Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/5W7cZh_s0-I5tEtfQmkpMpKUe80.roa
File:                     5W7cZh_s0-I5tEtfQmkpMpKUe80.roa (raw, json)
Hash identifier:          Oxmbps5qJuPErQqqhA9Fdbd1DOaziRuEwjAtZpW6grI=
Subject key identifier:   E5:6E:DC:66:1F:EC:D3:E2:39:B4:4B:5F:42:69:29:32:92:94:7B:CD
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0184150DF0F6C598C02D45E323E61FAEEFAA
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/5W7cZh_s0-I5tEtfQmkpMpKUe80.roa
Signing time:             Wed 26 Oct 2022 16:09:05 +0000
ROA not before:           Wed 26 Oct 2022 16:09:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211237
IP address blocks:        163.5.95.0/24 maxlen: 24
                          163.5.94.0/24 maxlen: 24
                          163.5.113.0/24 maxlen: 24
                          163.5.116.0/24 maxlen: 24
                          163.5.241.0/24 maxlen: 24
                          163.5.32.0/24 maxlen: 24
                          163.5.173.0/24 maxlen: 24
                          163.5.184.0/24 maxlen: 24
                          163.5.196.0/24 maxlen: 24
                          163.5.197.0/24 maxlen: 24
                          163.5.195.0/24 maxlen: 24
                          163.5.127.0/24 maxlen: 24
                          163.5.132.0/24 maxlen: 24
                          163.5.135.0/24 maxlen: 24
                          163.5.133.0/24 maxlen: 24
                          163.5.136.0/24 maxlen: 24
                          163.5.143.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:15:0d:f0:f6:c5:98:c0:2d:45:e3:23:e6:1f:ae:ef:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Oct 26 16:09:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e56edc661fecd3e239b44b5f4269293292947bcd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:b0:76:80:42:b2:b6:43:1c:d7:8a:7f:24:f4:
                    d4:41:4d:89:87:28:b0:b1:a3:23:5d:49:6c:56:69:
                    ca:a3:e9:08:b3:79:d6:44:33:49:5d:31:f8:76:57:
                    ac:f2:f5:cf:93:d9:1d:a4:3a:b5:0a:66:bd:e4:a8:
                    8c:7e:8c:4e:2b:83:3f:77:e7:0d:3b:14:43:08:58:
                    98:99:6d:9e:ae:81:ad:c7:f3:80:de:30:4c:19:93:
                    35:57:e2:c7:ed:d8:b6:74:e4:71:33:fe:b5:15:b4:
                    00:01:dc:73:b4:9f:f1:d7:13:b5:f2:9a:66:96:c2:
                    74:5f:2c:84:81:c5:ae:25:23:74:a5:0f:f6:fd:3b:
                    4e:c3:9b:20:3b:f7:c7:cf:26:f2:b5:a0:28:94:e5:
                    73:0c:2b:3e:78:4b:43:2e:91:06:c1:5d:28:05:8d:
                    5e:ca:a6:a4:5d:34:e4:bf:d2:fe:bd:4a:65:4a:2b:
                    e8:01:50:80:eb:c2:53:06:5e:13:54:21:40:d5:59:
                    5f:13:c1:ef:57:01:8a:43:4c:b4:6d:bb:d5:b7:e7:
                    a9:58:d0:6b:3c:ef:39:7b:7c:0f:24:bf:6d:aa:3c:
                    8a:94:9d:f8:37:89:34:8d:2c:7b:be:78:0d:57:b5:
                    36:e0:25:af:a5:cb:84:74:0f:30:c5:84:8c:d2:ca:
                    4a:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:6E:DC:66:1F:EC:D3:E2:39:B4:4B:5F:42:69:29:32:92:94:7B:CD
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/5W7cZh_s0-I5tEtfQmkpMpKUe80.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.32.0/24
                  163.5.94.0/23
                  163.5.113.0/24
                  163.5.116.0/24
                  163.5.127.0/24
                  163.5.132.0/23
                  163.5.135.0-163.5.136.255
                  163.5.143.0/24
                  163.5.173.0/24
                  163.5.184.0/24
                  163.5.195.0-163.5.197.255
                  163.5.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:ae:ef:a7:0f:bd:2f:5d:22:38:d3:61:7a:cd:a2:79:ba:ba:
         37:53:3a:dd:98:31:0b:44:cc:cc:72:1a:25:2e:da:7b:c2:85:
         38:84:a9:df:a1:22:12:79:6c:ed:b8:db:ff:1c:cf:a1:10:dd:
         dc:0f:75:9f:45:97:dd:84:77:5c:2a:9d:44:bc:a7:aa:ea:bc:
         f9:c7:90:7f:b0:5e:6a:30:22:85:45:ca:ad:c9:90:1e:a3:c1:
         c0:fa:93:94:a1:e4:9e:ea:73:30:88:a4:22:a4:20:a4:8d:b2:
         53:70:18:2e:24:04:58:ec:58:76:f4:6d:51:ca:69:e1:41:af:
         d3:44:b0:25:61:4c:de:e5:5a:40:d7:4d:a3:e2:59:4a:1c:5b:
         f5:81:c7:7e:ec:9a:4e:f3:d0:ae:3b:b3:bc:91:9a:2c:bd:20:
         fd:38:53:5e:26:bc:cf:2e:8f:cf:32:f6:b5:2c:11:e4:22:f2:
         31:e9:b6:d7:bf:3f:fb:03:ba:ff:e9:b3:ed:81:75:46:0d:a5:
         8a:7b:5c:b3:17:c3:48:63:6e:3c:0b:74:17:7a:a1:82:19:1e:
         bc:ea:10:f4:e4:29:71:10:78:06:21:cd:bc:d1:c9:de:f6:9a:
         7c:af:27:4b:58:b8:27:41:c9:f2:90:ad:79:f2:8b:dc:7e:f9:
         11:51:ad:b7
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYQVDfD2xZjALUXjI+Yfru+qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMDI2MTYwOTA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTZlZGM2NjFmZWNkM2UyMzliNDRiNWY0MjY5MjkzMjkyOTQ3YmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbB2gEKytkMc14p/JPTUQU2Jhyiw
saMjXUlsVmnKo+kIs3nWRDNJXTH4dles8vXPk9kdpDq1Cma95KiMfoxOK4M/d+cN
OxRDCFiYmW2eroGtx/OA3jBMGZM1V+LH7di2dORxM/61FbQAAdxztJ/x1xO18ppm
lsJ0XyyEgcWuJSN0pQ/2/TtOw5sgO/fHzybytaAolOVzDCs+eEtDLpEGwV0oBY1e
yqakXTTkv9L+vUplSivoAVCA68JTBl4TVCFA1VlfE8HvVwGKQ0y0bbvVt+epWNBr
PO85e3wPJL9tqjyKlJ34N4k0jSx7vngNV7U24CWvpcuEdA8wxYSM0spKiwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFOVu3GYf7NPiObRLX0JpKTKSlHvNMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvNVc3Y1poX3MwLUk1dEV0ZlFta3BNcEtVZTgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQAowUgAwQB
owVeAwQAowVxAwQAowV0AwQAowV/AwQBowWEMAwDBACjBYcDBACjBYgDBACjBY8D
BACjBa0DBACjBbgwDAMEAKMFwwMEAaMFxAMEAKMF8TANBgkqhkiG9w0BAQsFAAOC
AQEAh67vpw+9L10iONNhes2iebq6N1M63ZgxC0TMzHIaJS7ae8KFOISp36EiEnls
7bjb/xzPoRDd3A91n0WX3YR3XCqdRLynquq8+ceQf7BeajAihUXKrcmQHqPBwPqT
lKHknupzMIikIqQgpI2yU3AYLiQEWOxYdvRtUcpp4UGv00SwJWFM3uVaQNdNo+JZ
Shxb9YHHfuyaTvPQrjuzvJGaLL0g/ThTXia8zy6PzzL2tSwR5CLyMem2178/+wO6
/+mz7YF1Rg2lintcsxfDSGNuPAt0F3qhghkevOoQ9OQpcRB4BiHNvNHJ3vaafK8n
S1i4J0HJ8pCtefKL3H75EVGttw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:28 2024 by rpki-client on console-ams.rpki-client.org