Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/A7cXdCo-yeVamSJuyaelH__D1sY.roa
File:                     A7cXdCo-yeVamSJuyaelH__D1sY.roa (raw, json)
Hash identifier:          hzRwgtrh1E8zaXURmPXJXDLJXzQI0OQ17bUROWyQcyA=
Subject key identifier:   03:B7:17:74:2A:3E:C9:E5:5A:99:22:6E:C9:A7:A5:1F:FF:C3:D6:C6
Certificate issuer:       /CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Certificate serial:       0183F015ED1A683719F861C4F49A07984B37
Authority key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/A7cXdCo-yeVamSJuyaelH__D1sY.roa
Signing time:             Wed 19 Oct 2022 11:51:52 +0000
ROA not before:           Wed 19 Oct 2022 11:51:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44709
IP address blocks:        91.228.126.0/23 maxlen: 23
                          194.36.91.0/24 maxlen: 24
                          194.36.90.0/24 maxlen: 24
                          194.36.89.0/24 maxlen: 24
                          5.100.250.0/23 maxlen: 23
                          5.100.251.0/24 maxlen: 24
                          5.100.250.0/24 maxlen: 24
                          5.100.252.0/23 maxlen: 23
                          5.100.253.0/24 maxlen: 24
                          5.100.252.0/24 maxlen: 24
                          5.100.249.0/24 maxlen: 24
                          5.100.248.0/23 maxlen: 23
                          5.100.248.0/24 maxlen: 24
                          212.80.204.0/24 maxlen: 24
                          212.80.206.0/24 maxlen: 24
                          212.80.205.0/24 maxlen: 24
                          5.100.254.0/23 maxlen: 23
                          5.100.254.0/24 maxlen: 24
                          5.100.255.0/24 maxlen: 24
                          212.80.207.0/24 maxlen: 24
                          188.191.147.0/24 maxlen: 24
                          31.133.103.0/24 maxlen: 24
                          31.133.102.0/24 maxlen: 24
                          31.133.100.0/24 maxlen: 24
                          195.28.181.0/24 maxlen: 24
                          195.28.180.0/24 maxlen: 24
                          109.207.76.0/24 maxlen: 24
                          185.241.4.0/24 maxlen: 24
                          109.207.79.0/24 maxlen: 24
                          185.241.7.0/24 maxlen: 24
                          185.241.6.0/24 maxlen: 24
                          185.241.5.0/24 maxlen: 24
                          185.220.207.0/24 maxlen: 24
                          45.83.40.0/24 maxlen: 24
                          45.83.43.0/24 maxlen: 24
                          45.83.42.0/24 maxlen: 24
                          185.56.72.0/22 maxlen: 22
                          45.93.95.0/24 maxlen: 24
                          45.93.92.0/24 maxlen: 24
                          45.93.94.0/24 maxlen: 24
                          45.93.93.0/24 maxlen: 24
                          81.28.7.0/24 maxlen: 24
                          91.223.106.0/24 maxlen: 24
                          63.250.63.0/24 maxlen: 24
                          63.250.61.0/24 maxlen: 24
                          63.250.62.0/24 maxlen: 24
                          185.28.152.0/24 maxlen: 24
                          185.28.154.0/24 maxlen: 24
                          185.28.153.0/24 maxlen: 24
                          185.28.155.0/24 maxlen: 24
                          83.229.71.0/24 maxlen: 24
                          83.229.70.0/24 maxlen: 24
                          83.229.74.0/24 maxlen: 24
                          83.229.73.0/24 maxlen: 24
                          83.229.72.0/24 maxlen: 24
                          185.253.75.0/24 maxlen: 24
                          185.253.73.0/24 maxlen: 24
                          185.253.72.0/24 maxlen: 24
                          185.162.125.0/24 maxlen: 24
                          185.162.124.0/24 maxlen: 24
                          185.162.126.0/24 maxlen: 24
                          91.202.171.0/24 maxlen: 24
                          91.202.168.0/24 maxlen: 24
                          91.202.170.0/24 maxlen: 24
                          91.202.169.0/24 maxlen: 24
                          91.226.72.0/24 maxlen: 24
                          2a06:c5c0:700::/48 maxlen: 48
                          2a06:c5c0:900::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:f0:15:ed:1a:68:37:19:f8:61:c4:f4:9a:07:98:4b:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
        Validity
            Not Before: Oct 19 11:51:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=03b717742a3ec9e55a99226ec9a7a51fffc3d6c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:0a:85:d7:10:f2:48:cf:f0:f9:87:d3:02:4b:
                    ac:38:e8:6a:0a:5d:7b:2c:96:ad:36:76:39:2c:7c:
                    45:b9:7a:b3:fb:78:bf:c2:c0:7f:a8:cd:52:ad:60:
                    68:e4:74:29:ff:af:00:5f:93:eb:65:7d:14:4a:0c:
                    86:e2:d9:01:3f:aa:10:9c:c1:f9:6b:28:e3:ce:ff:
                    3f:1b:c9:b0:23:59:77:d2:e0:d9:49:19:8c:1f:17:
                    34:19:2f:4b:d8:a2:2b:9c:54:d1:22:a9:69:5d:10:
                    47:38:39:b7:6c:cc:45:9d:04:c0:31:06:4d:fb:ed:
                    bc:38:26:cd:c1:58:a9:34:ce:95:76:72:da:e9:db:
                    3c:42:87:9e:1e:51:4b:a1:e2:15:4f:18:99:ce:6c:
                    a7:8d:c4:5a:92:e4:c7:e7:a1:6a:4c:38:33:ca:5a:
                    a3:93:ad:86:1e:3f:5f:0e:51:31:ea:11:96:6f:31:
                    6a:e7:ea:38:43:d8:d6:03:c7:69:08:ee:a6:9b:50:
                    26:7f:32:c7:07:3a:41:fb:c5:d3:f9:8a:a9:5a:b7:
                    34:49:b7:6e:7d:cc:54:cd:2b:ac:e5:f3:7d:19:be:
                    01:5e:2f:73:f9:c0:8e:1d:ca:56:1f:a7:3f:32:ef:
                    78:7a:78:99:a5:05:1a:9e:81:c6:84:e4:66:f7:91:
                    e3:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:B7:17:74:2A:3E:C9:E5:5A:99:22:6E:C9:A7:A5:1F:FF:C3:D6:C6
            X509v3 Authority Key Identifier:
                keyid:E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/A7cXdCo-yeVamSJuyaelH__D1sY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.100.248.0/21
                  31.133.100.0/24
                  31.133.102.0/23
                  45.83.40.0/24
                  45.83.42.0/23
                  45.93.92.0/22
                  63.250.61.0-63.250.63.255
                  81.28.7.0/24
                  83.229.70.0-83.229.74.255
                  91.202.168.0/22
                  91.223.106.0/24
                  91.226.72.0/24
                  91.228.126.0/23
                  109.207.76.0/24
                  109.207.79.0/24
                  185.28.152.0/22
                  185.56.72.0/22
                  185.162.124.0-185.162.126.255
                  185.220.207.0/24
                  185.241.4.0/22
                  185.253.72.0/23
                  185.253.75.0/24
                  188.191.147.0/24
                  194.36.89.0-194.36.91.255
                  195.28.180.0/23
                  212.80.204.0/22
                IPv6:
                  2a06:c5c0:700::/48
                  2a06:c5c0:900::/48

    Signature Algorithm: sha256WithRSAEncryption
         7c:df:f5:d4:06:e2:ce:b6:cb:6f:06:36:bd:b0:bb:c0:13:18:
         5e:de:79:37:a8:f3:96:66:3b:7c:71:98:ec:d9:09:99:a1:58:
         c0:10:2d:10:ed:02:75:ab:47:5c:d4:e4:54:47:78:30:8e:8f:
         d8:25:24:1d:da:60:9e:8e:bb:10:4b:0c:b1:ce:ad:64:93:1c:
         86:83:a6:b0:03:45:4b:e7:11:b3:ad:51:e0:d4:56:a3:41:61:
         54:9a:a8:91:c8:d0:f6:8d:e0:82:70:dd:8a:66:23:18:36:80:
         bf:55:13:e2:5e:db:1b:dd:bb:bf:97:4e:05:91:21:c4:90:8c:
         7d:e2:3d:4f:fe:75:d3:81:29:b8:9e:35:4c:41:4f:b6:7c:2f:
         23:c7:3c:f2:6e:a4:32:49:66:e5:36:87:7c:cd:84:2e:51:9b:
         13:3c:5c:5a:4d:e9:58:49:99:7a:6c:36:e7:51:37:9d:e1:08:
         06:a6:f1:07:f3:39:71:20:2d:53:cc:62:56:95:2b:d5:23:cd:
         d5:1c:88:92:45:ed:9a:fb:50:e9:78:34:0c:97:8e:6f:f9:f3:
         dc:da:ca:de:76:11:03:e0:4e:e6:d4:54:65:9e:c7:f6:60:67:
         ef:7d:a2:38:e4:2d:5e:e6:d8:a4:9f:8b:40:28:0f:e4:a3:4a:
         f2:32:2b:b5
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAYPwFe0aaDcZ+GHE9JoHmEs3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmQ3OTIzYWZkYmFlODdkMDdiMjMwOGRkMzg5ZDljZjA4
MmVkNmQwHhcNMjIxMDE5MTE1MTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2I3MTc3NDJhM2VjOWU1NWE5OTIyNmVjOWE3YTUxZmZmYzNkNmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1AqF1xDySM/w+YfTAkusOOhqCl17
LJatNnY5LHxFuXqz+3i/wsB/qM1SrWBo5HQp/68AX5PrZX0USgyG4tkBP6oQnMH5
ayjjzv8/G8mwI1l30uDZSRmMHxc0GS9L2KIrnFTRIqlpXRBHODm3bMxFnQTAMQZN
++28OCbNwVipNM6VdnLa6ds8QoeeHlFLoeIVTxiZzmynjcRakuTH56FqTDgzylqj
k62GHj9fDlEx6hGWbzFq5+o4Q9jWA8dpCO6mm1AmfzLHBzpB+8XT+YqpWrc0Sbdu
fcxUzSus5fN9Gb4BXi9z+cCOHcpWH6c/Mu94eniZpQUanoHGhORm95HjMwIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFAO3F3QqPsnlWpkibsmnpR//w9bGMB8GA1UdIwQY
MBaAFOW9eSOv266H0HsjCN04nZzwgu1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2Ut
MjZkMWU1NDU3OGYxLzEvQTdjWGRDby15ZVZhbVNKdXlhZWxIX19EMXNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2UtMjZkMWU1NDU3OGYx
LzEvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCBwwQCAAEwgbwDBAMF
ZPgDBAAfhWQDBAEfhWYDBAAtUygDBAEtUyoDBAItXVwwDAMEAD/6PQMEBj/6AAME
AFEcBzAMAwQBU+VGAwQAU+VKAwQCW8qoAwQAW99qAwQAW+JIAwQBW+R+AwQAbc9M
AwQAbc9PAwQCuRyYAwQCuThIMAwDBAK5onwDBAC5on4DBAC53M8DBAK58QQDBAG5
/UgDBAC5/UsDBAC8v5MwDAMEAMIkWQMEAsIkWAMEAcMctAMEAtRQzDAYBAIAAjAS
AwcAKgbFwAcAAwcAKgbFwAkAMA0GCSqGSIb3DQEBCwUAA4IBAQB83/XUBuLOtstv
Bja9sLvAExhe3nk3qPOWZjt8cZjs2QmZoVjAEC0Q7QJ1q0dc1ORUR3gwjo/YJSQd
2mCejrsQSwyxzq1kkxyGg6awA0VL5xGzrVHg1FajQWFUmqiRyND2jeCCcN2KZiMY
NoC/VRPiXtsb3bu/l04FkSHEkIx94j1P/nXTgSm4njVMQU+2fC8jxzzybqQySWbl
Nod8zYQuUZsTPFxaTelYSZl6bDbnUTed4QgGpvEH8zlxIC1TzGJWlSvVI83VHIiS
Re2a+1DpeDQMl45v+fPc2sredhED4E7m1FRlnsf2YGfvfaI45C1e5tikn4tAKA/k
o0ryMiu1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:32 2024 by rpki-client on console-fra.rpki-client.org