Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/e_areNfDnTnfUUi1doTQtWvdBQU.roa
File:                     e_areNfDnTnfUUi1doTQtWvdBQU.roa (raw, json)
Hash identifier:          g0oj1fdru2XjX6KG5tAXbptVonOmrhUGS6XIAuFfPqg=
Subject key identifier:   7B:F6:AB:78:D7:C3:9D:39:DF:51:48:B5:76:84:D0:B5:6B:DD:05:05
Certificate issuer:       /CN=49ee1194bd81d1946c39f10f7fdfdf22d1a03112
Certificate serial:       01851FE3B6585BDD59118B14B8B4C251035B
Authority key identifier: 49:EE:11:94:BD:81:D1:94:6C:39:F1:0F:7F:DF:DF:22:D1:A0:31:12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Se4RlL2B0ZRsOfEPf9_fItGgMRI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/e_areNfDnTnfUUi1doTQtWvdBQU.roa
Signing time:             Sat 17 Dec 2022 11:41:34 +0000
ROA not before:           Sat 17 Dec 2022 11:41:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     59441
IP address blocks:        185.208.78.0/23 maxlen: 24
                          185.208.78.0/24 maxlen: 24
                          185.208.79.0/24 maxlen: 24
                          185.83.112.0/22 maxlen: 22
                          185.83.112.0/23 maxlen: 23
                          185.83.112.0/24 maxlen: 24
                          185.83.113.0/24 maxlen: 24
                          185.83.114.0/24 maxlen: 24
                          185.83.114.0/23 maxlen: 24
                          185.83.115.0/24 maxlen: 24
                          5.144.130.0/24 maxlen: 24
                          5.144.132.0/22 maxlen: 22
                          5.144.128.0/21 maxlen: 21
                          5.144.128.0/22 maxlen: 22
                          5.144.128.0/23 maxlen: 23
                          5.144.131.0/24 maxlen: 24
                          5.144.132.0/24 maxlen: 24
                          5.144.128.0/24 maxlen: 24
                          5.144.129.0/24 maxlen: 24
                          5.144.132.0/23 maxlen: 24
                          5.144.130.0/23 maxlen: 24
                          5.144.135.0/24 maxlen: 24
                          5.144.133.0/24 maxlen: 24
                          5.144.134.0/24 maxlen: 24
                          5.144.134.0/23 maxlen: 24
                          185.173.104.0/24 maxlen: 24
                          185.173.104.0/22 maxlen: 24
                          185.173.105.0/24 maxlen: 24
                          185.173.106.0/24 maxlen: 24
                          185.173.107.0/24 maxlen: 24
                          45.92.95.0/24 maxlen: 24
                          45.92.92.0/23 maxlen: 24
                          45.92.92.0/24 maxlen: 24
                          45.92.92.0/22 maxlen: 24
                          45.92.93.0/24 maxlen: 24
                          45.92.94.0/24 maxlen: 24
                          45.92.94.0/23 maxlen: 24
                          185.205.203.0/24 maxlen: 24
                          45.138.132.0/22 maxlen: 24
                          45.138.132.0/23 maxlen: 24
                          45.138.132.0/24 maxlen: 24
                          45.138.133.0/24 maxlen: 24
                          45.138.134.0/24 maxlen: 24
                          45.138.135.0/24 maxlen: 24
                          193.3.231.0/24 maxlen: 24
                          185.169.6.0/24 maxlen: 24
                          2a10:5c40::/29 maxlen: 29
                          2a05:9a00:4::/48 maxlen: 48
                          2a05:9a00::/29 maxlen: 29
                          2a05:9a00:1::/48 maxlen: 48
                          2a05:9a00:1001::/48 maxlen: 48
                          2a10:6140::/29 maxlen: 29
                          2a10:b800::/29 maxlen: 29
                          2a05:9a00:2::/48 maxlen: 48
                          2a05:9a00:1002::/48 maxlen: 48
                          2a07:e440::/29 maxlen: 29
                          2a05:9a00::/48 maxlen: 48
                          2a05:9a00:1000::/48 maxlen: 48
                          2a05:9a00:3::/48 maxlen: 48
                          2a05:9a00:1003::/48 maxlen: 48
                          2a10:4340::/29 maxlen: 29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:1f:e3:b6:58:5b:dd:59:11:8b:14:b8:b4:c2:51:03:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49ee1194bd81d1946c39f10f7fdfdf22d1a03112
        Validity
            Not Before: Dec 17 11:41:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7bf6ab78d7c39d39df5148b57684d0b56bdd0505
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:a8:e4:a5:63:78:14:f8:48:7b:32:f8:74:b9:
                    f1:97:e4:a8:8b:60:02:95:f4:4d:a8:ec:ea:57:28:
                    29:2d:60:a8:19:30:07:43:af:11:2a:b7:6c:b6:a3:
                    c2:07:65:9d:64:0b:de:15:b4:d9:8a:a5:0e:17:30:
                    8f:48:42:4c:85:23:42:f3:1c:c9:20:97:49:7d:3f:
                    20:cf:90:4a:9c:09:11:bf:a3:5a:39:c9:f3:6a:ab:
                    29:e8:7b:e9:9d:d7:4e:59:54:18:9e:64:30:72:ae:
                    dc:91:1e:50:f7:bb:92:c3:b3:79:75:24:ef:81:f1:
                    d0:ad:6b:f1:ab:b3:15:16:8d:36:bf:c1:b8:8b:c3:
                    4f:67:f1:a3:09:a2:c2:78:ce:96:5a:a8:fc:db:98:
                    6f:1d:bc:3b:35:05:8e:60:b1:02:f5:01:8b:4a:05:
                    b1:29:5b:76:13:f4:46:9e:ac:20:1b:98:31:67:c0:
                    4d:37:1f:da:8a:50:b8:ca:47:37:56:19:21:c5:18:
                    d8:d3:ae:06:24:be:d5:60:da:2e:94:e2:0d:27:8c:
                    ee:76:aa:12:2b:3e:d4:c6:46:8b:eb:e9:39:e2:9a:
                    05:66:55:3a:ec:ae:8d:37:3e:f1:8a:2c:83:d0:f5:
                    d0:74:96:02:94:13:1f:bc:8f:c1:43:5e:57:50:2b:
                    da:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:F6:AB:78:D7:C3:9D:39:DF:51:48:B5:76:84:D0:B5:6B:DD:05:05
            X509v3 Authority Key Identifier:
                keyid:49:EE:11:94:BD:81:D1:94:6C:39:F1:0F:7F:DF:DF:22:D1:A0:31:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Se4RlL2B0ZRsOfEPf9_fItGgMRI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/e_areNfDnTnfUUi1doTQtWvdBQU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/Se4RlL2B0ZRsOfEPf9_fItGgMRI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.144.128.0/21
                  45.92.92.0/22
                  45.138.132.0/22
                  185.83.112.0/22
                  185.169.6.0/24
                  185.173.104.0/22
                  185.205.203.0/24
                  185.208.78.0/23
                  193.3.231.0/24
                IPv6:
                  2a05:9a00::/29
                  2a07:e440::/29
                  2a10:4340::/29
                  2a10:5c40::/29
                  2a10:6140::/29
                  2a10:b800::/29

    Signature Algorithm: sha256WithRSAEncryption
         ca:bf:e0:4c:68:69:56:d1:ec:52:36:28:2a:46:e6:f5:4a:aa:
         e8:27:fb:26:31:0d:ce:b8:71:2c:66:6f:c1:4f:a2:46:b9:0d:
         5c:8d:27:8e:30:ae:ad:9a:f7:df:ce:f8:37:af:60:f7:d5:51:
         15:31:6a:71:46:66:7e:96:93:23:0b:03:d7:86:0d:f2:fd:68:
         fb:a3:ec:12:66:78:e1:07:23:4a:05:d4:5f:82:0e:4d:0c:5a:
         9d:f1:0f:91:88:12:2c:43:76:b6:5d:72:25:1c:92:58:11:81:
         2f:ac:96:f3:d8:0b:18:fa:e5:f7:75:9c:bc:a3:b4:26:b8:fa:
         7c:c8:28:4e:2b:ec:32:84:3f:58:66:7c:12:96:1c:2d:8d:8d:
         71:7e:44:b7:71:6d:25:3a:50:04:38:7f:00:05:23:0a:af:28:
         cb:7f:cf:b8:d3:21:ea:e6:a3:c4:a3:a2:20:35:45:66:29:14:
         41:4c:4a:f5:4e:cf:2e:74:37:87:ed:4b:4f:f1:f2:dc:dd:fe:
         22:ef:8c:24:5e:31:22:b5:0a:a5:30:5a:34:32:60:e2:46:c2:
         a5:2b:01:a6:3e:16:9e:13:ec:1f:b4:09:a3:73:58:30:3c:53:
         36:3a:37:5d:86:d8:47:73:16:2e:5d:b7:ea:b3:c6:30:03:50:
         96:fb:6a:b1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYUf47ZYW91ZEYsUuLTCUQNbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZWUxMTk0YmQ4MWQxOTQ2YzM5ZjEwZjdmZGZkZjIyZDFh
MDMxMTIwHhcNMjIxMjE3MTE0MTM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmY2YWI3OGQ3YzM5ZDM5ZGY1MTQ4YjU3Njg0ZDBiNTZiZGQwNTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlajkpWN4FPhIezL4dLnxl+Soi2AC
lfRNqOzqVygpLWCoGTAHQ68RKrdstqPCB2WdZAveFbTZiqUOFzCPSEJMhSNC8xzJ
IJdJfT8gz5BKnAkRv6NaOcnzaqsp6HvpnddOWVQYnmQwcq7ckR5Q97uSw7N5dSTv
gfHQrWvxq7MVFo02v8G4i8NPZ/GjCaLCeM6WWqj825hvHbw7NQWOYLEC9QGLSgWx
KVt2E/RGnqwgG5gxZ8BNNx/ailC4ykc3VhkhxRjY064GJL7VYNoulOINJ4zudqoS
Kz7UxkaL6+k54poFZlU67K6NNz7xiiyD0PXQdJYClBMfvI/BQ15XUCvavQIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFHv2q3jXw50531FItXaE0LVr3QUFMB8GA1UdIwQY
MBaAFEnuEZS9gdGUbDnxD3/f3yLRoDESMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2U0UmxMMkIwWlJzT2ZFUGY5X2ZJdEdnTVJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9hMzI0ZjQtOTc3MC00YTU4LWE2ZWYt
ZDYyZmE2MzE5ZmQ0LzEvZV9hcmVOZkRuVG5mVVVpMWRvVFF0V3ZkQlFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9hMzI0ZjQtOTc3MC00YTU4LWE2ZWYtZDYyZmE2MzE5ZmQ0
LzEvU2U0UmxMMkIwWlJzT2ZFUGY5X2ZJdEdnTVJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwPAQCAAEwNgMEAwWQgAME
Ai1cXAMEAi2KhAMEArlTcAMEALmpBgMEArmtaAMEALnNywMEAbnQTgMEAMED5zAw
BAIAAjAqAwUDKgWaAAMFAyoH5EADBQMqEENAAwUDKhBcQAMFAyoQYUADBQMqELgA
MA0GCSqGSIb3DQEBCwUAA4IBAQDKv+BMaGlW0exSNigqRub1SqroJ/smMQ3OuHEs
Zm/BT6JGuQ1cjSeOMK6tmvffzvg3r2D31VEVMWpxRmZ+lpMjCwPXhg3y/Wj7o+wS
ZnjhByNKBdRfgg5NDFqd8Q+RiBIsQ3a2XXIlHJJYEYEvrJbz2AsY+uX3dZy8o7Qm
uPp8yChOK+wyhD9YZnwSlhwtjY1xfkS3cW0lOlAEOH8ABSMKryjLf8+40yHq5qPE
o6IgNUVmKRRBTEr1Ts8udDeH7UtP8fLc3f4i74wkXjEitQqlMFo0MmDiRsKlKwGm
PhaeE+wftAmjc1gwPFM2OjddhthHcxYuXbfqs8YwA1CW+2qx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:49 2024 by rpki-client on console-fra.rpki-client.org