Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/23nks8WceV_afnBRsJYnAcZhBlk.roa
File:                     23nks8WceV_afnBRsJYnAcZhBlk.roa (raw, json)
Hash identifier:          e3yyK2FUwxMZ4zFz/Z42A/OvxfNTytKWuTkN2NRzHQI=
Subject key identifier:   DB:79:E4:B3:C5:9C:79:5F:DA:7E:70:51:B0:96:27:01:C6:61:06:59
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0183561CC899062D2EE087DB22EAEEF4AFF9
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/23nks8WceV_afnBRsJYnAcZhBlk.roa
Signing time:             Mon 19 Sep 2022 14:17:50 +0000
ROA not before:           Mon 19 Sep 2022 14:17:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     30823
IP address blocks:        163.5.236.0/24 maxlen: 24
                          163.5.140.0/24 maxlen: 24
                          163.5.142.0/24 maxlen: 24
                          163.5.247.0/24 maxlen: 24
                          163.5.141.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:56:1c:c8:99:06:2d:2e:e0:87:db:22:ea:ee:f4:af:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Sep 19 14:17:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=db79e4b3c59c795fda7e7051b0962701c6610659
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:78:ac:61:c2:4b:38:5e:2e:20:4e:5d:cf:84:
                    8f:97:49:0c:f5:09:15:24:2d:bf:74:db:b5:01:a4:
                    08:a8:64:a1:04:10:86:7a:40:8e:14:9b:c4:49:49:
                    29:fe:6e:65:28:25:89:7d:15:4c:5a:96:a0:1d:a1:
                    02:a3:9d:7d:e3:b6:2d:5c:c5:b1:f4:d4:77:f6:d2:
                    81:85:2f:b8:51:77:a8:03:11:a3:71:c6:b0:0f:c0:
                    16:f3:71:ed:dd:fd:c4:4c:02:6b:e6:e8:e5:ab:bb:
                    6b:ae:98:30:93:27:b0:f4:e9:4d:28:2e:52:80:a8:
                    1e:13:83:8b:4d:32:fb:79:c2:05:17:76:af:f3:0e:
                    aa:d3:da:3d:4b:d8:29:ba:4f:a2:32:41:12:c7:1d:
                    68:1b:ac:6d:fc:d9:a6:b0:9e:6d:43:3f:dd:11:b4:
                    ea:f7:14:f5:76:d4:12:e6:5a:fe:71:38:21:8d:7f:
                    b2:d7:c0:ac:0d:e5:19:eb:7e:1b:0f:37:42:25:0a:
                    2e:49:b0:5e:81:bf:d2:ea:94:d3:4d:66:28:52:69:
                    9e:c0:ed:a5:24:94:0f:88:43:72:f4:e3:92:91:a4:
                    cf:60:71:66:f5:77:93:43:ac:18:ee:c6:37:30:81:
                    4b:48:4b:0d:39:97:a8:be:9c:b3:c4:d0:28:f5:1f:
                    2b:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:79:E4:B3:C5:9C:79:5F:DA:7E:70:51:B0:96:27:01:C6:61:06:59
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/23nks8WceV_afnBRsJYnAcZhBlk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.140.0-163.5.142.255
                  163.5.236.0/24
                  163.5.247.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:f1:99:2d:b9:f8:9b:44:71:51:86:b8:23:69:b8:00:dc:9a:
         1f:eb:a9:47:02:08:e5:ca:30:27:31:37:33:f0:a6:56:46:e9:
         ce:a1:22:3f:33:4f:d0:a8:a9:73:64:f2:76:b3:14:05:a0:a6:
         d8:48:d1:e4:90:7c:db:07:a3:86:cb:72:9c:96:dc:86:fe:26:
         4a:63:a7:11:9b:b5:d8:63:02:c7:db:84:6e:9c:0a:f8:91:22:
         38:9d:ba:00:8c:5e:35:a0:6c:69:e4:fe:13:e9:61:61:75:7a:
         4a:b9:e0:09:e9:91:18:e5:cc:64:b4:88:79:af:f6:55:29:7c:
         1d:0c:03:d8:e8:a8:51:96:70:99:05:6b:aa:b9:6e:56:eb:6b:
         11:9f:79:00:5e:ae:2b:13:26:95:38:09:1c:8c:22:4b:96:55:
         8f:c8:38:1b:7d:20:56:24:97:38:52:31:fb:0f:e9:2e:eb:22:
         1e:40:72:0e:be:29:73:76:52:67:51:7c:5c:3a:06:d7:8f:6a:
         59:0e:17:bf:b0:90:cc:62:2e:2a:ac:d9:fe:6a:af:bf:8f:b5:
         12:e9:c6:c8:5c:ce:35:41:4d:52:4b:b7:5a:37:bd:9d:f1:a8:
         09:3c:0e:12:a7:38:5d:e6:39:8a:a4:97:46:88:5e:76:82:2b:
         47:d4:a2:49
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYNWHMiZBi0u4IfbIuru9K/5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwOTE5MTQxNzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjc5ZTRiM2M1OWM3OTVmZGE3ZTcwNTFiMDk2MjcwMWM2NjEwNjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnisYcJLOF4uIE5dz4SPl0kM9QkV
JC2/dNu1AaQIqGShBBCGekCOFJvESUkp/m5lKCWJfRVMWpagHaECo51947YtXMWx
9NR39tKBhS+4UXeoAxGjccawD8AW83Ht3f3ETAJr5ujlq7trrpgwkyew9OlNKC5S
gKgeE4OLTTL7ecIFF3av8w6q09o9S9gpuk+iMkESxx1oG6xt/NmmsJ5tQz/dEbTq
9xT1dtQS5lr+cTghjX+y18CsDeUZ634bDzdCJQouSbBegb/S6pTTTWYoUmmewO2l
JJQPiENy9OOSkaTPYHFm9XeTQ6wY7sY3MIFLSEsNOZeovpyzxNAo9R8rxwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNt55LPFnHlf2n5wUbCWJwHGYQZZMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvMjNua3M4V2NlVl9hZm5CUnNKWW5BY1poQmxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAKjBYwD
BACjBY4DBACjBewDBACjBfcwDQYJKoZIhvcNAQELBQADggEBAGXxmS25+JtEcVGG
uCNpuADcmh/rqUcCCOXKMCcxNzPwplZG6c6hIj8zT9CoqXNk8nazFAWgpthI0eSQ
fNsHo4bLcpyW3Ib+JkpjpxGbtdhjAsfbhG6cCviRIjidugCMXjWgbGnk/hPpYWF1
ekq54AnpkRjlzGS0iHmv9lUpfB0MA9joqFGWcJkFa6q5blbraxGfeQBerisTJpU4
CRyMIkuWVY/IOBt9IFYklzhSMfsP6S7rIh5Acg6+KXN2UmdRfFw6BtePalkOF7+w
kMxiLiqs2f5qr7+PtRLpxshczjVBTVJLt1o3vZ3xqAk8DhKnOF3mOYqkl0aIXnaC
K0fUokk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:28 2024 by rpki-client on console-ams.rpki-client.org