Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/5PxjWb4U4ws6IEHSfpUDz1pdZh4.roa
File:                     5PxjWb4U4ws6IEHSfpUDz1pdZh4.roa (raw, json)
Hash identifier:          V025egtBDjGZB0KCWWD9tgYKXZg2E2A5CFSVjK/of7o=
Subject key identifier:   E4:FC:63:59:BE:14:E3:0B:3A:20:41:D2:7E:95:03:CF:5A:5D:66:1E
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01828E749B649099ED7CAB344CE35D7E639A
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/5PxjWb4U4ws6IEHSfpUDz1pdZh4.roa
Signing time:             Thu 11 Aug 2022 19:49:42 +0000
ROA not before:           Thu 11 Aug 2022 19:49:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        163.5.179.0/24 maxlen: 24
                          163.5.212.0/24 maxlen: 24
                          163.5.214.0/24 maxlen: 24
                          163.5.217.0/24 maxlen: 24
                          163.5.152.0/24 maxlen: 24
                          163.5.166.0/24 maxlen: 24
                          163.5.169.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:8e:74:9b:64:90:99:ed:7c:ab:34:4c:e3:5d:7e:63:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Aug 11 19:49:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e4fc6359be14e30b3a2041d27e9503cf5a5d661e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:64:bf:69:54:f5:d8:12:60:ed:06:ec:18:89:
                    42:1a:f5:85:92:e0:fe:23:52:9e:4d:ff:d5:a5:94:
                    0e:a3:8e:2e:d6:0b:2c:dd:fe:ba:09:6d:6b:a2:26:
                    92:e0:a2:66:37:f8:cf:c0:1f:77:76:1f:53:b7:99:
                    8a:68:74:87:57:10:f8:9a:70:ec:e9:e4:6d:2f:81:
                    ff:93:9c:ff:e4:dc:52:30:bc:fd:a1:7a:f3:d6:74:
                    5e:8a:d3:4d:e3:79:68:8d:c4:1a:39:cf:8c:bc:ab:
                    e5:db:c0:54:11:e7:4e:c4:18:c6:85:f5:69:c8:0c:
                    46:f1:1c:c1:1d:05:d4:4d:90:d5:db:ce:01:9b:f0:
                    53:26:1f:cc:31:ac:30:e8:00:7d:39:e3:53:92:fe:
                    fe:79:99:f1:7e:8c:d9:61:12:ef:75:59:e9:f3:89:
                    9d:38:41:b1:f7:d0:8b:61:01:51:51:d6:4a:59:85:
                    37:fd:3c:56:db:62:28:2f:e5:ff:0d:ec:ca:61:88:
                    50:a2:f3:66:b6:ea:e9:8b:20:81:d9:5a:ef:c3:ff:
                    37:ff:65:f5:6c:de:b9:c2:5e:e4:5a:67:7b:b2:2d:
                    47:95:31:77:a4:7f:e7:39:6f:ea:89:84:dd:5b:97:
                    bb:e3:fb:92:af:43:cd:94:ee:6e:55:0a:bf:8f:77:
                    9e:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:FC:63:59:BE:14:E3:0B:3A:20:41:D2:7E:95:03:CF:5A:5D:66:1E
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/5PxjWb4U4ws6IEHSfpUDz1pdZh4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.152.0/24
                  163.5.166.0/24
                  163.5.169.0/24
                  163.5.179.0/24
                  163.5.212.0/24
                  163.5.214.0/24
                  163.5.217.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:93:5c:51:ab:13:8e:2e:a2:fd:a9:1d:f5:a8:1a:c5:c7:38:
         fa:f3:90:bc:9e:80:e6:20:d3:ae:cf:a0:5c:6f:ec:a6:80:b0:
         95:2e:67:f2:4e:09:27:4c:1e:a6:17:e5:72:d7:54:a4:a9:bc:
         3d:7c:07:e3:fb:55:6a:b1:77:72:0f:95:03:2c:00:51:2c:1e:
         03:8c:2b:8e:6e:ee:97:a5:d4:da:93:46:d7:84:e2:77:7e:b1:
         40:a2:4e:f3:7c:5e:48:15:f3:60:81:fd:82:56:b8:f2:6a:ad:
         e7:be:e6:33:ac:e8:8f:28:72:9f:d5:c9:79:6c:07:6b:56:15:
         7e:70:7c:60:42:5c:6f:5f:20:35:ab:f3:bb:95:cc:6e:1c:55:
         67:49:59:03:76:fb:10:52:6b:4e:b3:1b:06:18:e0:e9:fa:00:
         4f:52:d0:99:ea:85:ef:88:da:52:fa:75:71:86:01:68:6e:f0:
         41:14:ee:00:08:1e:fb:13:ca:81:85:13:18:7e:24:f5:41:12:
         46:1f:4c:7e:e1:ab:36:b1:ba:17:51:6c:c7:b0:5e:04:da:9c:
         9d:40:2c:29:25:1f:d9:12:61:7b:32:8d:01:38:d5:8e:01:d3:
         10:b3:ef:bd:7f:c8:53:a4:00:73:eb:f5:cd:53:90:25:45:64:
         0b:76:0a:1e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYKOdJtkkJntfKs0TONdfmOaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwODExMTk0OTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGZjNjM1OWJlMTRlMzBiM2EyMDQxZDI3ZTk1MDNjZjVhNWQ2NjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2S/aVT12BJg7QbsGIlCGvWFkuD+
I1KeTf/VpZQOo44u1gss3f66CW1roiaS4KJmN/jPwB93dh9Tt5mKaHSHVxD4mnDs
6eRtL4H/k5z/5NxSMLz9oXrz1nReitNN43lojcQaOc+MvKvl28BUEedOxBjGhfVp
yAxG8RzBHQXUTZDV284Bm/BTJh/MMaww6AB9OeNTkv7+eZnxfozZYRLvdVnp84md
OEGx99CLYQFRUdZKWYU3/TxW22IoL+X/DezKYYhQovNmturpiyCB2Vrvw/83/2X1
bN65wl7kWmd7si1HlTF3pH/nOW/qiYTdW5e74/uSr0PNlO5uVQq/j3eexwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOT8Y1m+FOMLOiBB0n6VA89aXWYeMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvNVB4aldiNFU0d3M2SUVIU2ZwVUR6MXBkWmg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAowWYAwQA
owWmAwQAowWpAwQAowWzAwQAowXUAwQAowXWAwQAowXZMA0GCSqGSIb3DQEBCwUA
A4IBAQBZk1xRqxOOLqL9qR31qBrFxzj685C8noDmINOuz6Bcb+ymgLCVLmfyTgkn
TB6mF+Vy11Skqbw9fAfj+1VqsXdyD5UDLABRLB4DjCuObu6XpdTak0bXhOJ3frFA
ok7zfF5IFfNggf2CVrjyaq3nvuYzrOiPKHKf1cl5bAdrVhV+cHxgQlxvXyA1q/O7
lcxuHFVnSVkDdvsQUmtOsxsGGODp+gBPUtCZ6oXviNpS+nVxhgFobvBBFO4ACB77
E8qBhRMYfiT1QRJGH0x+4as2sboXUWzHsF4E2pydQCwpJR/ZEmF7Mo0BONWOAdMQ
s++9f8hTpABz6/XNU5AlRWQLdgoe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:03 2024 by rpki-client on console-fra.rpki-client.org