Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/ylMZ2XC7xm-u-6luPzGwl8Xj4wk.roa
File:                     ylMZ2XC7xm-u-6luPzGwl8Xj4wk.roa (raw, json)
Hash identifier:          CJ3dQd6i5iUocoBYQyDRA3EA+5jhwALXAkyR7k1N/vU=
Subject key identifier:   CA:53:19:D9:70:BB:C6:6F:AE:FB:A9:6E:3F:31:B0:97:C5:E3:E3:09
Certificate issuer:       /CN=0170a169b6cd411022279e9ff997f134ff54ab1c
Certificate serial:       363A07FF
Authority key identifier: 01:70:A1:69:B6:CD:41:10:22:27:9E:9F:F9:97:F1:34:FF:54:AB:1C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AXChabbNQRAiJ56f-ZfxNP9Uqxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/ylMZ2XC7xm-u-6luPzGwl8Xj4wk.roa
Signing time:             Mon 11 Apr 2022 10:56:43 +0000
ROA not before:           Mon 11 Apr 2022 10:56:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35699
IP address blocks:        45.145.244.0/22 maxlen: 24
                          62.56.192.0/20 maxlen: 24
                          216.147.96.0/20 maxlen: 24
                          87.236.180.0/22 maxlen: 24
                          45.230.12.0/22 maxlen: 24
                          45.137.240.0/22 maxlen: 24
                          91.126.32.0/19 maxlen: 24
                          91.126.64.0/19 maxlen: 24
                          185.239.36.0/22 maxlen: 24
                          147.161.64.0/18 maxlen: 24
                          91.126.16.0/20 maxlen: 24
                          45.151.224.0/22 maxlen: 24
                          91.126.160.0/19 maxlen: 24
                          74.126.176.0/20 maxlen: 24
                          143.131.192.0/18 maxlen: 24
                          110.93.8.0/22 maxlen: 24
                          185.203.208.0/22 maxlen: 24
                          91.126.96.0/19 maxlen: 24
                          86.111.60.0/22 maxlen: 24
                          64.190.114.0/23 maxlen: 24
                          91.126.128.0/19 maxlen: 24
                          135.129.224.0/20 maxlen: 24
                          98.96.184.0/21 maxlen: 24
                          103.202.232.0/22 maxlen: 24
                          45.130.132.0/22 maxlen: 24
                          91.126.192.0/19 maxlen: 24
                          45.133.138.0/23 maxlen: 24
                          147.136.252.0/23 maxlen: 24
                          91.126.224.0/19 maxlen: 24
                          91.126.232.0/21 maxlen: 24
                          173.243.32.0/20 maxlen: 24
                          2a00:1af4::/32 maxlen: 32
                          2a00:1af4:1000::/48 maxlen: 48
                          2a00:1af0::/29 maxlen: 29
                          2a00:1af4:1003::/48 maxlen: 48
                          2a00:1af1::/32 maxlen: 32
                          2a00:1af1::/36 maxlen: 36
                          2a00:1af2::/32 maxlen: 32
                          2a00:1af3::/32 maxlen: 32
                          2a00:1af0::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 909772799 (0x363a07ff)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0170a169b6cd411022279e9ff997f134ff54ab1c
        Validity
            Not Before: Apr 11 10:56:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ca5319d970bbc66faefba96e3f31b097c5e3e309
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:84:5b:b1:a2:2d:8c:e8:8e:65:f0:f3:ae:bd:
                    c7:27:2e:5e:07:1e:1f:22:5b:76:57:00:6d:1a:8e:
                    39:dc:de:68:9a:99:96:eb:e9:c5:30:77:6a:5c:e8:
                    dd:bc:8f:4b:bb:fb:fd:93:2c:6c:4f:25:85:bc:e0:
                    1e:3f:ab:7c:dd:34:13:f8:e8:ef:7b:9a:a0:2f:88:
                    eb:e0:22:e4:26:bd:81:99:ca:fb:d0:25:49:a5:ed:
                    8f:27:58:42:e2:bf:3c:33:44:18:f7:e5:72:25:7b:
                    a5:cd:69:65:aa:d3:0e:c8:52:88:d9:d8:fd:9c:41:
                    e7:7e:b7:80:f1:5c:d6:45:35:a3:77:c3:a9:94:91:
                    91:4b:68:9a:5d:d1:32:bb:95:6d:63:a8:21:fe:71:
                    86:f9:d1:fd:08:0f:67:31:7f:f6:20:d2:e1:d2:95:
                    f5:ae:e7:84:f3:8f:b4:e5:5d:13:2b:55:6f:6e:1d:
                    fb:10:f6:10:06:be:4e:9c:6e:77:d9:dc:75:a1:6b:
                    6f:c6:da:14:9d:71:5f:97:af:16:c8:0f:77:53:58:
                    ac:8f:b7:96:72:d4:96:bf:70:80:6e:1a:05:fd:41:
                    4f:ce:34:05:0e:46:88:11:e4:be:68:5b:ea:c1:e5:
                    23:6d:07:5b:d9:36:31:9d:55:fa:5a:a6:d3:ab:17:
                    74:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:53:19:D9:70:BB:C6:6F:AE:FB:A9:6E:3F:31:B0:97:C5:E3:E3:09
            X509v3 Authority Key Identifier:
                keyid:01:70:A1:69:B6:CD:41:10:22:27:9E:9F:F9:97:F1:34:FF:54:AB:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AXChabbNQRAiJ56f-ZfxNP9Uqxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/ylMZ2XC7xm-u-6luPzGwl8Xj4wk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/AXChabbNQRAiJ56f-ZfxNP9Uqxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.130.132.0/22
                  45.133.138.0/23
                  45.137.240.0/22
                  45.145.244.0/22
                  45.151.224.0/22
                  45.230.12.0/22
                  62.56.192.0/20
                  64.190.114.0/23
                  74.126.176.0/20
                  86.111.60.0/22
                  87.236.180.0/22
                  91.126.16.0-91.126.255.255
                  98.96.184.0/21
                  103.202.232.0/22
                  110.93.8.0/22
                  135.129.224.0/20
                  143.131.192.0/18
                  147.136.252.0/23
                  147.161.64.0/18
                  173.243.32.0/20
                  185.203.208.0/22
                  185.239.36.0/22
                  216.147.96.0/20
                IPv6:
                  2a00:1af0::/29

    Signature Algorithm: sha256WithRSAEncryption
         8f:d9:61:5d:a4:84:7e:e7:3c:c6:e5:f9:96:d6:01:19:17:8f:
         d9:f7:ac:e9:f4:f2:1e:8e:ba:7b:fa:e6:93:6e:cd:2c:2d:2c:
         80:5e:ec:96:9b:53:5b:90:8f:5a:fd:29:b4:64:36:c4:94:13:
         d9:fe:1f:8f:46:5e:89:a6:46:fe:f7:be:db:9d:32:0e:dd:54:
         ec:7d:14:da:0b:a8:06:15:68:0d:27:12:52:77:bf:4c:d1:09:
         8b:ae:38:b3:7e:ad:ea:d9:8e:e8:30:47:35:c7:1f:6a:ac:18:
         a7:b0:b4:92:77:78:6c:ed:da:5d:4f:4a:b0:5e:4b:9a:f6:69:
         13:f6:67:1b:d9:aa:95:47:b5:ff:a6:7e:64:eb:6c:9e:f2:d1:
         0f:3a:db:a9:14:df:47:37:4a:74:aa:b6:a6:18:16:b1:8a:df:
         79:58:48:e8:cd:0f:02:c5:b4:05:90:e3:46:f1:b3:36:17:41:
         79:79:66:b5:3a:64:b3:75:15:83:a3:07:c1:6e:f2:b4:ee:49:
         e2:0c:7e:af:cb:bf:61:bc:41:5a:48:19:70:4e:27:48:23:10:
         d6:4b:1b:ab:a7:09:31:d8:d2:05:f5:eb:5c:e5:41:b3:6b:89:
         0d:06:ae:89:37:f0:50:22:97:ad:14:9e:79:a8:3b:9e:ad:4f:
         ef:cf:80:9b
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgIENjoH/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MTcwYTE2OWI2Y2Q0MTEwMjIyNzllOWZmOTk3ZjEzNGZmNTRhYjFjMB4XDTIyMDQx
MTEwNTY0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2E1MzE5ZDk3MGJi
YzY2ZmFlZmJhOTZlM2YzMWIwOTdjNWUzZTMwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ6EW7GiLYzojmXw8669xycuXgceHyJbdlcAbRqOOdzeaJqZ
luvpxTB3alzo3byPS7v7/ZMsbE8lhbzgHj+rfN00E/jo73uaoC+I6+Ai5Ca9gZnK
+9AlSaXtjydYQuK/PDNEGPflciV7pc1pZarTDshSiNnY/ZxB5363gPFc1kU1o3fD
qZSRkUtoml3RMruVbWOoIf5xhvnR/QgPZzF/9iDS4dKV9a7nhPOPtOVdEytVb24d
+xD2EAa+Tpxud9ncdaFrb8baFJ1xX5evFsgPd1NYrI+3lnLUlr9wgG4aBf1BT840
BQ5GiBHkvmhb6sHlI20HW9k2MZ1V+lqm06sXdMcCAwEAAaOCAqgwggKkMB0GA1Ud
DgQWBBTKUxnZcLvGb677qW4/MbCXxePjCTAfBgNVHSMEGDAWgBQBcKFpts1BECIn
np/5l/E0/1SrHDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FYQ2hhYmJOUVJBaUo1NmYtWmZ4TlA5VXF4dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvMWU3NzdmLTk4NmItNGUzNC04ZDgxLTdkNGJiMjM4MDQ4Ny8x
L3lsTVoyWEM3eG0tdS02bHVQekd3bDhYajR3ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
MWU3NzdmLTk4NmItNGUzNC04ZDgxLTdkNGJiMjM4MDQ4Ny8xL0FYQ2hhYmJOUVJB
aUo1NmYtWmZ4TlA5VXF4dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
vQYIKwYBBQUHAQcBAf8Ega0wgaowgZgEAgABMIGRAwQCLYKEAwQBLYWKAwQCLYnw
AwQCLZH0AwQCLZfgAwQCLeYMAwQEPjjAAwQBQL5yAwQESn6wAwQCVm88AwQCV+y0
MAsDBARbfhADAwBbfgMEA2JguAMEAmfK6AMEAm5dCAMEBIeB4AMEBo+DwAMEAZOI
/AMEBpOhQAMEBK3zIAMEArnL0AMEArnvJAMEBNiTYDANBAIAAjAHAwUDKgAa8DAN
BgkqhkiG9w0BAQsFAAOCAQEAj9lhXaSEfuc8xuX5ltYBGReP2fes6fTyHo66e/rm
k27NLC0sgF7slptTW5CPWv0ptGQ2xJQT2f4fj0ZeiaZG/ve+250yDt1U7H0U2guo
BhVoDScSUne/TNEJi644s36t6tmO6DBHNccfaqwYp7C0knd4bO3aXU9KsF5LmvZp
E/ZnG9mqlUe1/6Z+ZOtsnvLRDzrbqRTfRzdKdKq2phgWsYrfeVhI6M0PAsW0BZDj
RvGzNhdBeXlmtTpks3UVg6MHwW7ytO5J4gx+r8u/YbxBWkgZcE4nSCMQ1ksbq6cJ
MdjSBfXrXOVBs2uJDQauiTfwUCKXrRSeeag7nq1P78+Amw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:43 2024 by rpki-client on console-ams.rpki-client.org