Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/b72ORH0muzgguM3CD5v5BXGSB84.roa
File:                     b72ORH0muzgguM3CD5v5BXGSB84.roa (raw, json)
Hash identifier:          FBbDvXSmBrn3V4LTwwsv8rB+lxOPtFZOmq/fino3Mb4=
Subject key identifier:   6F:BD:8E:44:7D:26:BB:38:20:B8:CD:C2:0F:9B:F9:05:71:92:07:CE
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       17997810
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/b72ORH0muzgguM3CD5v5BXGSB84.roa
Signing time:             Sat 01 Jan 2022 04:53:56 +0000
ROA not before:           Sat 01 Jan 2022 04:53:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     21859
IP address blocks:        91.189.186.0/24 maxlen: 32
                          37.10.112.0/24 maxlen: 32
                          185.240.218.0/24 maxlen: 32
                          5.253.137.0/24 maxlen: 32
                          185.171.3.0/24 maxlen: 32
                          79.143.55.0/24 maxlen: 32
                          193.222.103.0/24 maxlen: 32
                          195.85.43.0/24 maxlen: 32
                          46.251.239.0/24 maxlen: 32
                          147.78.220.0/24 maxlen: 32
                          193.149.160.0/24 maxlen: 32
                          185.224.146.0/24 maxlen: 32
                          185.226.73.0/24 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 395933712 (0x17997810)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan  1 04:53:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6fbd8e447d26bb3820b8cdc20f9bf905719207ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:81:31:19:8c:d8:f2:b4:b6:82:ce:52:b3:be:
                    2f:b9:d0:43:63:3d:17:e3:12:45:6e:14:89:be:78:
                    73:3d:2a:3a:93:dc:63:8a:e7:78:3b:32:dc:2c:df:
                    c2:5a:c9:a3:b3:54:72:7d:b2:db:a1:42:0c:04:7e:
                    1a:22:7d:a2:f9:d8:22:5c:0f:87:6f:38:9b:35:54:
                    3a:ce:4a:b8:84:9d:be:71:53:7e:1c:02:92:2b:b7:
                    c0:54:d6:2d:35:e2:da:08:3c:70:ba:04:e4:a6:74:
                    f4:ec:b3:e4:7a:26:fb:2c:80:2e:66:97:5b:ba:99:
                    b7:9b:83:6f:92:c4:e2:3a:4f:20:d7:e4:65:34:fc:
                    ed:0b:1c:2e:79:93:5f:35:28:e0:9d:69:9b:79:20:
                    f5:76:b6:0b:52:ff:86:4f:47:23:48:3c:14:0e:75:
                    67:01:41:5e:ae:a7:4a:1d:ca:58:fd:e1:ed:57:67:
                    8c:1b:87:ac:86:cd:d7:5d:20:6a:a6:ac:7a:34:15:
                    52:55:d5:9f:9a:90:7e:7f:30:94:7d:46:86:c9:29:
                    01:16:21:f2:51:05:03:99:06:65:55:b7:17:04:56:
                    d2:06:44:f0:5a:5f:76:37:78:dc:e5:1a:13:06:e5:
                    72:24:36:97:64:2d:6b:24:68:74:26:f6:ed:e1:84:
                    cf:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:BD:8E:44:7D:26:BB:38:20:B8:CD:C2:0F:9B:F9:05:71:92:07:CE
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/b72ORH0muzgguM3CD5v5BXGSB84.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.253.137.0/24
                  37.10.112.0/24
                  46.251.239.0/24
                  79.143.55.0/24
                  91.189.186.0/24
                  147.78.220.0/24
                  185.171.3.0/24
                  185.224.146.0/24
                  185.226.73.0/24
                  185.240.218.0/24
                  193.149.160.0/24
                  193.222.103.0/24
                  195.85.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b4:4f:8a:85:67:ef:e9:00:e1:27:bb:ac:4f:53:4f:3e:cd:2d:
         ec:19:be:29:67:b2:8b:80:2b:fb:b2:1a:b0:22:4f:6c:14:ad:
         da:63:82:d4:a1:6e:41:2e:57:de:0c:55:73:a1:92:5d:04:d1:
         2a:b9:af:16:3a:9a:0e:12:e2:fd:35:88:4c:1d:bf:a5:14:da:
         6c:24:81:86:f3:f4:00:d3:5d:cb:9b:c5:c8:9c:39:3e:83:72:
         e8:3a:7f:99:f2:c3:03:0f:6d:3e:c8:54:03:0c:e5:ff:58:3f:
         3a:cd:f0:2e:a0:3e:2c:de:a3:b9:a5:83:51:d0:42:57:5e:f2:
         cb:be:73:47:11:29:3f:c9:95:84:be:f0:37:49:85:de:62:20:
         ab:5c:9f:f9:e7:d6:06:c5:b6:0c:b8:8b:aa:9b:9b:1a:cc:b4:
         0f:43:5b:a1:e4:cc:b0:32:fb:08:de:cd:b5:ef:22:11:93:e6:
         13:85:f4:7b:63:f5:ef:a3:1f:47:ab:74:67:c5:37:97:3a:09:
         7b:89:87:5d:f5:41:83:60:4e:90:35:dc:73:52:7a:19:94:99:
         47:1d:4f:b4:04:d7:7d:63:e3:cf:42:0b:c3:a6:00:4b:4e:c9:
         c3:1e:e3:51:72:49:24:46:c5:51:aa:1c:22:1e:30:09:ab:72:
         fa:2a:38:40
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIEF5l4EDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDEw
MTA0NTM1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmZiZDhlNDQ3ZDI2
YmIzODIwYjhjZGMyMGY5YmY5MDU3MTkyMDdjZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJGBMRmM2PK0toLOUrO+L7nQQ2M9F+MSRW4Uib54cz0qOpPc
Y4rneDsy3CzfwlrJo7NUcn2y26FCDAR+GiJ9ovnYIlwPh284mzVUOs5KuISdvnFT
fhwCkiu3wFTWLTXi2gg8cLoE5KZ09Oyz5Hom+yyALmaXW7qZt5uDb5LE4jpPINfk
ZTT87QscLnmTXzUo4J1pm3kg9Xa2C1L/hk9HI0g8FA51ZwFBXq6nSh3KWP3h7Vdn
jBuHrIbN110gaqasejQVUlXVn5qQfn8wlH1GhskpARYh8lEFA5kGZVW3FwRW0gZE
8Fpfdjd43OUaEwblciQ2l2QtayRodCb27eGEz+ECAwEAAaOCAlEwggJNMB0GA1Ud
DgQWBBRvvY5EfSa7OCC4zcIPm/kFcZIHzjAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L2I3Mk9SSDBtdXpnZ3VNM0NENXY1QlhHU0I4NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBn
BggrBgEFBQcBBwEB/wRYMFYwVAQCAAEwTgMEAAX9iQMEACUKcAMEAC777wMEAE+P
NwMEAFu9ugMEAJNO3AMEALmrAwMEALngkgMEALniSQMEALnw2gMEAMGVoAMEAMHe
ZwMEAMNVKzANBgkqhkiG9w0BAQsFAAOCAQEAtE+KhWfv6QDhJ7usT1NPPs0t7Bm+
KWeyi4Ar+7IasCJPbBSt2mOC1KFuQS5X3gxVc6GSXQTRKrmvFjqaDhLi/TWITB2/
pRTabCSBhvP0ANNdy5vFyJw5PoNy6Dp/mfLDAw9tPshUAwzl/1g/Os3wLqA+LN6j
uaWDUdBCV17yy75zRxEpP8mVhL7wN0mF3mIgq1yf+efWBsW2DLiLqpubGsy0D0Nb
oeTMsDL7CN7Nte8iEZPmE4X0e2P176MfR6t0Z8U3lzoJe4mHXfVBg2BOkDXcc1J6
GZSZRx1PtATXfWPjz0ILw6YAS07Jwx7jUXJJJEbFUaocIh4wCaty+io4QA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:33 2024 by rpki-client on console-ams.rpki-client.org