Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/tZI86DfPeJT9-x6kVslFnCRcvzo.roa
File:                     tZI86DfPeJT9-x6kVslFnCRcvzo.roa (raw, json)
Hash identifier:          cwGtMhxoUq07Q2yH/0t1OxmrPk/LbhTwi7vBqO6YM5I=
Subject key identifier:   B5:92:3C:E8:37:CF:78:94:FD:FB:1E:A4:56:C9:45:9C:24:5C:BF:3A
Certificate issuer:       /CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Certificate serial:       0182E9CF60FB947583687E03AF81EFD5D7EF
Authority key identifier: 08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/tZI86DfPeJT9-x6kVslFnCRcvzo.roa
Signing time:             Mon 29 Aug 2022 13:34:18 +0000
ROA not before:           Mon 29 Aug 2022 13:34:18 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44285
IP address blocks:        45.140.224.0/22 maxlen: 22
                          45.87.4.0/22 maxlen: 22
                          185.18.213.0/24 maxlen: 24
                          185.18.212.0/22 maxlen: 22
                          185.18.212.0/24 maxlen: 24
                          185.18.215.0/24 maxlen: 24
                          185.18.214.0/24 maxlen: 24
                          37.32.32.0/24 maxlen: 24
                          37.32.33.0/24 maxlen: 24
                          37.32.32.0/21 maxlen: 21
                          37.32.32.0/22 maxlen: 22
                          37.32.36.0/22 maxlen: 22
                          37.32.37.0/24 maxlen: 24
                          37.32.38.0/24 maxlen: 24
                          37.32.36.0/24 maxlen: 24
                          37.32.35.0/24 maxlen: 24
                          37.32.34.0/24 maxlen: 24
                          37.32.39.0/24 maxlen: 24
                          185.51.201.0/24 maxlen: 24
                          185.51.200.0/24 maxlen: 24
                          185.51.203.0/24 maxlen: 24
                          185.51.202.0/24 maxlen: 24
                          86.57.120.0/23 maxlen: 23
                          86.57.122.0/23 maxlen: 23
                          86.57.96.0/20 maxlen: 20
                          86.57.112.0/23 maxlen: 23
                          86.57.114.0/23 maxlen: 23
                          86.57.116.0/22 maxlen: 22
                          217.172.124.0/23 maxlen: 23
                          217.172.120.0/24 maxlen: 24
                          217.172.120.0/21 maxlen: 21
                          217.172.127.0/24 maxlen: 24
                          217.172.126.0/23 maxlen: 23
                          85.198.48.0/20 maxlen: 20
                          45.9.253.0/24 maxlen: 24
                          45.9.252.0/24 maxlen: 24
                          45.9.254.0/24 maxlen: 24
                          37.75.246.0/24 maxlen: 24
                          37.75.245.0/24 maxlen: 24
                          37.75.244.0/24 maxlen: 24
                          37.75.244.0/22 maxlen: 22
                          37.75.243.0/24 maxlen: 24
                          37.75.247.0/24 maxlen: 24
                          195.110.38.0/24 maxlen: 24
                          195.110.38.0/23 maxlen: 23
                          195.110.39.0/24 maxlen: 24
                          185.182.250.0/24 maxlen: 24
                          185.182.250.0/23 maxlen: 23
                          185.182.248.0/22 maxlen: 22
                          185.182.248.0/23 maxlen: 23
                          185.182.251.0/24 maxlen: 24
                          91.236.168.0/23 maxlen: 23
                          91.236.169.0/24 maxlen: 24
                          91.236.168.0/24 maxlen: 24
                          46.28.74.0/24 maxlen: 24
                          46.28.73.0/24 maxlen: 24
                          46.28.72.0/24 maxlen: 24
                          46.28.72.0/21 maxlen: 24
                          185.121.128.0/22 maxlen: 24
                          185.121.128.0/24 maxlen: 24
                          185.121.131.0/24 maxlen: 24
                          185.121.130.0/24 maxlen: 24
                          185.121.129.0/24 maxlen: 24
                          88.135.38.0/24 maxlen: 24
                          88.135.37.0/24 maxlen: 24
                          185.141.132.0/24 maxlen: 24
                          185.141.134.0/24 maxlen: 24
                          185.141.133.0/24 maxlen: 24
                          185.141.135.0/24 maxlen: 24
                          84.47.226.0/24 maxlen: 24
                          84.47.224.0/22 maxlen: 22
                          84.47.225.0/24 maxlen: 24
                          84.47.224.0/21 maxlen: 21
                          84.47.224.0/24 maxlen: 24
                          188.209.152.0/23 maxlen: 23
                          84.47.231.0/24 maxlen: 24
                          84.47.227.0/24 maxlen: 24
                          84.47.230.0/24 maxlen: 24
                          84.47.229.0/24 maxlen: 24
                          84.47.228.0/24 maxlen: 24
                          84.47.228.0/22 maxlen: 22
                          88.135.39.0/24 maxlen: 24
                          185.128.138.0/24 maxlen: 24
                          185.128.137.0/24 maxlen: 24
                          185.128.136.0/24 maxlen: 24
                          185.128.139.0/24 maxlen: 24
                          2a02:828::/32 maxlen: 32
                          2a02:829::/32 maxlen: 32
                          2a02:82b::/32 maxlen: 32
                          2a02:82f::/32 maxlen: 32
                          2a02:828:1::/48 maxlen: 48
                          2a02:82a::/32 maxlen: 32
                          2a02:828::/29 maxlen: 29
                          2a02:828::/64 maxlen: 64
                          2a02:828::/48 maxlen: 48
                          2a02:82e::/32 maxlen: 32
                          2a02:82c::/32 maxlen: 32
                          2a02:82d::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:e9:cf:60:fb:94:75:83:68:7e:03:af:81:ef:d5:d7:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
        Validity
            Not Before: Aug 29 13:34:18 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b5923ce837cf7894fdfb1ea456c9459c245cbf3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:61:5d:52:62:f6:c5:8d:1b:98:4e:93:da:25:
                    c7:a5:4c:a7:10:aa:80:60:a0:f4:77:f5:e2:2c:c2:
                    cf:df:fe:bc:2e:8d:61:f8:e8:da:53:8f:d1:6e:13:
                    b9:ad:10:ec:17:04:c0:e4:ed:8b:6e:32:a1:51:57:
                    06:f8:2c:56:6c:12:20:7d:fa:d5:00:00:32:b2:49:
                    ba:88:88:56:e9:63:5a:02:60:58:3f:02:ee:f2:4a:
                    6f:6c:8c:db:6c:a7:2e:35:20:de:eb:4a:1b:96:e3:
                    b4:a0:cd:dc:6c:b0:25:e3:72:50:24:b7:21:e7:13:
                    32:32:62:70:b8:32:ef:94:45:23:33:78:85:52:f2:
                    05:e6:78:52:3c:a7:16:b1:fe:22:35:65:14:0a:b2:
                    fb:43:a9:7d:25:64:78:46:f2:27:a6:98:d5:7a:06:
                    2d:d8:5f:a2:ee:ab:96:55:24:5f:fd:1f:e9:ad:b0:
                    4b:86:6e:57:87:e3:0e:c4:f4:8f:f4:24:59:0b:f0:
                    48:37:24:88:42:5a:85:88:ec:e9:90:e7:74:b0:6b:
                    d7:3b:2f:92:d6:68:43:c3:7f:37:cd:74:32:7b:23:
                    bc:d8:eb:b1:36:ee:05:a7:42:0d:17:eb:4c:27:2e:
                    17:98:62:bb:06:e3:ff:45:ab:db:e9:bd:4b:66:43:
                    e1:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:92:3C:E8:37:CF:78:94:FD:FB:1E:A4:56:C9:45:9C:24:5C:BF:3A
            X509v3 Authority Key Identifier:
                keyid:08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/tZI86DfPeJT9-x6kVslFnCRcvzo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.32.32.0/21
                  37.75.243.0-37.75.247.255
                  45.9.252.0-45.9.254.255
                  45.87.4.0/22
                  45.140.224.0/22
                  46.28.72.0/21
                  84.47.224.0/21
                  85.198.48.0/20
                  86.57.96.0-86.57.123.255
                  88.135.37.0-88.135.39.255
                  91.236.168.0/23
                  185.18.212.0/22
                  185.51.200.0/22
                  185.121.128.0/22
                  185.128.136.0/22
                  185.141.132.0/22
                  185.182.248.0/22
                  188.209.152.0/23
                  195.110.38.0/23
                  217.172.120.0/21
                IPv6:
                  2a02:828::/29

    Signature Algorithm: sha256WithRSAEncryption
         9e:13:2f:4b:1e:21:b5:15:1e:7c:31:17:42:b3:14:40:ff:47:
         70:82:f4:f7:47:58:76:46:19:e0:e4:93:2b:bb:4a:d8:77:8a:
         d8:b8:ad:fa:65:1b:b9:36:b1:0f:67:bc:0b:a2:89:d7:24:3b:
         d0:c4:50:7a:e7:b1:34:57:59:67:f0:48:b8:4a:5e:5f:86:59:
         0d:95:3c:6e:77:9f:4e:b1:72:f5:b1:65:25:3d:12:59:1b:2f:
         e8:52:67:24:59:15:4c:5e:03:08:cc:4d:7a:1d:51:2c:b0:a2:
         1f:b6:2d:f2:d6:38:64:df:80:b2:ce:7d:59:31:18:8a:8d:c6:
         d1:26:bd:bf:5d:75:7d:e0:90:fa:7d:fe:f5:df:ed:53:1d:96:
         51:9b:9e:b5:3f:39:fe:cf:18:12:52:51:cc:06:54:83:6e:6c:
         72:1f:c0:5f:41:a4:44:1c:1a:31:b8:50:97:c2:50:69:58:e6:
         27:38:4d:26:04:a0:d5:3d:66:1b:34:46:88:a1:6a:b8:58:7d:
         64:1c:b1:2e:d8:d5:56:67:42:58:37:4b:34:ec:8b:c9:44:af:
         99:b1:00:5d:46:c1:e1:69:91:f9:3a:11:46:02:94:e8:ff:4b:
         08:3d:b8:cf:63:68:0e:07:8d:d6:19:36:69:74:fc:b3:95:73:
         1d:68:3c:40
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYLpz2D7lHWDaH4Dr4Hv1dfvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MWI3YTIyZTUxY2ZiOWNmODQyMDVlNDQ0OTk5OGFkNTVk
OGYwNjUwHhcNMjIwODI5MTMzNDE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTkyM2NlODM3Y2Y3ODk0ZmRmYjFlYTQ1NmM5NDU5YzI0NWNiZjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmFdUmL2xY0bmE6T2iXHpUynEKqA
YKD0d/XiLMLP3/68Lo1h+OjaU4/RbhO5rRDsFwTA5O2LbjKhUVcG+CxWbBIgffrV
AAAyskm6iIhW6WNaAmBYPwLu8kpvbIzbbKcuNSDe60obluO0oM3cbLAl43JQJLch
5xMyMmJwuDLvlEUjM3iFUvIF5nhSPKcWsf4iNWUUCrL7Q6l9JWR4RvInppjVegYt
2F+i7quWVSRf/R/prbBLhm5Xh+MOxPSP9CRZC/BINySIQlqFiOzpkOd0sGvXOy+S
1mhDw383zXQyeyO82OuxNu4Fp0INF+tMJy4XmGK7BuP/Ravb6b1LZkPhiQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFLWSPOg3z3iU/fsepFbJRZwkXL86MB8GA1UdIwQY
MBaAFAgbeiLlHPuc+EIF5ESZmK1V2PBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYt
MDM2NzI2OGZmODcxLzEvdFpJODZEZlBlSlQ5LXg2a1ZzbEZuQ1JjdnpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYtMDM2NzI2OGZmODcx
LzEvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTCBnwQCAAEwgZgDBAMl
ICAwDAMEACVL8wMEAyVL8DAMAwQCLQn8AwQALQn+AwQCLVcEAwQCLYzgAwQDLhxI
AwQDVC/gAwQEVcYwMAwDBAVWOWADBAJWOXgwDAMEAFiHJQMEA1iHIAMEAVvsqAME
ArkS1AMEArkzyAMEArl5gAMEArmAiAMEArmNhAMEArm2+AMEAbzRmAMEAcNuJgME
A9mseDANBAIAAjAHAwUDKgIIKDANBgkqhkiG9w0BAQsFAAOCAQEAnhMvSx4htRUe
fDEXQrMUQP9HcIL090dYdkYZ4OSTK7tK2HeK2Lit+mUbuTaxD2e8C6KJ1yQ70MRQ
euexNFdZZ/BIuEpeX4ZZDZU8bnefTrFy9bFlJT0SWRsv6FJnJFkVTF4DCMxNeh1R
LLCiH7Yt8tY4ZN+Ass59WTEYio3G0Sa9v111feCQ+n3+9d/tUx2WUZuetT85/s8Y
ElJRzAZUg25sch/AX0GkRBwaMbhQl8JQaVjmJzhNJgSg1T1mGzRGiKFquFh9ZByx
LtjVVmdCWDdLNOyLyUSvmbEAXUbB4WmR+ToRRgKU6P9LCD24z2NoDgeN1hk2aXT8
s5VzHWg8QA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:49 2024 by rpki-client on console-ams.rpki-client.org