Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/9068a5-7979-4f8c-bf82-cfe2a9657c26/1/6nycOMr3PW-H879J6rdiClnFc7A.roa
File:                     6nycOMr3PW-H879J6rdiClnFc7A.roa (raw, json)
Hash identifier:          zLEVJGW+7Yeq1TFDukC7xeDhWY6RQKCIdDQg7bbvI+4=
Subject key identifier:   EA:7C:9C:38:CA:F7:3D:6F:87:F3:BF:49:EA:B7:62:0A:59:C5:73:B0
Certificate issuer:       /CN=f5daf0ba21e90202597ee47e09f6877fe23c2a9f
Certificate serial:       0BC3EEC4
Authority key identifier: F5:DA:F0:BA:21:E9:02:02:59:7E:E4:7E:09:F6:87:7F:E2:3C:2A:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9drwuiHpAgJZfuR-CfaHf-I8Kp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/9068a5-7979-4f8c-bf82-cfe2a9657c26/1/6nycOMr3PW-H879J6rdiClnFc7A.roa
Signing time:             Sat 01 Jan 2022 15:00:45 +0000
ROA not before:           Sat 01 Jan 2022 15:00:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206262
IP address blocks:        185.171.60.0/24 maxlen: 24
                          185.171.60.0/22 maxlen: 22
                          185.171.62.0/24 maxlen: 24
                          185.171.61.0/24 maxlen: 24
                          185.171.63.0/24 maxlen: 24
                          185.191.164.0/24 maxlen: 24
                          185.191.164.0/22 maxlen: 22
                          185.191.166.0/24 maxlen: 24
                          185.191.165.0/24 maxlen: 24
                          87.238.208.0/24 maxlen: 24
                          185.174.208.0/24 maxlen: 24
                          87.238.208.0/21 maxlen: 21
                          185.174.208.0/22 maxlen: 22
                          185.191.167.0/24 maxlen: 24
                          87.238.210.0/24 maxlen: 24
                          185.174.210.0/24 maxlen: 24
                          185.174.211.0/24 maxlen: 24
                          87.238.209.0/24 maxlen: 24
                          185.174.209.0/24 maxlen: 24
                          87.238.212.0/24 maxlen: 24
                          87.238.213.0/24 maxlen: 24
                          87.238.211.0/24 maxlen: 24
                          87.238.215.0/24 maxlen: 24
                          87.238.214.0/24 maxlen: 24
                          185.186.81.0/24 maxlen: 24
                          185.186.80.0/22 maxlen: 22
                          185.186.80.0/24 maxlen: 24
                          185.186.83.0/24 maxlen: 24
                          185.186.82.0/24 maxlen: 24
                          5.206.232.0/21 maxlen: 21
                          5.206.232.0/24 maxlen: 24
                          5.206.233.0/24 maxlen: 24
                          5.206.234.0/24 maxlen: 24
                          5.206.236.0/24 maxlen: 24
                          5.206.235.0/24 maxlen: 24
                          5.206.238.0/24 maxlen: 24
                          5.206.237.0/24 maxlen: 24
                          5.206.239.0/24 maxlen: 24
                          185.179.28.0/22 maxlen: 22
                          185.179.29.0/24 maxlen: 24
                          185.179.28.0/24 maxlen: 24
                          185.179.30.0/24 maxlen: 24
                          185.179.31.0/24 maxlen: 24
                          2a0c:b340::/32 maxlen: 32
                          2a0c:b342::/32 maxlen: 32
                          2a0c:b343::/32 maxlen: 32
                          2a0c:b344::/32 maxlen: 32
                          2a0c:b340::/29 maxlen: 29
                          2a0c:b341::/32 maxlen: 32
                          2a0c:b340::/48 maxlen: 48
                          2a0c:b340:1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 197390020 (0xbc3eec4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5daf0ba21e90202597ee47e09f6877fe23c2a9f
        Validity
            Not Before: Jan  1 15:00:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ea7c9c38caf73d6f87f3bf49eab7620a59c573b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:a5:f9:14:65:01:75:2f:fe:0a:1d:5b:c9:94:
                    c1:f3:6a:9e:c9:f7:0b:03:4b:7c:5a:c0:21:c1:84:
                    09:28:29:11:90:33:a9:89:9a:dd:2c:65:8d:36:95:
                    6a:8b:df:df:d3:51:e4:09:0d:6e:25:45:24:c1:10:
                    50:22:2e:32:4d:9e:5d:1f:77:ff:e0:69:5b:d8:3c:
                    db:69:a1:ea:5d:ba:1a:f5:8f:a0:3f:40:f2:97:8d:
                    f8:61:fa:3f:ab:6a:de:bf:b7:84:b9:3d:93:73:fc:
                    93:d2:e3:62:b8:ab:f3:f3:38:e0:5d:d4:64:0c:e8:
                    85:7a:ce:5e:47:52:8d:3d:98:3d:79:90:49:54:8f:
                    34:d8:ae:34:25:74:85:45:b6:25:cf:e5:a4:28:c0:
                    83:2c:e7:0d:6b:bf:30:b4:14:5e:8d:4e:60:44:47:
                    a0:34:3b:f0:e8:aa:a0:31:25:f2:ac:a4:68:bb:98:
                    6f:91:03:1e:54:61:8e:46:81:f9:2e:55:4b:21:70:
                    b7:37:2c:0b:e0:e8:33:bf:d6:29:92:7b:8a:ed:96:
                    f7:09:98:0c:45:7d:f2:09:d8:10:24:10:f4:66:1d:
                    65:01:75:07:6d:51:df:f2:c2:54:b3:bf:59:96:71:
                    3c:5a:28:cc:b1:48:fa:82:c4:32:d3:3a:3d:0f:1f:
                    b5:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:7C:9C:38:CA:F7:3D:6F:87:F3:BF:49:EA:B7:62:0A:59:C5:73:B0
            X509v3 Authority Key Identifier:
                keyid:F5:DA:F0:BA:21:E9:02:02:59:7E:E4:7E:09:F6:87:7F:E2:3C:2A:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9drwuiHpAgJZfuR-CfaHf-I8Kp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9068a5-7979-4f8c-bf82-cfe2a9657c26/1/6nycOMr3PW-H879J6rdiClnFc7A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9068a5-7979-4f8c-bf82-cfe2a9657c26/1/9drwuiHpAgJZfuR-CfaHf-I8Kp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.206.232.0/21
                  87.238.208.0/21
                  185.171.60.0/22
                  185.174.208.0/22
                  185.179.28.0/22
                  185.186.80.0/22
                  185.191.164.0/22
                IPv6:
                  2a0c:b340::/29

    Signature Algorithm: sha256WithRSAEncryption
         3c:4d:52:1e:08:e1:03:8d:52:b5:a1:70:29:76:25:92:b7:8d:
         64:5d:d4:86:26:0b:eb:bd:26:2b:dc:53:2f:ac:2d:aa:8e:2b:
         df:f0:1a:82:90:36:52:18:54:5c:f2:30:e7:f9:f3:a4:34:96:
         b9:3b:bc:4a:88:78:ce:91:60:80:6c:22:44:93:8f:6f:23:8f:
         29:9a:49:77:ea:51:91:37:41:dd:5c:3c:a7:39:52:aa:72:56:
         b5:28:a0:d1:64:d7:cb:5f:53:1f:a4:22:56:67:36:4c:86:76:
         e1:7a:9d:f3:23:be:c6:21:bd:17:c3:62:fb:d7:cf:7d:2c:2a:
         82:2d:7d:41:77:6f:f0:62:b2:24:36:36:11:c7:34:e1:4f:5d:
         8e:59:66:18:d6:67:b9:71:a0:ac:b0:45:41:9c:a0:89:0b:64:
         3a:a3:44:83:74:c1:e2:7f:5e:09:76:58:da:20:b8:d3:fe:fe:
         f3:c3:fc:8f:70:da:06:37:c0:05:cd:89:60:4b:13:b6:a6:44:
         40:7a:ed:6e:bb:07:59:1c:c2:9b:66:79:59:83:a0:44:2a:99:
         96:ae:03:d8:6d:a5:77:67:f8:c4:be:77:28:84:bd:99:26:f8:
         1f:58:0c:d7:a1:6b:dc:c5:de:85:23:8e:18:78:f8:29:6d:99:
         7a:a7:5a:a1
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEC8PuxDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NWRhZjBiYTIxZTkwMjAyNTk3ZWU0N2UwOWY2ODc3ZmUyM2MyYTlmMB4XDTIyMDEw
MTE1MDA0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWE3YzljMzhjYWY3
M2Q2Zjg3ZjNiZjQ5ZWFiNzYyMGE1OWM1NzNiMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKml+RRlAXUv/godW8mUwfNqnsn3CwNLfFrAIcGECSgpEZAz
qYma3SxljTaVaovf39NR5AkNbiVFJMEQUCIuMk2eXR93/+BpW9g822mh6l26GvWP
oD9A8peN+GH6P6tq3r+3hLk9k3P8k9LjYrir8/M44F3UZAzohXrOXkdSjT2YPXmQ
SVSPNNiuNCV0hUW2Jc/lpCjAgyznDWu/MLQUXo1OYERHoDQ78OiqoDEl8qykaLuY
b5EDHlRhjkaB+S5VSyFwtzcsC+DoM7/WKZJ7iu2W9wmYDEV98gnYECQQ9GYdZQF1
B21R3/LCVLO/WZZxPFoozLFI+oLEMtM6PQ8ftWECAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBTqfJw4yvc9b4fzv0nqt2IKWcVzsDAfBgNVHSMEGDAWgBT12vC6IekCAll+
5H4J9od/4jwqnzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzlkcnd1aUhwQWdKWmZ1Ui1DZmFIZi1JOEtwOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjEvOTA2OGE1LTc5NzktNGY4Yy1iZjgyLWNmZTJhOTY1N2MyNi8x
LzZueWNPTXIzUFctSDg3OUo2cmRpQ2xuRmM3QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEv
OTA2OGE1LTc5NzktNGY4Yy1iZjgyLWNmZTJhOTY1N2MyNi8xLzlkcnd1aUhwQWdK
WmZ1Ui1DZmFIZi1JOEtwOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEAwXO6AMEA1fu0AMEArmrPAMEArmu
0AMEArmzHAMEArm6UAMEArm/pDANBAIAAjAHAwUDKgyzQDANBgkqhkiG9w0BAQsF
AAOCAQEAPE1SHgjhA41StaFwKXYlkreNZF3UhiYL670mK9xTL6wtqo4r3/AagpA2
UhhUXPIw5/nzpDSWuTu8Soh4zpFggGwiRJOPbyOPKZpJd+pRkTdB3Vw8pzlSqnJW
tSig0WTXy19TH6QiVmc2TIZ24Xqd8yO+xiG9F8Ni+9fPfSwqgi19QXdv8GKyJDY2
Ecc04U9djllmGNZnuXGgrLBFQZygiQtkOqNEg3TB4n9eCXZY2iC40/7+88P8j3Da
BjfABc2JYEsTtqZEQHrtbrsHWRzCm2Z5WYOgRCqZlq4D2G2ld2f4xL53KIS9mSb4
H1gM16Fr3MXehSOOGHj4KW2ZeqdaoQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:17 2024 by rpki-client on console-fra.rpki-client.org