:
                keyid:68:1C:E4:D9:9B:A8:EB:B9:1A:79:4A:BF:CB:DD:15:BD:E0:9C:99:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aBzk2Zuo67kaeUq_y90VveCcmfg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/6b9ee8-924b-4a31-a464-9f99c1477fbe/1/ymPRNHK0_UOWytWrpHO963-taXc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/6b9ee8-924b-4a31-a464-9f99c1477fbe/1/aBzk2Zuo67kaeUq_y90VveCcmfg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.172.224.0/19
                  46.175.156.0/22
                  80.80.84.0/22
                  80.80.92.0/22
                  85.94.160.0/19
                  89.150.2.0-89.150.15.255
                  91.187.64.0/19
                  109.111.96.0/19
                  185.4.52.0/22
                  185.33.0.0/22
                  185.87.36.0-185.87.47.255
                  185.132.200.0/22
                  185.194.56.0/22
                  188.241.26.0/23
                  194.158.64.0/19
                IPv6:
                  2a02:8060::/31

    Signature Algorithm: sha256WithRSAEncryption
         44:6a:18:9e:c7:d3:b5:dc:21:5f:31:6c:00:06:1e:53:12:19:
         0b:1b:8d:d3:aa:6a:9b:82:c8:23:fd:41:95:9b:dd:99:71:2d:
         13:68:1f:92:13:65:5f:af:5a:d6:2e:eb:12:13:12:ad:b9:85:
         70:08:94:ec:e5:e4:14:99:d1:f7:d6:b3:39:e1:07:ef:7b:2b:
         9c:e9:9b:ba:9e:98:71:cc:d2:a4:7c:58:fa:dd:28:dd:e7:21:
         ba:d5:b7:fb:4e:dd:f0:e1:bb:be:ab:ec:a9:b9:65:52:5a:10:
         a0:8b:9f:2d:b0:c3:c1:fb:ba:a8:12:2f:85:49:c3:77:a4:5c:
         56:4c:ed:40:d9:79:5d:2a:83:ed:24:0f:d6:a8:09:aa:e1:76:
         bd:7d:fc:9e:5c:dd:1d:2e:2c:eb:0b:8e:db:7d:c7:76:21:2c:
         fc:74:b6:1f:76:6f:18:38:8e:0b:33:90:2a:14:3e:c7:4a:be:
         c6:73:02:2f:e7:8d:2a:54:5c:0e:16:2e:d0:af:8f:d8:d8:f7:
         5d:6f:ea:0e:fa:83:a4:4f:48:6d:ee:e7:e9:06:f5:11:49:56:
         19:a1:70:8f:4d:4b:59:2f:d8:c3:7b:f1:c3:b7:50:eb:ed:7b:
         4b:50:64:ee:21:86:ed:00:be:a7:6f:a4:af:a7:d4:ce:a4:14:
         1a:1b:3f:f1
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgIECWtUwzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ODFjZTRkOTliYThlYmI5MWE3OTRhYmZjYmRkMTViZGUwOWM5OWY4MB4XDTIyMDUw
NTA5NTg1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2E2M2QxMzQ3MmI0
ZmQ0Mzk2Y2FkNWFiYTQ3M2JkZWI3ZmFkNjk3NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKxRB0LcMclbFlY9YhekHUtFYSvDEWeNOfiv5Qh4f75qa9nK
JEZW2KCMEuNpmvPC0jmsY6qRWR4rQwClh8ws1+4o5fkOOkqc2wXFlWV/F5F4ch0W
W4m72+/YFuK4kfCcIiAIYnfGBrI9PM0mDa6nKgQoOgiyGual0e+oSBTgKK3SJjWf
U9eHrfmH4F3VpwuuaAnLm4C56OI8sR/01C/O2c12Ll5XJx3h/6Iyj+2KNHxCROsD
0Vm4vscH42D5qktR4sbQMEsTUQmwGZ9bAGN6CvRf6zDaljHWx9ZSebnlHbJ4v5Yp
MfN3SkC8FVVP4gub7AsBFvPdJB82Y6HH8OUSoCkCAwEAAaOCAn8wggJ7MB0GA1Ud
DgQWBBTKY9E0crT9Q5bK1aukc73rf61pdzAfBgNVHSMEGDAWgBRoHOTZm6jruRp5
Sr/L3RW94JyZ+DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FCemsyWnVvNjdrYWVVcV95OTBWdmVDY21mZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmIvNmI5ZWU4LTkyNGItNGEzMS1hNDY0LTlmOTljMTQ3N2ZiZS8x
L3ltUFJOSEswX1VPV3l0V3JwSE85NjMtdGFYYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIv
NmI5ZWU4LTkyNGItNGEzMS1hNDY0LTlmOTljMTQ3N2ZiZS8xL2FCemsyWnVvNjdr
YWVVcV95OTBWdmVDY21mZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
lAYIKwYBBQUHAQcBAf8EgYQwgYEwcAQCAAEwagMEBS6s4AMEAi6vnAMEAlBQVAME
AlBQXAMEBVVeoDAMAwQBWZYCAwQEWZYAAwQFW7tAAwQFbW9gAwQCuQQ0AwQCuSEA
MAwDBAK5VyQDBAS5VyADBAK5hMgDBAK5wjgDBAG88RoDBAXCnkAwDQQCAAIwBwMF
ASoCgGAwDQYJKoZIhvcNAQELBQADggEBAERqGJ7H07XcIV8xbAAGHlMSGQsbjdOq
apuCyCP9QZWb3ZlxLRNoH5ITZV+vWtYu6xITEq25hXAIlOzl5BSZ0ffWsznhB+97
K5zpm7qemHHM0qR8WPrdKN3nIbrVt/tO3fDhu76r7Km5ZVJaEKCLny2ww8H7uqgS
L4VJw3ekXFZM7UDZeV0qg+0kD9aoCarhdr19/J5c3R0uLOsLjtt9x3YhLPx0th92
bxg4jgszkCoUPsdKvsZzAi/njSpUXA4WLtCvj9jY911v6g76g6RPSG3u5+kG9RFJ
VhmhcI9NS1kv2MN78cO3UOvte0tQZO4hhu0AvqdvpK+n1M6kFBobP/E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:36 2024 by rpki-client on console-fra.rpki-client.org