Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/8SdM1ptY8evv_UnZHCx1qEFJAzM.roa
File:                     8SdM1ptY8evv_UnZHCx1qEFJAzM.roa (raw, json)
Hash identifier:          jDHLnWqU0uhpYHkqiODSERoAnBoLyFUyuRlpizaFkSw=
Subject key identifier:   F1:27:4C:D6:9B:58:F1:EB:EF:FD:49:D9:1C:2C:75:A8:41:49:03:33
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0185114C5AAA4174C84D2A95AC4AE98D8D7C
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/8SdM1ptY8evv_UnZHCx1qEFJAzM.roa
Signing time:             Wed 14 Dec 2022 15:41:34 +0000
ROA not before:           Wed 14 Dec 2022 15:41:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43043
IP address blocks:        163.5.212.0/24 maxlen: 24
                          163.5.121.0/24 maxlen: 24
                          163.5.137.0/24 maxlen: 24
                          163.5.145.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:11:4c:5a:aa:41:74:c8:4d:2a:95:ac:4a:e9:8d:8d:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Dec 14 15:41:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f1274cd69b58f1ebeffd49d91c2c75a841490333
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:ac:71:15:fc:a8:ae:97:41:b5:40:b8:ea:3f:
                    c3:64:f0:d7:76:6f:55:e7:91:fe:2c:51:ed:0f:47:
                    f1:0e:50:6e:c2:50:54:04:eb:13:a3:c5:d2:03:da:
                    f9:33:da:eb:5d:ff:7d:48:31:c0:78:3f:6b:8c:ce:
                    d1:55:bf:2a:a8:49:b5:53:82:00:42:80:ea:0a:12:
                    04:e4:63:c9:e0:61:a2:92:8b:ac:fd:98:be:31:79:
                    8c:22:32:7d:59:05:a1:66:e1:db:c0:04:71:67:d3:
                    70:8c:57:72:45:c9:79:47:e9:16:41:45:0d:fb:f6:
                    f3:1d:ca:5e:10:6b:87:c5:de:3d:ae:4a:85:0d:7d:
                    c1:9f:af:2b:55:06:2d:88:12:dd:ed:f1:90:3c:cf:
                    42:be:6f:f2:31:0b:cd:76:13:43:c4:34:9e:1d:aa:
                    2d:0c:37:56:f1:e0:ae:5d:53:d4:2f:c0:d7:2c:12:
                    ed:03:f7:35:c9:c1:7c:ab:c8:16:c3:0c:9c:dd:fc:
                    bf:02:fb:e5:b7:72:be:e8:b4:3d:51:df:77:8c:ae:
                    39:51:cb:94:3c:68:03:9a:dd:07:8c:e8:51:ae:c6:
                    74:8b:dc:71:cb:bc:7f:4e:fc:01:35:ba:b3:cf:0b:
                    c6:23:d5:61:e3:48:cf:58:b7:19:0e:f3:4f:62:11:
                    40:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:27:4C:D6:9B:58:F1:EB:EF:FD:49:D9:1C:2C:75:A8:41:49:03:33
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/8SdM1ptY8evv_UnZHCx1qEFJAzM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.121.0/24
                  163.5.137.0/24
                  163.5.145.0/24
                  163.5.212.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:4d:c2:63:c1:ba:df:cb:c0:db:fc:06:08:a5:47:42:d9:e7:
         74:c7:33:c8:e0:cb:5c:c3:73:9d:d6:f6:75:47:0f:5b:08:12:
         f4:82:b7:c0:d1:a6:75:0a:65:a4:66:2f:5e:aa:f2:1c:4b:58:
         5e:d2:36:82:f9:93:cb:b7:89:f6:5f:f1:7c:b6:1f:78:22:70:
         c7:d1:dc:11:66:8d:08:d8:b6:5d:89:77:94:ce:7a:ba:8b:35:
         e0:89:a3:84:00:1b:85:3f:3b:8a:51:39:64:52:d5:90:b1:41:
         91:1e:f0:fd:88:93:7f:20:90:a5:e9:0a:a6:45:c7:ba:a3:52:
         f9:80:3e:1c:2c:b1:9a:53:ee:06:87:ed:3d:df:a1:b4:ce:40:
         4a:95:c9:c2:1b:ea:29:90:c7:fd:ba:b3:d5:f8:d0:bc:bb:79:
         39:31:7a:c8:a5:8d:87:72:34:40:9c:af:c1:c8:fc:9e:dd:5f:
         eb:50:52:41:fb:34:bf:e2:8b:bd:19:e1:16:12:21:39:0d:72:
         f9:f6:a3:ef:45:cb:8e:3a:e5:e0:6e:7c:0b:72:77:4b:7a:0c:
         d9:ac:e4:96:9b:55:3e:7c:a1:19:01:a7:03:92:85:93:c2:b0:
         87:1a:c9:80:c6:58:7d:07:d2:78:51:89:62:f3:2e:2d:57:69:
         bc:27:9b:79
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYURTFqqQXTITSqVrErpjY18MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMjE0MTU0MTM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTI3NGNkNjliNThmMWViZWZmZDQ5ZDkxYzJjNzVhODQxNDkwMzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqxxFfyorpdBtUC46j/DZPDXdm9V
55H+LFHtD0fxDlBuwlBUBOsTo8XSA9r5M9rrXf99SDHAeD9rjM7RVb8qqEm1U4IA
QoDqChIE5GPJ4GGikous/Zi+MXmMIjJ9WQWhZuHbwARxZ9NwjFdyRcl5R+kWQUUN
+/bzHcpeEGuHxd49rkqFDX3Bn68rVQYtiBLd7fGQPM9Cvm/yMQvNdhNDxDSeHaot
DDdW8eCuXVPUL8DXLBLtA/c1ycF8q8gWwwyc3fy/Avvlt3K+6LQ9Ud93jK45UcuU
PGgDmt0HjOhRrsZ0i9xxy7x/TvwBNbqzzwvGI9Vh40jPWLcZDvNPYhFAtQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPEnTNabWPHr7/1J2RwsdahBSQMzMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvOFNkTTFwdFk4ZXZ2X1VuWkhDeDFxRUZKQXpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowV5AwQA
owWJAwQAowWRAwQAowXUMA0GCSqGSIb3DQEBCwUAA4IBAQB5TcJjwbrfy8Db/AYI
pUdC2ed0xzPI4Mtcw3Od1vZ1Rw9bCBL0grfA0aZ1CmWkZi9eqvIcS1he0jaC+ZPL
t4n2X/F8th94InDH0dwRZo0I2LZdiXeUznq6izXgiaOEABuFPzuKUTlkUtWQsUGR
HvD9iJN/IJCl6QqmRce6o1L5gD4cLLGaU+4Gh+0936G0zkBKlcnCG+opkMf9urPV
+NC8u3k5MXrIpY2HcjRAnK/ByPye3V/rUFJB+zS/4ou9GeEWEiE5DXL59qPvRcuO
OuXgbnwLcndLegzZrOSWm1U+fKEZAacDkoWTwrCHGsmAxlh9B9J4UYli8y4tV2m8
J5t5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:03 2024 by rpki-client on console-fra.rpki-client.org