Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/papEGVFnDjzTVv4tT2V7vN_3zZk.roa
File:                     papEGVFnDjzTVv4tT2V7vN_3zZk.roa (raw, json)
Hash identifier:          WOFkGxMEN6+e7nb7jtqKik8PJLNydin/HIpvPuHcrsk=
Subject key identifier:   A5:AA:44:19:51:67:0E:3C:D3:56:FE:2D:4F:65:7B:BC:DF:F7:CD:99
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       0517E2A3
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/papEGVFnDjzTVv4tT2V7vN_3zZk.roa
Signing time:             Mon 30 May 2022 14:39:13 +0000
ROA not before:           Mon 30 May 2022 14:39:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209641
IP address blocks:        94.142.136.0/21 maxlen: 21
                          185.105.119.0/24 maxlen: 24
                          185.125.216.0/22 maxlen: 22
                          45.133.245.0/24 maxlen: 24
                          185.5.248.0/23 maxlen: 23
                          185.5.248.0/22 maxlen: 22
                          185.105.118.0/24 maxlen: 24
                          185.105.116.0/24 maxlen: 24
                          185.105.117.0/24 maxlen: 24
                          5.252.116.0/24 maxlen: 24
                          185.58.204.0/22 maxlen: 22
                          45.89.64.0/24 maxlen: 24
                          185.125.228.0/22 maxlen: 22
                          185.87.48.0/22 maxlen: 22
                          185.87.48.0/24 maxlen: 24
                          185.117.152.0/22 maxlen: 22
                          139.28.220.0/24 maxlen: 24
                          139.28.221.0/24 maxlen: 24
                          5.180.139.0/24 maxlen: 24
                          5.180.137.0/24 maxlen: 24
                          5.180.138.0/24 maxlen: 24
                          5.180.136.0/24 maxlen: 24
                          194.67.192.0/19 maxlen: 19
                          45.89.67.0/24 maxlen: 24
                          45.89.66.0/24 maxlen: 24
                          91.217.80.0/24 maxlen: 24
                          193.124.176.0/20 maxlen: 20
                          95.214.10.0/24 maxlen: 24
                          95.214.8.0/24 maxlen: 24
                          95.214.11.0/24 maxlen: 24
                          95.214.9.0/24 maxlen: 24
                          195.66.87.0/24 maxlen: 24
                          45.128.176.0/24 maxlen: 24
                          45.128.178.0/24 maxlen: 24
                          45.128.176.0/22 maxlen: 22
                          45.128.177.0/24 maxlen: 24
                          45.128.179.0/24 maxlen: 24
                          195.47.250.0/24 maxlen: 24
                          46.17.106.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 85451427 (0x517e2a3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: May 30 14:39:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a5aa441951670e3cd356fe2d4f657bbcdff7cd99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:92:c5:74:93:0a:1d:65:a6:49:78:a6:0d:19:
                    02:f6:0f:6d:86:a3:d1:de:94:85:a6:75:7a:91:24:
                    5d:b9:82:03:3e:44:41:a6:23:2c:9e:6f:4d:65:14:
                    65:af:69:24:80:57:6b:77:75:37:9b:5f:3c:75:ba:
                    03:80:99:34:0b:84:73:cd:2a:8c:e5:39:bb:f9:73:
                    5b:be:3b:8c:b0:dd:29:75:54:df:b3:ef:c5:48:70:
                    48:45:fa:68:76:91:7b:3c:bb:c1:dd:d8:22:28:ca:
                    d6:0f:4e:63:93:b3:0c:a0:4d:9a:c4:b1:c4:cb:fb:
                    c1:1a:7a:61:da:cd:c7:56:cf:08:53:c0:3e:66:65:
                    b6:17:84:d9:9c:24:9d:4a:09:8c:9e:15:da:46:c1:
                    82:b7:da:2b:ee:c3:99:12:d9:38:6f:2d:cc:db:9a:
                    11:0d:69:23:7b:cb:ae:70:ec:53:13:10:7b:34:a0:
                    92:6f:da:8a:73:54:7b:cb:fa:e2:37:db:17:1f:8a:
                    3c:40:81:46:df:16:ba:51:12:46:71:08:bc:bf:bb:
                    0e:f5:4a:ef:4c:60:4b:8b:0f:8b:e0:91:4f:f6:ff:
                    f8:88:19:77:89:a8:ae:11:83:d4:1a:77:c0:33:12:
                    99:39:fc:49:fe:01:b0:cc:a6:e4:3f:ce:e9:aa:8a:
                    a4:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:AA:44:19:51:67:0E:3C:D3:56:FE:2D:4F:65:7B:BC:DF:F7:CD:99
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/papEGVFnDjzTVv4tT2V7vN_3zZk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.136.0/22
                  5.252.116.0/24
                  45.89.64.0/24
                  45.89.66.0/23
                  45.128.176.0/22
                  45.133.245.0/24
                  46.17.106.0/24
                  91.217.80.0/24
                  94.142.136.0/21
                  95.214.8.0/22
                  139.28.220.0/23
                  185.5.248.0/22
                  185.58.204.0/22
                  185.87.48.0/22
                  185.105.116.0/22
                  185.117.152.0/22
                  185.125.216.0/22
                  185.125.228.0/22
                  193.124.176.0/20
                  194.67.192.0/19
                  195.47.250.0/24
                  195.66.87.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:10:a9:64:05:cb:5d:80:fa:9e:58:c0:d2:d2:07:d1:8c:de:
         48:f1:75:fd:0a:4d:37:31:a5:7d:0e:97:28:13:21:8d:f1:4d:
         2b:72:ea:73:d7:c0:10:9d:a5:e2:c9:9f:8c:60:07:c4:29:14:
         97:a5:07:15:c3:c7:56:43:b0:5b:2c:54:74:96:9b:41:d3:0e:
         49:61:f6:10:10:4a:69:16:3f:f1:22:81:b9:89:68:c4:ec:3d:
         93:89:81:4d:4b:e8:69:7b:f1:dd:23:7c:18:ad:b6:bd:91:2d:
         62:0d:83:07:f9:9d:d7:9d:9e:17:f9:71:f3:d3:31:d7:07:35:
         71:08:f0:7b:7c:bb:49:49:3a:9b:be:b2:de:2f:a2:05:c3:c9:
         12:85:b1:4f:c1:b3:11:ab:ed:16:4e:97:f8:d6:15:b8:0e:6b:
         37:4e:7b:85:bd:61:a0:5f:1e:e1:67:9d:54:7b:36:1c:07:b4:
         6d:cf:e4:1e:5c:c2:2a:5c:65:dc:a7:33:bd:c6:5c:cb:d7:42:
         31:7d:4d:f0:44:d8:1e:33:ec:eb:f1:67:3e:e2:76:ab:23:b4:
         03:6f:30:d5:b8:7a:a8:44:42:bb:3c:2d:94:b6:34:73:f4:ab:
         b1:65:c5:1d:63:66:4c:87:f0:f7:04:b3:d1:a3:fc:21:a4:4b:
         1b:08:56:a1
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIEBRfiozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDUz
MDE0MzkxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTVhYTQ0MTk1MTY3
MGUzY2QzNTZmZTJkNGY2NTdiYmNkZmY3Y2Q5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKmSxXSTCh1lpkl4pg0ZAvYPbYaj0d6UhaZ1epEkXbmCAz5E
QaYjLJ5vTWUUZa9pJIBXa3d1N5tfPHW6A4CZNAuEc80qjOU5u/lzW747jLDdKXVU
37PvxUhwSEX6aHaRezy7wd3YIijK1g9OY5OzDKBNmsSxxMv7wRp6YdrNx1bPCFPA
PmZltheE2ZwknUoJjJ4V2kbBgrfaK+7DmRLZOG8tzNuaEQ1pI3vLrnDsUxMQezSg
km/ainNUe8v64jfbFx+KPECBRt8WulESRnEIvL+7DvVK70xgS4sPi+CRT/b/+IgZ
d4morhGD1Bp3wDMSmTn8Sf4BsMym5D/O6aqKpHECAwEAAaOCAowwggKIMB0GA1Ud
DgQWBBSlqkQZUWcOPNNW/i1PZXu83/fNmTAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L3BhcEVHVkZuRGp6VFZ2NHRUMlY3dk5fM3paay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
oQYIKwYBBQUHAQcBAf8EgZEwgY4wgYsEAgABMIGEAwQCBbSIAwQABfx0AwQALVlA
AwQBLVlCAwQCLYCwAwQALYX1AwQALhFqAwQAW9lQAwQDXo6IAwQCX9YIAwQBixzc
AwQCuQX4AwQCuTrMAwQCuVcwAwQCuWl0AwQCuXWYAwQCuX3YAwQCuX3kAwQEwXyw
AwQFwkPAAwQAwy/6AwQAw0JXMA0GCSqGSIb3DQEBCwUAA4IBAQBQEKlkBctdgPqe
WMDS0gfRjN5I8XX9Ck03MaV9DpcoEyGN8U0rcupz18AQnaXiyZ+MYAfEKRSXpQcV
w8dWQ7BbLFR0lptB0w5JYfYQEEppFj/xIoG5iWjE7D2TiYFNS+hpe/HdI3wYrba9
kS1iDYMH+Z3XnZ4X+XHz0zHXBzVxCPB7fLtJSTqbvrLeL6IFw8kShbFPwbMRq+0W
Tpf41hW4Dms3TnuFvWGgXx7hZ51UezYcB7Rtz+QeXMIqXGXcpzO9xlzL10IxfU3w
RNgeM+zr8Wc+4narI7QDbzDVuHqoREK7PC2UtjRz9KuxZcUdY2ZMh/D3BLPRo/wh
pEsbCFah
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:11 2024 by rpki-client on console-ams.rpki-client.org