Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/PTz0m4Ufz9eUWkvdVhE2wk7_K8o.roa
File:                     PTz0m4Ufz9eUWkvdVhE2wk7_K8o.roa (raw, json)
Hash identifier:          n1TgxfRbsOpSgh9f2rVvoPQWUOZfnV4s9THN3zXNXJI=
Subject key identifier:   3D:3C:F4:9B:85:1F:CF:D7:94:5A:4B:DD:56:11:36:C2:4E:FF:2B:CA
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       0438B52E
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/PTz0m4Ufz9eUWkvdVhE2wk7_K8o.roa
Signing time:             Sun 20 Mar 2022 13:39:13 +0000
ROA not before:           Sun 20 Mar 2022 13:39:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35196
IP address blocks:        185.5.248.0/23 maxlen: 23
                          185.5.248.0/22 maxlen: 22
                          185.5.250.0/23 maxlen: 23
                          185.5.250.0/24 maxlen: 24
                          185.87.48.0/22 maxlen: 22
                          185.87.50.0/24 maxlen: 24
                          185.87.48.0/24 maxlen: 24
                          185.87.49.0/24 maxlen: 24
                          185.87.51.0/24 maxlen: 24
                          185.117.152.0/22 maxlen: 22
                          139.28.220.0/24 maxlen: 24
                          45.89.66.0/24 maxlen: 24
                          45.89.67.0/24 maxlen: 24
                          45.89.65.0/24 maxlen: 24
                          91.217.80.0/24 maxlen: 24
                          95.214.10.0/24 maxlen: 24
                          95.214.11.0/24 maxlen: 24
                          95.214.9.0/24 maxlen: 24
                          45.9.73.184/32 maxlen: 32
                          195.66.87.0/24 maxlen: 24
                          45.9.73.179/32 maxlen: 32
                          94.142.136.0/21 maxlen: 21
                          185.105.119.0/24 maxlen: 24
                          94.142.136.0/24 maxlen: 24
                          94.142.139.0/24 maxlen: 24
                          94.142.137.0/24 maxlen: 24
                          94.142.138.0/24 maxlen: 24
                          94.142.143.0/24 maxlen: 24
                          185.87.48.18/32 maxlen: 32
                          185.125.218.0/23 maxlen: 23
                          185.125.216.0/22 maxlen: 22
                          94.142.136.67/32 maxlen: 32
                          185.105.116.0/24 maxlen: 24
                          185.105.118.0/24 maxlen: 24
                          185.105.117.0/24 maxlen: 24
                          185.58.206.0/24 maxlen: 24
                          193.109.84.0/24 maxlen: 24
                          185.58.204.0/22 maxlen: 22
                          185.125.228.0/22 maxlen: 22
                          185.125.228.0/24 maxlen: 24
                          185.125.229.0/24 maxlen: 24
                          185.125.231.0/24 maxlen: 24
                          185.125.230.0/24 maxlen: 24
                          45.9.73.236/32 maxlen: 32
                          194.67.192.0/19 maxlen: 19
                          194.67.194.0/23 maxlen: 23
                          194.67.196.0/22 maxlen: 22
                          193.124.176.0/20 maxlen: 20
                          45.128.176.0/24 maxlen: 24
                          45.128.177.0/24 maxlen: 24
                          45.128.178.0/24 maxlen: 24
                          45.128.179.0/24 maxlen: 24
                          195.47.250.0/24 maxlen: 24
                          194.67.200.0/21 maxlen: 21
                          194.67.208.0/20 maxlen: 20
                          2a0a:9301:1::/48 maxlen: 48
                          2a0a:9301::/48 maxlen: 48
                          2a0a:9301:2::/48 maxlen: 48
                          2a0a:9302::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 70825262 (0x438b52e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Mar 20 13:39:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3d3cf49b851fcfd7945a4bdd561136c24eff2bca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:8d:8d:b8:98:18:15:df:0e:ee:72:0b:2e:7b:
                    7c:ab:15:17:bb:69:78:34:0e:59:45:7e:d9:f1:2a:
                    54:7f:f4:d3:ae:53:93:3f:36:71:15:8a:87:e7:dc:
                    6e:c5:49:10:5b:f9:28:f3:64:0a:ea:44:41:0d:d4:
                    ab:35:07:94:fa:bd:b1:6c:51:7d:96:4c:48:47:55:
                    d3:ea:60:43:52:65:c5:d0:90:68:65:b6:cb:ca:12:
                    aa:77:41:5d:83:47:e8:06:00:54:ba:80:de:ea:33:
                    e3:2d:4d:a2:61:a3:b2:d5:68:da:1b:97:70:71:b6:
                    d4:f6:aa:ee:c2:17:c4:e5:bb:8d:04:6d:a4:4f:c5:
                    9b:ea:7c:d5:88:c9:7c:a6:34:01:77:e1:50:f6:eb:
                    0f:25:5c:08:9c:a0:89:8f:56:72:67:9e:7b:2a:48:
                    71:75:68:50:a5:0d:4f:f0:36:1f:68:98:a3:3d:68:
                    a8:72:58:60:42:f5:66:97:7f:7a:dc:cf:88:35:91:
                    7a:d0:95:8e:23:8b:a8:11:02:3a:8a:5d:a5:06:0d:
                    48:2f:d6:a8:b0:b8:bd:6d:bb:20:2b:54:1d:0e:cb:
                    ec:04:e6:f3:37:a7:71:d3:72:d3:4a:e1:89:92:8d:
                    4c:ef:9b:2f:d5:42:ba:90:38:f3:76:f9:41:f6:ea:
                    67:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:3C:F4:9B:85:1F:CF:D7:94:5A:4B:DD:56:11:36:C2:4E:FF:2B:CA
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/PTz0m4Ufz9eUWkvdVhE2wk7_K8o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.9.73.179/32
                  45.9.73.184/32
                  45.9.73.236/32
                  45.89.65.0-45.89.67.255
                  45.128.176.0/22
                  91.217.80.0/24
                  94.142.136.0/21
                  95.214.9.0-95.214.11.255
                  139.28.220.0/24
                  185.5.248.0/22
                  185.58.204.0/22
                  185.87.48.0/22
                  185.105.116.0/22
                  185.117.152.0/22
                  185.125.216.0/22
                  185.125.228.0/22
                  193.109.84.0/24
                  193.124.176.0/20
                  194.67.192.0/19
                  195.47.250.0/24
                  195.66.87.0/24
                IPv6:
                  2a0a:9301::-2a0a:9301:2:ffff:ffff:ffff:ffff:ffff
                  2a0a:9302::/32

    Signature Algorithm: sha256WithRSAEncryption
         28:be:06:ae:82:04:3b:92:00:23:33:48:17:35:c0:21:b0:2a:
         60:8f:15:bb:8e:83:f0:a6:fc:26:1d:88:e7:fc:43:e4:bb:1b:
         f1:73:f3:fe:57:e9:8b:ac:89:a9:c5:1c:7e:26:11:06:39:19:
         d0:b1:40:26:6a:00:67:77:cf:83:96:f3:1b:e1:08:cf:a7:16:
         cc:f7:e4:e9:df:b3:7a:a8:6c:8f:28:88:6a:e8:04:d8:fb:a6:
         83:7c:39:cf:4b:03:06:ae:01:a1:10:50:38:8e:58:bc:9c:06:
         75:1a:82:90:c6:8f:f2:c1:a4:c0:6f:8c:51:2d:3b:96:09:dc:
         38:f3:5f:df:4f:b4:a4:55:79:4e:6f:22:50:28:43:7e:0b:97:
         a9:5a:43:79:04:7e:d0:9e:72:e1:0d:1a:e9:e9:20:87:cd:bc:
         1f:4d:f2:4d:2a:4e:a5:c9:e7:2f:28:83:21:63:46:34:bb:84:
         50:8f:2a:13:8b:86:84:58:15:27:01:59:bf:93:f5:81:78:1b:
         3e:e1:a8:ab:ce:97:e4:e2:68:b9:1b:01:bb:5a:5a:cd:ca:ca:
         80:00:18:d4:6f:08:56:c1:ae:5c:c2:1b:0d:f1:71:82:fc:bc:
         a7:d4:92:11:fd:32:b9:d7:cf:d0:dc:37:6a:1b:c8:19:82:ee:
         5c:87:e0:a0
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgIEBDi1LjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDMy
MDEzMzkxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2QzY2Y0OWI4NTFm
Y2ZkNzk0NWE0YmRkNTYxMTM2YzI0ZWZmMmJjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMeNjbiYGBXfDu5yCy57fKsVF7tpeDQOWUV+2fEqVH/0065T
kz82cRWKh+fcbsVJEFv5KPNkCupEQQ3UqzUHlPq9sWxRfZZMSEdV0+pgQ1JlxdCQ
aGW2y8oSqndBXYNH6AYAVLqA3uoz4y1NomGjstVo2huXcHG21Paq7sIXxOW7jQRt
pE/Fm+p81YjJfKY0AXfhUPbrDyVcCJygiY9WcmeeeypIcXVoUKUNT/A2H2iYoz1o
qHJYYEL1Zpd/etzPiDWRetCVjiOLqBECOopdpQYNSC/WqLC4vW27ICtUHQ7L7ATm
8zencdNy00rhiZKNTO+bL9VCupA483b5QfbqZ5cCAwEAAaOCArowggK2MB0GA1Ud
DgQWBBQ9PPSbhR/P15RaS91WETbCTv8ryjAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L1BUejBtNFVmejllVVdrdmRWaEUyd2s3X0s4by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
zwYIKwYBBQUHAQcBAf8Egb8wgbwwgZgEAgABMIGRAwUALQlJswMFAC0JSbgDBQAt
CUnsMAwDBAAtWUEDBAItWUADBAItgLADBABb2VADBANejogwDAMEAF/WCQMEAl/W
CAMEAIsc3AMEArkF+AMEArk6zAMEArlXMAMEArlpdAMEArl1mAMEArl92AMEArl9
5AMEAMFtVAMEBMF8sAMEBcJDwAMEAMMv+gMEAMNCVzAfBAIAAjAZMBADBQAqCpMB
AwcAKgqTAQACAwUAKgqTAjANBgkqhkiG9w0BAQsFAAOCAQEAKL4GroIEO5IAIzNI
FzXAIbAqYI8Vu46D8Kb8Jh2I5/xD5Lsb8XPz/lfpi6yJqcUcfiYRBjkZ0LFAJmoA
Z3fPg5bzG+EIz6cWzPfk6d+zeqhsjyiIaugE2Pumg3w5z0sDBq4BoRBQOI5YvJwG
dRqCkMaP8sGkwG+MUS07lgncOPNf30+0pFV5Tm8iUChDfguXqVpDeQR+0J5y4Q0a
6ekgh828H03yTSpOpcnnLyiDIWNGNLuEUI8qE4uGhFgVJwFZv5P1gXgbPuGoq86X
5OJouRsBu1pazcrKgAAY1G8IVsGuXMIbDfFxgvy8p9SSEf0yudfP0Nw3ahvIGYLu
XIfgoA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org