Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/IIEJFo7_MKOkYXdX3KTBUa6z-Mw.roa
File:                     IIEJFo7_MKOkYXdX3KTBUa6z-Mw.roa (raw, json)
Hash identifier:          YrC1EUeCg4XW4fFDyoTkBALQvnLOvBS+yI2HVn8vbCE=
Subject key identifier:   20:81:09:16:8E:FF:30:A3:A4:61:77:57:DC:A4:C1:51:AE:B3:F8:CC
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0183EA855EF25F67F691E8228839DA122823
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/IIEJFo7_MKOkYXdX3KTBUa6z-Mw.roa
Signing time:             Tue 18 Oct 2022 09:55:52 +0000
ROA not before:           Tue 18 Oct 2022 09:55:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212609
IP address blocks:        163.5.252.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:ea:85:5e:f2:5f:67:f6:91:e8:22:88:39:da:12:28:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Oct 18 09:55:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=208109168eff30a3a4617757dca4c151aeb3f8cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:82:9f:84:ca:fb:ab:b8:fb:a0:88:d2:5f:7c:
                    f3:95:a6:2e:46:f8:44:69:ad:68:28:63:97:cf:b6:
                    09:d4:41:f2:ba:d7:63:f0:94:3d:a9:12:53:34:cc:
                    e2:fb:85:b1:3a:b7:90:1f:c5:14:e6:ac:b3:e0:fa:
                    97:12:a1:ea:4a:ca:ed:ef:65:97:5a:e5:05:5a:b7:
                    fa:c5:ca:bc:2a:23:59:55:47:04:86:6f:26:b4:dc:
                    c5:22:6f:93:42:c1:47:9f:fc:76:29:c7:54:f9:37:
                    b2:8f:a4:8f:ef:56:5f:a1:8d:b4:74:e3:1b:57:d9:
                    9a:fc:99:1e:ba:ed:9c:eb:0c:50:94:92:da:d8:62:
                    1c:a2:f7:94:a6:aa:fd:14:8f:a9:1a:ec:6e:c9:b3:
                    61:d0:3f:4f:dc:b6:70:1a:69:b3:72:50:95:f7:cf:
                    bc:aa:9b:48:b3:1b:ab:1c:03:1c:20:2d:8b:61:7b:
                    12:6e:69:c0:de:89:35:a2:29:9f:aa:e7:f3:6c:df:
                    47:bc:72:40:28:3d:c1:dc:45:31:91:be:22:9e:2e:
                    bb:49:99:b9:4b:f1:d8:23:31:67:3f:09:84:52:bb:
                    45:bb:78:c5:5e:77:35:48:ae:77:32:b1:fb:65:3e:
                    e3:6f:e0:d5:6e:8e:8d:39:ca:d9:e6:dc:28:30:8b:
                    2c:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:81:09:16:8E:FF:30:A3:A4:61:77:57:DC:A4:C1:51:AE:B3:F8:CC
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/IIEJFo7_MKOkYXdX3KTBUa6z-Mw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.252.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:69:d6:28:f6:8c:28:79:10:29:76:7a:dc:d5:a9:25:e4:f6:
         80:86:ff:88:28:16:fb:f3:32:c3:ef:49:ad:b7:d3:b2:2a:3d:
         6e:65:aa:20:2f:8b:be:c6:e0:fa:8a:5f:93:12:45:01:c6:f3:
         96:9b:22:ff:f6:42:7c:10:2d:ac:0e:e3:d2:4c:60:ee:20:1f:
         23:85:df:1c:c5:4b:f2:62:dc:20:de:13:6f:68:c5:1a:e0:cc:
         04:ee:fa:ea:fa:75:5c:0c:ea:b0:46:34:99:54:5e:b6:da:07:
         e1:ae:cf:71:ae:90:d0:c8:53:be:e6:99:db:e7:6e:15:02:7d:
         3d:89:28:d8:f2:fb:2e:71:00:64:73:f9:44:11:09:41:04:cc:
         94:e4:39:b6:ab:cd:e9:6f:31:c5:29:03:aa:b1:28:95:dc:1b:
         1a:e7:b8:21:bf:0f:61:f3:79:36:26:6b:db:0e:77:02:7c:63:
         87:3d:9a:67:a2:75:40:33:37:4e:99:99:6f:9b:f7:1e:b9:d6:
         4d:11:0a:ff:83:9d:69:b2:d1:66:33:32:a6:f4:d1:52:17:29:
         d8:22:6d:52:46:1f:db:24:14:5f:39:f5:f4:2c:b5:2f:20:dd:
         c4:a8:bb:76:24:a6:4a:ba:77:0e:1e:0d:55:b0:24:29:01:0c:
         63:d6:00:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPqhV7yX2f2kegiiDnaEigjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMDE4MDk1NTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDgxMDkxNjhlZmYzMGEzYTQ2MTc3NTdkY2E0YzE1MWFlYjNmOGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoKfhMr7q7j7oIjSX3zzlaYuRvhE
aa1oKGOXz7YJ1EHyutdj8JQ9qRJTNMzi+4WxOreQH8UU5qyz4PqXEqHqSsrt72WX
WuUFWrf6xcq8KiNZVUcEhm8mtNzFIm+TQsFHn/x2KcdU+Teyj6SP71ZfoY20dOMb
V9ma/Jkeuu2c6wxQlJLa2GIcoveUpqr9FI+pGuxuybNh0D9P3LZwGmmzclCV98+8
qptIsxurHAMcIC2LYXsSbmnA3ok1oimfqufzbN9HvHJAKD3B3EUxkb4ini67SZm5
S/HYIzFnPwmEUrtFu3jFXnc1SK53MrH7ZT7jb+DVbo6NOcrZ5twoMIssBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCCBCRaO/zCjpGF3V9ykwVGus/jMMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvSUlFSkZvN19NS09rWVhkWDNLVEJVYTZ6LU13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowX8MA0G
CSqGSIb3DQEBCwUAA4IBAQB7adYo9owoeRApdnrc1akl5PaAhv+IKBb78zLD70mt
t9OyKj1uZaogL4u+xuD6il+TEkUBxvOWmyL/9kJ8EC2sDuPSTGDuIB8jhd8cxUvy
Ytwg3hNvaMUa4MwE7vrq+nVcDOqwRjSZVF622gfhrs9xrpDQyFO+5pnb524VAn09
iSjY8vsucQBkc/lEEQlBBMyU5Dm2q83pbzHFKQOqsSiV3Bsa57ghvw9h83k2Jmvb
DncCfGOHPZpnonVAMzdOmZlvm/ceudZNEQr/g51pstFmMzKm9NFSFynYIm1SRh/b
JBRfOfX0LLUvIN3EqLt2JKZKuncOHg1VsCQpAQxj1gAQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:04 2024 by rpki-client on console-fra.rpki-client.org