Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/6sOmkA4S2tvVIb7gQ_gSBlxqBX0.roa
File:                     6sOmkA4S2tvVIb7gQ_gSBlxqBX0.roa (raw, json)
Hash identifier:          2IjuuRuXDqohq7y5q5+kJrRCjrl5hrYogc4vYwovWUo=
Subject key identifier:   EA:C3:A6:90:0E:12:DA:DB:D5:21:BE:E0:43:F8:12:06:5C:6A:05:7D
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       01852BC36DF301E3A74590E9AABA2DCACC47
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/6sOmkA4S2tvVIb7gQ_gSBlxqBX0.roa
Signing time:             Mon 19 Dec 2022 19:01:45 +0000
ROA not before:           Mon 19 Dec 2022 19:01:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39074
IP address blocks:        85.133.231.0/24 maxlen: 24
                          85.133.232.0/24 maxlen: 24
                          85.133.228.0/22 maxlen: 22
                          85.133.232.0/22 maxlen: 22
                          85.133.229.0/24 maxlen: 24
                          85.133.230.0/24 maxlen: 24
                          85.133.239.0/24 maxlen: 24
                          85.133.236.0/22 maxlen: 22
                          85.133.240.0/24 maxlen: 24
                          85.133.235.0/24 maxlen: 24
                          85.133.240.0/22 maxlen: 22
                          85.133.245.0/24 maxlen: 24
                          85.133.246.0/24 maxlen: 24
                          85.133.243.0/24 maxlen: 24
                          85.133.244.0/24 maxlen: 24
                          85.133.247.0/24 maxlen: 24
                          85.133.248.0/22 maxlen: 22
                          85.133.249.0/24 maxlen: 24
                          85.133.251.0/24 maxlen: 24
                          85.133.252.0/22 maxlen: 22
                          85.133.254.0/24 maxlen: 24
                          85.133.255.0/24 maxlen: 24
                          85.133.176.0/22 maxlen: 24
                          85.133.184.0/22 maxlen: 24
                          85.133.180.0/22 maxlen: 24
                          85.133.189.0/24 maxlen: 24
                          85.133.188.0/22 maxlen: 22
                          85.133.192.0/22 maxlen: 22
                          85.133.196.0/24 maxlen: 24
                          85.133.197.0/24 maxlen: 24
                          85.133.196.0/22 maxlen: 22
                          85.133.203.0/24 maxlen: 24
                          85.133.204.0/24 maxlen: 24
                          85.133.200.0/22 maxlen: 22
                          85.133.206.0/24 maxlen: 24
                          85.133.200.0/24 maxlen: 24
                          85.133.201.0/24 maxlen: 24
                          85.133.204.0/22 maxlen: 22
                          85.133.210.0/24 maxlen: 24
                          85.133.211.0/24 maxlen: 24
                          85.133.208.0/22 maxlen: 22
                          85.133.212.0/24 maxlen: 24
                          85.133.213.0/24 maxlen: 24
                          85.133.207.0/24 maxlen: 24
                          85.133.212.0/22 maxlen: 22
                          85.133.209.0/24 maxlen: 24
                          85.133.216.0/22 maxlen: 22
                          85.133.220.0/24 maxlen: 24
                          85.133.220.0/22 maxlen: 22
                          85.133.226.0/24 maxlen: 24
                          85.133.223.0/24 maxlen: 24
                          85.133.224.0/22 maxlen: 22
                          85.133.132.0/22 maxlen: 22
                          85.133.130.0/24 maxlen: 24
                          85.133.131.0/24 maxlen: 24
                          85.133.128.0/17 maxlen: 24
                          85.133.128.0/24 maxlen: 24
                          85.133.129.0/24 maxlen: 24
                          85.133.128.0/22 maxlen: 22
                          85.133.134.0/24 maxlen: 24
                          85.133.136.0/22 maxlen: 22
                          85.133.133.0/24 maxlen: 24
                          85.133.138.0/24 maxlen: 24
                          85.133.139.0/24 maxlen: 24
                          85.133.144.0/22 maxlen: 22
                          85.133.144.0/24 maxlen: 24
                          85.133.145.0/24 maxlen: 24
                          85.133.140.0/22 maxlen: 22
                          85.133.141.0/24 maxlen: 24
                          85.133.142.0/24 maxlen: 24
                          85.133.140.0/24 maxlen: 24
                          85.133.148.0/24 maxlen: 24
                          85.133.149.0/24 maxlen: 24
                          85.133.150.0/24 maxlen: 24
                          85.133.146.0/24 maxlen: 24
                          85.133.148.0/22 maxlen: 22
                          85.133.147.0/24 maxlen: 24
                          85.133.152.0/22 maxlen: 22
                          85.133.152.0/24 maxlen: 24
                          85.133.158.0/24 maxlen: 24
                          85.133.159.0/24 maxlen: 24
                          85.133.155.0/24 maxlen: 24
                          85.133.157.0/24 maxlen: 24
                          85.133.156.0/22 maxlen: 22
                          85.133.154.0/24 maxlen: 24
                          85.133.160.0/22 maxlen: 22
                          85.133.162.0/24 maxlen: 24
                          85.133.163.0/24 maxlen: 24
                          85.133.164.0/22 maxlen: 24
                          85.133.172.0/22 maxlen: 24
                          85.133.172.0/24 maxlen: 24
                          85.133.168.0/22 maxlen: 24
                          185.41.0.0/24 maxlen: 24
                          185.41.1.0/24 maxlen: 24
                          185.41.2.0/24 maxlen: 24
                          185.41.3.0/24 maxlen: 24
                          2a04:87c0::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:2b:c3:6d:f3:01:e3:a7:45:90:e9:aa:ba:2d:ca:cc:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Dec 19 19:01:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=eac3a6900e12dadbd521bee043f812065c6a057d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:34:d5:be:8c:fb:26:88:a6:6c:87:98:13:29:
                    93:ba:89:51:29:e8:54:68:90:d8:56:56:0b:71:54:
                    03:2e:8b:30:31:9a:9c:5e:65:aa:5a:ae:78:c7:4b:
                    0b:d0:fc:a2:57:7f:e0:53:4f:77:cd:b8:51:f5:b6:
                    c5:f1:cc:ad:3b:b6:66:16:12:34:6a:a4:bf:03:5b:
                    9b:09:e3:54:e8:57:fa:96:e8:8c:13:6d:bb:85:ff:
                    90:f5:cb:db:62:ed:30:47:0a:52:51:d9:a9:60:a1:
                    0e:3a:29:97:18:5c:4d:cb:32:20:69:c3:98:4b:c4:
                    f6:95:53:c2:d7:8b:e0:f9:29:7d:2b:db:ce:6b:b2:
                    af:ca:73:ac:62:4b:7a:35:16:05:17:14:26:fd:eb:
                    6c:20:46:9e:e5:df:63:ed:bb:5b:1b:f0:a9:38:b0:
                    c3:a0:5a:de:b2:e1:bc:cb:d9:87:dc:b1:68:be:ac:
                    70:66:14:24:0f:74:aa:67:78:0f:d2:ab:e5:f1:0a:
                    29:15:72:5a:cc:cc:da:91:5a:c3:6e:4f:6d:3c:39:
                    10:ac:c0:65:1f:f2:7f:f6:fb:3c:21:90:89:90:c2:
                    04:63:cc:1e:3a:97:0d:7a:25:89:5e:4b:e1:a6:ae:
                    cd:bd:c5:df:6e:fd:90:98:47:ac:e5:9d:ac:46:97:
                    56:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:C3:A6:90:0E:12:DA:DB:D5:21:BE:E0:43:F8:12:06:5C:6A:05:7D
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/6sOmkA4S2tvVIb7gQ_gSBlxqBX0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.128.0/17
                  185.41.0.0/22
                IPv6:
                  2a04:87c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         07:27:7f:74:84:fd:8c:1d:4a:68:4e:e1:5a:9d:4f:44:0e:d9:
         8c:f4:dc:d2:55:41:06:a4:17:7a:1b:5d:d9:2a:bb:08:51:a5:
         60:fc:bf:09:a8:25:3e:74:86:e6:bd:bc:4c:90:de:32:92:d3:
         1b:29:59:15:8d:99:75:20:42:46:61:08:a6:ae:91:99:d7:6f:
         1a:49:b6:3b:ee:13:bc:86:43:ac:ff:8c:86:69:88:e8:d4:ba:
         84:f7:f6:41:72:5e:94:82:ab:01:7b:57:7f:72:57:3f:f7:55:
         3b:a6:85:86:21:b6:8a:fc:6c:c7:23:92:cf:73:4e:26:cd:7e:
         ff:7a:97:0c:bd:e4:27:39:0e:44:b0:51:84:60:4c:a0:e1:d4:
         56:17:14:11:85:ab:13:8c:6e:27:9b:b2:c7:a5:ae:8e:35:ed:
         81:57:e0:f3:b4:90:80:d4:76:21:5a:95:b8:bc:f4:2a:f6:ea:
         be:8f:aa:00:23:c9:b2:1f:ed:0f:33:1b:4b:51:33:2e:16:68:
         07:bf:89:63:46:3c:e5:10:61:06:26:47:dc:e1:22:e2:58:4f:
         02:a6:01:18:9a:09:ef:32:cf:ca:3b:fd:50:bc:25:fa:06:b8:
         8d:4e:68:0d:ba:4c:a7:c8:2e:81:8b:c6:41:8c:51:4a:4a:d3:
         dc:6c:20:fc
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYUrw23zAeOnRZDpqrotysxHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjIxMjE5MTkwMTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWMzYTY5MDBlMTJkYWRiZDUyMWJlZTA0M2Y4MTIwNjVjNmEwNTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTTVvoz7JoimbIeYEymTuolRKehU
aJDYVlYLcVQDLoswMZqcXmWqWq54x0sL0PyiV3/gU093zbhR9bbF8cytO7ZmFhI0
aqS/A1ubCeNU6Ff6luiME227hf+Q9cvbYu0wRwpSUdmpYKEOOimXGFxNyzIgacOY
S8T2lVPC14vg+Sl9K9vOa7KvynOsYkt6NRYFFxQm/etsIEae5d9j7btbG/CpOLDD
oFresuG8y9mH3LFovqxwZhQkD3SqZ3gP0qvl8QopFXJazMzakVrDbk9tPDkQrMBl
H/J/9vs8IZCJkMIEY8weOpcNeiWJXkvhpq7NvcXfbv2QmEes5Z2sRpdW8QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOrDppAOEtrb1SG+4EP4EgZcagV9MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvNnNPbWtBNFMydHZWSWI3Z1FfZ1NCbHhxQlgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQAHJ390hP2MHUpo
TuFanU9EDtmM9NzSVUEGpBd6G13ZKrsIUaVg/L8JqCU+dIbmvbxMkN4yktMbKVkV
jZl1IEJGYQimrpGZ128aSbY77hO8hkOs/4yGaYjo1LqE9/ZBcl6UgqsBe1d/clc/
91U7poWGIbaK/GzHI5LPc04mzX7/epcMveQnOQ5EsFGEYEyg4dRWFxQRhasTjG4n
m7LHpa6ONe2BV+DztJCA1HYhWpW4vPQq9uq+j6oAI8myH+0PMxtLUTMuFmgHv4lj
RjzlEGEGJkfc4SLiWE8CpgEYmgnvMs/KO/1QvCX6BriNTmgNukynyC6Bi8ZBjFFK
StPcbCD8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:01 2024 by rpki-client on console-ams.rpki-client.org