Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/2rCMxsM2e-lN5FjibTB26JSa_x8.roa
File:                     2rCMxsM2e-lN5FjibTB26JSa_x8.roa (raw, json)
Hash identifier:          9e+5NkIhl/w9MEiHCxK6pdZaepTfcn14ebbzuXKtUJk=
Subject key identifier:   DA:B0:8C:C6:C3:36:7B:E9:4D:E4:58:E2:6D:30:76:E8:94:9A:FF:1F
Certificate issuer:       /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial:       19094A2D
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/2rCMxsM2e-lN5FjibTB26JSa_x8.roa
Signing time:             Wed 01 Jun 2022 13:47:21 +0000
ROA not before:           Wed 01 Jun 2022 13:47:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60461
IP address blocks:        5.1.74.0/24 maxlen: 32
                          5.1.81.0/24 maxlen: 24
                          178.251.228.0/24 maxlen: 32
                          178.251.228.0/23 maxlen: 32
                          2a01:367:c1f2::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 420039213 (0x19094a2d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
        Validity
            Not Before: Jun  1 13:47:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dab08cc6c3367be94de458e26d3076e8949aff1f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:7d:f8:c6:58:15:75:eb:23:00:e8:21:f6:4f:
                    0e:5f:d2:bf:98:37:83:6c:d8:a9:e7:c5:ba:f3:23:
                    6f:50:5e:6f:00:12:24:c2:76:33:58:58:1a:a7:31:
                    8e:75:43:a0:4b:11:18:97:f8:30:0d:9b:a3:0c:42:
                    75:2c:61:33:9d:95:34:76:4e:e5:af:c7:36:9a:56:
                    e8:d0:7c:d8:cc:ce:6b:86:44:62:2c:1d:99:16:ff:
                    f4:f8:e7:04:37:cf:b8:a4:3d:f3:ee:42:85:7f:d5:
                    f0:2c:72:91:74:ef:64:1a:af:3d:e3:43:d8:73:10:
                    3d:02:b8:33:95:f9:3a:66:da:11:91:70:34:53:69:
                    7a:81:72:e1:4d:6d:2a:a1:93:75:f9:e9:f7:b8:c7:
                    1d:6c:c6:63:37:2f:bb:b9:2d:e8:82:5c:44:95:6f:
                    e5:a2:0c:73:73:26:8f:63:f9:a6:1c:60:13:fc:37:
                    bc:18:36:14:62:82:6e:cc:d3:30:64:00:ca:b0:7a:
                    15:6c:97:87:9e:d7:91:1b:09:d8:6d:52:8a:4a:92:
                    7b:1b:ff:cb:74:f1:4b:44:fb:9c:62:b2:34:ec:2b:
                    36:a8:3f:65:32:70:37:73:11:ee:ff:d5:bd:fc:45:
                    47:8a:b4:c9:dd:3c:a6:3c:69:9f:88:48:86:99:1d:
                    cf:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:B0:8C:C6:C3:36:7B:E9:4D:E4:58:E2:6D:30:76:E8:94:9A:FF:1F
            X509v3 Authority Key Identifier:
                keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/2rCMxsM2e-lN5FjibTB26JSa_x8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.1.74.0/24
                  5.1.81.0/24
                  178.251.228.0/23
                IPv6:
                  2a01:367:c1f2::/48

    Signature Algorithm: sha256WithRSAEncryption
         a1:68:b2:25:11:67:16:77:00:01:61:72:6f:35:de:f5:18:49:
         e8:aa:93:54:b9:3e:31:15:51:36:0b:02:46:7c:03:23:31:9a:
         f7:e6:b9:1b:3d:21:a9:bf:78:8c:fa:72:4c:39:7a:94:4f:30:
         5c:25:b3:8a:bc:0e:7b:1c:eb:48:83:92:e7:c3:92:c5:18:e4:
         7f:dd:61:11:72:23:43:b7:75:52:c3:30:0f:83:d5:0a:a7:52:
         14:8b:57:87:01:17:cd:2c:c6:58:3a:29:28:bb:eb:be:a6:5e:
         e9:bc:23:92:65:2f:d4:03:73:1f:2b:18:bc:96:ea:db:23:e3:
         3f:85:90:89:33:d9:37:2d:9a:e3:f8:29:b5:93:d4:12:45:ee:
         e9:46:8a:ab:ff:df:ab:31:33:93:d0:9d:3a:93:f3:1d:79:14:
         f0:3b:ca:ad:d5:7c:86:22:a7:b3:36:db:43:e2:f3:ad:65:77:
         05:22:6a:db:0d:5c:b3:b1:1f:85:13:b2:e0:46:04:2c:8e:aa:
         81:43:18:3f:55:ca:c6:b5:a1:d0:3f:5f:d6:ed:88:c3:95:aa:
         60:46:b7:00:a6:fe:ec:27:bd:5f:e6:61:d9:9d:31:4d:b1:ac:
         b6:f1:d5:36:b2:3d:f9:01:a4:d9:67:cd:34:1d:f9:89:fe:f2:
         99:85:28:17
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEGQlKLTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDI1M2M0ZjIzM2NlOTg0NzY5OWFlNjhlY2JmNWQ3NTE0YjBmYWRiMB4XDTIyMDYw
MTEzNDcyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGFiMDhjYzZjMzM2
N2JlOTRkZTQ1OGUyNmQzMDc2ZTg5NDlhZmYxZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM19+MZYFXXrIwDoIfZPDl/Sv5g3g2zYqefFuvMjb1BebwAS
JMJ2M1hYGqcxjnVDoEsRGJf4MA2bowxCdSxhM52VNHZO5a/HNppW6NB82MzOa4ZE
YiwdmRb/9PjnBDfPuKQ98+5ChX/V8CxykXTvZBqvPeND2HMQPQK4M5X5OmbaEZFw
NFNpeoFy4U1tKqGTdfnp97jHHWzGYzcvu7kt6IJcRJVv5aIMc3Mmj2P5phxgE/w3
vBg2FGKCbszTMGQAyrB6FWyXh57XkRsJ2G1SikqSexv/y3TxS0T7nGKyNOwrNqg/
ZTJwN3MR7v/VvfxFR4q0yd08pjxpn4hIhpkdz0MCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBTasIzGwzZ76U3kWOJtMHbolJr/HzAfBgNVHSMEGDAWgBS0JTxPIzzphHaZ
rmjsv111FLD62zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RDVThUeU04NllSMm1hNW83TDlkZFJTdy10cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8x
LzJyQ014c00yZS1sTjVGamliVEIyNkpTYV94OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8xL3RDVThUeU04NllS
Mm1hNW83TDlkZFJTdy10cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEAAUBSgMEAAUBUQMEAbL75DAPBAIA
AjAJAwcAKgEDZ8HyMA0GCSqGSIb3DQEBCwUAA4IBAQChaLIlEWcWdwABYXJvNd71
GEnoqpNUuT4xFVE2CwJGfAMjMZr35rkbPSGpv3iM+nJMOXqUTzBcJbOKvA57HOtI
g5Lnw5LFGOR/3WERciNDt3VSwzAPg9UKp1IUi1eHARfNLMZYOikou+u+pl7pvCOS
ZS/UA3MfKxi8lurbI+M/hZCJM9k3LZrj+Cm1k9QSRe7pRoqr/9+rMTOT0J06k/Md
eRTwO8qt1XyGIqezNttD4vOtZXcFImrbDVyzsR+FE7LgRgQsjqqBQxg/VcrGtaHQ
P1/W7YjDlapgRrcApv7sJ71f5mHZnTFNsay28dU2sj35AaTZZ800HfmJ/vKZhSgX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:44 2024 by rpki-client on console-fra.rpki-client.org