Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/2lLpEOH9_z7WOkEkIslQVv5uoew.roa
File:                     2lLpEOH9_z7WOkEkIslQVv5uoew.roa (raw, json)
Hash identifier:          FUaOUoLECi67WKa5Kni5gaKmXUwtpu0Jr4Vx+QDgi6U=
Subject key identifier:   DA:52:E9:10:E1:FD:FF:3E:D6:3A:41:24:22:C9:50:56:FE:6E:A1:EC
Certificate issuer:       /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial:       0B265109
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/2lLpEOH9_z7WOkEkIslQVv5uoew.roa
Signing time:             Sat 01 Jan 2022 05:02:31 +0000
ROA not before:           Sat 01 Jan 2022 05:02:31 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60148
IP address blocks:        2.187.255.0/24 maxlen: 24
                          2.187.254.0/24 maxlen: 24
                          2.182.255.0/24 maxlen: 24
                          2.182.254.0/24 maxlen: 24
                          78.39.221.0/24 maxlen: 24
                          78.39.152.0/24 maxlen: 24
                          80.191.56.0/24 maxlen: 24
                          78.38.239.0/24 maxlen: 24
                          2.187.253.0/24 maxlen: 24
                          78.38.237.0/24 maxlen: 24
                          2.185.254.0/24 maxlen: 24
                          2.185.255.0/24 maxlen: 24
                          2.180.255.0/24 maxlen: 24
                          2.180.254.0/24 maxlen: 24
                          2.181.222.0/24 maxlen: 24
                          2.181.223.0/24 maxlen: 24
                          2.183.254.0/24 maxlen: 24
                          2.183.255.0/24 maxlen: 24
                          195.146.37.0/24 maxlen: 24
                          195.146.59.0/24 maxlen: 24
                          2.184.255.0/24 maxlen: 24
                          2.184.254.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 187060489 (0xb265109)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
        Validity
            Not Before: Jan  1 05:02:31 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=da52e910e1fdff3ed63a412422c95056fe6ea1ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:37:8d:b1:9a:a4:e4:64:d5:a2:15:89:51:53:
                    13:27:5b:ec:8c:56:91:1e:ac:6a:29:f1:18:83:35:
                    e9:58:d4:b7:6f:b4:1d:a9:fa:e6:fd:95:ff:27:88:
                    d2:43:e9:97:a3:50:8d:0a:ee:ba:1b:f9:f1:b7:f1:
                    fd:c2:93:97:c9:5f:88:ed:3b:a9:8d:2b:4f:7f:44:
                    4d:56:b7:f7:40:32:3a:66:3a:4f:9e:1a:a4:eb:37:
                    83:9c:b3:30:2b:2a:39:67:57:59:57:5b:5b:d6:a2:
                    0b:57:2c:dd:6a:58:c0:1b:77:4f:ad:73:6c:ae:cd:
                    27:14:db:01:0e:9c:45:14:55:5d:7b:a6:c4:7f:26:
                    93:3b:00:5a:4b:d1:53:12:5e:21:ff:64:a3:7f:e5:
                    54:4b:70:3c:19:d7:20:e2:2d:22:9a:37:35:dd:54:
                    8e:d1:53:25:2d:bd:1f:33:e5:71:e7:98:e2:15:35:
                    36:03:ec:1d:fd:1c:ec:18:05:8a:9e:b5:ab:52:37:
                    bc:b1:1f:02:ea:98:01:a4:58:03:88:31:d6:a7:d3:
                    37:77:1d:cb:0e:14:41:7c:e5:f7:06:a0:82:77:1b:
                    e2:e3:46:b2:86:c1:bc:86:f8:27:06:04:24:c0:8a:
                    8e:91:86:bc:a2:11:e9:40:a3:0a:cd:11:dc:d3:ad:
                    c4:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:52:E9:10:E1:FD:FF:3E:D6:3A:41:24:22:C9:50:56:FE:6E:A1:EC
            X509v3 Authority Key Identifier:
                keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/2lLpEOH9_z7WOkEkIslQVv5uoew.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.180.254.0/23
                  2.181.222.0/23
                  2.182.254.0/23
                  2.183.254.0/23
                  2.184.254.0/23
                  2.185.254.0/23
                  2.187.253.0-2.187.255.255
                  78.38.237.0/24
                  78.38.239.0/24
                  78.39.152.0/24
                  78.39.221.0/24
                  80.191.56.0/24
                  195.146.37.0/24
                  195.146.59.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:7a:5f:7d:32:22:48:39:b4:74:96:7c:2d:13:2e:a7:ce:39:
         96:24:97:77:d7:7a:a4:ba:5b:ec:a4:5c:22:99:6b:76:f3:c0:
         ab:05:10:0f:21:86:77:2b:71:53:95:25:76:c6:a7:31:e3:f6:
         e9:dc:9e:ae:f7:a0:08:9d:ef:f8:0e:22:d4:8f:10:8f:2a:86:
         7a:0d:e0:83:7e:b7:ed:4d:63:99:f5:9b:49:50:8e:29:0c:58:
         bf:50:03:21:6c:ab:1b:54:a1:b7:55:df:5c:6f:b6:13:eb:8d:
         6f:68:14:58:dc:6e:99:b0:1f:d0:04:4c:7e:50:68:04:08:1a:
         2e:1e:5a:6e:0f:c8:e9:86:78:8c:d3:34:ce:8e:dc:70:de:31:
         bb:12:27:64:0f:af:f4:c3:fe:ce:6f:d4:31:91:0a:c8:45:29:
         0f:22:5e:8c:a0:d3:57:e7:bb:6f:d3:3c:91:77:da:4b:71:47:
         78:92:32:d5:bb:10:3d:47:3e:d5:ed:a2:03:c5:c4:65:4a:94:
         ab:76:f8:3d:ea:e7:2f:4a:47:c4:be:51:06:fe:d7:f8:1b:87:
         6c:e0:3a:8f:4f:80:3a:64:68:10:5b:03:e1:85:77:72:79:66:
         d8:9c:6f:a1:43:f2:60:a7:15:c9:ea:a3:e2:e6:94:be:29:f3:
         37:cd:66:4a
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgIECyZRCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
N2EzOWU0Nzk0YzM0NjEyZTdmMjI1NjliMWE2YTgxNzEwMjYwYWU1MB4XDTIyMDEw
MTA1MDIzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGE1MmU5MTBlMWZk
ZmYzZWQ2M2E0MTI0MjJjOTUwNTZmZTZlYTFlYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKo3jbGapORk1aIViVFTEydb7IxWkR6sainxGIM16VjUt2+0
Han65v2V/yeI0kPpl6NQjQruuhv58bfx/cKTl8lfiO07qY0rT39ETVa390AyOmY6
T54apOs3g5yzMCsqOWdXWVdbW9aiC1cs3WpYwBt3T61zbK7NJxTbAQ6cRRRVXXum
xH8mkzsAWkvRUxJeIf9ko3/lVEtwPBnXIOItIpo3Nd1UjtFTJS29HzPlceeY4hU1
NgPsHf0c7BgFip61q1I3vLEfAuqYAaRYA4gx1qfTN3cdyw4UQXzl9waggncb4uNG
sobBvIb4JwYEJMCKjpGGvKIR6UCjCs0R3NOtxC0CAwEAAaOCAl4wggJaMB0GA1Ud
DgQWBBTaUukQ4f3/PtY6QSQiyVBW/m6h7DAfBgNVHSMEGDAWgBQno55HlMNGEufy
JWmxpqgXECYK5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0o2T2VSNVREUmhMbjhpVnBzYWFvRnhBbUN1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvMzhmYzMzLTA2YzEtNDAwNi05ZTIzLWY3NGQ5NTE4NTc2Yy8x
LzJsTHBFT0g5X3o3V09rRWtJc2xRVnY1dW9ldy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
MzhmYzMzLTA2YzEtNDAwNi05ZTIzLWY3NGQ5NTE4NTc2Yy8xL0o2T2VSNVREUmhM
bjhpVnBzYWFvRnhBbUN1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB0
BggrBgEFBQcBBwEB/wRlMGMwYQQCAAEwWwMEAQK0/gMEAQK13gMEAQK2/gMEAQK3
/gMEAQK4/gMEAQK5/jALAwQAArv9AwMCArgDBABOJu0DBABOJu8DBABOJ5gDBABO
J90DBABQvzgDBADDkiUDBADDkjswDQYJKoZIhvcNAQELBQADggEBADx6X30yIkg5
tHSWfC0TLqfOOZYkl3fXeqS6W+ykXCKZa3bzwKsFEA8hhncrcVOVJXbGpzHj9unc
nq73oAid7/gOItSPEI8qhnoN4IN+t+1NY5n1m0lQjikMWL9QAyFsqxtUobdV31xv
thPrjW9oFFjcbpmwH9AETH5QaAQIGi4eWm4PyOmGeIzTNM6O3HDeMbsSJ2QPr/TD
/s5v1DGRCshFKQ8iXoyg01fnu2/TPJF32ktxR3iSMtW7ED1HPtXtogPFxGVKlKt2
+D3q5y9KR8S+UQb+1/gbh2zgOo9PgDpkaBBbA+GFd3J5Zticb6FD8mCnFcnqo+Lm
lL4p8zfNZko=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:47 2024 by rpki-client on console-fra.rpki-client.org