Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/6LxfdDJbYFJu9HqhTRHKZhn-8GU.roa
File:                     6LxfdDJbYFJu9HqhTRHKZhn-8GU.roa (raw, json)
Hash identifier:          qUdM6p8TW0tzKPBrxRu6Yx635s2F18uH7zkFBuIKKXE=
Subject key identifier:   E8:BC:5F:74:32:5B:60:52:6E:F4:7A:A1:4D:11:CA:66:19:FE:F0:65
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018320CC00C88B1087636E002D498301B375
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/6LxfdDJbYFJu9HqhTRHKZhn-8GU.roa
Signing time:             Fri 09 Sep 2022 05:49:43 +0000
ROA not before:           Fri 09 Sep 2022 05:49:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207459
IP address blocks:        163.5.215.0/24 maxlen: 24
                          163.5.144.0/24 maxlen: 24
                          163.5.145.0/24 maxlen: 24
                          163.5.163.0/24 maxlen: 24
                          163.5.168.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:20:cc:00:c8:8b:10:87:63:6e:00:2d:49:83:01:b3:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Sep  9 05:49:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e8bc5f74325b60526ef47aa14d11ca6619fef065
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:84:c8:97:b7:6e:a2:7e:1e:5e:17:98:d2:0f:
                    9d:54:25:af:3b:75:35:73:fd:2e:8b:39:2a:11:73:
                    77:14:14:78:89:69:b8:8b:1a:cd:03:67:ee:1e:f9:
                    eb:a1:12:67:26:e5:7e:f1:91:9d:cf:46:35:3f:eb:
                    40:b9:a3:c5:45:c0:d6:ca:58:fd:c5:75:d7:5d:90:
                    1b:67:e8:46:59:b4:36:5e:35:a5:97:9d:cd:67:d2:
                    e4:9a:95:51:92:4f:a1:99:c4:52:94:c7:cb:00:87:
                    eb:c4:91:ad:9d:52:e9:83:cc:e1:93:b0:21:85:fa:
                    d1:8c:de:6c:3d:62:63:67:47:19:f6:4a:fd:ae:52:
                    a4:e0:29:ab:5c:73:8b:04:43:11:56:b6:25:c8:b5:
                    f2:dc:eb:ea:56:b2:8b:5a:e6:31:1b:29:1d:ed:e3:
                    88:34:f8:ed:b6:59:e2:58:ad:6a:d3:d3:83:84:6d:
                    01:65:12:25:05:e0:4e:f5:da:fd:7d:3a:56:58:e4:
                    12:a4:db:11:57:bf:30:73:fc:ed:f5:06:b5:8b:09:
                    6c:91:00:7a:93:22:14:e8:a4:f9:4b:89:ec:d2:08:
                    be:68:38:c5:40:aa:b6:4a:20:b0:de:c1:3a:9d:59:
                    cc:31:ed:8b:7a:7b:51:58:cc:50:04:64:85:5c:91:
                    49:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:BC:5F:74:32:5B:60:52:6E:F4:7A:A1:4D:11:CA:66:19:FE:F0:65
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/6LxfdDJbYFJu9HqhTRHKZhn-8GU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.144.0/23
                  163.5.163.0/24
                  163.5.168.0/24
                  163.5.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:9b:ab:4f:bb:53:98:c4:65:76:a8:6d:7f:f6:cf:e7:47:d5:
         d3:bc:7c:bf:45:fc:d1:82:28:26:aa:86:78:d0:1f:fc:a0:36:
         fc:25:ee:38:d7:3b:81:02:b9:04:cc:7c:a6:ff:d8:3c:cf:04:
         95:2d:ea:06:df:e9:99:ed:7b:97:94:62:65:c0:40:8e:9c:cc:
         c2:29:8a:54:17:6e:8b:49:90:e9:4d:90:9e:a8:1d:95:f8:56:
         4e:06:3f:05:30:9d:0e:30:20:38:4a:4a:6a:be:48:84:37:17:
         d8:dd:b1:d9:f0:d9:56:b8:8c:9b:b1:1f:7e:e4:2f:96:8e:6f:
         04:77:a0:a5:bc:00:4a:d2:d7:8d:25:71:90:70:4b:35:1d:75:
         09:90:3a:b9:66:07:8e:7e:7c:6d:8c:f3:4f:d4:23:a1:d4:9b:
         6a:4b:86:45:fd:e3:e2:b4:4c:60:01:9f:91:9f:24:29:32:d2:
         e1:4c:f7:1c:04:54:d6:7d:28:23:ba:7a:06:1d:1b:e8:9e:7c:
         be:19:4f:e0:aa:7e:ad:74:a4:35:15:a5:2e:20:5c:7f:30:23:
         3b:fb:6a:37:d5:f9:d4:ab:af:9d:30:de:2b:07:43:8e:a8:a0:
         38:44:c2:19:a7:ca:66:45:a6:96:4c:29:d8:4b:cf:33:d2:f1:
         19:45:b5:7a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYMgzADIixCHY24ALUmDAbN1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwOTA5MDU0OTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGJjNWY3NDMyNWI2MDUyNmVmNDdhYTE0ZDExY2E2NjE5ZmVmMDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoTIl7duon4eXheY0g+dVCWvO3U1
c/0uizkqEXN3FBR4iWm4ixrNA2fuHvnroRJnJuV+8ZGdz0Y1P+tAuaPFRcDWylj9
xXXXXZAbZ+hGWbQ2XjWll53NZ9LkmpVRkk+hmcRSlMfLAIfrxJGtnVLpg8zhk7Ah
hfrRjN5sPWJjZ0cZ9kr9rlKk4CmrXHOLBEMRVrYlyLXy3OvqVrKLWuYxGykd7eOI
NPjttlniWK1q09ODhG0BZRIlBeBO9dr9fTpWWOQSpNsRV78wc/zt9Qa1iwlskQB6
kyIU6KT5S4ns0gi+aDjFQKq2SiCw3sE6nVnMMe2LentRWMxQBGSFXJFJHQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOi8X3QyW2BSbvR6oU0RymYZ/vBlMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvNkx4ZmRESmJZRkp1OUhxaFRSSEtaaG4tOEdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBowWQAwQA
owWjAwQAowWoAwQAowXXMA0GCSqGSIb3DQEBCwUAA4IBAQB6m6tPu1OYxGV2qG1/
9s/nR9XTvHy/RfzRgigmqoZ40B/8oDb8Je441zuBArkEzHym/9g8zwSVLeoG3+mZ
7XuXlGJlwECOnMzCKYpUF26LSZDpTZCeqB2V+FZOBj8FMJ0OMCA4SkpqvkiENxfY
3bHZ8NlWuIybsR9+5C+Wjm8Ed6ClvABK0teNJXGQcEs1HXUJkDq5ZgeOfnxtjPNP
1COh1JtqS4ZF/ePitExgAZ+RnyQpMtLhTPccBFTWfSgjunoGHRvonny+GU/gqn6t
dKQ1FaUuIFx/MCM7+2o31fnUq6+dMN4rB0OOqKA4RMIZp8pmRaaWTCnYS88z0vEZ
RbV6
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:28 2024 by rpki-client on console-ams.rpki-client.org