Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Z6GCLv53Z3_VbufzdgigZjyjHm8.roa
File:                     Z6GCLv53Z3_VbufzdgigZjyjHm8.roa (raw, json)
Hash identifier:          deS8j9nn+n9eAI08HnQ3AXk8Qmo0rGtXGNCgbDf6dmk=
Subject key identifier:   67:A1:82:2E:FE:77:67:7F:D5:6E:E7:F3:76:08:A0:66:3C:A3:1E:6F
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       0468933E
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Z6GCLv53Z3_VbufzdgigZjyjHm8.roa
Signing time:             Tue 29 Mar 2022 12:31:35 +0000
ROA not before:           Tue 29 Mar 2022 12:31:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204997
IP address blocks:        185.174.137.0/24 maxlen: 24
                          45.144.64.0/24 maxlen: 24
                          45.144.65.0/24 maxlen: 24
                          45.144.67.0/24 maxlen: 24
                          45.144.66.0/24 maxlen: 24
                          185.139.69.0/24 maxlen: 24
                          185.139.68.0/24 maxlen: 24
                          185.139.71.0/24 maxlen: 24
                          185.139.70.0/24 maxlen: 24
                          193.109.78.0/24 maxlen: 24
                          193.109.79.0/24 maxlen: 24
                          185.195.24.0/24 maxlen: 24
                          185.195.27.0/24 maxlen: 24
                          185.195.26.0/24 maxlen: 24
                          185.195.25.0/24 maxlen: 24
                          185.204.0.0/24 maxlen: 24
                          185.204.3.0/24 maxlen: 24
                          185.204.2.0/24 maxlen: 24
                          139.28.222.0/24 maxlen: 24
                          139.28.223.0/24 maxlen: 24
                          185.212.148.0/24 maxlen: 24
                          91.217.81.0/24 maxlen: 24
                          185.188.182.0/24 maxlen: 24
                          185.188.183.0/24 maxlen: 24
                          185.17.3.0/24 maxlen: 24
                          185.180.231.0/24 maxlen: 24
                          195.66.114.0/24 maxlen: 24
                          147.78.64.0/24 maxlen: 24
                          147.78.66.0/24 maxlen: 24
                          147.78.65.0/24 maxlen: 24
                          147.78.67.0/24 maxlen: 24
                          46.17.104.0/24 maxlen: 24
                          185.104.249.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 73962302 (0x468933e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Mar 29 12:31:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=67a1822efe77677fd56ee7f37608a0663ca31e6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:2c:14:75:28:3e:a1:e7:11:b5:e7:d0:f0:6f:
                    c1:cb:c7:43:5c:8a:c6:71:6b:af:c3:3b:12:a1:4d:
                    5a:1a:55:00:fb:60:8a:38:d3:03:d5:1b:26:22:e5:
                    27:1e:b9:be:91:20:99:88:55:41:62:2b:51:f5:62:
                    e5:32:6a:d0:77:73:f1:9c:e2:da:7b:ec:2c:e1:5f:
                    e6:dc:77:4d:be:c1:50:b2:fe:8f:89:73:54:12:7e:
                    77:9b:ef:20:09:04:01:a8:37:bd:d6:37:0a:43:32:
                    18:31:6f:21:9c:26:f2:2d:c1:bc:bd:01:f4:83:18:
                    1d:c1:af:b3:51:b8:c0:e6:82:7d:db:36:7a:79:6b:
                    6e:2d:d4:0e:d5:8c:b4:20:24:01:f9:fb:a3:9f:e4:
                    90:89:f9:f0:90:55:c1:51:77:5a:ed:49:8b:eb:cb:
                    bf:80:e1:e4:32:27:ca:32:ca:42:bf:dc:a2:c4:02:
                    87:06:fe:a1:85:7a:09:05:1a:51:bd:57:8e:6a:3f:
                    05:e7:35:90:d0:48:65:72:08:5b:20:23:20:16:a1:
                    83:b8:44:27:ef:fa:6b:4f:ac:d9:89:f3:8e:b4:71:
                    d0:36:1a:84:b0:69:2f:26:0a:91:3c:7e:11:6c:93:
                    c6:63:81:68:19:b5:23:02:b5:ae:b2:00:12:b4:5d:
                    2f:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:A1:82:2E:FE:77:67:7F:D5:6E:E7:F3:76:08:A0:66:3C:A3:1E:6F
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Z6GCLv53Z3_VbufzdgigZjyjHm8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.144.64.0/22
                  46.17.104.0/24
                  91.217.81.0/24
                  139.28.222.0/23
                  147.78.64.0/22
                  185.17.3.0/24
                  185.104.249.0/24
                  185.139.68.0/22
                  185.174.137.0/24
                  185.180.231.0/24
                  185.188.182.0/23
                  185.195.24.0/22
                  185.204.0.0/24
                  185.204.2.0/23
                  185.212.148.0/24
                  193.109.78.0/23
                  195.66.114.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b7:8f:c9:c3:af:19:71:80:6c:09:7c:15:65:9e:65:5e:01:e6:
         6c:08:1c:ab:be:6b:d3:16:be:c9:4b:23:62:f6:4c:fa:5b:38:
         e1:97:80:df:66:27:71:81:78:f0:bb:0f:28:5c:56:6e:5e:d6:
         1f:ef:f4:7e:ec:3d:72:c7:65:6b:b6:58:2b:ae:a9:ec:c4:df:
         66:89:b3:00:2e:54:3b:2e:ab:db:31:67:c4:fa:34:18:d7:a2:
         b4:64:4e:a9:c5:98:5e:ed:37:d6:03:eb:b9:7c:76:dd:ec:f5:
         0b:4c:f6:ea:1d:22:26:0c:5e:d6:39:fc:a8:d4:1f:02:98:be:
         fc:1a:08:db:d0:ba:77:79:90:11:3f:5c:ed:e4:54:d6:33:51:
         99:85:73:22:a5:73:97:56:4f:ea:f2:05:04:33:cc:ee:28:a7:
         34:08:03:62:a0:a8:8d:e4:d8:38:68:f6:5e:ae:b1:7a:a3:63:
         2b:2f:45:1d:9e:35:c1:3a:6a:17:4d:5e:63:01:dc:d4:40:a2:
         e0:f5:56:be:d6:3f:80:1e:56:f5:64:31:01:4b:b2:49:5a:8e:
         ee:f3:26:3c:c5:c1:42:4d:42:9f:2f:49:c5:62:6b:95:29:bb:
         73:93:5b:22:2a:83:d1:57:f8:d0:a5:9b:e2:bd:e8:26:c5:b6:
         93:ec:e6:3b
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIEBGiTPjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDMy
OTEyMzEzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjdhMTgyMmVmZTc3
Njc3ZmQ1NmVlN2YzNzYwOGEwNjYzY2EzMWU2ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM8sFHUoPqHnEbXn0PBvwcvHQ1yKxnFrr8M7EqFNWhpVAPtg
ijjTA9UbJiLlJx65vpEgmYhVQWIrUfVi5TJq0Hdz8Zzi2nvsLOFf5tx3Tb7BULL+
j4lzVBJ+d5vvIAkEAag3vdY3CkMyGDFvIZwm8i3BvL0B9IMYHcGvs1G4wOaCfds2
enlrbi3UDtWMtCAkAfn7o5/kkIn58JBVwVF3Wu1Ji+vLv4Dh5DInyjLKQr/cosQC
hwb+oYV6CQUaUb1Xjmo/Bec1kNBIZXIIWyAjIBahg7hEJ+/6a0+s2YnzjrRx0DYa
hLBpLyYKkTx+EWyTxmOBaBm1IwK1rrIAErRdLxkCAwEAAaOCAmkwggJlMB0GA1Ud
DgQWBBRnoYIu/ndnf9Vu5/N2CKBmPKMebzAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L1o2R0NMdjUzWjNfVmJ1ZnpkZ2lnWmp5akhtOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB/
BggrBgEFBQcBBwEB/wRwMG4wbAQCAAEwZgMEAi2QQAMEAC4RaAMEAFvZUQMEAYsc
3gMEApNOQAMEALkRAwMEALlo+QMEArmLRAMEALmuiQMEALm05wMEAbm8tgMEArnD
GAMEALnMAAMEAbnMAgMEALnUlAMEAcFtTgMEAMNCcjANBgkqhkiG9w0BAQsFAAOC
AQEAt4/Jw68ZcYBsCXwVZZ5lXgHmbAgcq75r0xa+yUsjYvZM+ls44ZeA32YncYF4
8LsPKFxWbl7WH+/0fuw9csdla7ZYK66p7MTfZomzAC5UOy6r2zFnxPo0GNeitGRO
qcWYXu031gPruXx23ez1C0z26h0iJgxe1jn8qNQfApi+/BoI29C6d3mQET9c7eRU
1jNRmYVzIqVzl1ZP6vIFBDPM7iinNAgDYqCojeTYOGj2Xq6xeqNjKy9FHZ41wTpq
F01eYwHc1ECi4PVWvtY/gB5W9WQxAUuySVqO7vMmPMXBQk1Cny9JxWJrlSm7c5Nb
IiqD0Vf40KWb4r3oJsW2k+zmOw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org