Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/6M9qAtDsrJ3Ljnbaw_uL0JAuE0w.roa
File:                     6M9qAtDsrJ3Ljnbaw_uL0JAuE0w.roa (raw, json)
Hash identifier:          xYVQt2ZUJOFkvSZgvz4MyLt1tOZzpkK1kKeQsQnSWF8=
Subject key identifier:   E8:CF:6A:02:D0:EC:AC:9D:CB:8E:76:DA:C3:FB:8B:D0:90:2E:13:4C
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01853EEE9906F710A243D06BE0DE49221570
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/6M9qAtDsrJ3Ljnbaw_uL0JAuE0w.roa
Signing time:             Fri 23 Dec 2022 12:21:42 +0000
ROA not before:           Fri 23 Dec 2022 12:21:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7018
IP address blocks:        163.5.71.0/24 maxlen: 24
                          163.5.110.0/24 maxlen: 24
                          163.5.111.0/24 maxlen: 24
                          163.5.232.0/24 maxlen: 24
                          163.5.128.0/24 maxlen: 24
                          163.5.126.0/24 maxlen: 24
                          163.5.253.0/24 maxlen: 24
                          163.5.250.0/24 maxlen: 24
                          163.5.165.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:3e:ee:99:06:f7:10:a2:43:d0:6b:e0:de:49:22:15:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Dec 23 12:21:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e8cf6a02d0ecac9dcb8e76dac3fb8bd0902e134c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:46:9a:94:2a:a3:98:97:11:f0:d6:eb:4f:83:
                    30:c2:d7:a1:76:00:eb:62:9a:a5:25:a5:6b:ed:11:
                    f4:99:4d:3c:bf:10:b9:cb:a2:83:36:4c:c8:b8:8f:
                    90:02:02:a0:dd:dd:e8:3d:19:9b:ca:e4:8d:4f:fa:
                    ae:47:81:c6:67:07:cf:9f:30:d3:e8:db:f6:8a:b8:
                    0c:ae:c9:9b:71:52:ac:ca:ad:62:a2:50:e2:29:b2:
                    51:41:b8:35:45:78:7a:7f:b4:8c:03:ca:d5:f4:e6:
                    76:8f:3a:e2:3d:dc:44:3d:92:17:13:bb:2a:37:16:
                    58:ab:3d:29:50:8d:c6:7d:f2:af:3a:b9:79:f2:09:
                    e3:9c:ac:80:5b:bb:11:b9:1b:f2:7a:7d:d4:61:a3:
                    4c:93:35:f3:ee:5f:94:0a:81:06:ed:33:64:2e:8e:
                    1f:ed:c3:1c:db:39:22:ba:56:32:45:19:6e:b7:f7:
                    e8:59:82:7f:16:1a:00:1e:f3:d0:a5:e5:30:bf:03:
                    32:12:d3:c0:68:24:34:0c:1f:b1:18:f1:64:39:e1:
                    03:93:47:20:0e:96:ea:cb:f8:1b:d7:c0:d9:1f:f4:
                    1f:13:15:76:ec:95:33:d4:9a:29:3c:30:ff:d3:63:
                    b1:4b:c3:01:91:f0:eb:53:96:2c:7d:7a:67:5b:e4:
                    a0:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:CF:6A:02:D0:EC:AC:9D:CB:8E:76:DA:C3:FB:8B:D0:90:2E:13:4C
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/6M9qAtDsrJ3Ljnbaw_uL0JAuE0w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.71.0/24
                  163.5.110.0/23
                  163.5.126.0/24
                  163.5.128.0/24
                  163.5.165.0/24
                  163.5.232.0/24
                  163.5.250.0/24
                  163.5.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         61:96:49:21:33:5a:30:89:66:e9:64:af:58:91:8c:d3:4a:ba:
         9e:30:5c:87:40:60:0c:33:33:a4:ff:d9:d9:e0:71:62:5c:45:
         35:f1:e5:3e:2a:4b:8a:ac:c6:2b:1b:a3:b5:8e:85:80:4a:9b:
         1c:a8:dd:23:01:f0:91:79:5d:d8:2b:96:b3:eb:14:ee:59:64:
         c5:c7:3f:77:63:6e:f6:3f:87:ff:cb:0d:a3:43:6a:23:ef:2f:
         7a:6f:5d:eb:cb:0d:1f:37:82:b0:94:d2:9d:4b:f2:47:aa:ca:
         8e:71:76:11:02:0f:e6:f3:06:47:a0:12:82:8b:fa:4a:4a:bb:
         50:15:0e:2c:91:00:e3:13:94:d4:ec:f1:49:61:5d:39:0d:f7:
         59:16:8d:82:4e:3f:f7:13:70:03:fd:82:0d:0a:da:d1:e7:83:
         6d:d7:2a:7f:89:80:56:2c:8f:d7:8b:b1:06:1d:48:69:56:48:
         0f:54:71:87:25:d8:5d:74:2f:0a:e0:60:ee:89:97:36:a6:7d:
         5e:f9:19:77:dc:b0:49:49:96:f9:d6:8e:4a:8b:47:c8:4c:a3:
         9e:54:d3:ab:81:a4:16:cb:84:84:ba:93:0c:d0:84:92:2b:11:
         6a:ac:62:b7:29:3e:d0:3b:90:96:07:41:3d:41:1e:75:40:d7:
         08:4c:94:5f
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYU+7pkG9xCiQ9Br4N5JIhVwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMjIzMTIyMTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGNmNmEwMmQwZWNhYzlkY2I4ZTc2ZGFjM2ZiOGJkMDkwMmUxMzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkaalCqjmJcR8NbrT4MwwtehdgDr
YpqlJaVr7RH0mU08vxC5y6KDNkzIuI+QAgKg3d3oPRmbyuSNT/quR4HGZwfPnzDT
6Nv2irgMrsmbcVKsyq1iolDiKbJRQbg1RXh6f7SMA8rV9OZ2jzriPdxEPZIXE7sq
NxZYqz0pUI3GffKvOrl58gnjnKyAW7sRuRvyen3UYaNMkzXz7l+UCoEG7TNkLo4f
7cMc2zkiulYyRRlut/foWYJ/FhoAHvPQpeUwvwMyEtPAaCQ0DB+xGPFkOeEDk0cg
Dpbqy/gb18DZH/QfExV27JUz1JopPDD/02OxS8MBkfDrU5YsfXpnW+SgXwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOjPagLQ7Kydy4522sP7i9CQLhNMMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvNk05cUF0RHNySjNMam5iYXdfdUwwSkF1RTB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAowVHAwQB
owVuAwQAowV+AwQAowWAAwQAowWlAwQAowXoAwQAowX6AwQAowX9MA0GCSqGSIb3
DQEBCwUAA4IBAQBhlkkhM1owiWbpZK9YkYzTSrqeMFyHQGAMMzOk/9nZ4HFiXEU1
8eU+KkuKrMYrG6O1joWASpscqN0jAfCReV3YK5az6xTuWWTFxz93Y272P4f/yw2j
Q2oj7y96b13ryw0fN4KwlNKdS/JHqsqOcXYRAg/m8wZHoBKCi/pKSrtQFQ4skQDj
E5TU7PFJYV05DfdZFo2CTj/3E3AD/YINCtrR54Nt1yp/iYBWLI/Xi7EGHUhpVkgP
VHGHJdhddC8K4GDuiZc2pn1e+Rl33LBJSZb51o5Ki0fITKOeVNOrgaQWy4SEupMM
0ISSKxFqrGK3KT7QO5CWB0E9QR51QNcITJRf
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:28 2024 by rpki-client on console-ams.rpki-client.org