Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/9068a5-7979-4f8c-bf82-cfe2a9657c26/1/IPvIeOgc53-o0aRRUzMk2z9Hb_o.roa
File:                     IPvIeOgc53-o0aRRUzMk2z9Hb_o.roa (raw, json)
Hash identifier:          KXyCOOdpEt7e9ZY58oTJgA7dwBexmb3KIU06LDnYMJk=
Subject key identifier:   20:FB:C8:78:E8:1C:E7:7F:A8:D1:A4:51:53:33:24:DB:3F:47:6F:FA
Certificate issuer:       /CN=f5daf0ba21e90202597ee47e09f6877fe23c2a9f
Certificate serial:       0C9B4D30
Authority key identifier: F5:DA:F0:BA:21:E9:02:02:59:7E:E4:7E:09:F6:87:7F:E2:3C:2A:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9drwuiHpAgJZfuR-CfaHf-I8Kp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/9068a5-7979-4f8c-bf82-cfe2a9657c26/1/IPvIeOgc53-o0aRRUzMk2z9Hb_o.roa
Signing time:             Fri 01 Apr 2022 09:32:12 +0000
ROA not before:           Fri 01 Apr 2022 09:32:12 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206262
IP address blocks:        185.171.60.0/24 maxlen: 24
                          185.171.60.0/22 maxlen: 22
                          185.171.62.0/24 maxlen: 24
                          185.171.61.0/24 maxlen: 24
                          185.171.63.0/24 maxlen: 24
                          37.26.64.0/24 maxlen: 24
                          37.26.64.0/21 maxlen: 21
                          37.26.71.0/24 maxlen: 24
                          37.26.70.0/24 maxlen: 24
                          37.26.66.0/24 maxlen: 24
                          37.26.65.0/24 maxlen: 24
                          37.26.67.0/24 maxlen: 24
                          37.26.69.0/24 maxlen: 24
                          37.26.68.0/24 maxlen: 24
                          185.191.164.0/24 maxlen: 24
                          185.191.164.0/22 maxlen: 22
                          185.191.166.0/24 maxlen: 24
                          185.191.165.0/24 maxlen: 24
                          87.238.208.0/24 maxlen: 24
                          185.174.208.0/24 maxlen: 24
                          87.238.208.0/21 maxlen: 21
                          185.174.208.0/22 maxlen: 22
                          185.191.167.0/24 maxlen: 24
                          87.238.210.0/24 maxlen: 24
                          185.174.210.0/24 maxlen: 24
                          185.174.211.0/24 maxlen: 24
                          87.238.209.0/24 maxlen: 24
                          185.174.209.0/24 maxlen: 24
                          87.238.212.0/24 maxlen: 24
                          87.238.213.0/24 maxlen: 24
                          87.238.211.0/24 maxlen: 24
                          87.238.215.0/24 maxlen: 24
                          87.238.214.0/24 maxlen: 24
                          185.186.81.0/24 maxlen: 24
                          185.186.80.0/22 maxlen: 22
                          185.186.80.0/24 maxlen: 24
                          185.186.83.0/24 maxlen: 24
                          185.186.82.0/24 maxlen: 24
                          5.206.232.0/21 maxlen: 21
                          5.206.232.0/24 maxlen: 24
                          5.206.233.0/24 maxlen: 24
                          5.206.234.0/24 maxlen: 24
                          5.206.236.0/24 maxlen: 24
                          5.206.235.0/24 maxlen: 24
                          5.206.238.0/24 maxlen: 24
                          5.206.237.0/24 maxlen: 24
                          5.206.239.0/24 maxlen: 24
                          185.179.28.0/22 maxlen: 22
                          185.179.29.0/24 maxlen: 24
                          185.179.28.0/24 maxlen: 24
                          185.179.30.0/24 maxlen: 24
                          185.179.31.0/24 maxlen: 24
                          2a0c:b340::/32 maxlen: 32
                          2a0c:b342::/32 maxlen: 32
                          2a0c:b343::/32 maxlen: 32
                          2a0c:b344::/32 maxlen: 32
                          2a0c:b340::/29 maxlen: 29
                          2a0c:b341::/32 maxlen: 32
                          2a0c:b340::/48 maxlen: 48
                          2a0c:b340:1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 211504432 (0xc9b4d30)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5daf0ba21e90202597ee47e09f6877fe23c2a9f
        Validity
            Not Before: Apr  1 09:32:12 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=20fbc878e81ce77fa8d1a451533324db3f476ffa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:5e:25:54:49:79:90:51:0d:69:ca:60:2f:d6:
                    ef:97:a2:3b:97:71:61:cc:cd:e1:f6:1b:fd:b8:f1:
                    c3:1a:06:ee:b7:80:fa:39:7c:fd:a1:87:ea:19:75:
                    f5:77:2b:90:b7:6d:de:1c:dd:19:26:bb:5d:e2:29:
                    28:4c:e4:f3:54:6b:f2:1f:4a:ba:90:6e:24:40:a3:
                    4e:21:e2:d3:07:d2:55:90:db:78:16:03:d3:d2:2c:
                    b9:64:90:bc:91:4f:2b:6b:ec:e1:38:c6:ab:bf:af:
                    7a:dc:c6:03:d2:34:90:6c:84:dd:43:4c:a7:3f:8a:
                    c2:44:08:99:f3:c4:62:c1:5f:05:56:b8:59:64:a4:
                    66:8f:63:08:1d:21:5d:6b:4b:0d:0c:0c:8b:a7:83:
                    cc:68:d3:80:92:56:f3:a9:f0:b5:14:e2:0e:19:97:
                    9e:78:be:01:82:3d:60:9a:48:ae:f1:65:82:e7:34:
                    7a:f9:4e:d4:9b:78:25:0c:ed:6a:b7:8e:8b:bf:dc:
                    5d:5d:92:27:37:53:b1:87:83:51:1f:a7:66:4a:41:
                    5a:f7:c2:6d:4f:84:e3:8b:32:1a:6a:05:22:eb:e5:
                    e3:9d:e3:d3:f0:8d:0c:14:d4:85:b7:67:68:cb:1c:
                    b7:f5:44:8e:0f:60:11:4a:e9:a5:d6:3f:51:4b:d4:
                    f7:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:FB:C8:78:E8:1C:E7:7F:A8:D1:A4:51:53:33:24:DB:3F:47:6F:FA
            X509v3 Authority Key Identifier:
                keyid:F5:DA:F0:BA:21:E9:02:02:59:7E:E4:7E:09:F6:87:7F:E2:3C:2A:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9drwuiHpAgJZfuR-CfaHf-I8Kp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9068a5-7979-4f8c-bf82-cfe2a9657c26/1/IPvIeOgc53-o0aRRUzMk2z9Hb_o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9068a5-7979-4f8c-bf82-cfe2a9657c26/1/9drwuiHpAgJZfuR-CfaHf-I8Kp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.206.232.0/21
                  37.26.64.0/21
                  87.238.208.0/21
                  185.171.60.0/22
                  185.174.208.0/22
                  185.179.28.0/22
                  185.186.80.0/22
                  185.191.164.0/22
                IPv6:
                  2a0c:b340::/29

    Signature Algorithm: sha256WithRSAEncryption
         2b:92:8b:6d:cf:ef:05:bb:52:e4:81:65:a9:99:bb:f1:ab:67:
         7e:ad:b8:0a:ad:72:3e:2b:89:4b:3c:b4:de:c2:02:12:2d:3b:
         3d:cd:5d:6d:37:be:61:6a:70:46:43:7f:79:32:3a:36:f0:93:
         01:85:eb:d6:cb:bb:38:ec:5e:c2:e8:17:19:f9:23:73:f0:02:
         5d:4c:c5:d1:4c:62:7c:cc:7e:9c:ad:07:71:55:99:02:93:4d:
         62:6c:0e:0f:dc:f3:96:01:fa:a9:52:c7:be:91:66:bb:ca:7e:
         61:db:a8:08:10:4e:47:e3:08:81:67:32:95:be:0b:0e:df:95:
         db:73:90:2d:0e:23:e4:a3:53:a1:dc:f8:e3:ac:e6:f6:37:49:
         a3:cf:40:80:6a:f5:2e:09:5d:e2:f5:3d:4d:b0:6a:a3:01:49:
         15:dc:4c:69:d6:11:5f:89:1c:d2:b6:95:f3:b7:33:7c:42:33:
         3e:0e:e8:31:80:72:f7:91:d2:0c:0c:33:bf:99:4b:1d:9d:f4:
         56:9d:43:ef:62:ff:6f:71:d2:c5:17:99:9e:74:4c:42:c7:4f:
         94:63:44:12:b2:65:f2:70:b7:36:36:1f:62:93:5c:b6:61:08:
         d8:44:99:b7:b1:0c:6c:88:61:e7:4a:a7:8b:e1:fb:1b:88:d9:
         31:3b:11:56
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEDJtNMDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NWRhZjBiYTIxZTkwMjAyNTk3ZWU0N2UwOWY2ODc3ZmUyM2MyYTlmMB4XDTIyMDQw
MTA5MzIxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjBmYmM4NzhlODFj
ZTc3ZmE4ZDFhNDUxNTMzMzI0ZGIzZjQ3NmZmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPFeJVRJeZBRDWnKYC/W75eiO5dxYczN4fYb/bjxwxoG7reA
+jl8/aGH6hl19XcrkLdt3hzdGSa7XeIpKEzk81Rr8h9KupBuJECjTiHi0wfSVZDb
eBYD09IsuWSQvJFPK2vs4TjGq7+vetzGA9I0kGyE3UNMpz+KwkQImfPEYsFfBVa4
WWSkZo9jCB0hXWtLDQwMi6eDzGjTgJJW86nwtRTiDhmXnni+AYI9YJpIrvFlguc0
evlO1Jt4JQztareOi7/cXV2SJzdTsYeDUR+nZkpBWvfCbU+E44syGmoFIuvl453j
0/CNDBTUhbdnaMsct/VEjg9gEUrppdY/UUvU9/0CAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBQg+8h46Bznf6jRpFFTMyTbP0dv+jAfBgNVHSMEGDAWgBT12vC6IekCAll+
5H4J9od/4jwqnzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzlkcnd1aUhwQWdKWmZ1Ui1DZmFIZi1JOEtwOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjEvOTA2OGE1LTc5NzktNGY4Yy1iZjgyLWNmZTJhOTY1N2MyNi8x
L0lQdkllT2djNTMtbzBhUlJVek1rMno5SGJfby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEv
OTA2OGE1LTc5NzktNGY4Yy1iZjgyLWNmZTJhOTY1N2MyNi8xLzlkcnd1aUhwQWdK
WmZ1Ui1DZmFIZi1JOEtwOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEAwXO6AMEAyUaQAMEA1fu0AMEArmr
PAMEArmu0AMEArmzHAMEArm6UAMEArm/pDANBAIAAjAHAwUDKgyzQDANBgkqhkiG
9w0BAQsFAAOCAQEAK5KLbc/vBbtS5IFlqZm78atnfq24Cq1yPiuJSzy03sICEi07
Pc1dbTe+YWpwRkN/eTI6NvCTAYXr1su7OOxewugXGfkjc/ACXUzF0UxifMx+nK0H
cVWZApNNYmwOD9zzlgH6qVLHvpFmu8p+YduoCBBOR+MIgWcylb4LDt+V23OQLQ4j
5KNTodz446zm9jdJo89AgGr1Lgld4vU9TbBqowFJFdxMadYRX4kc0raV87czfEIz
Pg7oMYBy95HSDAwzv5lLHZ30Vp1D72L/b3HSxReZnnRMQsdPlGNEErJl8nC3NjYf
YpNctmEI2ESZt7EMbIhh50qni+H7G4jZMTsRVg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:17 2024 by rpki-client on console-fra.rpki-client.org