Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/EHrUfrIPSE-iFa5jklHW0betXTI.roa
File:                     EHrUfrIPSE-iFa5jklHW0betXTI.roa (raw, json)
Hash identifier:          5wUMz1cGkpRDFnwdH76DHgUhPIGTXZMr+Iqh2d55Z2w=
Subject key identifier:   10:7A:D4:7E:B2:0F:48:4F:A2:15:AE:63:92:51:D6:D1:B7:AD:5D:32
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0183561CC8CD5A00DF3FEBDC5A082B2AA14F
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/EHrUfrIPSE-iFa5jklHW0betXTI.roa
Signing time:             Mon 19 Sep 2022 14:17:50 +0000
ROA not before:           Mon 19 Sep 2022 14:17:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206092
IP address blocks:        163.5.123.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:56:1c:c8:cd:5a:00:df:3f:eb:dc:5a:08:2b:2a:a1:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Sep 19 14:17:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=107ad47eb20f484fa215ae639251d6d1b7ad5d32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:4c:8e:70:d7:03:e7:b8:10:fe:77:99:b0:cc:
                    4a:d7:20:09:1e:6e:f4:63:d0:b8:b1:df:68:f1:89:
                    af:04:21:7a:2e:c6:cb:ef:08:0e:c5:66:e0:b4:1a:
                    4e:b3:20:ad:ea:17:af:79:2a:4e:05:ff:3b:c8:dd:
                    af:a8:46:f0:84:9a:a0:96:9a:d6:88:42:4a:74:a9:
                    27:d3:5f:08:5d:cd:bf:c3:9c:cd:8a:b0:ee:a2:4f:
                    f3:89:b5:35:43:0d:e1:f3:38:11:bd:6b:8b:3d:07:
                    8c:de:ad:87:08:b1:96:c9:ba:cc:3e:40:71:e9:14:
                    89:94:6f:6f:c1:b9:2a:ae:10:20:29:14:24:95:90:
                    8f:3d:50:4f:74:91:75:7a:3f:6d:e2:f6:76:50:ea:
                    56:51:00:c1:13:82:10:80:4b:ea:cf:8f:07:c2:8e:
                    4e:74:06:41:7e:eb:d2:19:05:0b:40:6e:42:1a:4d:
                    05:52:25:40:e9:eb:2d:54:09:05:56:02:41:0a:18:
                    55:db:d2:30:fe:70:c9:a5:73:d0:6d:31:46:24:6d:
                    22:6a:c8:26:0e:75:4b:93:e0:de:01:53:d9:21:dd:
                    eb:9a:42:8c:40:fc:14:cb:6f:97:8c:61:dc:c5:89:
                    bb:e0:28:fb:be:08:30:4f:fd:44:f2:5f:9c:26:c5:
                    1e:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:7A:D4:7E:B2:0F:48:4F:A2:15:AE:63:92:51:D6:D1:B7:AD:5D:32
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/EHrUfrIPSE-iFa5jklHW0betXTI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.123.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3d:37:b3:5c:16:cd:88:6c:92:92:cd:71:f6:45:34:f2:bf:e4:
         3f:b3:5e:2a:07:ff:ef:39:b9:9e:f2:89:44:8d:dc:8a:d9:c5:
         0c:9a:23:66:09:bd:70:31:70:7f:96:74:2b:de:a0:1b:a9:0c:
         36:a7:46:dd:58:c4:7a:b3:84:4a:f5:2a:c0:ce:60:86:f5:c2:
         76:be:02:89:cf:e7:13:f3:95:06:b6:f0:49:32:df:d1:de:ea:
         64:0a:1f:ac:16:a1:0e:7a:f6:aa:86:81:38:97:ff:d4:0b:bf:
         a2:22:d8:e0:fe:f5:5c:86:7c:63:9f:65:e1:bb:f2:29:88:79:
         3c:42:98:24:07:86:38:1d:db:24:51:42:e7:2b:be:f7:9d:76:
         ec:f2:d0:ca:53:ac:41:cd:68:b9:26:83:96:d5:88:84:64:8e:
         02:5b:18:e8:66:43:c4:a2:09:b7:bf:a5:ce:6d:f8:30:d0:86:
         11:f5:44:09:fa:e7:c6:86:f4:29:42:d3:ce:d5:65:43:b0:a5:
         5c:1d:51:2c:c9:bb:25:45:a6:31:cd:b0:82:14:22:7c:c0:18:
         af:ca:45:ed:7f:35:37:b4:7e:d6:9c:6e:2b:d5:ae:d6:78:af:
         48:f7:7d:6f:91:2c:4d:77:8b:33:f7:b7:15:6b:62:91:e8:33:
         41:44:1b:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNWHMjNWgDfP+vcWggrKqFPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwOTE5MTQxNzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDdhZDQ3ZWIyMGY0ODRmYTIxNWFlNjM5MjUxZDZkMWI3YWQ1ZDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEyOcNcD57gQ/neZsMxK1yAJHm70
Y9C4sd9o8YmvBCF6LsbL7wgOxWbgtBpOsyCt6heveSpOBf87yN2vqEbwhJqglprW
iEJKdKkn018IXc2/w5zNirDuok/zibU1Qw3h8zgRvWuLPQeM3q2HCLGWybrMPkBx
6RSJlG9vwbkqrhAgKRQklZCPPVBPdJF1ej9t4vZ2UOpWUQDBE4IQgEvqz48Hwo5O
dAZBfuvSGQULQG5CGk0FUiVA6estVAkFVgJBChhV29Iw/nDJpXPQbTFGJG0iasgm
DnVLk+DeAVPZId3rmkKMQPwUy2+XjGHcxYm74Cj7vggwT/1E8l+cJsUehwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBB61H6yD0hPohWuY5JR1tG3rV0yMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRUhyVWZySVBTRS1pRmE1amtsSFcwYmV0WFRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowV7MA0G
CSqGSIb3DQEBCwUAA4IBAQA9N7NcFs2IbJKSzXH2RTTyv+Q/s14qB//vObme8olE
jdyK2cUMmiNmCb1wMXB/lnQr3qAbqQw2p0bdWMR6s4RK9SrAzmCG9cJ2vgKJz+cT
85UGtvBJMt/R3upkCh+sFqEOevaqhoE4l//UC7+iItjg/vVchnxjn2Xhu/IpiHk8
QpgkB4Y4HdskUULnK773nXbs8tDKU6xBzWi5JoOW1YiEZI4CWxjoZkPEogm3v6XO
bfgw0IYR9UQJ+ufGhvQpQtPO1WVDsKVcHVEsybslRaYxzbCCFCJ8wBivykXtfzU3
tH7WnG4r1a7WeK9I931vkSxNd4sz97cVa2KR6DNBRBsT
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:29 2024 by rpki-client on console-ams.rpki-client.org