Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/9rjUaNzHqPvcItcteXOLl5-YXto.roa
File:                     9rjUaNzHqPvcItcteXOLl5-YXto.roa (raw, json)
Hash identifier:          qFegFnFNxDamRpwYHRDfaJjR640Fztc7jzPIENFkKcQ=
Subject key identifier:   F6:B8:D4:68:DC:C7:A8:FB:DC:22:D7:2D:79:73:8B:97:9F:98:5E:DA
Certificate issuer:       /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial:       0B2A8EF1
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/9rjUaNzHqPvcItcteXOLl5-YXto.roa
Signing time:             Sat 01 Jan 2022 05:02:34 +0000
ROA not before:           Sat 01 Jan 2022 05:02:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202468
IP address blocks:        78.39.156.0/24 maxlen: 24
                          2.178.254.0/24 maxlen: 24
                          2.178.255.0/24 maxlen: 24
                          78.39.198.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 187338481 (0xb2a8ef1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
        Validity
            Not Before: Jan  1 05:02:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f6b8d468dcc7a8fbdc22d72d79738b979f985eda
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:87:71:c6:00:30:eb:5d:f5:d3:78:00:ca:ad:
                    44:0a:5b:ca:74:c4:6b:d2:bf:e3:b4:6e:43:77:70:
                    bb:c0:e2:b6:fe:ad:aa:c1:f3:f4:a3:ea:3f:6d:06:
                    7e:16:41:2f:7e:0c:d3:4e:fc:71:43:b5:2a:55:bf:
                    49:3d:23:0a:63:6c:92:0d:40:71:f0:2c:69:bc:5e:
                    0a:5d:0b:8f:2e:b8:5d:04:61:e6:ff:ca:16:48:a6:
                    6d:40:3a:2d:5a:c2:e1:fe:6b:e2:c0:43:5b:19:8f:
                    2b:c8:4a:c6:19:07:ed:d1:06:6f:5b:ae:86:e1:0f:
                    7c:60:66:4d:eb:db:92:43:b1:d6:ab:39:69:37:dd:
                    4e:3c:b7:59:8c:0d:34:82:77:1b:bd:76:60:39:71:
                    df:33:c6:eb:42:0b:36:3a:89:ca:40:47:91:6c:91:
                    ad:bc:19:db:cc:e4:4c:d9:9e:e3:d0:e4:2a:5b:53:
                    d1:1f:4e:59:3a:99:75:1f:84:90:da:d6:4a:0a:b4:
                    02:78:b6:1e:8a:8f:06:1f:e4:c5:8b:0e:85:b0:7e:
                    e8:cf:66:e2:7f:ae:e1:6a:59:2e:bb:1a:ed:ff:40:
                    f3:00:52:d0:7d:ff:8b:a3:ac:18:77:3e:a0:50:55:
                    d2:58:5b:1e:76:6e:f4:4c:88:bd:71:b1:5f:ae:a5:
                    70:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:B8:D4:68:DC:C7:A8:FB:DC:22:D7:2D:79:73:8B:97:9F:98:5E:DA
            X509v3 Authority Key Identifier:
                keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/9rjUaNzHqPvcItcteXOLl5-YXto.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.178.254.0/23
                  78.39.156.0/24
                  78.39.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:a6:76:00:35:27:77:d9:b7:7e:29:33:5e:7b:c4:61:0f:56:
         58:c4:a2:50:fe:52:3b:36:3d:d8:8b:22:91:55:13:6f:32:da:
         44:60:4b:e9:7b:00:52:ba:77:91:d0:63:cf:7b:02:d9:2d:f6:
         2a:34:2e:36:a7:e7:64:e4:d4:f9:4d:3b:7b:cf:ba:19:ad:f5:
         86:34:44:e4:5a:d1:4b:98:0f:33:1c:9c:a9:63:a8:f3:a8:cd:
         7e:22:04:b6:d0:6b:e5:b9:b7:da:2d:72:be:08:0a:7d:9a:80:
         0c:ad:e0:1c:30:33:b7:3e:d9:3f:f6:10:1d:80:1c:50:34:95:
         77:c1:66:4e:dd:b1:3e:11:0b:e6:57:98:69:4b:65:fe:88:0b:
         bf:86:65:e8:5f:33:c5:4e:e6:2e:1e:b9:ea:f0:a8:4b:e7:32:
         18:cb:52:8c:8c:97:15:3e:47:03:c4:0b:1b:c5:80:16:d5:ce:
         dc:1c:7b:41:6e:1f:d6:24:b8:7c:60:3d:d0:95:4e:9e:35:66:
         f8:cb:c3:6a:b9:a0:4a:58:c3:f7:8c:ed:57:9c:c5:ca:4c:9b:
         8e:77:31:d9:12:da:c1:b9:0f:fa:8c:c8:cf:15:e4:93:28:a1:
         69:25:7e:a5:14:73:70:40:8f:f2:9b:b7:b6:59:c1:66:34:3f:
         e2:e2:bd:95
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECyqO8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
N2EzOWU0Nzk0YzM0NjEyZTdmMjI1NjliMWE2YTgxNzEwMjYwYWU1MB4XDTIyMDEw
MTA1MDIzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjZiOGQ0NjhkY2M3
YThmYmRjMjJkNzJkNzk3MzhiOTc5Zjk4NWVkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJOHccYAMOtd9dN4AMqtRApbynTEa9K/47RuQ3dwu8Ditv6t
qsHz9KPqP20GfhZBL34M0078cUO1KlW/ST0jCmNskg1AcfAsabxeCl0Ljy64XQRh
5v/KFkimbUA6LVrC4f5r4sBDWxmPK8hKxhkH7dEGb1uuhuEPfGBmTevbkkOx1qs5
aTfdTjy3WYwNNIJ3G712YDlx3zPG60ILNjqJykBHkWyRrbwZ28zkTNme49DkKltT
0R9OWTqZdR+EkNrWSgq0Ani2HoqPBh/kxYsOhbB+6M9m4n+u4WpZLrsa7f9A8wBS
0H3/i6OsGHc+oFBV0lhbHnZu9EyIvXGxX66lcAUCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBT2uNRo3Meo+9wi1y15c4uXn5he2jAfBgNVHSMEGDAWgBQno55HlMNGEufy
JWmxpqgXECYK5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0o2T2VSNVREUmhMbjhpVnBzYWFvRnhBbUN1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvMzhmYzMzLTA2YzEtNDAwNi05ZTIzLWY3NGQ5NTE4NTc2Yy8x
LzlyalVhTnpIcVB2Y0l0Y3RlWE9MbDUtWVh0by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
MzhmYzMzLTA2YzEtNDAwNi05ZTIzLWY3NGQ5NTE4NTc2Yy8xL0o2T2VSNVREUmhM
bjhpVnBzYWFvRnhBbUN1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAQKy/gMEAE4nnAMEAE4nxjANBgkq
hkiG9w0BAQsFAAOCAQEAX6Z2ADUnd9m3fikzXnvEYQ9WWMSiUP5SOzY92IsikVUT
bzLaRGBL6XsAUrp3kdBjz3sC2S32KjQuNqfnZOTU+U07e8+6Ga31hjRE5FrRS5gP
MxycqWOo86jNfiIEttBr5bm32i1yvggKfZqADK3gHDAztz7ZP/YQHYAcUDSVd8Fm
Tt2xPhEL5leYaUtl/ogLv4Zl6F8zxU7mLh656vCoS+cyGMtSjIyXFT5HA8QLG8WA
FtXO3Bx7QW4f1iS4fGA90JVOnjVm+MvDarmgSljD94ztV5zFykybjncx2RLawbkP
+ozIzxXkkyihaSV+pRRzcECP8pu3tlnBZjQ/4uK9lQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:52 2024 by rpki-client on console-ams.rpki-client.org