Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/A3r0UT2bz3XarlzxTaSlAqXRjD8.roa
File:                     A3r0UT2bz3XarlzxTaSlAqXRjD8.roa (raw, json)
Hash identifier:          EYvxAEC5yiVa8X/ATvFJjmpFpdoVary6E4geXBHzOb4=
Subject key identifier:   03:7A:F4:51:3D:9B:CF:75:DA:AE:5C:F1:4D:A4:A5:02:A5:D1:8C:3F
Certificate issuer:       /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial:       0CB4C728
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/A3r0UT2bz3XarlzxTaSlAqXRjD8.roa
Signing time:             Fri 10 Jun 2022 17:02:09 +0000
ROA not before:           Fri 10 Jun 2022 17:02:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12880
IP address blocks:        2.188.2.0/24 maxlen: 24
                          2.188.3.0/24 maxlen: 24
                          2.188.4.0/24 maxlen: 24
                          2.188.5.0/24 maxlen: 24
                          2.188.0.0/16 maxlen: 16
                          2.188.10.0/24 maxlen: 24
                          2.188.9.0/24 maxlen: 24
                          2.188.8.0/24 maxlen: 24
                          2.188.7.0/24 maxlen: 24
                          2.188.14.0/24 maxlen: 24
                          2.188.13.0/24 maxlen: 24
                          2.188.17.0/24 maxlen: 24
                          2.188.12.0/24 maxlen: 24
                          2.188.12.0/22 maxlen: 22
                          2.188.15.0/24 maxlen: 24
                          2.188.22.0/24 maxlen: 24
                          2.188.18.0/24 maxlen: 24
                          2.188.21.0/24 maxlen: 24
                          2.188.20.0/24 maxlen: 24
                          2.188.19.0/24 maxlen: 24
                          2.188.26.0/23 maxlen: 23
                          2.188.30.0/24 maxlen: 24
                          2.188.25.0/24 maxlen: 24
                          2.188.31.0/24 maxlen: 24
                          78.39.165.0/24 maxlen: 24
                          78.39.179.0/24 maxlen: 24
                          2.188.58.0/24 maxlen: 24
                          2.188.64.0/21 maxlen: 21
                          2.188.78.0/24 maxlen: 24
                          2.188.77.0/24 maxlen: 24
                          2.188.76.0/24 maxlen: 24
                          2.188.79.0/24 maxlen: 24
                          78.38.242.0/24 maxlen: 24
                          78.38.241.0/24 maxlen: 24
                          78.38.244.0/24 maxlen: 24
                          78.38.245.0/24 maxlen: 24
                          78.38.249.0/24 maxlen: 24
                          78.38.253.0/24 maxlen: 24
                          78.38.255.0/24 maxlen: 24
                          78.39.0.0/16 maxlen: 16
                          78.38.193.0/24 maxlen: 24
                          78.38.201.0/24 maxlen: 24
                          78.38.209.0/24 maxlen: 24
                          2.187.0.0/16 maxlen: 16
                          78.38.220.0/23 maxlen: 23
                          78.38.238.0/24 maxlen: 24
                          78.38.240.0/24 maxlen: 24
                          78.39.130.0/24 maxlen: 24
                          78.38.32.0/19 maxlen: 19
                          217.219.236.0/22 maxlen: 22
                          78.38.0.0/16 maxlen: 16
                          78.38.160.0/19 maxlen: 19
                          195.146.37.0/24 maxlen: 24
                          195.146.32.0/19 maxlen: 19
                          195.146.32.0/20 maxlen: 20
                          195.146.36.0/24 maxlen: 24
                          195.146.32.0/24 maxlen: 24
                          195.146.50.0/24 maxlen: 24
                          195.146.46.0/23 maxlen: 23
                          195.146.60.0/24 maxlen: 24
                          195.146.63.0/24 maxlen: 24
                          217.219.40.0/22 maxlen: 22
                          2.178.192.0/18 maxlen: 18
                          217.219.0.0/16 maxlen: 16
                          217.219.24.0/21 maxlen: 21
                          217.219.152.0/21 maxlen: 21
                          85.185.230.0/23 maxlen: 23
                          85.185.192.0/22 maxlen: 22
                          217.218.85.0/24 maxlen: 24
                          80.191.103.0/24 maxlen: 24
                          217.218.94.0/24 maxlen: 24
                          217.218.96.0/19 maxlen: 19
                          217.218.105.0/24 maxlen: 24
                          217.218.104.0/24 maxlen: 24
                          2.178.0.0/19 maxlen: 19
                          217.218.114.0/24 maxlen: 24
                          217.218.131.0/24 maxlen: 24
                          217.218.127.0/24 maxlen: 24
                          217.218.132.0/24 maxlen: 24
                          80.191.41.0/24 maxlen: 24
                          80.191.64.0/23 maxlen: 23
                          217.218.48.0/21 maxlen: 21
                          80.191.61.0/24 maxlen: 24
                          80.191.67.0/24 maxlen: 24
                          217.218.56.0/24 maxlen: 24
                          80.191.69.0/24 maxlen: 24
                          80.191.70.0/24 maxlen: 24
                          217.218.55.0/24 maxlen: 24
                          217.218.64.0/24 maxlen: 24
                          217.218.64.0/18 maxlen: 18
                          80.191.81.0/24 maxlen: 24
                          217.218.67.0/24 maxlen: 24
                          80.191.88.0/21 maxlen: 21
                          2.189.79.64/27 maxlen: 27
                          85.185.42.0/24 maxlen: 24
                          85.185.45.0/24 maxlen: 24
                          217.218.239.0/24 maxlen: 24
                          217.218.235.0/24 maxlen: 24
                          2.178.128.0/18 maxlen: 18
                          217.218.143.0/24 maxlen: 24
                          2.178.32.0/19 maxlen: 19
                          217.218.141.0/24 maxlen: 24
                          217.218.155.0/24 maxlen: 24
                          2.178.64.0/18 maxlen: 18
                          85.185.0.0/16 maxlen: 16
                          217.218.180.0/24 maxlen: 24
                          2.185.0.0/16 maxlen: 16
                          2.177.0.0/17 maxlen: 17
                          2.177.128.0/17 maxlen: 17
                          80.191.0.0/24 maxlen: 24
                          80.191.0.0/16 maxlen: 16
                          2.191.0.0/16 maxlen: 16
                          217.218.0.0/17 maxlen: 17
                          217.218.0.0/16 maxlen: 16
                          80.191.24.0/24 maxlen: 24
                          80.191.27.0/24 maxlen: 24
                          80.191.29.0/24 maxlen: 24
                          80.191.36.0/24 maxlen: 24
                          217.218.21.0/24 maxlen: 24
                          80.191.32.0/24 maxlen: 24
                          2.189.5.32/28 maxlen: 28
                          2.182.248.0/22 maxlen: 22
                          2.182.214.0/23 maxlen: 23
                          2.189.79.32/27 maxlen: 27
                          2.176.192.0/18 maxlen: 18
                          2.176.0.0/12 maxlen: 12
                          2.188.183.0/24 maxlen: 24
                          2.188.185.0/24 maxlen: 24
                          2.188.192.0/18 maxlen: 18
                          2.189.78.0/24 maxlen: 24
                          2.189.79.0/24 maxlen: 24
                          2.182.96.0/19 maxlen: 19
                          2001:4188::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 213174056 (0xcb4c728)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
        Validity
            Not Before: Jun 10 17:02:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=037af4513d9bcf75daae5cf14da4a502a5d18c3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:96:0c:b7:99:75:5d:4a:c7:a1:1c:9b:0b:12:
                    4f:1f:57:5a:9e:9f:2b:51:4d:c9:4a:f5:f0:46:cb:
                    c4:5f:5e:cb:03:4c:f4:57:72:14:4b:12:ec:a5:6c:
                    24:e2:b7:9d:eb:78:b3:12:0b:fd:a6:d3:c2:d2:8b:
                    da:16:05:1d:89:a7:e2:01:6f:2d:36:06:ba:28:80:
                    94:15:f7:cc:27:62:8e:27:4e:0b:dc:9a:05:1e:e3:
                    67:65:43:91:cc:08:71:0c:50:b8:ba:91:bb:2c:ea:
                    69:98:1e:23:77:ac:aa:39:d2:b4:74:cf:a6:28:a0:
                    21:04:48:cb:35:06:40:85:42:41:6f:4f:c0:ea:fe:
                    2c:be:2a:f5:13:f6:7a:d2:da:fc:67:29:94:5d:fe:
                    55:05:14:0a:1a:08:3a:ec:3a:b5:b6:48:47:0a:d5:
                    24:9d:6b:81:11:8b:9a:43:9a:4c:3c:2f:ca:89:3b:
                    88:87:f2:20:a3:ee:b4:1d:e4:26:6c:d1:f2:dd:46:
                    49:ac:14:64:88:cb:6e:15:82:9c:9b:92:88:fb:44:
                    96:b7:61:da:e8:80:3f:54:42:35:44:e5:22:28:1f:
                    26:19:dd:5b:ba:5b:83:5d:e2:bb:15:53:b2:07:85:
                    20:fe:de:32:9a:ed:dd:c4:38:b3:92:46:79:b5:ff:
                    47:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:7A:F4:51:3D:9B:CF:75:DA:AE:5C:F1:4D:A4:A5:02:A5:D1:8C:3F
            X509v3 Authority Key Identifier:
                keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/A3r0UT2bz3XarlzxTaSlAqXRjD8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.176.0.0/12
                  78.38.0.0/15
                  80.191.0.0/16
                  85.185.0.0/16
                  195.146.32.0/19
                  217.218.0.0/15
                IPv6:
                  2001:4188::/48

    Signature Algorithm: sha256WithRSAEncryption
         78:ca:74:91:b1:79:ad:0d:75:a7:a5:1e:7f:74:fc:87:dd:ef:
         c4:bb:81:fe:5e:68:66:9c:8b:71:61:46:12:f4:98:9c:09:3e:
         f5:ef:a7:d4:d8:39:59:61:68:0c:ee:8b:f7:de:4a:a6:d0:f2:
         74:31:f1:36:35:d1:cd:b4:81:54:14:93:ac:35:2b:33:75:db:
         81:ce:8c:aa:70:67:8f:c9:a7:6e:9b:4c:99:63:30:90:75:8e:
         e4:d1:78:04:ed:97:de:5a:b2:48:e4:53:02:3f:6b:30:15:e3:
         04:30:e1:8c:4b:78:dd:c9:0b:44:30:95:dc:3e:89:1f:b8:27:
         ce:2c:87:81:a8:35:3b:bc:d4:4e:30:42:c6:58:f6:97:85:cf:
         58:d6:a4:af:91:27:ab:45:d9:b9:ec:6a:aa:e0:b1:3a:08:00:
         4f:df:5a:c9:87:9e:29:e0:2c:71:78:59:7b:8a:70:a2:4c:a5:
         b9:fb:e2:f9:16:50:ea:c1:85:4a:7f:e0:a2:88:9e:56:49:7a:
         64:90:c5:4f:a6:f4:97:27:f9:b7:ed:0e:f9:18:6d:8b:31:0a:
         a1:85:f5:87:b0:73:e2:93:7f:9e:ff:67:09:3b:f7:3d:8c:bc:
         70:58:ed:c0:47:a5:5e:d6:c4:80:de:52:de:2e:3b:28:80:14:
         65:97:d4:5f
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEDLTHKDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
N2EzOWU0Nzk0YzM0NjEyZTdmMjI1NjliMWE2YTgxNzEwMjYwYWU1MB4XDTIyMDYx
MDE3MDIwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDM3YWY0NTEzZDli
Y2Y3NWRhYWU1Y2YxNGRhNGE1MDJhNWQxOGMzZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKqWDLeZdV1Kx6EcmwsSTx9XWp6fK1FNyUr18EbLxF9eywNM
9FdyFEsS7KVsJOK3net4sxIL/abTwtKL2hYFHYmn4gFvLTYGuiiAlBX3zCdijidO
C9yaBR7jZ2VDkcwIcQxQuLqRuyzqaZgeI3esqjnStHTPpiigIQRIyzUGQIVCQW9P
wOr+LL4q9RP2etLa/GcplF3+VQUUChoIOuw6tbZIRwrVJJ1rgRGLmkOaTDwvyok7
iIfyIKPutB3kJmzR8t1GSawUZIjLbhWCnJuSiPtElrdh2uiAP1RCNUTlIigfJhnd
W7pbg13iuxVTsgeFIP7eMprt3cQ4s5JGebX/RwECAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBQDevRRPZvPddquXPFNpKUCpdGMPzAfBgNVHSMEGDAWgBQno55HlMNGEufy
JWmxpqgXECYK5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0o2T2VSNVREUmhMbjhpVnBzYWFvRnhBbUN1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvMzhmYzMzLTA2YzEtNDAwNi05ZTIzLWY3NGQ5NTE4NTc2Yy8x
L0EzcjBVVDJiejNYYXJsenhUYVNsQXFYUmpEOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
MzhmYzMzLTA2YzEtNDAwNi05ZTIzLWY3NGQ5NTE4NTc2Yy8xL0o2T2VSNVREUmhM
bjhpVnBzYWFvRnhBbUN1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwJQQCAAEwHwMDBAKwAwMBTiYDAwBQvwMDAFW5AwQF
w5IgAwMB2dowDwQCAAIwCQMHACABQYgAADANBgkqhkiG9w0BAQsFAAOCAQEAeMp0
kbF5rQ11p6Uef3T8h93vxLuB/l5oZpyLcWFGEvSYnAk+9e+n1Ng5WWFoDO6L995K
ptDydDHxNjXRzbSBVBSTrDUrM3Xbgc6MqnBnj8mnbptMmWMwkHWO5NF4BO2X3lqy
SORTAj9rMBXjBDDhjEt43ckLRDCV3D6JH7gnziyHgag1O7zUTjBCxlj2l4XPWNak
r5Enq0XZuexqquCxOggAT99ayYeeKeAscXhZe4pwokylufvi+RZQ6sGFSn/gooie
Vkl6ZJDFT6b0lyf5t+0O+RhtizEKoYX1h7Bz4pN/nv9nCTv3PYy8cFjtwEelXtbE
gN5S3i47KIAUZZfUXw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:47 2024 by rpki-client on console-fra.rpki-client.org