Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/FuX5_ecK6BPEjhwvS6BXMRKj6eE.roa
File:                     FuX5_ecK6BPEjhwvS6BXMRKj6eE.roa (raw, json)
Hash identifier:          JT9GwbqNT4pcL685u2+eH/7WRpep77wmy5BVs6gLhxo=
Subject key identifier:   16:E5:F9:FD:E7:0A:E8:13:C4:8E:1C:2F:4B:A0:57:31:12:A3:E9:E1
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01828CC38C4FFD683D8F16427A9FEF020BFD
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/FuX5_ecK6BPEjhwvS6BXMRKj6eE.roa
Signing time:             Thu 11 Aug 2022 11:56:41 +0000
ROA not before:           Thu 11 Aug 2022 11:56:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     140947
IP address blocks:        163.5.211.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:8c:c3:8c:4f:fd:68:3d:8f:16:42:7a:9f:ef:02:0b:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Aug 11 11:56:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=16e5f9fde70ae813c48e1c2f4ba0573112a3e9e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:a2:8a:fa:67:ba:cf:c4:91:f5:30:81:04:cc:
                    80:95:c6:87:10:65:bf:b4:e3:9e:42:ac:f3:ec:5a:
                    59:6c:0f:e1:d4:80:e6:6f:86:24:11:8c:b6:db:5a:
                    61:06:cf:a0:1b:33:55:cb:18:6c:61:fc:b2:cb:96:
                    75:cd:5e:e7:c4:45:bd:3c:4a:f1:9f:cc:a8:d5:09:
                    3d:75:ae:4f:64:bb:c1:ea:23:4c:e8:87:68:fd:0c:
                    11:4e:ae:19:7b:aa:d6:1c:9e:0e:68:04:3c:64:a7:
                    03:52:e9:9a:16:3a:77:65:9a:1f:99:6f:70:c8:9c:
                    00:ee:c1:a7:05:76:ff:d4:cf:40:fd:f2:d9:2f:cf:
                    3d:89:c3:3c:e8:02:7a:8a:d3:41:68:31:41:c6:2e:
                    c9:43:28:7c:bb:b1:fd:14:71:00:87:38:1b:d2:93:
                    46:4a:8f:4e:1b:97:1c:10:92:f1:7d:54:c5:f6:00:
                    9c:8e:51:fb:2e:ab:03:9a:7e:4a:60:bd:30:7c:c7:
                    3a:7b:49:cc:07:f0:bd:02:92:f7:28:9d:ef:75:40:
                    d8:5a:2f:c2:e8:f1:93:ed:8e:8a:14:a1:c7:68:d6:
                    7e:d4:81:96:7d:40:60:67:85:6f:3c:b2:ea:32:cf:
                    7c:27:8d:f2:42:4f:cb:a9:de:71:94:cb:0b:12:d7:
                    18:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:E5:F9:FD:E7:0A:E8:13:C4:8E:1C:2F:4B:A0:57:31:12:A3:E9:E1
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/FuX5_ecK6BPEjhwvS6BXMRKj6eE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.211.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:f2:dc:31:6a:1b:dc:67:ac:a7:66:52:35:13:e4:5d:5e:73:
         15:cc:a9:74:a8:d3:b2:cc:8e:05:d4:0d:e1:0d:52:2e:ff:ae:
         0e:8f:38:82:6f:ff:ee:35:e3:38:28:dd:b5:cf:ef:2a:6e:fd:
         e3:4c:0c:ef:42:69:94:09:73:cc:8e:de:bf:e3:8e:e0:d5:e1:
         f8:9f:7a:44:74:75:2f:33:97:9a:fa:bd:85:0a:2a:3b:a2:28:
         3d:08:45:b1:76:fb:3b:a8:5d:ae:a3:d2:8f:03:ce:90:cc:47:
         ac:05:67:0c:31:5a:a9:91:e1:3e:7c:bd:32:67:5e:79:3e:ae:
         ea:c2:7e:8e:69:58:fa:e9:f2:51:09:60:83:e9:7b:bb:2a:92:
         40:b1:2a:1c:89:e7:8e:8d:fa:77:f1:47:9f:eb:8b:fe:27:1e:
         4f:9a:72:34:72:85:6e:c6:07:57:15:b0:cc:a6:da:44:99:df:
         0d:ff:8c:ae:d8:22:7e:4c:47:7f:3b:5f:c7:12:0f:8c:51:52:
         03:16:0a:c4:c7:5b:3b:68:71:a7:89:f5:bf:ad:83:0a:72:82:
         6b:b2:d4:8f:88:55:ae:4f:5e:fe:4c:23:4c:7f:c4:77:0e:4b:
         33:02:69:76:1e:ea:4c:60:8f:6c:ef:66:72:bf:2a:ee:10:a1:
         8e:fb:1c:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKMw4xP/Wg9jxZCep/vAgv9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwODExMTE1NjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmU1ZjlmZGU3MGFlODEzYzQ4ZTFjMmY0YmEwNTczMTEyYTNlOWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7KKK+me6z8SR9TCBBMyAlcaHEGW/
tOOeQqzz7FpZbA/h1IDmb4YkEYy221phBs+gGzNVyxhsYfyyy5Z1zV7nxEW9PErx
n8yo1Qk9da5PZLvB6iNM6Ido/QwRTq4Ze6rWHJ4OaAQ8ZKcDUumaFjp3ZZofmW9w
yJwA7sGnBXb/1M9A/fLZL889icM86AJ6itNBaDFBxi7JQyh8u7H9FHEAhzgb0pNG
So9OG5ccEJLxfVTF9gCcjlH7LqsDmn5KYL0wfMc6e0nMB/C9ApL3KJ3vdUDYWi/C
6PGT7Y6KFKHHaNZ+1IGWfUBgZ4VvPLLqMs98J43yQk/Lqd5xlMsLEtcYxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBbl+f3nCugTxI4cL0ugVzESo+nhMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRnVYNV9lY0s2QlBFamh3dlM2QlhNUktqNmVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowXTMA0G
CSqGSIb3DQEBCwUAA4IBAQCH8twxahvcZ6ynZlI1E+RdXnMVzKl0qNOyzI4F1A3h
DVIu/64OjziCb//uNeM4KN21z+8qbv3jTAzvQmmUCXPMjt6/447g1eH4n3pEdHUv
M5ea+r2FCio7oig9CEWxdvs7qF2uo9KPA86QzEesBWcMMVqpkeE+fL0yZ155Pq7q
wn6OaVj66fJRCWCD6Xu7KpJAsSocieeOjfp38Uef64v+Jx5PmnI0coVuxgdXFbDM
ptpEmd8N/4yu2CJ+TEd/O1/HEg+MUVIDFgrEx1s7aHGnifW/rYMKcoJrstSPiFWu
T17+TCNMf8R3DkszAml2HupMYI9s72ZyvyruEKGO+xxS
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:30 2024 by rpki-client on console-ams.rpki-client.org