Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/6IGfrgKZbQwTNP9ppLBmKruLr8g.roa
File:                     6IGfrgKZbQwTNP9ppLBmKruLr8g.roa (raw, json)
Hash identifier:          YzzK2z9/VkEFIewhXWnfU9Fv3roKqETDoHgyC7Ww3Ec=
Subject key identifier:   E8:81:9F:AE:02:99:6D:0C:13:34:FF:69:A4:B0:66:2A:BB:8B:AF:C8
Certificate issuer:       /CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Certificate serial:       018373BCFBBC818921602D2704DA2284FCFD
Authority key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/6IGfrgKZbQwTNP9ppLBmKruLr8g.roa
Signing time:             Sun 25 Sep 2022 08:21:48 +0000
ROA not before:           Sun 25 Sep 2022 08:21:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44709
IP address blocks:        91.228.126.0/23 maxlen: 23
                          194.36.91.0/24 maxlen: 24
                          194.36.90.0/24 maxlen: 24
                          194.36.89.0/24 maxlen: 24
                          5.100.250.0/23 maxlen: 23
                          5.100.251.0/24 maxlen: 24
                          5.100.250.0/24 maxlen: 24
                          5.100.252.0/23 maxlen: 23
                          5.100.253.0/24 maxlen: 24
                          5.100.252.0/24 maxlen: 24
                          5.100.249.0/24 maxlen: 24
                          5.100.248.0/23 maxlen: 23
                          5.100.248.0/24 maxlen: 24
                          212.80.204.0/24 maxlen: 24
                          212.80.206.0/24 maxlen: 24
                          212.80.205.0/24 maxlen: 24
                          5.100.254.0/23 maxlen: 23
                          5.100.254.0/24 maxlen: 24
                          5.100.255.0/24 maxlen: 24
                          212.80.207.0/24 maxlen: 24
                          188.191.147.0/24 maxlen: 24
                          31.133.103.0/24 maxlen: 24
                          31.133.102.0/24 maxlen: 24
                          31.133.100.0/24 maxlen: 24
                          195.28.181.0/24 maxlen: 24
                          195.28.180.0/24 maxlen: 24
                          109.207.76.0/24 maxlen: 24
                          185.241.4.0/24 maxlen: 24
                          109.207.79.0/24 maxlen: 24
                          185.241.7.0/24 maxlen: 24
                          185.241.6.0/24 maxlen: 24
                          185.241.5.0/24 maxlen: 24
                          185.220.207.0/24 maxlen: 24
                          45.83.40.0/24 maxlen: 24
                          45.83.43.0/24 maxlen: 24
                          45.83.42.0/24 maxlen: 24
                          185.56.72.0/22 maxlen: 22
                          45.93.95.0/24 maxlen: 24
                          45.93.92.0/24 maxlen: 24
                          45.93.94.0/24 maxlen: 24
                          81.28.7.0/24 maxlen: 24
                          91.223.106.0/24 maxlen: 24
                          63.250.63.0/24 maxlen: 24
                          63.250.61.0/24 maxlen: 24
                          63.250.62.0/24 maxlen: 24
                          185.28.152.0/24 maxlen: 24
                          185.28.154.0/24 maxlen: 24
                          185.28.153.0/24 maxlen: 24
                          185.28.155.0/24 maxlen: 24
                          83.229.71.0/24 maxlen: 24
                          83.229.70.0/24 maxlen: 24
                          83.229.74.0/24 maxlen: 24
                          83.229.73.0/24 maxlen: 24
                          83.229.72.0/24 maxlen: 24
                          185.253.75.0/24 maxlen: 24
                          185.253.73.0/24 maxlen: 24
                          185.253.72.0/24 maxlen: 24
                          185.162.125.0/24 maxlen: 24
                          185.162.124.0/24 maxlen: 24
                          185.162.126.0/24 maxlen: 24
                          91.202.171.0/24 maxlen: 24
                          91.202.168.0/24 maxlen: 24
                          91.202.170.0/24 maxlen: 24
                          91.202.169.0/24 maxlen: 24
                          91.226.72.0/24 maxlen: 24
                          2a06:c5c0:700::/48 maxlen: 48
                          2a06:c5c0:900::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:73:bc:fb:bc:81:89:21:60:2d:27:04:da:22:84:fc:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
        Validity
            Not Before: Sep 25 08:21:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e8819fae02996d0c1334ff69a4b0662abb8bafc8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:15:35:76:84:db:b8:de:42:8e:86:97:44:ba:
                    48:97:ab:30:f5:15:91:03:5d:27:5f:c3:b5:14:b1:
                    d2:0b:41:7a:4c:70:48:b1:b3:06:77:40:42:1e:de:
                    f1:6d:82:8e:21:f2:0b:6d:74:cb:f2:0a:c5:d9:ad:
                    e3:ae:18:29:b8:28:07:a2:49:6e:0c:c2:4d:6c:e3:
                    be:19:7a:34:4f:98:21:5a:b4:36:ed:6b:29:45:85:
                    bf:71:ce:4f:2c:df:b4:94:69:c2:9d:d4:b2:71:d0:
                    d9:94:c6:69:ea:d7:ed:b9:9b:6c:c1:1b:0c:ed:5d:
                    3e:37:74:63:5a:1e:fa:93:5f:5d:97:37:a9:40:84:
                    c8:6e:e0:20:fb:85:4c:29:9a:c6:2e:6e:c0:9b:c4:
                    62:4e:99:0f:0a:2d:54:11:5d:f9:f4:bf:1c:bb:9a:
                    b0:ea:50:e1:34:10:17:ab:88:e2:2f:0a:51:9e:44:
                    46:32:a9:b5:34:01:ce:a4:c8:b3:1a:a7:05:fe:39:
                    c5:90:20:34:dc:4c:02:07:c1:6e:f2:88:2e:0e:76:
                    02:f8:08:e8:6a:ad:55:b3:5b:79:f4:52:c6:ea:3f:
                    5c:78:e3:9d:b1:04:aa:a0:cb:60:18:8f:6a:a2:6e:
                    2d:21:20:c3:a8:93:32:0a:0a:97:4e:0c:d8:87:cc:
                    1f:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:81:9F:AE:02:99:6D:0C:13:34:FF:69:A4:B0:66:2A:BB:8B:AF:C8
            X509v3 Authority Key Identifier:
                keyid:E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/6IGfrgKZbQwTNP9ppLBmKruLr8g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.100.248.0/21
                  31.133.100.0/24
                  31.133.102.0/23
                  45.83.40.0/24
                  45.83.42.0/23
                  45.93.92.0/24
                  45.93.94.0/23
                  63.250.61.0-63.250.63.255
                  81.28.7.0/24
                  83.229.70.0-83.229.74.255
                  91.202.168.0/22
                  91.223.106.0/24
                  91.226.72.0/24
                  91.228.126.0/23
                  109.207.76.0/24
                  109.207.79.0/24
                  185.28.152.0/22
                  185.56.72.0/22
                  185.162.124.0-185.162.126.255
                  185.220.207.0/24
                  185.241.4.0/22
                  185.253.72.0/23
                  185.253.75.0/24
                  188.191.147.0/24
                  194.36.89.0-194.36.91.255
                  195.28.180.0/23
                  212.80.204.0/22
                IPv6:
                  2a06:c5c0:700::/48
                  2a06:c5c0:900::/48

    Signature Algorithm: sha256WithRSAEncryption
         bf:10:7d:d7:fe:4f:18:2c:f2:1a:a9:3a:3c:eb:9c:4b:69:df:
         5c:8f:f2:3c:22:b2:cd:b9:6c:80:f9:c7:8c:e1:0a:8b:26:26:
         13:e7:0d:e1:f2:e5:5c:62:37:fd:f7:cf:b7:79:c1:c2:5e:1a:
         f2:44:2b:29:48:bc:c8:a2:78:16:34:97:18:18:8d:a5:6e:ed:
         b0:7d:21:fb:b5:0c:a0:84:1c:f1:bc:6b:fc:1b:9c:71:fa:2e:
         23:44:1b:02:39:b4:4c:f9:6c:50:79:c4:65:e4:d8:b4:18:3b:
         4c:10:c7:5d:21:13:bf:b3:ce:a1:f0:2a:61:18:f3:45:69:06:
         f4:b3:3b:70:de:05:7a:6c:cf:49:c4:3b:d4:50:f5:81:22:ae:
         eb:15:45:ba:55:1b:56:69:11:d0:e9:5c:01:1d:a0:60:3b:f6:
         88:c6:83:97:e6:bf:36:30:74:d5:34:ec:02:a3:9d:5d:c3:3a:
         9c:e2:50:a5:54:66:50:58:6b:89:bb:82:bf:8d:68:e6:11:7a:
         bc:01:10:80:8f:86:ee:20:ad:76:41:17:1d:dc:72:29:5f:5b:
         4d:8c:31:d5:ec:f0:2d:95:61:04:8a:69:02:16:3f:4d:92:08:
         a8:1a:e2:15:72:79:2f:f6:a5:fc:55:d8:40:dc:e4:bb:9b:67:
         98:70:d6:45
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgISAYNzvPu8gYkhYC0nBNoihPz9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmQ3OTIzYWZkYmFlODdkMDdiMjMwOGRkMzg5ZDljZjA4
MmVkNmQwHhcNMjIwOTI1MDgyMTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODgxOWZhZTAyOTk2ZDBjMTMzNGZmNjlhNGIwNjYyYWJiOGJhZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhU1doTbuN5CjoaXRLpIl6sw9RWR
A10nX8O1FLHSC0F6THBIsbMGd0BCHt7xbYKOIfILbXTL8grF2a3jrhgpuCgHoklu
DMJNbOO+GXo0T5ghWrQ27WspRYW/cc5PLN+0lGnCndSycdDZlMZp6tftuZtswRsM
7V0+N3RjWh76k19dlzepQITIbuAg+4VMKZrGLm7Am8RiTpkPCi1UEV359L8cu5qw
6lDhNBAXq4jiLwpRnkRGMqm1NAHOpMizGqcF/jnFkCA03EwCB8Fu8oguDnYC+Ajo
aq1Vs1t59FLG6j9ceOOdsQSqoMtgGI9qom4tISDDqJMyCgqXTgzYh8wfDQIDAQAB
o4IC5DCCAuAwHQYDVR0OBBYEFOiBn64CmW0MEzT/aaSwZiq7i6/IMB8GA1UdIwQY
MBaAFOW9eSOv266H0HsjCN04nZzwgu1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2Ut
MjZkMWU1NDU3OGYxLzEvNklHZnJnS1piUXdUTlA5cHBMQm1LcnVMcjhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2UtMjZkMWU1NDU3OGYx
LzEvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH5BggrBgEFBQcBBwEB/wSB6TCB5jCByQQCAAEwgcIDBAMF
ZPgDBAAfhWQDBAEfhWYDBAAtUygDBAEtUyoDBAAtXVwDBAEtXV4wDAMEAD/6PQME
Bj/6AAMEAFEcBzAMAwQBU+VGAwQAU+VKAwQCW8qoAwQAW99qAwQAW+JIAwQBW+R+
AwQAbc9MAwQAbc9PAwQCuRyYAwQCuThIMAwDBAK5onwDBAC5on4DBAC53M8DBAK5
8QQDBAG5/UgDBAC5/UsDBAC8v5MwDAMEAMIkWQMEAsIkWAMEAcMctAMEAtRQzDAY
BAIAAjASAwcAKgbFwAcAAwcAKgbFwAkAMA0GCSqGSIb3DQEBCwUAA4IBAQC/EH3X
/k8YLPIaqTo865xLad9cj/I8IrLNuWyA+ceM4QqLJiYT5w3h8uVcYjf998+3ecHC
XhryRCspSLzIongWNJcYGI2lbu2wfSH7tQyghBzxvGv8G5xx+i4jRBsCObRM+WxQ
ecRl5Ni0GDtMEMddIRO/s86h8CphGPNFaQb0sztw3gV6bM9JxDvUUPWBIq7rFUW6
VRtWaRHQ6VwBHaBgO/aIxoOX5r82MHTVNOwCo51dwzqc4lClVGZQWGuJu4K/jWjm
EXq8ARCAj4buIK12QRcd3HIpX1tNjDHV7PAtlWEEimkCFj9NkgioGuIVcnkv9qX8
VdhA3OS7m2eYcNZF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:35 2024 by rpki-client on console-ams.rpki-client.org