Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/9ck3V5gC4zAUhOdckXCvemGSRJA.roa
File:                     9ck3V5gC4zAUhOdckXCvemGSRJA.roa (raw, json)
Hash identifier:          Sqr8gpBlTjygOOBlOkFpIRLmKkumZcW/BSlP8UMtY7U=
Subject key identifier:   F5:C9:37:57:98:02:E3:30:14:84:E7:5C:91:70:AF:7A:61:92:44:90
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0182E95576695EFDEC86DBFD35F9865F5413
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/9ck3V5gC4zAUhOdckXCvemGSRJA.roa
Signing time:             Mon 29 Aug 2022 11:21:08 +0000
ROA not before:           Mon 29 Aug 2022 11:21:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     40676
IP address blocks:        163.5.238.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:e9:55:76:69:5e:fd:ec:86:db:fd:35:f9:86:5f:54:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Aug 29 11:21:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f5c937579802e3301484e75c9170af7a61924490
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:dc:a0:11:52:fe:05:df:31:8e:fb:9b:1c:25:
                    de:ca:b9:4c:7e:14:15:fd:c4:3f:3b:83:a1:e3:d9:
                    8d:34:eb:f1:ba:e8:60:9d:89:5c:1d:7a:34:c5:a6:
                    25:1c:7a:59:1a:b1:bc:ef:0e:3e:0f:1a:dd:9d:10:
                    19:db:7a:14:6e:5e:63:0c:cd:ce:8c:75:2e:2d:06:
                    36:68:18:bc:a8:40:78:df:88:6b:52:ed:fc:d5:e7:
                    a2:4b:ee:6e:92:f4:f1:fe:43:ed:c4:8e:4f:6a:d7:
                    76:15:c6:d0:81:13:d4:11:8e:ea:79:7d:a2:c9:ee:
                    33:fb:dd:89:18:e2:51:cb:b3:5c:e7:7f:9e:09:2b:
                    12:07:c0:45:a2:69:cd:95:50:c2:96:6b:16:7f:da:
                    49:19:1b:a8:4c:39:c6:2b:e0:e3:37:da:4e:12:f3:
                    17:04:f0:60:6a:c5:bd:d2:35:18:84:6b:47:43:72:
                    e1:3a:46:39:40:d9:8d:fb:f4:ae:6f:2d:96:26:be:
                    4e:06:9f:6b:48:c2:d4:d1:31:0a:a0:37:77:ce:c8:
                    3a:b2:e2:33:d0:29:0d:2d:60:73:c2:fb:48:20:f5:
                    17:05:74:a7:33:e2:b8:14:94:6c:c3:06:36:a4:f3:
                    83:a6:a6:cf:dd:80:c3:bc:a7:cc:a3:9c:bf:2a:e7:
                    20:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:C9:37:57:98:02:E3:30:14:84:E7:5C:91:70:AF:7A:61:92:44:90
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/9ck3V5gC4zAUhOdckXCvemGSRJA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.238.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:bc:c5:22:0d:13:1b:8c:0e:33:f6:5b:ad:06:c0:20:ec:09:
         85:56:8e:93:cc:7d:53:16:4e:1e:be:e6:e1:1c:0b:10:d0:cc:
         fc:50:7a:b7:97:74:60:e4:a0:a4:36:20:2d:07:52:2a:a8:8c:
         36:74:c1:ec:de:5e:8a:9f:aa:80:3c:1e:6b:f5:a8:82:e3:61:
         e8:ef:3a:c2:72:b3:72:4e:3f:34:9a:8b:b5:30:e1:50:8e:14:
         9b:c1:de:c0:26:20:da:7b:08:0b:4d:79:a9:36:55:d1:0b:52:
         ba:18:a5:06:3c:98:07:02:d5:05:f4:90:c0:fd:0d:e1:36:f2:
         41:f1:bb:7b:d1:ab:1d:6d:ca:d4:95:d7:0b:90:3c:59:6b:62:
         04:a5:e7:54:76:a0:7e:aa:92:9a:61:d7:83:32:4b:78:31:33:
         02:29:2f:d3:71:80:44:fc:2a:dc:83:60:a7:6c:97:08:b6:13:
         76:01:52:c0:e6:ad:67:e7:4a:bb:22:96:39:13:cf:2a:20:30:
         95:56:c0:19:08:20:e0:2f:1f:d4:be:23:3c:20:3f:87:da:b5:
         b7:38:97:1f:52:a5:e0:ae:40:c5:f1:61:71:6f:23:76:34:e2:
         41:c0:93:b8:19:a0:26:0b:09:e2:82:86:cd:fd:60:e5:70:7c:
         19:09:93:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLpVXZpXv3shtv9NfmGX1QTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwODI5MTEyMTA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWM5Mzc1Nzk4MDJlMzMwMTQ4NGU3NWM5MTcwYWY3YTYxOTI0NDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNygEVL+Bd8xjvubHCXeyrlMfhQV
/cQ/O4Oh49mNNOvxuuhgnYlcHXo0xaYlHHpZGrG87w4+DxrdnRAZ23oUbl5jDM3O
jHUuLQY2aBi8qEB434hrUu381eeiS+5ukvTx/kPtxI5Patd2FcbQgRPUEY7qeX2i
ye4z+92JGOJRy7Nc53+eCSsSB8BFomnNlVDClmsWf9pJGRuoTDnGK+DjN9pOEvMX
BPBgasW90jUYhGtHQ3LhOkY5QNmN+/Suby2WJr5OBp9rSMLU0TEKoDd3zsg6suIz
0CkNLWBzwvtIIPUXBXSnM+K4FJRswwY2pPODpqbP3YDDvKfMo5y/KucgbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPXJN1eYAuMwFITnXJFwr3phkkSQMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvOWNrM1Y1Z0M0ekFVaE9kY2tYQ3ZlbUdTUkpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowXuMA0G
CSqGSIb3DQEBCwUAA4IBAQB9vMUiDRMbjA4z9lutBsAg7AmFVo6TzH1TFk4evubh
HAsQ0Mz8UHq3l3Rg5KCkNiAtB1IqqIw2dMHs3l6Kn6qAPB5r9aiC42Ho7zrCcrNy
Tj80mou1MOFQjhSbwd7AJiDaewgLTXmpNlXRC1K6GKUGPJgHAtUF9JDA/Q3hNvJB
8bt70asdbcrUldcLkDxZa2IEpedUdqB+qpKaYdeDMkt4MTMCKS/TcYBE/Crcg2Cn
bJcIthN2AVLA5q1n50q7IpY5E88qIDCVVsAZCCDgLx/UviM8ID+H2rW3OJcfUqXg
rkDF8WFxbyN2NOJBwJO4GaAmCwnigobN/WDlcHwZCZM+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:03 2024 by rpki-client on console-fra.rpki-client.org