Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/8k0wNkvs6fAtn0CP0ZuYrg6mqBY.roa
File:                     8k0wNkvs6fAtn0CP0ZuYrg6mqBY.roa (raw, json)
Hash identifier:          sBeDdbWKgTCufSCzjhWNJtocJd7SFJHNpid4xDrfb/g=
Subject key identifier:   F2:4D:30:36:4B:EC:E9:F0:2D:9F:40:8F:D1:9B:98:AE:0E:A6:A8:16
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0182FE1A273B22B385604AB4165CC74CD17B
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/8k0wNkvs6fAtn0CP0ZuYrg6mqBY.roa
Signing time:             Fri 02 Sep 2022 12:08:22 +0000
ROA not before:           Fri 02 Sep 2022 12:08:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     398343
IP address blocks:        163.5.138.0/24 maxlen: 24
                          163.5.151.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:fe:1a:27:3b:22:b3:85:60:4a:b4:16:5c:c7:4c:d1:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Sep  2 12:08:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f24d30364bece9f02d9f408fd19b98ae0ea6a816
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:8b:a4:d2:f9:8d:63:b1:0b:22:ef:90:d8:ff:
                    06:6d:f6:69:8b:26:c8:d9:83:cc:5e:ad:7a:6b:ea:
                    e9:1e:45:3b:3f:44:3c:a0:2c:6f:9c:c1:86:21:cc:
                    a6:bd:2a:f7:9d:f9:d8:07:35:02:5c:cd:ec:93:bd:
                    8e:3a:e6:0f:a6:6b:c3:ed:2a:3a:20:1e:3b:ac:bd:
                    07:bf:d4:47:2f:69:1f:2c:4c:5b:4b:bc:00:44:69:
                    78:ce:b0:ad:2b:51:35:7d:6c:e5:14:0d:60:89:f5:
                    a1:87:33:84:b1:37:bb:db:1a:c1:81:25:86:de:92:
                    0b:e9:44:68:50:11:a5:45:a5:21:76:ed:27:07:8f:
                    0a:b9:9f:8b:82:72:1f:a2:9e:be:c1:48:62:a8:a3:
                    43:f4:be:39:af:7f:b1:b2:e2:12:8f:cf:2c:e8:1a:
                    29:71:09:ec:c6:f8:5f:03:e8:f3:0d:2d:bf:72:51:
                    13:b2:8a:6c:2f:b7:ed:ac:8a:41:bc:40:48:e9:d6:
                    2f:8b:e1:22:f2:56:dc:75:d0:c8:09:13:ed:7f:54:
                    ad:e4:18:a9:80:90:d0:b8:c2:aa:60:bc:21:1a:d8:
                    12:b1:cc:be:be:cf:bd:45:44:70:6c:b1:c1:04:e1:
                    67:48:9a:fc:f5:b1:a0:7e:99:34:f9:46:b1:f7:8c:
                    a0:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:4D:30:36:4B:EC:E9:F0:2D:9F:40:8F:D1:9B:98:AE:0E:A6:A8:16
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/8k0wNkvs6fAtn0CP0ZuYrg6mqBY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.138.0/24
                  163.5.151.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:38:6e:5f:2f:00:68:4f:ab:9f:dc:14:a9:b1:f6:f5:d3:14:
         a2:74:b2:b1:ab:b3:76:3d:0b:b6:0a:b6:4c:26:54:e0:f9:06:
         05:88:ce:62:d9:3b:32:40:8a:2a:6b:6e:1b:bb:91:b0:aa:48:
         d3:39:6c:2d:0c:a6:ce:0a:67:47:d1:26:4a:a2:53:76:9c:40:
         5f:2d:ca:61:03:35:0b:e1:16:97:a3:68:d2:27:26:6d:02:65:
         18:08:30:34:0b:32:d6:28:0c:ec:6b:9c:83:7f:a5:1f:25:03:
         53:56:d6:81:7c:e3:ff:fe:41:22:8c:6b:d2:2e:17:ad:1c:86:
         f2:ba:0b:f5:64:3c:29:00:bc:24:f9:c3:05:34:16:9b:a8:ae:
         3a:cb:ba:02:5a:cc:a0:f8:9c:2e:f3:b6:53:7a:b4:19:4f:b4:
         e1:48:e9:a9:ed:a8:2a:74:78:16:ad:a6:46:7f:fd:2e:07:27:
         ff:26:97:41:51:18:59:a1:81:21:1e:9d:45:cb:1e:2a:df:fc:
         ee:95:c3:5b:32:ee:a6:47:98:ee:ac:b9:a8:37:bd:8e:32:c9:
         34:4b:36:7e:33:ad:90:15:e5:45:d7:b6:ea:ae:7d:07:28:2e:
         fc:ce:bc:ca:2c:e9:91:b2:3e:7e:bb:83:2d:0d:20:c2:01:c2:
         b2:92:eb:c6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYL+Gic7IrOFYEq0FlzHTNF7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwOTAyMTIwODIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjRkMzAzNjRiZWNlOWYwMmQ5ZjQwOGZkMTliOThhZTBlYTZhODE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYuk0vmNY7ELIu+Q2P8GbfZpiybI
2YPMXq16a+rpHkU7P0Q8oCxvnMGGIcymvSr3nfnYBzUCXM3sk72OOuYPpmvD7So6
IB47rL0Hv9RHL2kfLExbS7wARGl4zrCtK1E1fWzlFA1gifWhhzOEsTe72xrBgSWG
3pIL6URoUBGlRaUhdu0nB48KuZ+LgnIfop6+wUhiqKND9L45r3+xsuISj88s6Bop
cQnsxvhfA+jzDS2/clETsopsL7ftrIpBvEBI6dYvi+Ei8lbcddDICRPtf1St5Bip
gJDQuMKqYLwhGtgSscy+vs+9RURwbLHBBOFnSJr89bGgfpk0+Uax94ygHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPJNMDZL7OnwLZ9Aj9GbmK4OpqgWMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvOGswd05rdnM2ZkF0bjBDUDBadVlyZzZtcUJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowWKAwQA
owWXMA0GCSqGSIb3DQEBCwUAA4IBAQANOG5fLwBoT6uf3BSpsfb10xSidLKxq7N2
PQu2CrZMJlTg+QYFiM5i2TsyQIoqa24bu5GwqkjTOWwtDKbOCmdH0SZKolN2nEBf
LcphAzUL4RaXo2jSJyZtAmUYCDA0CzLWKAzsa5yDf6UfJQNTVtaBfOP//kEijGvS
LhetHIbyugv1ZDwpALwk+cMFNBabqK46y7oCWsyg+Jwu87ZTerQZT7ThSOmp7agq
dHgWraZGf/0uByf/JpdBURhZoYEhHp1Fyx4q3/zulcNbMu6mR5jurLmoN72OMsk0
SzZ+M62QFeVF17bqrn0HKC78zrzKLOmRsj5+u4MtDSDCAcKykuvG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:03 2024 by rpki-client on console-fra.rpki-client.org