Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/2Cu_gA8rtiSARw6sesi8IC3Vj1g.roa
File:                     2Cu_gA8rtiSARw6sesi8IC3Vj1g.roa (raw, json)
Hash identifier:          E938bsZkiJrQUP/V2P9M+RQpvb0po9U/36rKQEiDf0k=
Subject key identifier:   D8:2B:BF:80:0F:2B:B6:24:80:47:0E:AC:7A:C8:BC:20:2D:D5:8F:58
Certificate issuer:       /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial:       044F27D5
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/2Cu_gA8rtiSARw6sesi8IC3Vj1g.roa
Signing time:             Fri 13 May 2022 13:47:40 +0000
ROA not before:           Fri 13 May 2022 13:47:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43260
IP address blocks:        92.51.39.0/24 maxlen: 24
                          89.185.84.0/24 maxlen: 24
                          92.51.20.0/24 maxlen: 24
                          92.51.22.0/24 maxlen: 24
                          92.51.23.0/24 maxlen: 24
                          92.51.21.0/24 maxlen: 24
                          92.51.38.0/24 maxlen: 24
                          92.51.36.0/24 maxlen: 24
                          92.51.37.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 72296405 (0x44f27d5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
        Validity
            Not Before: May 13 13:47:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d82bbf800f2bb62480470eac7ac8bc202dd58f58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:77:b0:04:43:41:ba:ac:90:ae:df:49:6c:03:
                    87:34:6a:c3:4d:79:6e:3d:c1:be:53:4d:df:34:66:
                    6e:c1:44:85:c3:69:d7:1d:04:e7:49:c7:ba:80:e4:
                    3d:11:d9:b6:1b:a4:a9:fd:6a:01:c6:58:8f:1b:78:
                    bd:0c:97:0a:df:0f:3a:8a:9c:c7:6a:bf:43:b4:5b:
                    af:70:26:b2:03:70:d2:c6:c5:61:c1:a5:fe:92:9d:
                    4a:3c:0c:7a:46:12:4e:05:18:3e:5f:10:95:c8:cf:
                    01:eb:cc:c7:93:8b:9a:e0:6b:92:7d:90:8a:45:10:
                    48:65:24:65:df:b0:bd:ab:29:1b:c9:3c:e1:77:86:
                    4d:7a:7a:82:f1:17:90:bc:98:6f:2d:2b:95:0d:b5:
                    81:7a:08:8b:66:b6:f3:14:e7:de:29:ff:29:16:64:
                    8e:a0:c1:bb:f4:0c:44:52:45:06:eb:55:1e:83:58:
                    36:91:dd:89:1f:f8:fb:73:bd:16:19:e9:a6:87:de:
                    c8:88:09:2a:ee:4b:79:2d:0f:9e:3b:ae:c2:08:68:
                    07:d7:3d:20:d4:0a:ed:9c:c9:70:09:30:43:89:14:
                    16:fd:66:0c:c4:8d:9a:46:f7:99:7d:29:77:3f:5d:
                    5f:75:54:c8:f6:24:38:09:21:b4:69:8e:19:72:aa:
                    24:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:2B:BF:80:0F:2B:B6:24:80:47:0E:AC:7A:C8:BC:20:2D:D5:8F:58
            X509v3 Authority Key Identifier:
                keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/2Cu_gA8rtiSARw6sesi8IC3Vj1g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.185.84.0/24
                  92.51.20.0/22
                  92.51.36.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4d:46:51:01:eb:53:df:0b:02:00:46:8f:02:ba:4a:1a:f2:36:
         23:95:c5:ff:6f:75:90:d7:de:17:c4:e5:dd:78:96:c4:1f:ae:
         08:a1:97:c1:b7:a7:46:e0:8d:27:cb:e5:41:cd:74:36:b7:fc:
         15:e7:77:76:ce:d9:d8:2a:d2:92:6e:49:bc:55:42:7d:62:e9:
         44:41:17:6e:ff:ad:90:93:97:53:bf:13:32:80:fa:9f:52:5f:
         f6:23:f5:3a:05:e4:27:a4:77:98:7e:6c:25:5a:dc:40:eb:0f:
         fd:3f:9f:4a:5d:a1:4f:ac:bc:73:aa:a5:ef:42:13:e5:b8:aa:
         75:cd:3d:1f:4c:48:c7:9d:8a:6d:20:ca:98:f2:f9:a0:ce:cd:
         bc:c4:25:a6:2b:5f:a2:87:84:dc:31:68:b0:29:82:de:1d:a1:
         fd:5a:6c:0f:0a:e0:20:d3:e2:00:b3:ec:17:98:6d:9e:7a:c5:
         6b:b3:d7:ac:b6:b5:ee:83:d2:cf:72:6f:84:9f:90:c5:e7:71:
         2d:06:18:3e:ae:74:6f:ee:0c:d6:62:ed:40:b3:09:4a:fa:b2:
         fc:c0:19:fa:44:22:7f:33:3a:9d:31:f9:5f:4b:ed:7c:c4:10:
         08:d0:38:6d:39:9a:8a:7a:6d:82:85:25:3f:7e:6a:bd:e0:1c:
         ed:52:bd:b8
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBE8n1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZjU3YzJkOWQ5M2FjN2NmOWIyZjE3Y2FhNzg1OWI2OTg1YjM5YjlkMB4XDTIyMDUx
MzEzNDc0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDgyYmJmODAwZjJi
YjYyNDgwNDcwZWFjN2FjOGJjMjAyZGQ1OGY1ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANZ3sARDQbqskK7fSWwDhzRqw015bj3BvlNN3zRmbsFEhcNp
1x0E50nHuoDkPRHZthukqf1qAcZYjxt4vQyXCt8POoqcx2q/Q7Rbr3AmsgNw0sbF
YcGl/pKdSjwMekYSTgUYPl8QlcjPAevMx5OLmuBrkn2QikUQSGUkZd+wvaspG8k8
4XeGTXp6gvEXkLyYby0rlQ21gXoIi2a28xTn3in/KRZkjqDBu/QMRFJFButVHoNY
NpHdiR/4+3O9FhnppofeyIgJKu5LeS0PnjuuwghoB9c9INQK7ZzJcAkwQ4kUFv1m
DMSNmkb3mX0pdz9dX3VUyPYkOAkhtGmOGXKqJOECAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTYK7+ADyu2JIBHDqx6yLwgLdWPWDAfBgNVHSMEGDAWgBTvV8LZ2TrHz5sv
F8qnhZtphbObnTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzcxZkMyZGs2eDgtYkx4ZktwNFdiYVlXem01MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvMWUwNGI4LTEwMzEtNDNmOS05NjY3LThlNmY4NzhkYjVmNC8x
LzJDdV9nQThydGlTQVJ3NnNlc2k4SUMzVmoxZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
MWUwNGI4LTEwMzEtNDNmOS05NjY3LThlNmY4NzhkYjVmNC8xLzcxZkMyZGs2eDgt
Ykx4ZktwNFdiYVlXem01MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFm5VAMEAlwzFAMEAlwzJDANBgkq
hkiG9w0BAQsFAAOCAQEATUZRAetT3wsCAEaPArpKGvI2I5XF/291kNfeF8Tl3XiW
xB+uCKGXwbenRuCNJ8vlQc10Nrf8Fed3ds7Z2CrSkm5JvFVCfWLpREEXbv+tkJOX
U78TMoD6n1Jf9iP1OgXkJ6R3mH5sJVrcQOsP/T+fSl2hT6y8c6ql70IT5biqdc09
H0xIx52KbSDKmPL5oM7NvMQlpitfooeE3DFosCmC3h2h/VpsDwrgINPiALPsF5ht
nnrFa7PXrLa17oPSz3JvhJ+QxedxLQYYPq50b+4M1mLtQLMJSvqy/MAZ+kQifzM6
nTH5X0vtfMQQCNA4bTmainptgoUlP35qveAc7VK9uA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:39 2024 by rpki-client on console-fra.rpki-client.org