Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ESiDJIeg7Gwp24_RC3z8i7iBMp4.roa
File:                     ESiDJIeg7Gwp24_RC3z8i7iBMp4.roa (raw, json)
Hash identifier:          3S482xFsNpWNW5XbmOrpCnsgVte4YiIBVPKsio1dPV4=
Subject key identifier:   11:28:83:24:87:A0:EC:6C:29:DB:8F:D1:0B:7C:FC:8B:B8:81:32:9E
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01845B7B1575F1A137A53E44F8F8B764D14C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ESiDJIeg7Gwp24_RC3z8i7iBMp4.roa
Signing time:             Wed 09 Nov 2022 08:21:43 +0000
ROA not before:           Wed 09 Nov 2022 08:21:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     2118
IP address blocks:        212.193.12.0/24 maxlen: 24
                          193.124.3.0/24 maxlen: 24
                          62.76.231.0/24 maxlen: 24
                          194.87.1.0/24 maxlen: 24
                          194.87.3.0/24 maxlen: 24
                          194.87.7.0/24 maxlen: 24
                          193.124.18.0/24 maxlen: 24
                          194.87.16.0/24 maxlen: 24
                          194.87.24.0/22 maxlen: 24
                          194.58.38.0/24 maxlen: 24
                          194.58.40.0/24 maxlen: 24
                          194.58.42.0/24 maxlen: 24
                          194.58.46.0/23 maxlen: 24
                          194.58.45.0/24 maxlen: 24
                          195.58.56.0/21 maxlen: 24
                          194.58.59.0/24 maxlen: 24
                          212.193.0.0/24 maxlen: 24
                          194.87.104.0/24 maxlen: 24
                          194.87.118.0/24 maxlen: 24
                          194.87.56.0/24 maxlen: 24
                          194.87.76.0/24 maxlen: 24
                          194.87.83.0/24 maxlen: 24
                          194.87.82.0/24 maxlen: 24
                          194.87.207.0/24 maxlen: 24
                          194.87.208.0/23 maxlen: 24
                          195.133.76.0/24 maxlen: 24
                          194.87.222.0/23 maxlen: 24
                          194.87.233.0/24 maxlen: 24
                          194.135.30.0/24 maxlen: 24
                          212.192.10.0/24 maxlen: 24
                          195.133.30.0/24 maxlen: 24
                          194.87.165.0/24 maxlen: 24
                          194.87.160.0/24 maxlen: 24
                          194.87.163.0/24 maxlen: 24
                          192.124.173.0/24 maxlen: 24
                          192.124.181.0/24 maxlen: 24
                          192.124.180.0/22 maxlen: 24
                          192.124.182.0/23 maxlen: 24
                          194.87.170.0/24 maxlen: 24
                          194.87.179.0/24 maxlen: 24
                          193.124.201.0/24 maxlen: 24
                          193.124.200.0/24 maxlen: 24
                          193.124.203.0/24 maxlen: 24
                          195.133.55.0/24 maxlen: 24
                          194.87.198.0/24 maxlen: 24
                          192.124.209.0/24 maxlen: 24
                          193.108.112.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:5b:7b:15:75:f1:a1:37:a5:3e:44:f8:f8:b7:64:d1:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Nov  9 08:21:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1128832487a0ec6c29db8fd10b7cfc8bb881329e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:6d:05:7c:95:3d:ce:59:cb:40:a9:e1:eb:ba:
                    15:7b:82:3d:3d:63:4d:61:80:a9:23:cc:96:53:20:
                    6c:df:a2:99:ee:ce:e2:88:11:da:e6:44:8d:62:1f:
                    2e:c0:67:43:a0:a8:80:ae:94:b3:85:cc:dc:95:53:
                    7b:81:d8:e6:da:12:94:cf:87:8c:98:9e:d4:09:6e:
                    69:b9:fa:41:16:93:29:6f:09:a2:a8:ce:63:f6:79:
                    d9:50:66:24:b1:b0:79:fa:74:d5:0c:44:d5:bd:b1:
                    bd:ab:09:32:a9:60:86:89:53:e9:77:51:10:29:df:
                    da:b7:80:3b:0c:cf:ae:ab:ca:36:ce:d5:19:eb:2a:
                    99:5e:59:05:bc:d2:18:46:2b:76:64:f6:5c:ed:3f:
                    63:3e:4d:95:26:e8:40:ef:a4:bd:c4:3c:31:66:ab:
                    28:9d:53:77:cc:28:09:eb:7b:31:16:20:b8:34:95:
                    69:07:61:e8:05:d5:70:f6:e8:0c:1e:69:f3:cb:87:
                    3f:5f:bd:23:b7:33:c9:d5:f9:b5:79:14:4d:fb:bc:
                    c0:ba:0b:80:4c:97:f2:58:c8:6c:e9:c2:6f:b7:39:
                    67:cc:c9:87:12:f9:58:39:f4:cb:ae:dc:9c:61:ed:
                    15:f3:18:13:dd:3f:45:cf:27:89:32:6a:a7:c8:91:
                    b0:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:28:83:24:87:A0:EC:6C:29:DB:8F:D1:0B:7C:FC:8B:B8:81:32:9E
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ESiDJIeg7Gwp24_RC3z8i7iBMp4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.231.0/24
                  192.124.173.0/24
                  192.124.180.0/22
                  192.124.209.0/24
                  193.108.112.0/24
                  193.124.3.0/24
                  193.124.18.0/24
                  193.124.200.0/23
                  193.124.203.0/24
                  194.58.38.0/24
                  194.58.40.0/24
                  194.58.42.0/24
                  194.58.45.0-194.58.47.255
                  194.58.59.0/24
                  194.87.1.0/24
                  194.87.3.0/24
                  194.87.7.0/24
                  194.87.16.0/24
                  194.87.24.0/22
                  194.87.56.0/24
                  194.87.76.0/24
                  194.87.82.0/23
                  194.87.104.0/24
                  194.87.118.0/24
                  194.87.160.0/24
                  194.87.163.0/24
                  194.87.165.0/24
                  194.87.170.0/24
                  194.87.179.0/24
                  194.87.198.0/24
                  194.87.207.0-194.87.209.255
                  194.87.222.0/23
                  194.87.233.0/24
                  194.135.30.0/24
                  195.58.56.0/21
                  195.133.30.0/24
                  195.133.55.0/24
                  195.133.76.0/24
                  212.192.10.0/24
                  212.193.0.0/24
                  212.193.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:9d:68:b5:74:0e:52:3b:95:73:b9:ce:0f:0a:b5:1c:f5:e1:
         4c:b2:d1:5d:2f:5a:c5:fa:b6:d1:dc:c0:7a:a6:e4:08:d6:a7:
         63:2c:24:e0:f0:ab:40:5e:6e:84:8b:af:18:6d:83:1b:65:e5:
         20:f0:41:61:9b:59:ae:ca:bb:b3:c1:9a:50:d3:a5:59:cb:e1:
         9f:07:71:77:9d:dd:47:bc:db:9f:d1:06:6f:60:be:39:98:c8:
         3d:16:73:da:f2:b9:19:7c:80:9c:30:b3:4b:37:75:26:ed:42:
         78:49:6e:63:ba:2f:37:e3:7f:f9:85:d8:96:11:1c:a1:1a:52:
         00:b3:89:6c:2f:01:3c:0a:a2:3c:52:1b:2f:6c:98:54:da:96:
         6f:48:da:7f:98:48:ec:39:c8:d4:09:1a:1b:89:14:93:87:0e:
         47:9a:14:61:ec:d9:f2:5d:0f:e5:78:e2:29:c9:00:41:f6:89:
         ee:99:09:f8:6a:5e:18:5c:51:e4:4f:8d:5e:17:c6:ec:a6:b8:
         70:49:d3:53:84:98:df:6b:c0:45:86:45:b6:51:18:3b:da:49:
         fd:15:0e:20:dd:08:66:8a:c9:66:99:23:e0:76:7e:f0:23:ff:
         ed:96:d0:cb:83:96:a2:53:4c:3e:67:0d:0c:ac:d7:2f:c3:fa:
         32:c4:bc:6b
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgISAYRbexV18aE3pT5E+Pi3ZNFMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTA5MDgyMTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTI4ODMyNDg3YTBlYzZjMjlkYjhmZDEwYjdjZmM4YmI4ODEzMjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq20FfJU9zlnLQKnh67oVe4I9PWNN
YYCpI8yWUyBs36KZ7s7iiBHa5kSNYh8uwGdDoKiArpSzhczclVN7gdjm2hKUz4eM
mJ7UCW5pufpBFpMpbwmiqM5j9nnZUGYksbB5+nTVDETVvbG9qwkyqWCGiVPpd1EQ
Kd/at4A7DM+uq8o2ztUZ6yqZXlkFvNIYRit2ZPZc7T9jPk2VJuhA76S9xDwxZqso
nVN3zCgJ63sxFiC4NJVpB2HoBdVw9ugMHmnzy4c/X70jtzPJ1fm1eRRN+7zAuguA
TJfyWMhs6cJvtzlnzMmHEvlYOfTLrtycYe0V8xgT3T9FzyeJMmqnyJGw+QIDAQAB
o4IDEzCCAw8wHQYDVR0OBBYEFBEogySHoOxsKduP0Qt8/Iu4gTKeMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRVNpREpJZWc3R3dwMjRfUkMzejhpN2lCTXA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJwYIKwYBBQUHAQcBAf8EggEWMIIBEjCCAQ4EAgABMIIB
BgMEAD5M5wMEAMB8rQMEAsB8tAMEAMB80QMEAMFscAMEAMF8AwMEAMF8EgMEAcF8
yAMEAMF8ywMEAMI6JgMEAMI6KAMEAMI6KjAMAwQAwjotAwQEwjogAwQAwjo7AwQA
wlcBAwQAwlcDAwQAwlcHAwQAwlcQAwQCwlcYAwQAwlc4AwQAwldMAwQBwldSAwQA
wldoAwQAwld2AwQAwlegAwQAwlejAwQAwlelAwQAwleqAwQAwlezAwQAwlfGMAwD
BADCV88DBAHCV9ADBAHCV94DBADCV+kDBADChx4DBAPDOjgDBADDhR4DBADDhTcD
BADDhUwDBADUwAoDBADUwQADBADUwQwwDQYJKoZIhvcNAQELBQADggEBAB+daLV0
DlI7lXO5zg8KtRz14Uyy0V0vWsX6ttHcwHqm5AjWp2MsJODwq0BeboSLrxhtgxtl
5SDwQWGbWa7Ku7PBmlDTpVnL4Z8HcXed3Ue825/RBm9gvjmYyD0Wc9ryuRl8gJww
s0s3dSbtQnhJbmO6Lzfjf/mF2JYRHKEaUgCziWwvATwKojxSGy9smFTalm9I2n+Y
SOw5yNQJGhuJFJOHDkeaFGHs2fJdD+V44inJAEH2ie6ZCfhqXhhcUeRPjV4Xxuym
uHBJ01OEmN9rwEWGRbZRGDvaSf0VDiDdCGaKyWaZI+B2fvAj/+2W0MuDlqJTTD5n
DQys1y/D+jLEvGs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:10 2024 by rpki-client on console-fra.rpki-client.org