Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/HnKapNU7QnxUdQSIfX8iIGdBs8A.roa
File:                     HnKapNU7QnxUdQSIfX8iIGdBs8A.roa (raw, json)
Hash identifier:          cBdRk8P77JLYjpo47Tw76hzMpdYIUaoB9vs2unvpEUs=
Subject key identifier:   1E:72:9A:A4:D5:3B:42:7C:54:75:04:88:7D:7F:22:20:67:41:B3:C0
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       01833CABCFDBC59EFCA4A37DA4C38B2C658B
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/HnKapNU7QnxUdQSIfX8iIGdBs8A.roa
Signing time:             Wed 14 Sep 2022 15:43:56 +0000
ROA not before:           Wed 14 Sep 2022 15:43:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209641
IP address blocks:        45.133.245.0/24 maxlen: 24
                          185.5.248.0/23 maxlen: 23
                          185.5.248.0/22 maxlen: 22
                          5.252.116.0/24 maxlen: 24
                          185.87.48.0/22 maxlen: 22
                          185.87.48.0/24 maxlen: 24
                          185.117.152.0/22 maxlen: 22
                          139.28.220.0/24 maxlen: 24
                          139.28.221.0/24 maxlen: 24
                          5.180.139.0/24 maxlen: 24
                          5.180.137.0/24 maxlen: 24
                          5.180.138.0/24 maxlen: 24
                          5.180.136.0/24 maxlen: 24
                          45.89.67.0/24 maxlen: 24
                          45.89.66.0/24 maxlen: 24
                          91.217.80.0/24 maxlen: 24
                          95.214.10.0/24 maxlen: 24
                          95.214.8.0/24 maxlen: 24
                          95.214.11.0/24 maxlen: 24
                          95.214.9.0/24 maxlen: 24
                          195.66.87.0/24 maxlen: 24
                          94.142.136.0/21 maxlen: 21
                          185.105.119.0/24 maxlen: 24
                          94.142.139.0/24 maxlen: 24
                          94.142.143.0/24 maxlen: 24
                          94.142.141.0/24 maxlen: 24
                          94.142.140.0/24 maxlen: 24
                          94.142.142.0/24 maxlen: 24
                          185.125.216.0/22 maxlen: 22
                          185.105.118.0/24 maxlen: 24
                          185.105.116.0/24 maxlen: 24
                          185.105.117.0/24 maxlen: 24
                          185.58.205.0/24 maxlen: 24
                          185.58.206.0/24 maxlen: 24
                          185.58.204.0/24 maxlen: 24
                          185.58.204.0/22 maxlen: 22
                          185.58.207.0/24 maxlen: 24
                          45.89.64.0/24 maxlen: 24
                          185.125.231.0/24 maxlen: 24
                          185.125.229.0/24 maxlen: 24
                          185.125.228.0/22 maxlen: 22
                          185.125.228.0/24 maxlen: 24
                          194.67.192.0/19 maxlen: 19
                          194.67.196.0/22 maxlen: 22
                          194.67.194.0/23 maxlen: 23
                          194.67.193.0/24 maxlen: 24
                          193.124.176.0/21 maxlen: 21
                          193.124.176.0/20 maxlen: 20
                          193.124.184.0/21 maxlen: 21
                          45.128.176.0/24 maxlen: 24
                          45.128.178.0/24 maxlen: 24
                          45.128.176.0/22 maxlen: 22
                          45.128.177.0/24 maxlen: 24
                          45.128.179.0/24 maxlen: 24
                          195.47.250.0/24 maxlen: 24
                          194.67.203.0/24 maxlen: 24
                          194.67.202.0/24 maxlen: 24
                          194.67.200.0/23 maxlen: 23
                          194.67.204.0/22 maxlen: 22
                          194.67.208.0/20 maxlen: 20
                          46.17.106.0/24 maxlen: 24
                          2a0a:9300:d1::/48 maxlen: 48
                          2a0a:9300::/48 maxlen: 48
                          2a0a:9301:1::/48 maxlen: 48
                          2a0a:9301::/48 maxlen: 48
                          2a0a:9300:d2::/48 maxlen: 48
                          2a0a:9301:2::/48 maxlen: 48
                          2a0a:9300:2::/48 maxlen: 48
                          2a0a:9302::/32 maxlen: 32
                          2a0a:9300:d0::/48 maxlen: 48
                          2a0a:9302:1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:3c:ab:cf:db:c5:9e:fc:a4:a3:7d:a4:c3:8b:2c:65:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Sep 14 15:43:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1e729aa4d53b427c547504887d7f22206741b3c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:42:5c:da:5c:a9:d6:6e:0a:32:23:a6:dc:9d:
                    d4:07:48:16:6e:83:33:55:eb:6b:4b:b0:b1:a4:c0:
                    8a:2a:69:8a:f3:d8:a6:0d:a5:37:3f:1c:a0:5a:95:
                    94:bf:24:12:48:64:88:00:8b:5a:29:82:00:0b:05:
                    d3:81:39:71:a0:dc:45:b8:c7:2f:d7:07:fa:99:78:
                    e4:6e:3f:c9:2c:ec:51:c6:1a:da:15:a2:4e:f2:8f:
                    22:65:8b:8e:48:ee:77:19:1f:98:ec:10:11:37:d4:
                    40:5a:e0:da:4a:97:93:90:0a:08:95:61:78:99:e3:
                    f1:d5:0d:8f:1f:32:09:41:82:68:6c:8d:f6:5f:3a:
                    2c:42:c0:56:35:3e:42:54:77:73:b2:1f:f7:74:4c:
                    e1:df:61:8b:7b:60:61:1b:18:e8:c2:e3:0b:73:d9:
                    92:b2:2c:96:54:0f:4e:a1:5a:d5:69:62:9c:55:ca:
                    12:08:89:29:eb:f8:ae:1b:dc:5d:b9:a2:a3:84:06:
                    5b:2e:fd:97:c1:94:64:b4:77:71:a2:9b:a5:5d:7f:
                    f5:e0:5f:82:e7:f7:06:e8:b7:b3:32:9a:7e:b8:d3:
                    c2:22:99:fd:43:e5:49:0b:ed:bd:cf:6f:19:7d:a0:
                    6e:6e:6f:be:d0:36:f6:6e:55:c9:5c:cd:4d:21:73:
                    71:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:72:9A:A4:D5:3B:42:7C:54:75:04:88:7D:7F:22:20:67:41:B3:C0
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/HnKapNU7QnxUdQSIfX8iIGdBs8A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.136.0/22
                  5.252.116.0/24
                  45.89.64.0/24
                  45.89.66.0/23
                  45.128.176.0/22
                  45.133.245.0/24
                  46.17.106.0/24
                  91.217.80.0/24
                  94.142.136.0/21
                  95.214.8.0/22
                  139.28.220.0/23
                  185.5.248.0/22
                  185.58.204.0/22
                  185.87.48.0/22
                  185.105.116.0/22
                  185.117.152.0/22
                  185.125.216.0/22
                  185.125.228.0/22
                  193.124.176.0/20
                  194.67.192.0/19
                  195.47.250.0/24
                  195.66.87.0/24
                IPv6:
                  2a0a:9300::/48
                  2a0a:9300:2::/48
                  2a0a:9300:d0::-2a0a:9300:d2:ffff:ffff:ffff:ffff:ffff
                  2a0a:9301::-2a0a:9301:2:ffff:ffff:ffff:ffff:ffff
                  2a0a:9302::/32

    Signature Algorithm: sha256WithRSAEncryption
         53:5f:72:49:31:b8:24:5e:ea:6e:e6:26:0e:75:ef:ed:95:ed:
         95:0a:82:4d:5a:eb:65:f0:e9:3f:f7:ab:52:45:17:28:79:27:
         6b:e6:3d:bb:68:88:1d:b5:7b:4f:21:6b:47:53:a1:e6:85:64:
         85:dc:2a:84:d8:10:77:42:53:43:cf:fc:93:67:26:77:fc:85:
         83:4e:a9:ef:da:71:1c:ea:d4:f1:48:d8:59:55:4e:b5:14:53:
         74:e6:d1:05:39:ac:14:14:cb:87:f0:03:e2:4f:37:cc:da:06:
         4a:20:c6:17:7f:b7:64:3a:e8:28:7c:95:63:e8:77:6d:24:9f:
         e9:7a:ce:e2:fd:0d:35:df:34:b4:c0:d3:6f:10:15:b6:a6:27:
         29:11:68:09:89:94:93:65:a6:e6:41:3c:d6:32:0b:d3:3e:29:
         cc:92:22:dd:8b:1c:37:d9:51:fb:dc:86:b0:d7:8a:ea:77:4a:
         5c:d3:b1:5b:78:8a:b5:a7:4d:84:d9:a6:e0:21:55:dd:b2:ac:
         41:88:15:3f:ea:44:24:33:1e:db:8a:7a:eb:76:0b:61:ab:33:
         ac:d9:20:30:fe:0a:fe:6b:0c:8b:0d:24:39:12:fd:89:92:dd:
         2c:82:92:fc:7f:72:36:78:68:91:7b:ef:96:ec:71:8f:25:91:
         2c:a0:48:cb
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgISAYM8q8/bxZ78pKN9pMOLLGWLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIwOTE0MTU0MzU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTcyOWFhNGQ1M2I0MjdjNTQ3NTA0ODg3ZDdmMjIyMDY3NDFiM2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEJc2lyp1m4KMiOm3J3UB0gWboMz
VetrS7CxpMCKKmmK89imDaU3PxygWpWUvyQSSGSIAItaKYIACwXTgTlxoNxFuMcv
1wf6mXjkbj/JLOxRxhraFaJO8o8iZYuOSO53GR+Y7BARN9RAWuDaSpeTkAoIlWF4
mePx1Q2PHzIJQYJobI32XzosQsBWNT5CVHdzsh/3dEzh32GLe2BhGxjowuMLc9mS
siyWVA9OoVrVaWKcVcoSCIkp6/iuG9xduaKjhAZbLv2XwZRktHdxopulXX/14F+C
5/cG6LezMpp+uNPCIpn9Q+VJC+29z28ZfaBubm++0Db2blXJXM1NIXNxIwIDAQAB
o4IC0zCCAs8wHQYDVR0OBBYEFB5ymqTVO0J8VHUEiH1/IiBnQbPAMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvSG5LYXBOVTdRbnhVZFFTSWZYOGlJR2RCczhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHoBggrBgEFBQcBBwEB/wSB2DCB1TCBiwQCAAEwgYQDBAIF
tIgDBAAF/HQDBAAtWUADBAEtWUIDBAItgLADBAAthfUDBAAuEWoDBABb2VADBANe
jogDBAJf1ggDBAGLHNwDBAK5BfgDBAK5OswDBAK5VzADBAK5aXQDBAK5dZgDBAK5
fdgDBAK5feQDBATBfLADBAXCQ8ADBADDL/oDBADDQlcwRQQCAAIwPwMHACoKkwAA
AAMHACoKkwAAAjASAwcEKgqTAADQAwcAKgqTAADSMBADBQAqCpMBAwcAKgqTAQAC
AwUAKgqTAjANBgkqhkiG9w0BAQsFAAOCAQEAU19ySTG4JF7qbuYmDnXv7ZXtlQqC
TVrrZfDpP/erUkUXKHkna+Y9u2iIHbV7TyFrR1Oh5oVkhdwqhNgQd0JTQ8/8k2cm
d/yFg06p79pxHOrU8UjYWVVOtRRTdObRBTmsFBTLh/AD4k83zNoGSiDGF3+3ZDro
KHyVY+h3bSSf6XrO4v0NNd80tMDTbxAVtqYnKRFoCYmUk2Wm5kE81jIL0z4pzJIi
3YscN9lR+9yGsNeK6ndKXNOxW3iKtadNhNmm4CFV3bKsQYgVP+pEJDMe24p663YL
YaszrNkgMP4K/msMiw0kORL9iZLdLIKS/H9yNnhokXvvluxxjyWRLKBIyw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org