Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DGEUu9LE6eyXri_AmhoCf8h5RhQ.roa
File:                     DGEUu9LE6eyXri_AmhoCf8h5RhQ.roa (raw, json)
Hash identifier:          +s5ZTR0zhMszNtnVhexbwKFSIwxyG7lijkh2QKIwmKY=
Subject key identifier:   0C:61:14:BB:D2:C4:E9:EC:97:AE:2F:C0:9A:1A:02:7F:C8:79:46:14
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0182269A5074AC8869E9CDA478D5A11C9DA3
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DGEUu9LE6eyXri_AmhoCf8h5RhQ.roa
Signing time:             Fri 22 Jul 2022 15:50:23 +0000
ROA not before:           Fri 22 Jul 2022 15:50:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     398343
IP address blocks:        163.5.151.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:26:9a:50:74:ac:88:69:e9:cd:a4:78:d5:a1:1c:9d:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jul 22 15:50:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0c6114bbd2c4e9ec97ae2fc09a1a027fc8794614
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:d9:fa:87:12:b0:d9:f0:c7:f7:a3:fb:7a:93:
                    8d:60:b0:52:ff:eb:62:cb:c7:9a:7f:2d:40:76:62:
                    2c:8f:2e:bd:b8:d8:2e:5a:13:10:64:9b:57:d0:92:
                    7a:4d:54:da:8d:f1:7b:39:b2:58:17:8f:00:69:e7:
                    48:c6:a1:73:a2:4a:ae:12:f8:c8:d0:3b:ce:ed:09:
                    12:29:05:a6:e1:75:21:88:fc:2b:33:ed:6f:5b:e4:
                    42:78:69:09:8b:83:1f:61:d5:5a:41:83:26:65:99:
                    d4:03:8e:a9:d9:f4:7c:a9:98:ad:e8:69:68:e6:25:
                    b1:d5:51:25:7d:19:55:25:9d:12:d7:87:f5:8e:2d:
                    ff:78:ee:d4:b0:e3:92:2b:ee:63:f6:c5:ad:01:86:
                    7a:9d:01:a2:01:ed:3d:9e:ed:3f:90:49:9f:6c:45:
                    f4:e7:b5:22:c1:df:15:e4:54:a3:8e:ee:ba:03:fa:
                    5f:9c:24:e6:73:49:1d:e8:a6:2c:34:85:0e:ad:24:
                    7c:2b:0d:c7:f5:74:6d:9b:66:4c:ac:2e:00:62:c5:
                    d4:04:92:c9:a5:fa:a2:61:d4:85:13:b4:8e:db:b1:
                    53:e9:f4:19:ec:fe:7a:3c:ed:87:72:e4:07:b9:9f:
                    38:1f:27:28:c5:2e:6c:ec:31:1a:76:9e:16:a2:84:
                    50:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:61:14:BB:D2:C4:E9:EC:97:AE:2F:C0:9A:1A:02:7F:C8:79:46:14
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DGEUu9LE6eyXri_AmhoCf8h5RhQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.151.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:34:c7:9c:7a:8b:53:eb:89:f3:27:7d:37:ba:6c:f9:d0:90:
         4d:25:b6:87:ca:ad:0c:55:57:97:d9:83:28:61:7a:95:0b:f8:
         22:08:4d:dc:f7:ba:fc:56:1a:4b:82:22:06:28:b5:6c:49:fd:
         6b:f2:a0:76:ab:c6:ce:7d:33:c9:b3:95:4c:ab:4f:f6:ff:1c:
         e9:ce:ef:83:09:c7:f9:ce:ef:12:60:dd:4b:6c:31:82:4b:89:
         e6:12:29:26:47:64:b4:ba:68:bf:99:52:4f:b7:34:f6:58:8f:
         e0:fa:a2:25:16:fe:f5:fc:9b:06:84:ac:40:04:07:a2:d3:78:
         7a:b2:da:b9:67:a1:10:93:5e:88:34:de:95:b2:76:b8:4a:21:
         8d:79:ed:9d:d4:71:1b:67:a6:97:b3:c6:58:17:e8:ac:19:f9:
         05:c8:dd:86:53:0e:3b:c8:75:f3:99:f7:b8:ec:c1:4a:83:4a:
         eb:b4:90:11:f5:1f:3f:7a:b8:86:ae:17:08:e4:79:87:2e:02:
         9e:64:82:d4:b8:0f:d2:d3:ac:18:48:fb:c7:3f:31:99:58:7c:
         d0:9d:59:67:44:2c:82:d1:0c:a7:3c:84:8c:97:20:50:3d:d6:
         21:f2:46:e3:cd:ad:e7:6d:56:9c:cb:eb:1c:62:33:28:d6:5e:
         a3:16:66:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYImmlB0rIhp6c2keNWhHJ2jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwNzIyMTU1MDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzYxMTRiYmQyYzRlOWVjOTdhZTJmYzA5YTFhMDI3ZmM4Nzk0NjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNn6hxKw2fDH96P7epONYLBS/+ti
y8eafy1AdmIsjy69uNguWhMQZJtX0JJ6TVTajfF7ObJYF48AaedIxqFzokquEvjI
0DvO7QkSKQWm4XUhiPwrM+1vW+RCeGkJi4MfYdVaQYMmZZnUA46p2fR8qZit6Glo
5iWx1VElfRlVJZ0S14f1ji3/eO7UsOOSK+5j9sWtAYZ6nQGiAe09nu0/kEmfbEX0
57Uiwd8V5FSjju66A/pfnCTmc0kd6KYsNIUOrSR8Kw3H9XRtm2ZMrC4AYsXUBJLJ
pfqiYdSFE7SO27FT6fQZ7P56PO2HcuQHuZ84HycoxS5s7DEadp4WooRQiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAxhFLvSxOnsl64vwJoaAn/IeUYUMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvREdFVXU5TEU2ZXlYcmlfQW1ob0NmOGg1UmhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowWXMA0G
CSqGSIb3DQEBCwUAA4IBAQAtNMeceotT64nzJ303umz50JBNJbaHyq0MVVeX2YMo
YXqVC/giCE3c97r8VhpLgiIGKLVsSf1r8qB2q8bOfTPJs5VMq0/2/xzpzu+DCcf5
zu8SYN1LbDGCS4nmEikmR2S0umi/mVJPtzT2WI/g+qIlFv71/JsGhKxABAei03h6
stq5Z6EQk16INN6Vsna4SiGNee2d1HEbZ6aXs8ZYF+isGfkFyN2GUw47yHXzmfe4
7MFKg0rrtJAR9R8/eriGrhcI5HmHLgKeZILUuA/S06wYSPvHPzGZWHzQnVlnRCyC
0QynPISMlyBQPdYh8kbjza3nbVacy+scYjMo1l6jFmZG
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:29 2024 by rpki-client on console-ams.rpki-client.org