Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/xKQ39e09BMo-IP5Y2nKNXkQLuHE.roa
File:                     xKQ39e09BMo-IP5Y2nKNXkQLuHE.roa (raw, json)
Hash identifier:          un1eeoaSZN0PiGR1LwxBHYLi9lj4hLHyhTypH/3prIY=
Subject key identifier:   C4:A4:37:F5:ED:3D:04:CA:3E:20:FE:58:DA:72:8D:5E:44:0B:B8:71
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       0181D35540A3E91696829CE71AC3D316E0D3
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/xKQ39e09BMo-IP5Y2nKNXkQLuHE.roa
Signing time:             Wed 06 Jul 2022 11:46:28 +0000
ROA not before:           Wed 06 Jul 2022 11:46:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     39074
IP address blocks:        85.133.231.0/24 maxlen: 24
                          85.133.232.0/24 maxlen: 24
                          85.133.228.0/22 maxlen: 22
                          85.133.232.0/22 maxlen: 22
                          85.133.229.0/24 maxlen: 24
                          85.133.230.0/24 maxlen: 24
                          85.133.239.0/24 maxlen: 24
                          85.133.236.0/22 maxlen: 22
                          85.133.240.0/24 maxlen: 24
                          85.133.235.0/24 maxlen: 24
                          85.133.240.0/22 maxlen: 22
                          85.133.237.0/24 maxlen: 24
                          85.133.245.0/24 maxlen: 24
                          85.133.246.0/24 maxlen: 24
                          85.133.242.0/24 maxlen: 24
                          85.133.244.0/24 maxlen: 24
                          85.133.241.0/24 maxlen: 24
                          85.133.247.0/24 maxlen: 24
                          85.133.248.0/22 maxlen: 22
                          85.133.249.0/24 maxlen: 24
                          85.133.250.0/24 maxlen: 24
                          85.133.251.0/24 maxlen: 24
                          85.133.252.0/22 maxlen: 22
                          85.133.254.0/24 maxlen: 24
                          85.133.255.0/24 maxlen: 24
                          85.133.176.0/22 maxlen: 24
                          85.133.184.0/22 maxlen: 24
                          85.133.180.0/22 maxlen: 24
                          85.133.189.0/24 maxlen: 24
                          85.133.188.0/22 maxlen: 22
                          85.133.192.0/22 maxlen: 22
                          85.133.196.0/24 maxlen: 24
                          85.133.197.0/24 maxlen: 24
                          85.133.196.0/22 maxlen: 22
                          85.133.205.0/24 maxlen: 24
                          85.133.203.0/24 maxlen: 24
                          85.133.204.0/24 maxlen: 24
                          85.133.200.0/22 maxlen: 22
                          85.133.206.0/24 maxlen: 24
                          85.133.200.0/24 maxlen: 24
                          85.133.201.0/24 maxlen: 24
                          85.133.204.0/22 maxlen: 22
                          85.133.202.0/24 maxlen: 24
                          85.133.212.0/24 maxlen: 24
                          85.133.210.0/24 maxlen: 24
                          85.133.211.0/24 maxlen: 24
                          85.133.208.0/22 maxlen: 22
                          85.133.213.0/24 maxlen: 24
                          85.133.207.0/24 maxlen: 24
                          85.133.212.0/22 maxlen: 22
                          85.133.208.0/24 maxlen: 24
                          85.133.209.0/24 maxlen: 24
                          85.133.216.0/22 maxlen: 22
                          85.133.220.0/24 maxlen: 24
                          85.133.220.0/22 maxlen: 22
                          85.133.226.0/24 maxlen: 24
                          85.133.221.0/24 maxlen: 24
                          85.133.222.0/24 maxlen: 24
                          85.133.223.0/24 maxlen: 24
                          85.133.224.0/22 maxlen: 22
                          85.133.132.0/22 maxlen: 22
                          85.133.130.0/24 maxlen: 24
                          85.133.131.0/24 maxlen: 24
                          85.133.128.0/17 maxlen: 24
                          85.133.132.0/24 maxlen: 24
                          85.133.128.0/24 maxlen: 24
                          85.133.129.0/24 maxlen: 24
                          85.133.128.0/22 maxlen: 22
                          85.133.134.0/24 maxlen: 24
                          85.133.135.0/24 maxlen: 24
                          85.133.136.0/22 maxlen: 22
                          85.133.133.0/24 maxlen: 24
                          85.133.138.0/24 maxlen: 24
                          85.133.139.0/24 maxlen: 24
                          85.133.144.0/22 maxlen: 22
                          85.133.144.0/24 maxlen: 24
                          85.133.145.0/24 maxlen: 24
                          85.133.140.0/22 maxlen: 22
                          85.133.141.0/24 maxlen: 24
                          85.133.142.0/24 maxlen: 24
                          85.133.143.0/24 maxlen: 24
                          85.133.140.0/24 maxlen: 24
                          85.133.147.0/24 maxlen: 24
                          85.133.148.0/24 maxlen: 24
                          85.133.149.0/24 maxlen: 24
                          85.133.150.0/24 maxlen: 24
                          85.133.146.0/24 maxlen: 24
                          85.133.148.0/22 maxlen: 22
                          85.133.152.0/22 maxlen: 22
                          85.133.151.0/24 maxlen: 24
                          85.133.152.0/24 maxlen: 24
                          85.133.158.0/24 maxlen: 24
                          85.133.159.0/24 maxlen: 24
                          85.133.155.0/24 maxlen: 24
                          85.133.156.0/24 maxlen: 24
                          85.133.157.0/24 maxlen: 24
                          85.133.156.0/22 maxlen: 22
                          85.133.153.0/24 maxlen: 24
                          85.133.154.0/24 maxlen: 24
                          85.133.160.0/22 maxlen: 22
                          85.133.162.0/24 maxlen: 24
                          85.133.163.0/24 maxlen: 24
                          85.133.164.0/22 maxlen: 24
                          85.133.160.0/24 maxlen: 24
                          85.133.161.0/24 maxlen: 24
                          85.133.172.0/24 maxlen: 24
                          85.133.172.0/22 maxlen: 24
                          85.133.168.0/22 maxlen: 24
                          185.41.0.0/24 maxlen: 24
                          185.41.1.0/24 maxlen: 24
                          185.41.2.0/24 maxlen: 24
                          185.41.3.0/24 maxlen: 24
                          2a04:87c0::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:d3:55:40:a3:e9:16:96:82:9c:e7:1a:c3:d3:16:e0:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Jul  6 11:46:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c4a437f5ed3d04ca3e20fe58da728d5e440bb871
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:04:41:34:a6:a0:4b:07:b3:82:38:e4:df:cb:
                    8e:c7:57:c6:f0:28:11:75:e9:cf:54:e7:56:13:0e:
                    fe:6a:c1:e2:43:2d:38:73:cd:67:0c:2b:98:37:7c:
                    b2:56:b0:24:72:04:1a:e9:3a:0e:ab:4a:ac:17:2e:
                    46:07:60:03:55:4a:40:2f:9f:1e:00:78:fa:bf:be:
                    59:01:50:82:69:b1:0d:7d:ab:66:8b:0c:08:8b:4b:
                    39:ba:48:18:e2:38:17:00:0a:70:45:0d:37:2a:8b:
                    3b:ee:3d:1e:f7:94:e6:70:59:25:f8:8c:59:70:eb:
                    03:d0:a9:33:6d:91:b4:82:28:75:c5:7b:a4:d5:15:
                    74:83:77:49:59:08:69:ba:25:e8:5c:04:bb:be:36:
                    81:4e:db:a1:8f:0e:34:36:bf:ed:d0:17:bb:9a:f9:
                    10:e1:37:e1:d5:c0:82:95:42:ff:62:ed:db:75:7e:
                    42:33:09:51:f7:c9:93:b8:44:cc:f8:8e:15:10:10:
                    cb:a8:16:b6:8a:a3:c2:a2:30:40:c1:25:49:c4:ee:
                    ed:97:63:e4:4a:c4:02:8f:18:cc:29:bf:f5:02:3b:
                    84:bb:48:49:33:f3:2c:26:ff:73:aa:78:6d:4e:31:
                    3b:40:47:8a:d4:a0:50:e2:e0:84:f4:0a:d4:64:03:
                    cb:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:A4:37:F5:ED:3D:04:CA:3E:20:FE:58:DA:72:8D:5E:44:0B:B8:71
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/xKQ39e09BMo-IP5Y2nKNXkQLuHE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.128.0/17
                  185.41.0.0/22
                IPv6:
                  2a04:87c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         41:21:4b:8f:af:f4:b4:aa:de:1e:af:49:67:67:fd:4c:58:3f:
         25:70:6e:bb:fe:06:86:41:1e:72:80:a8:71:8d:e2:68:19:85:
         27:e7:b3:a8:fd:67:42:fa:fc:a6:05:df:c7:0d:12:1f:20:f1:
         08:da:ed:1e:37:77:3a:4e:81:10:bc:23:e9:15:40:62:92:00:
         64:5b:f5:64:af:09:9e:d0:24:18:ad:e6:6e:87:e2:e9:9c:41:
         44:9c:8a:dd:b9:0e:11:34:ac:00:cc:f6:8c:d1:24:c7:c3:81:
         c6:71:80:4f:3b:f7:60:34:4d:62:b4:13:62:4c:d5:e2:89:d6:
         2a:c0:5e:8c:8d:10:a1:8a:bf:bf:ce:27:48:f2:73:9d:51:4e:
         a3:c5:77:4c:3b:f5:0f:6e:ab:52:c6:e2:2a:a1:89:43:6b:13:
         af:ba:48:37:74:f7:8c:fa:5e:26:76:64:27:22:6c:58:71:f2:
         8d:80:80:2d:4a:eb:2b:bd:6b:ba:dd:fd:cc:d9:2a:12:56:d6:
         65:65:6c:5e:bf:55:b3:db:5c:5d:4a:38:46:57:7c:5c:63:5f:
         29:ef:da:6e:d7:ce:05:f9:4c:b2:bc:11:9a:f9:ce:42:63:a1:
         3a:d2:5d:9f:49:60:14:ff:e7:9e:7d:8c:c9:f7:04:48:7f:42:
         b4:58:2c:80
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYHTVUCj6RaWgpznGsPTFuDTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjIwNzA2MTE0NjI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGE0MzdmNWVkM2QwNGNhM2UyMGZlNThkYTcyOGQ1ZTQ0MGJiODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwRBNKagSwezgjjk38uOx1fG8CgR
denPVOdWEw7+asHiQy04c81nDCuYN3yyVrAkcgQa6ToOq0qsFy5GB2ADVUpAL58e
AHj6v75ZAVCCabENfatmiwwIi0s5ukgY4jgXAApwRQ03Kos77j0e95TmcFkl+IxZ
cOsD0KkzbZG0gih1xXuk1RV0g3dJWQhpuiXoXAS7vjaBTtuhjw40Nr/t0Be7mvkQ
4Tfh1cCClUL/Yu3bdX5CMwlR98mTuETM+I4VEBDLqBa2iqPCojBAwSVJxO7tl2Pk
SsQCjxjMKb/1AjuEu0hJM/MsJv9zqnhtTjE7QEeK1KBQ4uCE9ArUZAPL+wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMSkN/XtPQTKPiD+WNpyjV5EC7hxMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEveEtRMzllMDlCTW8tSVA1WTJuS05Ya1FMdUhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQBBIUuPr/S0qt4e
r0lnZ/1MWD8lcG67/gaGQR5ygKhxjeJoGYUn57Oo/WdC+vymBd/HDRIfIPEI2u0e
N3c6ToEQvCPpFUBikgBkW/Vkrwme0CQYreZuh+LpnEFEnIrduQ4RNKwAzPaM0STH
w4HGcYBPO/dgNE1itBNiTNXiidYqwF6MjRChir+/zidI8nOdUU6jxXdMO/UPbqtS
xuIqoYlDaxOvukg3dPeM+l4mdmQnImxYcfKNgIAtSusrvWu63f3M2SoSVtZlZWxe
v1Wz21xdSjhGV3xcY18p79pu184F+UyyvBGa+c5CY6E60l2fSWAU/+eefYzJ9wRI
f0K0WCyA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org