Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-0slF1sMPKlUv6vfkJ1h4s5jMH8.roa
File:                     1-0slF1sMPKlUv6vfkJ1h4s5jMH8.roa (raw, json)
Hash identifier:          F2QVoaG+NY3VCnLKxjElHfOmVeLcFFYONy7vnPYWN78=
Subject key identifier:   FB:4B:25:17:5B:0C:3C:A9:54:BF:AB:DF:90:9D:61:E2:CE:63:30:7F
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018500EF4D7BCF239475833327EA091A3312
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-0slF1sMPKlUv6vfkJ1h4s5jMH8.roa
Signing time:             Sun 11 Dec 2022 11:26:00 +0000
ROA not before:           Sun 11 Dec 2022 11:26:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3320
IP address blocks:        163.5.106.0/24 maxlen: 24
                          163.5.225.0/24 maxlen: 24
                          163.5.118.0/24 maxlen: 24
                          163.5.119.0/24 maxlen: 24
                          163.5.229.0/24 maxlen: 24
                          163.5.159.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:00:ef:4d:7b:cf:23:94:75:83:33:27:ea:09:1a:33:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Dec 11 11:26:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fb4b25175b0c3ca954bfabdf909d61e2ce63307f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:bb:6f:e5:9e:01:a1:b7:35:e8:8a:bf:af:7c:
                    62:9c:69:c2:b7:0f:b5:8d:4a:b5:10:0c:42:8b:42:
                    c2:d2:c4:41:cc:39:76:d6:5d:19:3f:a2:92:60:96:
                    9e:16:f7:da:b0:4a:30:3f:33:b5:84:ed:a9:5b:d8:
                    d5:c2:16:01:93:94:84:49:99:8d:76:e8:7c:1c:c0:
                    4b:49:f9:77:21:fe:5b:18:f1:bf:c6:c4:7f:65:1e:
                    1b:68:59:de:ff:6e:56:16:10:70:5c:09:8f:80:78:
                    40:01:30:5b:4d:28:53:4f:54:81:de:69:fc:c5:ef:
                    46:67:d1:a8:16:22:99:c3:5b:3e:ae:69:e5:c2:a9:
                    ba:16:18:1c:23:66:ad:96:08:13:87:fb:ca:3f:28:
                    d6:77:77:77:b4:bd:d4:6d:9e:01:79:53:77:f3:bb:
                    36:7c:44:0b:f7:64:80:92:0a:72:27:b4:00:e8:12:
                    99:04:e8:00:8a:ee:59:98:40:47:36:fd:cb:3b:34:
                    a5:1e:39:34:d9:a1:92:ac:9c:83:36:c4:a7:36:a6:
                    dc:17:b2:2a:e0:84:f7:7a:8b:25:7e:c2:13:b3:6b:
                    25:b6:4a:cf:9a:31:7d:31:27:2a:4c:f7:1f:eb:e9:
                    7b:23:6b:6c:33:4b:de:a6:58:1a:c1:a5:0f:47:74:
                    82:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:4B:25:17:5B:0C:3C:A9:54:BF:AB:DF:90:9D:61:E2:CE:63:30:7F
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-0slF1sMPKlUv6vfkJ1h4s5jMH8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.106.0/24
                  163.5.118.0/23
                  163.5.159.0/24
                  163.5.225.0/24
                  163.5.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:a1:10:57:de:fd:13:6e:01:64:1c:0f:77:11:f3:dc:4b:15:
         a4:4a:9e:7d:e9:00:a0:fe:bc:9b:fb:02:f0:8c:e3:4b:02:ba:
         b4:fd:82:70:e5:f6:56:60:32:8a:1c:00:35:49:91:1f:f6:f2:
         6f:dd:13:34:45:23:65:cb:7a:ff:7a:b7:cc:13:9c:19:47:cc:
         75:c8:08:b7:05:4e:0d:3f:83:59:c3:9b:c1:78:fe:5e:9c:17:
         56:22:81:bc:3d:c2:d9:f6:f0:05:54:f7:61:22:ba:cb:f2:2f:
         bb:a2:e1:c3:fb:15:3b:19:8e:30:ca:6b:c6:e5:94:78:e9:bb:
         46:4c:c9:0a:a5:7b:0a:5e:2a:30:f9:30:f3:85:b4:63:30:75:
         bd:36:f7:7c:d7:ff:da:62:1e:27:1d:3b:b8:7c:f5:3f:16:c4:
         b8:af:ef:2e:38:26:1a:3f:7e:09:16:f2:9a:41:e4:02:9c:90:
         bf:51:d2:b1:1c:89:59:11:b8:dd:16:f2:99:0c:cf:9f:a9:29:
         95:ef:fe:72:61:92:61:bb:8b:f0:e0:a7:29:bf:38:6a:db:25:
         e3:b0:18:6d:f2:df:36:78:8d:ca:61:6d:0d:23:67:9e:8b:f0:
         b4:f7:7c:8c:b4:9d:9d:e1:08:1a:24:c7:65:58:d6:7b:c1:be:
         28:83:5c:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYUA7017zyOUdYMzJ+oJGjMSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMjExMTEyNjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjRiMjUxNzViMGMzY2E5NTRiZmFiZGY5MDlkNjFlMmNlNjMzMDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbtv5Z4Bobc16Iq/r3xinGnCtw+1
jUq1EAxCi0LC0sRBzDl21l0ZP6KSYJaeFvfasEowPzO1hO2pW9jVwhYBk5SESZmN
duh8HMBLSfl3If5bGPG/xsR/ZR4baFne/25WFhBwXAmPgHhAATBbTShTT1SB3mn8
xe9GZ9GoFiKZw1s+rmnlwqm6FhgcI2atlggTh/vKPyjWd3d3tL3UbZ4BeVN387s2
fEQL92SAkgpyJ7QA6BKZBOgAiu5ZmEBHNv3LOzSlHjk02aGSrJyDNsSnNqbcF7Iq
4IT3eoslfsITs2sltkrPmjF9MScqTPcf6+l7I2tsM0veplgawaUPR3SCRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPtLJRdbDDypVL+r35CdYeLOYzB/MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvMS0wc2xGMXNNUEtsVXY2dmZrSjFoNHM1ak1IOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTMvZDAyZGZiLTk2NzMtNDlhOC05NzFjLTlmZTk0MTA4ZmYw
MS8xL0RPaFJ0dDFkTms3aG5nczRJQnMtamZKaVM4cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAKMFagME
AaMFdgMEAKMFnwMEAKMF4QMEAKMF5TANBgkqhkiG9w0BAQsFAAOCAQEANaEQV979
E24BZBwPdxHz3EsVpEqefekAoP68m/sC8IzjSwK6tP2CcOX2VmAyihwANUmRH/by
b90TNEUjZct6/3q3zBOcGUfMdcgItwVODT+DWcObwXj+XpwXViKBvD3C2fbwBVT3
YSK6y/Ivu6Lhw/sVOxmOMMprxuWUeOm7RkzJCqV7Cl4qMPkw84W0YzB1vTb3fNf/
2mIeJx07uHz1PxbEuK/vLjgmGj9+CRbymkHkApyQv1HSsRyJWRG43RbymQzPn6kp
le/+cmGSYbuL8OCnKb84atsl47AYbfLfNniNymFtDSNnnovwtPd8jLSdneEIGiTH
ZVjWe8G+KINc/Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:00 2024 by rpki-client on console-fra.rpki-client.org