Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ZDXI5_4qixg84KGmHHGqXN7uW4c.roa
File:                     ZDXI5_4qixg84KGmHHGqXN7uW4c.roa (raw, json)
Hash identifier:          /JDDBwD5JIb3T3n0ETfGg4k0XNWVTqSgShl5DCexdys=
Subject key identifier:   64:35:C8:E7:FE:2A:8B:18:3C:E0:A1:A6:1C:71:AA:5C:DE:EE:5B:87
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0184C2F3FEF9D2A9F827DDB1A159CD026F42
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ZDXI5_4qixg84KGmHHGqXN7uW4c.roa
Signing time:             Tue 29 Nov 2022 10:34:41 +0000
ROA not before:           Tue 29 Nov 2022 10:34:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        163.5.187.0/24 maxlen: 24
                          163.5.192.0/24 maxlen: 24
                          163.5.112.0/24 maxlen: 24
                          163.5.220.0/24 maxlen: 24
                          163.5.130.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24
                          163.5.153.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:c2:f3:fe:f9:d2:a9:f8:27:dd:b1:a1:59:cd:02:6f:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Nov 29 10:34:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6435c8e7fe2a8b183ce0a1a61c71aa5cdeee5b87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:18:8c:43:16:5c:d3:49:2e:53:ad:56:8f:04:
                    eb:d4:8f:50:59:61:d2:1b:58:65:c5:8f:27:be:4a:
                    89:f8:33:8b:b5:43:62:d0:26:72:41:63:b1:96:a3:
                    dc:73:64:a3:b1:99:b6:06:6e:43:2d:5f:54:99:44:
                    9c:e2:ad:70:45:b3:f7:ad:ef:89:25:18:04:e8:ff:
                    87:3d:f7:5a:a6:f2:56:62:b4:fe:6c:1a:f6:7e:a4:
                    32:f5:f0:2e:bc:fb:d1:c5:90:e3:21:cc:fd:fd:65:
                    ba:19:e6:94:85:49:0a:6b:d0:5c:d4:27:e7:f2:88:
                    57:64:16:9e:8e:70:87:08:31:8a:da:60:97:ba:86:
                    86:77:8c:34:18:80:18:3f:ba:3f:44:bf:f5:c9:ea:
                    c0:8f:6b:24:55:ed:7e:ec:47:69:00:5b:4f:f7:37:
                    62:3c:49:1f:76:e0:12:95:fd:e6:cd:92:0c:82:f1:
                    8f:d5:2f:9a:30:de:92:3c:ea:68:94:1b:9c:af:d2:
                    40:46:10:58:76:e5:a3:69:94:45:a9:c7:01:77:c6:
                    44:52:c3:37:0c:39:f6:cf:00:72:18:84:e0:c1:a4:
                    f4:ae:05:08:92:55:b9:6c:6c:99:86:81:aa:8d:cc:
                    5b:88:eb:5d:83:3e:17:bb:a5:bc:49:fd:e4:48:82:
                    af:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:35:C8:E7:FE:2A:8B:18:3C:E0:A1:A6:1C:71:AA:5C:DE:EE:5B:87
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ZDXI5_4qixg84KGmHHGqXN7uW4c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.112.0/24
                  163.5.130.0/24
                  163.5.134.0/24
                  163.5.153.0/24
                  163.5.187.0/24
                  163.5.192.0/24
                  163.5.220.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:1a:a8:fa:21:d9:c0:d3:c8:0a:3b:77:0a:79:05:95:fe:b6:
         a1:f1:25:ea:d9:84:c3:18:f7:00:5b:26:e2:be:70:a6:7f:a5:
         b4:d1:e4:67:61:e8:f8:10:91:90:33:60:ec:9f:83:0f:44:ed:
         42:d3:b7:19:be:1f:91:a2:98:75:a1:75:b9:bd:1f:c7:ba:71:
         9a:6e:1c:6c:fa:5a:69:62:3b:95:ed:e8:c3:a7:cd:68:ff:47:
         02:ff:8c:39:6c:38:2f:49:a9:7d:4b:a6:4d:7b:51:8a:6e:0e:
         82:34:62:12:30:78:09:93:76:5f:ac:05:aa:23:30:e2:ba:f5:
         71:8f:9c:d3:48:8a:56:63:45:2f:c7:32:8b:4f:84:af:56:db:
         2b:35:10:60:d7:aa:3a:60:8b:cb:b3:a5:24:cb:36:b6:0a:b5:
         dc:59:3e:a9:d4:22:fb:49:ce:19:07:a0:e5:9d:49:a8:f3:33:
         56:06:d3:c6:34:cf:f3:e8:b3:50:a5:22:38:1d:6b:a6:23:0e:
         9c:8f:c1:3b:d0:4d:b1:49:53:ec:61:61:aa:ff:b1:b3:67:ad:
         9a:b5:6b:3a:38:d5:57:ac:c6:4b:df:22:e9:5d:bc:c0:4a:69:
         64:df:62:3a:f0:f2:16:59:2e:be:5b:2f:65:bb:8a:5d:00:a6:
         c5:05:95:e0
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYTC8/750qn4J92xoVnNAm9CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMTI5MTAzNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDM1YzhlN2ZlMmE4YjE4M2NlMGExYTYxYzcxYWE1Y2RlZWU1Yjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhiMQxZc00kuU61WjwTr1I9QWWHS
G1hlxY8nvkqJ+DOLtUNi0CZyQWOxlqPcc2SjsZm2Bm5DLV9UmUSc4q1wRbP3re+J
JRgE6P+HPfdapvJWYrT+bBr2fqQy9fAuvPvRxZDjIcz9/WW6GeaUhUkKa9Bc1Cfn
8ohXZBaejnCHCDGK2mCXuoaGd4w0GIAYP7o/RL/1yerAj2skVe1+7EdpAFtP9zdi
PEkfduASlf3mzZIMgvGP1S+aMN6SPOpolBucr9JARhBYduWjaZRFqccBd8ZEUsM3
DDn2zwByGITgwaT0rgUIklW5bGyZhoGqjcxbiOtdgz4Xu6W8Sf3kSIKv6QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGQ1yOf+KosYPOChphxxqlze7luHMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvWkRYSTVfNHFpeGc4NEtHbUhIR3FYTjd1VzRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAowVwAwQA
owWCAwQAowWGAwQAowWZAwQAowW7AwQAowXAAwQAowXcMA0GCSqGSIb3DQEBCwUA
A4IBAQA0Gqj6IdnA08gKO3cKeQWV/rah8SXq2YTDGPcAWybivnCmf6W00eRnYej4
EJGQM2Dsn4MPRO1C07cZvh+Roph1oXW5vR/HunGabhxs+lppYjuV7ejDp81o/0cC
/4w5bDgvSal9S6ZNe1GKbg6CNGISMHgJk3ZfrAWqIzDiuvVxj5zTSIpWY0UvxzKL
T4SvVtsrNRBg16o6YIvLs6Ukyza2CrXcWT6p1CL7Sc4ZB6DlnUmo8zNWBtPGNM/z
6LNQpSI4HWumIw6cj8E70E2xSVPsYWGq/7GzZ62atWs6ONVXrMZL3yLpXbzASmlk
32I68PIWWS6+Wy9lu4pdAKbFBZXg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:06 2024 by rpki-client on console-fra.rpki-client.org