Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4f122QXCuaKkOuLQxenE9Fe4Y08.roa
File:                     4f122QXCuaKkOuLQxenE9Fe4Y08.roa (raw, json)
Hash identifier:          K/rVEGrRLsUqSI++W1fJxicHWpnfcepFEeizTDa5y+s=
Subject key identifier:   E1:FD:76:D9:05:C2:B9:A2:A4:3A:E2:D0:C5:E9:C4:F4:57:B8:63:4F
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018480491830493CE0BEF283ADDEF4466C8E
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4f122QXCuaKkOuLQxenE9Fe4Y08.roa
Signing time:             Wed 16 Nov 2022 11:53:04 +0000
ROA not before:           Wed 16 Nov 2022 11:53:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204968
IP address blocks:        163.5.199.0/24 maxlen: 24
                          163.5.206.0/24 maxlen: 24
                          163.5.200.0/24 maxlen: 24
                          163.5.208.0/24 maxlen: 24
                          163.5.213.0/24 maxlen: 24
                          163.5.207.0/24 maxlen: 24
                          163.5.209.0/24 maxlen: 24
                          163.5.155.0/24 maxlen: 24
                          163.5.157.0/24 maxlen: 24
                          163.5.156.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:80:49:18:30:49:3c:e0:be:f2:83:ad:de:f4:46:6c:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Nov 16 11:53:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e1fd76d905c2b9a2a43ae2d0c5e9c4f457b8634f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:f6:e9:30:57:cb:89:e2:83:08:c1:3c:17:b1:
                    f4:b8:87:e6:29:59:34:fd:9b:21:76:8a:e1:8f:9d:
                    92:7c:fb:d2:5d:0c:bd:dc:d3:9e:7f:09:a8:0a:09:
                    01:03:f4:cf:e1:14:26:a2:79:34:c1:2c:ff:34:4b:
                    9e:31:2f:e2:39:26:73:65:44:fe:d7:4d:18:1a:70:
                    8f:ca:40:e7:57:b0:b6:b5:82:96:bc:a6:ac:53:c4:
                    ae:d4:73:b4:cf:24:9f:e0:f7:50:22:e5:4c:a7:6c:
                    0a:0a:7d:b3:6c:f7:1f:70:8f:5e:31:10:2f:0a:14:
                    8c:87:82:49:3d:56:de:70:aa:dc:3b:26:93:af:77:
                    00:4a:d9:cf:8d:27:f6:f0:02:9b:d4:1e:2a:9c:04:
                    a6:86:4d:60:64:0c:be:da:c1:5c:0c:e6:14:b0:b6:
                    c1:b2:3d:e2:c4:0d:b2:4d:82:df:ec:32:59:4f:a5:
                    f2:6b:05:38:ca:59:7b:3f:da:f8:3c:12:02:51:8b:
                    a7:4d:37:fc:5a:ae:e8:5b:80:dc:0a:b7:89:cb:ae:
                    1b:f0:77:ee:ef:57:b5:4c:b5:23:10:f6:83:90:15:
                    d6:9a:ef:36:3d:47:b0:39:fa:07:b5:ef:1f:23:ec:
                    53:62:51:ae:3e:0a:2e:fc:c8:3d:80:15:60:37:90:
                    17:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:FD:76:D9:05:C2:B9:A2:A4:3A:E2:D0:C5:E9:C4:F4:57:B8:63:4F
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4f122QXCuaKkOuLQxenE9Fe4Y08.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.155.0-163.5.157.255
                  163.5.199.0-163.5.200.255
                  163.5.206.0-163.5.209.255
                  163.5.213.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:52:27:2b:03:05:bf:f5:1c:1c:a1:70:c1:c8:e1:fb:9a:aa:
         98:bf:ee:7e:81:54:09:d9:bb:d7:54:2c:af:99:7a:94:cf:30:
         ce:9c:64:48:5b:01:03:b2:81:e6:96:8f:f5:68:9c:39:00:f2:
         99:0e:8a:07:0a:f6:81:65:b1:72:36:9c:3d:6d:13:9e:37:1d:
         c3:77:5f:d1:ee:ec:f5:2e:c8:a1:89:9a:50:27:f5:61:d4:6a:
         6f:c8:0d:5f:22:7a:66:ea:9a:9f:59:a0:3d:21:84:e9:6b:a1:
         b5:e7:cf:54:2c:d4:67:9d:a3:25:07:0a:94:cc:43:23:b1:1a:
         91:72:9a:ae:70:c6:21:af:c5:f6:6d:5e:b1:d0:9a:0f:20:ae:
         3c:33:f3:7c:25:60:e1:38:4a:ef:fc:1f:29:78:17:ca:30:76:
         2c:fc:01:0f:8f:b3:dd:46:1f:3d:58:23:bb:db:31:2d:03:18:
         3f:3d:2b:6f:29:65:aa:d2:9f:3e:6f:c6:be:9e:cc:17:a8:a6:
         cc:93:3c:73:af:46:92:c0:72:cd:22:56:11:0d:ff:b2:86:20:
         de:bc:f5:f5:ea:1c:e1:45:4d:9d:5c:ff:ce:0f:5f:1a:29:20:
         98:bd:50:64:08:47:4b:22:fc:5f:55:c3:3d:5c:cb:56:7a:92:
         2f:06:61:45
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYSASRgwSTzgvvKDrd70RmyOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMTE2MTE1MzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWZkNzZkOTA1YzJiOWEyYTQzYWUyZDBjNWU5YzRmNDU3Yjg2MzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/bpMFfLieKDCME8F7H0uIfmKVk0
/Zshdorhj52SfPvSXQy93NOefwmoCgkBA/TP4RQmonk0wSz/NEueMS/iOSZzZUT+
100YGnCPykDnV7C2tYKWvKasU8Su1HO0zySf4PdQIuVMp2wKCn2zbPcfcI9eMRAv
ChSMh4JJPVbecKrcOyaTr3cAStnPjSf28AKb1B4qnASmhk1gZAy+2sFcDOYUsLbB
sj3ixA2yTYLf7DJZT6XyawU4yll7P9r4PBICUYunTTf8Wq7oW4DcCreJy64b8Hfu
71e1TLUjEPaDkBXWmu82PUewOfoHte8fI+xTYlGuPgou/Mg9gBVgN5AXcwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOH9dtkFwrmipDri0MXpxPRXuGNPMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvNGYxMjJRWEN1YUtrT3VMUXhlbkU5RmU0WTA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwMAwDBACjBZsD
BAGjBZwwDAMEAKMFxwMEAKMFyDAMAwQBowXOAwQBowXQAwQAowXVMA0GCSqGSIb3
DQEBCwUAA4IBAQAZUicrAwW/9RwcoXDByOH7mqqYv+5+gVQJ2bvXVCyvmXqUzzDO
nGRIWwEDsoHmlo/1aJw5APKZDooHCvaBZbFyNpw9bROeNx3Dd1/R7uz1LsihiZpQ
J/Vh1GpvyA1fInpm6pqfWaA9IYTpa6G1589ULNRnnaMlBwqUzEMjsRqRcpqucMYh
r8X2bV6x0JoPIK48M/N8JWDhOErv/B8peBfKMHYs/AEPj7PdRh89WCO72zEtAxg/
PStvKWWq0p8+b8a+nswXqKbMkzxzr0aSwHLNIlYRDf+yhiDevPX16hzhRU2dXP/O
D18aKSCYvVBkCEdLIvxfVcM9XMtWepIvBmFF
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:28 2024 by rpki-client on console-ams.rpki-client.org