Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/9Zus-Rv2NbODhdCz_28HApSNFuY.roa
File:                     9Zus-Rv2NbODhdCz_28HApSNFuY.roa (raw, json)
Hash identifier:          lqbIxfhWKBYJfwds+ETHVT/1J5COL1KYvccfIhxCtvg=
Subject key identifier:   F5:9B:AC:F9:1B:F6:35:B3:83:85:D0:B3:FF:6F:07:02:94:8D:16:E6
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0184CD472175D0F5F87A8D6DA6A029FB2BC7
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/9Zus-Rv2NbODhdCz_28HApSNFuY.roa
Signing time:             Thu 01 Dec 2022 10:41:41 +0000
ROA not before:           Thu 01 Dec 2022 10:41:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209260
IP address blocks:        163.5.184.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:cd:47:21:75:d0:f5:f8:7a:8d:6d:a6:a0:29:fb:2b:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Dec  1 10:41:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f59bacf91bf635b38385d0b3ff6f0702948d16e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:3a:d8:bf:96:48:65:9f:f2:26:28:ce:ab:07:
                    f6:80:e4:b8:04:84:07:0f:59:cb:16:e1:e1:7b:47:
                    8e:15:86:44:e1:4f:13:d3:6d:97:e8:a8:ba:d5:5e:
                    ed:a2:75:2c:45:1c:55:d3:d4:9e:f9:f2:ba:c8:96:
                    fe:f2:81:aa:24:70:7c:f0:c7:f2:15:3f:52:80:fc:
                    0f:cf:3a:a5:da:b6:e3:d0:2f:d3:ad:23:e5:4d:29:
                    37:f2:e9:0e:4a:c8:88:00:15:fd:40:d7:4e:db:c9:
                    e9:b5:d6:b4:2d:b6:3e:54:6f:80:bc:bf:36:3b:42:
                    8f:11:ba:65:4f:c2:1b:d4:36:48:91:58:42:39:4e:
                    b2:53:c3:76:3f:97:42:e9:7f:6f:95:64:2b:d2:52:
                    bc:6b:b2:92:89:5a:45:9e:4f:20:08:8d:77:5e:e9:
                    56:d6:7f:5e:08:fd:c5:07:a8:5e:0a:83:20:20:f1:
                    f5:25:cf:d1:c6:05:11:8f:41:f3:17:ce:74:73:e4:
                    29:b3:20:85:c7:8d:cf:19:e1:59:05:52:46:20:51:
                    89:bd:1b:08:57:19:11:09:14:dd:4b:53:9d:4c:de:
                    35:c9:e9:48:25:4b:4a:a7:b8:7d:e1:a5:df:11:d3:
                    c4:cf:4d:28:7c:a0:74:4d:47:4d:c4:75:2f:3f:20:
                    4a:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:9B:AC:F9:1B:F6:35:B3:83:85:D0:B3:FF:6F:07:02:94:8D:16:E6
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/9Zus-Rv2NbODhdCz_28HApSNFuY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.184.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:50:39:3c:10:97:ff:aa:9c:d5:27:22:4d:25:74:40:3e:73:
         51:1a:1f:6b:b3:af:3f:5c:d2:37:70:1b:a9:3b:16:bd:aa:d9:
         e9:36:6f:61:13:89:fa:df:48:3b:85:2c:31:16:da:19:bb:9b:
         ec:dd:e6:dd:85:15:44:ee:b9:2d:d3:49:1e:f5:1a:c5:4e:33:
         37:82:81:39:ce:0f:25:aa:8f:0e:94:4f:5a:de:03:87:0a:19:
         83:29:19:22:1a:b6:e9:8b:c7:bd:95:ea:4f:7a:61:b7:02:c6:
         46:23:81:d0:0c:d3:4f:d2:4b:69:f2:a8:25:32:8d:f2:16:53:
         a8:7f:1e:85:47:56:99:60:93:2c:74:16:62:d0:90:fc:5a:a3:
         5a:b6:e6:6c:02:c9:2c:48:03:2a:61:63:1f:a8:27:51:e4:f6:
         a8:58:81:fa:01:97:51:b9:d0:27:76:b4:21:17:ba:ff:e8:40:
         18:95:98:eb:6a:ef:54:07:15:30:21:24:01:47:92:b5:0c:c7:
         c0:f3:d5:d3:dc:3e:90:b6:30:9f:77:61:6a:74:b9:bb:c1:57:
         da:fb:cc:e5:bb:17:cc:17:f5:7d:0d:b7:79:c9:76:a4:70:a3:
         40:45:26:9a:35:88:d0:24:97:33:aa:68:a2:0f:51:d1:b2:d5:
         d6:74:dc:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTNRyF10PX4eo1tpqAp+yvHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMjAxMTA0MTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTliYWNmOTFiZjYzNWIzODM4NWQwYjNmZjZmMDcwMjk0OGQxNmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTrYv5ZIZZ/yJijOqwf2gOS4BIQH
D1nLFuHhe0eOFYZE4U8T022X6Ki61V7tonUsRRxV09Se+fK6yJb+8oGqJHB88Mfy
FT9SgPwPzzql2rbj0C/TrSPlTSk38ukOSsiIABX9QNdO28nptda0LbY+VG+AvL82
O0KPEbplT8Ib1DZIkVhCOU6yU8N2P5dC6X9vlWQr0lK8a7KSiVpFnk8gCI13XulW
1n9eCP3FB6heCoMgIPH1Jc/RxgURj0HzF850c+QpsyCFx43PGeFZBVJGIFGJvRsI
VxkRCRTdS1OdTN41yelIJUtKp7h94aXfEdPEz00ofKB0TUdNxHUvPyBKBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPWbrPkb9jWzg4XQs/9vBwKUjRbmMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvOVp1cy1SdjJOYk9EaGRDel8yOEhBcFNORnVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowW4MA0G
CSqGSIb3DQEBCwUAA4IBAQBrUDk8EJf/qpzVJyJNJXRAPnNRGh9rs68/XNI3cBup
Oxa9qtnpNm9hE4n630g7hSwxFtoZu5vs3ebdhRVE7rkt00ke9RrFTjM3goE5zg8l
qo8OlE9a3gOHChmDKRkiGrbpi8e9lepPemG3AsZGI4HQDNNP0ktp8qglMo3yFlOo
fx6FR1aZYJMsdBZi0JD8WqNatuZsAsksSAMqYWMfqCdR5PaoWIH6AZdRudAndrQh
F7r/6EAYlZjrau9UBxUwISQBR5K1DMfA89XT3D6QtjCfd2FqdLm7wVfa+8zluxfM
F/V9Dbd5yXakcKNARSaaNYjQJJczqmiiD1HRstXWdNzZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:03 2024 by rpki-client on console-fra.rpki-client.org