Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/HbHhN5uFySEMr_8Bc4DML-J4M30.roa
File:                     HbHhN5uFySEMr_8Bc4DML-J4M30.roa (raw, json)
Hash identifier:          ko3TXdFopmbv0kJAEk/aAu+xZ7J3ItMfdNPSJgKGtXI=
Subject key identifier:   1D:B1:E1:37:9B:85:C9:21:0C:AF:FF:01:73:80:CC:2F:E2:78:33:7D
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01835A610343755CFA99D5A3A882C2B069AB
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/HbHhN5uFySEMr_8Bc4DML-J4M30.roa
Signing time:             Tue 20 Sep 2022 10:10:50 +0000
ROA not before:           Tue 20 Sep 2022 10:10:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        163.5.192.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:5a:61:03:43:75:5c:fa:99:d5:a3:a8:82:c2:b0:69:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Sep 20 10:10:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1db1e1379b85c9210cafff017380cc2fe278337d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:e4:d9:e8:66:03:59:c2:74:b8:ab:be:69:84:
                    d6:c9:ca:bb:4d:58:aa:58:62:c4:cb:e5:03:cf:55:
                    e5:7c:29:ec:bc:8c:03:66:cc:4b:b1:61:e4:04:ca:
                    8d:d4:26:5b:72:df:2a:00:b9:29:a0:34:ff:29:a1:
                    a0:6b:e8:0f:07:db:5d:f6:27:7f:f3:c8:c7:a3:b1:
                    7c:67:66:b1:e6:53:04:8f:27:c5:bd:36:6f:71:7a:
                    d6:7a:e7:73:92:48:3e:a7:9c:23:0a:28:a4:ea:af:
                    49:8d:68:07:8b:9f:8b:c9:a4:d9:49:78:f2:c8:ad:
                    16:62:4a:c6:e6:9d:dd:e7:0c:08:2f:36:35:ad:55:
                    49:36:30:23:dd:be:80:0d:4e:6f:7b:ad:b9:7a:a2:
                    b5:dd:70:18:55:2f:57:66:62:4c:6b:17:93:06:72:
                    e1:cd:e2:1e:9f:b6:b6:c6:4d:c9:52:52:01:7c:00:
                    43:61:fe:c9:f5:65:39:5b:67:c8:ba:76:0a:63:78:
                    12:84:dc:08:b7:01:ff:21:9c:49:87:3f:47:55:c5:
                    0f:88:c9:d4:44:cd:27:e6:50:3e:ae:9a:d2:3d:76:
                    23:9f:b3:bd:fd:07:65:71:43:7b:55:4b:69:cc:f1:
                    e2:79:5f:3c:b6:13:e4:d7:4e:33:22:4d:29:a7:70:
                    6b:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:B1:E1:37:9B:85:C9:21:0C:AF:FF:01:73:80:CC:2F:E2:78:33:7D
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/HbHhN5uFySEMr_8Bc4DML-J4M30.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.192.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:60:c3:c6:5c:ca:53:0a:f1:de:dc:9b:58:65:5f:1e:61:7e:
         5a:d8:15:eb:b0:f9:8c:81:ae:42:c7:60:1e:08:01:25:8a:45:
         06:18:aa:ba:6b:2d:b9:76:75:61:95:7f:90:f4:2d:c7:6d:ac:
         82:ad:3d:af:9b:64:05:9f:cb:55:d0:cf:e0:67:c2:05:19:2a:
         c5:f6:e9:29:3a:60:d5:8d:d8:b1:a2:c1:b4:2f:65:b3:05:47:
         5a:f0:f3:d8:01:df:fc:31:9b:f3:52:d8:e4:fa:17:65:2f:2a:
         47:33:03:b5:a7:20:f7:23:fc:a2:21:2e:85:40:96:92:92:56:
         16:ca:18:31:4e:b4:4b:04:ca:96:9a:39:6b:0e:23:16:53:d7:
         63:c1:61:11:3e:c3:53:0a:6d:fc:f6:05:24:0a:2e:9b:aa:1c:
         a0:3f:30:5e:10:94:a7:ac:2f:b5:67:d2:ec:19:76:9f:5b:63:
         28:f5:6a:50:0c:44:46:1b:6c:9b:93:eb:38:7e:d8:66:77:67:
         1e:d3:a5:64:b0:0b:38:dd:6f:30:69:e4:f8:51:18:e1:3e:13:
         17:45:ca:55:df:6c:89:0d:0a:57:f8:7e:8e:7e:54:2d:ee:58:
         aa:63:90:7c:79:44:5b:56:ff:59:60:96:8e:d2:89:a2:0e:1d:
         d2:82:21:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNaYQNDdVz6mdWjqILCsGmrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwOTIwMTAxMDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGIxZTEzNzliODVjOTIxMGNhZmZmMDE3MzgwY2MyZmUyNzgzMzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluTZ6GYDWcJ0uKu+aYTWycq7TViq
WGLEy+UDz1XlfCnsvIwDZsxLsWHkBMqN1CZbct8qALkpoDT/KaGga+gPB9td9id/
88jHo7F8Z2ax5lMEjyfFvTZvcXrWeudzkkg+p5wjCiik6q9JjWgHi5+LyaTZSXjy
yK0WYkrG5p3d5wwILzY1rVVJNjAj3b6ADU5ve625eqK13XAYVS9XZmJMaxeTBnLh
zeIen7a2xk3JUlIBfABDYf7J9WU5W2fIunYKY3gShNwItwH/IZxJhz9HVcUPiMnU
RM0n5lA+rprSPXYjn7O9/QdlcUN7VUtpzPHieV88thPk104zIk0pp3BrAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB2x4TebhckhDK//AXOAzC/ieDN9MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvSGJIaE41dUZ5U0VNcl84QmM0RE1MLUo0TTMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowXAMA0G
CSqGSIb3DQEBCwUAA4IBAQBPYMPGXMpTCvHe3JtYZV8eYX5a2BXrsPmMga5Cx2Ae
CAElikUGGKq6ay25dnVhlX+Q9C3HbayCrT2vm2QFn8tV0M/gZ8IFGSrF9ukpOmDV
jdixosG0L2WzBUda8PPYAd/8MZvzUtjk+hdlLypHMwO1pyD3I/yiIS6FQJaSklYW
yhgxTrRLBMqWmjlrDiMWU9djwWERPsNTCm389gUkCi6bqhygPzBeEJSnrC+1Z9Ls
GXafW2Mo9WpQDERGG2ybk+s4fthmd2ce06VksAs43W8waeT4URjhPhMXRcpV32yJ
DQpX+H6OflQt7liqY5B8eURbVv9ZYJaO0omiDh3SgiGi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:04 2024 by rpki-client on console-fra.rpki-client.org