Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/9gaFQgv88AAbN1Tfom302z5_Ecw.roa
File:                     9gaFQgv88AAbN1Tfom302z5_Ecw.roa (raw, json)
Hash identifier:          V4/EaXeDXBzztF0iKm2O73J+c2Nl1d3cBzFf2xYSVLE=
Subject key identifier:   F6:06:85:42:0B:FC:F0:00:1B:37:54:DF:A2:6D:F4:DB:3E:7F:11:CC
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0182DAAC288CBC53506794876DEE7E93A195
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/9gaFQgv88AAbN1Tfom302z5_Ecw.roa
Signing time:             Fri 26 Aug 2022 15:01:31 +0000
ROA not before:           Fri 26 Aug 2022 15:01:31 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     30823
IP address blocks:        163.5.236.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:da:ac:28:8c:bc:53:50:67:94:87:6d:ee:7e:93:a1:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Aug 26 15:01:31 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f60685420bfcf0001b3754dfa26df4db3e7f11cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:3e:5f:b4:ce:88:8a:55:b9:c5:33:07:9c:9f:
                    2c:5d:aa:06:fa:94:c5:55:2b:66:73:23:92:c1:8e:
                    e3:99:c9:2e:91:a4:f4:43:90:5b:3d:92:08:21:a9:
                    c7:46:a9:7c:db:3a:79:48:f9:49:94:c5:88:1b:8f:
                    57:a1:29:43:f3:f4:09:5d:ac:b2:e1:1a:36:c6:d0:
                    77:aa:e8:ed:a9:03:ef:41:f5:a5:9f:06:07:da:6b:
                    47:78:8d:89:ea:42:e7:96:e8:ca:3e:59:17:85:b8:
                    87:94:4a:10:a3:15:bd:22:8e:b9:a9:90:f8:00:be:
                    3a:e6:45:0e:3d:ee:c1:a3:1e:78:84:c1:72:a7:2a:
                    f1:7d:78:ea:57:a8:d8:a5:0e:ef:67:a5:a5:b0:36:
                    8b:d4:08:38:95:13:18:dd:26:a2:8b:d2:d3:ff:b4:
                    87:7d:65:48:b8:e0:12:da:1a:03:f4:9f:8f:f0:0c:
                    1e:09:12:19:3a:7e:31:aa:61:2c:b6:0a:91:0a:01:
                    32:0a:94:71:6d:09:e1:8b:e5:34:6f:7d:fa:2c:29:
                    70:92:d1:97:5c:04:0b:71:aa:15:fb:46:2c:34:27:
                    24:2b:07:cc:3c:fa:65:69:a4:0e:5a:fd:20:25:20:
                    53:3e:73:a5:a9:fe:06:5f:7b:91:5e:be:34:2e:38:
                    6f:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:06:85:42:0B:FC:F0:00:1B:37:54:DF:A2:6D:F4:DB:3E:7F:11:CC
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/9gaFQgv88AAbN1Tfom302z5_Ecw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.236.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:a9:c4:d0:c5:36:13:1f:cf:0f:bc:bf:de:12:fc:55:14:ac:
         48:dd:1a:8c:d0:f1:f9:73:fd:97:4b:a6:e0:3b:30:6d:5a:d0:
         6a:8d:e1:33:2d:3b:7f:7b:7e:58:7d:b4:4b:d5:84:21:fd:66:
         2e:5e:44:03:6f:87:4c:41:74:27:4c:3e:1e:3d:67:05:06:73:
         02:f5:a5:52:20:89:29:ca:2e:e2:a1:ff:0c:52:66:9f:17:49:
         71:90:d8:cb:65:a2:55:fa:dc:cb:92:2e:a9:fc:af:c9:c3:1c:
         d9:55:59:ae:90:e5:26:ef:7f:2f:ec:55:39:2e:28:64:d2:b7:
         26:40:d2:66:3f:22:2d:4c:bc:5b:46:9f:e0:7b:03:a1:04:cc:
         7e:c6:80:a0:ee:2e:cb:f4:c5:c1:e8:a4:ae:40:48:83:c8:73:
         9f:16:38:68:98:58:43:ed:ec:18:61:99:fe:5c:0a:26:34:cd:
         50:e3:b1:0a:54:b7:87:c9:9a:8b:7f:0c:f8:52:d2:a5:64:04:
         ab:9b:e7:1f:af:ef:bb:0c:ea:db:7d:e6:4c:78:fa:8b:80:15:
         e6:af:6b:28:11:05:f4:72:37:c1:74:d5:3e:9a:7b:7c:85:d3:
         eb:62:90:1b:64:4d:84:6f:10:75:1b:44:cc:67:3c:30:c3:a3:
         c6:72:d5:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLarCiMvFNQZ5SHbe5+k6GVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwODI2MTUwMTMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjA2ODU0MjBiZmNmMDAwMWIzNzU0ZGZhMjZkZjRkYjNlN2YxMWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6z5ftM6IilW5xTMHnJ8sXaoG+pTF
VStmcyOSwY7jmckukaT0Q5BbPZIIIanHRql82zp5SPlJlMWIG49XoSlD8/QJXayy
4Ro2xtB3qujtqQPvQfWlnwYH2mtHeI2J6kLnlujKPlkXhbiHlEoQoxW9Io65qZD4
AL465kUOPe7Box54hMFypyrxfXjqV6jYpQ7vZ6WlsDaL1Ag4lRMY3Saii9LT/7SH
fWVIuOAS2hoD9J+P8AweCRIZOn4xqmEstgqRCgEyCpRxbQnhi+U0b336LClwktGX
XAQLcaoV+0YsNCckKwfMPPplaaQOWv0gJSBTPnOlqf4GX3uRXr40LjhvGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPYGhUIL/PAAGzdU36Jt9Ns+fxHMMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvOWdhRlFndjg4QUFiTjFUZm9tMzAyejVfRWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowXsMA0G
CSqGSIb3DQEBCwUAA4IBAQCiqcTQxTYTH88PvL/eEvxVFKxI3RqM0PH5c/2XS6bg
OzBtWtBqjeEzLTt/e35YfbRL1YQh/WYuXkQDb4dMQXQnTD4ePWcFBnMC9aVSIIkp
yi7iof8MUmafF0lxkNjLZaJV+tzLki6p/K/JwxzZVVmukOUm738v7FU5Lihk0rcm
QNJmPyItTLxbRp/gewOhBMx+xoCg7i7L9MXB6KSuQEiDyHOfFjhomFhD7ewYYZn+
XAomNM1Q47EKVLeHyZqLfwz4UtKlZASrm+cfr++7DOrbfeZMePqLgBXmr2soEQX0
cjfBdNU+mnt8hdPrYpAbZE2EbxB1G0TMZzwww6PGctUp
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:29 2024 by rpki-client on console-ams.rpki-client.org