Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/9068a5-7979-4f8c-bf82-cfe2a9657c26/1/OmTgQdvcJEMzRoMu4QFYNiTTy14.roa
File:                     OmTgQdvcJEMzRoMu4QFYNiTTy14.roa (raw, json)
Hash identifier:          +pkrQsFe/h+22Zh4+fo2nHawRhVXHzDntxERGVk3FMU=
Subject key identifier:   3A:64:E0:41:DB:DC:24:43:33:46:83:2E:E1:01:58:36:24:D3:CB:5E
Certificate issuer:       /CN=f5daf0ba21e90202597ee47e09f6877fe23c2a9f
Certificate serial:       01852EC2D1592495AFAAE22783A7BD7FB058
Authority key identifier: F5:DA:F0:BA:21:E9:02:02:59:7E:E4:7E:09:F6:87:7F:E2:3C:2A:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9drwuiHpAgJZfuR-CfaHf-I8Kp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/9068a5-7979-4f8c-bf82-cfe2a9657c26/1/OmTgQdvcJEMzRoMu4QFYNiTTy14.roa
Signing time:             Tue 20 Dec 2022 08:59:57 +0000
ROA not before:           Tue 20 Dec 2022 08:59:57 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206262
IP address blocks:        185.171.60.0/24 maxlen: 24
                          185.171.60.0/22 maxlen: 22
                          185.171.62.0/24 maxlen: 24
                          185.171.61.0/24 maxlen: 24
                          185.171.63.0/24 maxlen: 24
                          37.26.64.0/24 maxlen: 24
                          37.26.64.0/21 maxlen: 21
                          37.26.71.0/24 maxlen: 24
                          37.26.70.0/24 maxlen: 24
                          37.26.66.0/24 maxlen: 24
                          37.26.65.0/24 maxlen: 24
                          37.26.67.0/24 maxlen: 24
                          37.26.69.0/24 maxlen: 24
                          37.26.68.0/24 maxlen: 24
                          185.191.164.0/24 maxlen: 24
                          185.191.164.0/22 maxlen: 22
                          185.191.166.0/24 maxlen: 24
                          185.191.165.0/24 maxlen: 24
                          87.238.208.0/24 maxlen: 24
                          185.174.208.0/24 maxlen: 24
                          87.238.208.0/21 maxlen: 21
                          185.174.208.0/22 maxlen: 22
                          185.191.167.0/24 maxlen: 24
                          87.238.210.0/24 maxlen: 24
                          185.174.210.0/24 maxlen: 24
                          185.174.211.0/24 maxlen: 24
                          87.238.209.0/24 maxlen: 24
                          185.174.209.0/24 maxlen: 24
                          87.238.212.0/24 maxlen: 24
                          87.238.213.0/24 maxlen: 24
                          87.238.211.0/24 maxlen: 24
                          87.238.215.0/24 maxlen: 24
                          87.238.214.0/24 maxlen: 24
                          95.86.41.0/24 maxlen: 24
                          95.86.40.0/22 maxlen: 22
                          95.86.40.0/24 maxlen: 24
                          95.86.43.0/24 maxlen: 24
                          95.86.42.0/24 maxlen: 24
                          95.86.57.0/24 maxlen: 24
                          95.86.56.0/24 maxlen: 24
                          95.86.56.0/22 maxlen: 24
                          95.86.58.0/24 maxlen: 24
                          95.86.59.0/24 maxlen: 24
                          185.186.81.0/24 maxlen: 24
                          185.186.80.0/22 maxlen: 22
                          185.186.80.0/24 maxlen: 24
                          185.186.83.0/24 maxlen: 24
                          185.186.82.0/24 maxlen: 24
                          5.206.232.0/21 maxlen: 21
                          5.206.232.0/24 maxlen: 24
                          5.206.233.0/24 maxlen: 24
                          5.206.234.0/24 maxlen: 24
                          5.206.236.0/24 maxlen: 24
                          5.206.235.0/24 maxlen: 24
                          5.206.238.0/24 maxlen: 24
                          5.206.237.0/24 maxlen: 24
                          5.206.239.0/24 maxlen: 24
                          185.179.28.0/22 maxlen: 22
                          185.179.29.0/24 maxlen: 24
                          185.179.28.0/24 maxlen: 24
                          185.179.30.0/24 maxlen: 24
                          185.179.31.0/24 maxlen: 24
                          2a0c:b340::/32 maxlen: 32
                          2a0c:b342::/32 maxlen: 32
                          2a0c:b343::/32 maxlen: 32
                          2a0c:b344::/32 maxlen: 32
                          2a0c:b340::/29 maxlen: 29
                          2a0c:b341::/32 maxlen: 32
                          2a0c:b340::/48 maxlen: 48
                          2a0c:b340:1::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:2e:c2:d1:59:24:95:af:aa:e2:27:83:a7:bd:7f:b0:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5daf0ba21e90202597ee47e09f6877fe23c2a9f
        Validity
            Not Before: Dec 20 08:59:57 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3a64e041dbdc24433346832ee101583624d3cb5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:e9:56:ee:2d:19:79:f3:da:5b:04:21:43:de:
                    af:51:7d:e9:91:84:02:3f:59:9c:78:10:1d:e2:58:
                    d9:98:b4:30:3c:1f:3b:95:0d:11:35:ad:b2:be:5f:
                    1a:61:a4:6b:5c:c0:38:b9:97:3b:92:d1:db:d6:d7:
                    0a:00:91:66:2a:d0:50:2e:10:9e:61:71:2a:ac:5c:
                    ca:a7:8f:17:dd:27:93:14:b6:83:84:21:72:98:f7:
                    4c:7a:5f:e8:d2:06:68:53:ed:92:92:b9:e9:a7:c5:
                    92:6a:ed:4d:e5:ce:10:1c:dc:38:49:0f:9d:43:36:
                    1b:8c:b2:be:3c:d1:9a:82:90:64:11:8f:86:fa:ce:
                    27:ee:9a:b2:ee:2a:d4:d4:1e:ee:3e:ae:36:56:48:
                    4a:e2:35:2b:56:60:0b:30:36:6d:97:7f:17:4e:a1:
                    ec:9b:d8:17:4c:01:cd:0b:c4:21:36:51:57:29:07:
                    5a:10:2a:ba:b3:50:b1:ed:bb:15:3f:a3:20:21:94:
                    a5:40:31:5f:a7:a7:a3:dd:70:bb:ca:5f:be:c7:8a:
                    fc:77:38:fd:ca:3a:b1:23:b5:90:92:aa:3c:e4:29:
                    da:d8:38:94:82:ea:37:84:b8:af:f1:c8:a9:bc:d3:
                    24:c1:09:63:7c:66:8b:7d:ae:d8:30:78:2b:09:34:
                    61:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:64:E0:41:DB:DC:24:43:33:46:83:2E:E1:01:58:36:24:D3:CB:5E
            X509v3 Authority Key Identifier:
                keyid:F5:DA:F0:BA:21:E9:02:02:59:7E:E4:7E:09:F6:87:7F:E2:3C:2A:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9drwuiHpAgJZfuR-CfaHf-I8Kp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9068a5-7979-4f8c-bf82-cfe2a9657c26/1/OmTgQdvcJEMzRoMu4QFYNiTTy14.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9068a5-7979-4f8c-bf82-cfe2a9657c26/1/9drwuiHpAgJZfuR-CfaHf-I8Kp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.206.232.0/21
                  37.26.64.0/21
                  87.238.208.0/21
                  95.86.40.0/22
                  95.86.56.0/22
                  185.171.60.0/22
                  185.174.208.0/22
                  185.179.28.0/22
                  185.186.80.0/22
                  185.191.164.0/22
                IPv6:
                  2a0c:b340::/29

    Signature Algorithm: sha256WithRSAEncryption
         68:f1:d0:77:90:74:b9:b0:7e:77:44:8c:b4:5c:18:11:15:54:
         81:ca:26:e4:2b:c6:b4:a5:40:87:b0:f2:e6:c1:ed:64:6d:c3:
         9c:47:56:12:40:85:5b:34:82:09:a4:e1:e8:07:e2:b9:a7:3a:
         dd:5e:8a:6c:8f:a5:f1:a6:35:27:0b:ee:f7:94:25:1c:74:1b:
         53:62:eb:f4:4a:d9:80:03:ef:57:a6:e0:1c:fc:15:26:4b:f5:
         e9:cc:80:4f:7f:37:c6:81:a1:c9:ee:98:26:d7:6b:5b:2b:b6:
         89:01:df:af:b8:c7:f2:31:74:1d:3e:58:ec:16:46:cc:20:39:
         0c:bb:c5:4a:3b:98:b3:f3:ff:fa:41:dd:38:41:96:29:fa:6f:
         a0:d8:b6:dc:b2:26:a3:af:ae:f3:22:8b:7d:cd:42:15:2b:27:
         3e:95:d1:06:b1:c6:f0:d2:ef:6b:b2:c3:7d:77:57:fe:25:ff:
         2c:a5:ec:c6:7b:77:37:7d:22:ac:a1:1e:83:04:d6:08:fe:cc:
         06:d0:28:a0:b8:1d:a3:95:74:88:ec:2c:66:8c:7d:4a:76:8e:
         7a:fd:60:12:d9:87:31:35:a7:76:77:5f:aa:5a:68:d9:5a:7e:
         c8:06:99:31:ce:79:9e:f3:f6:99:11:13:e8:e6:2b:1c:b6:10:
         94:4e:5c:90
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYUuwtFZJJWvquIng6e9f7BYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZGFmMGJhMjFlOTAyMDI1OTdlZTQ3ZTA5ZjY4NzdmZTIz
YzJhOWYwHhcNMjIxMjIwMDg1OTU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTY0ZTA0MWRiZGMyNDQzMzM0NjgzMmVlMTAxNTgzNjI0ZDNjYjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOlW7i0ZefPaWwQhQ96vUX3pkYQC
P1mceBAd4ljZmLQwPB87lQ0RNa2yvl8aYaRrXMA4uZc7ktHb1tcKAJFmKtBQLhCe
YXEqrFzKp48X3SeTFLaDhCFymPdMel/o0gZoU+2Skrnpp8WSau1N5c4QHNw4SQ+d
QzYbjLK+PNGagpBkEY+G+s4n7pqy7irU1B7uPq42VkhK4jUrVmALMDZtl38XTqHs
m9gXTAHNC8QhNlFXKQdaECq6s1Cx7bsVP6MgIZSlQDFfp6ej3XC7yl++x4r8dzj9
yjqxI7WQkqo85Cna2DiUguo3hLiv8cipvNMkwQljfGaLfa7YMHgrCTRhLQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFDpk4EHb3CRDM0aDLuEBWDYk08teMB8GA1UdIwQY
MBaAFPXa8Loh6QICWX7kfgn2h3/iPCqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWRyd3VpSHBBZ0paZnVSLUNmYUhmLUk4S3A4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS85MDY4YTUtNzk3OS00ZjhjLWJmODIt
Y2ZlMmE5NjU3YzI2LzEvT21UZ1FkdmNKRU16Um9NdTRRRllOaVRUeTE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS85MDY4YTUtNzk3OS00ZjhjLWJmODItY2ZlMmE5NjU3YzI2
LzEvOWRyd3VpSHBBZ0paZnVSLUNmYUhmLUk4S3A4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQDBc7oAwQD
JRpAAwQDV+7QAwQCX1YoAwQCX1Y4AwQCuas8AwQCua7QAwQCubMcAwQCubpQAwQC
ub+kMA0EAgACMAcDBQMqDLNAMA0GCSqGSIb3DQEBCwUAA4IBAQBo8dB3kHS5sH53
RIy0XBgRFVSByibkK8a0pUCHsPLmwe1kbcOcR1YSQIVbNIIJpOHoB+K5pzrdXops
j6XxpjUnC+73lCUcdBtTYuv0StmAA+9XpuAc/BUmS/XpzIBPfzfGgaHJ7pgm12tb
K7aJAd+vuMfyMXQdPljsFkbMIDkMu8VKO5iz8//6Qd04QZYp+m+g2Lbcsiajr67z
Iot9zUIVKyc+ldEGscbw0u9rssN9d1f+Jf8spezGe3c3fSKsoR6DBNYI/swG0Cig
uB2jlXSI7CxmjH1Kdo56/WAS2YcxNad2d1+qWmjZWn7IBpkxznme8/aZERPo5isc
thCUTlyQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:17 2024 by rpki-client on console-fra.rpki-client.org