Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/J_LGMxogBYE3IRvbpGrQS0euSgo.roa
File:                     J_LGMxogBYE3IRvbpGrQS0euSgo.roa (raw, json)
Hash identifier:          GPw2ZNiT5mp/J/wGtXdInQRUuxvug2/I1lfQ/h7whIY=
Subject key identifier:   27:F2:C6:33:1A:20:05:81:37:21:1B:DB:A4:6A:D0:4B:47:AE:4A:0A
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018569434BBDCE4E3823ABB1C2614BA21A71
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/J_LGMxogBYE3IRvbpGrQS0euSgo.roa
Signing time:             Sat 31 Dec 2022 17:38:15 +0000
ROA not before:           Sat 31 Dec 2022 17:38:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211237
IP address blocks:        163.5.186.0/24 maxlen: 24
                          163.5.95.0/24 maxlen: 24
                          163.5.94.0/24 maxlen: 24
                          163.5.112.0/24 maxlen: 24
                          163.5.113.0/24 maxlen: 24
                          163.5.116.0/24 maxlen: 24
                          163.5.135.0/24 maxlen: 24
                          163.5.32.0/24 maxlen: 24
                          163.5.142.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:69:43:4b:bd:ce:4e:38:23:ab:b1:c2:61:4b:a2:1a:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Dec 31 17:38:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=27f2c6331a20058137211bdba46ad04b47ae4a0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:35:1e:a1:9a:57:a7:ff:50:f4:94:40:a3:c3:
                    dc:94:d2:3d:d5:4c:6a:00:32:b6:a8:39:eb:67:20:
                    a6:bc:f4:03:01:b7:34:71:47:a8:86:0e:a2:ae:c7:
                    8b:d0:78:b7:4a:ee:c1:c3:47:5c:25:08:5f:d1:d5:
                    fd:d0:ab:31:9a:23:57:86:24:39:0f:b7:90:2f:0a:
                    b7:4a:88:c9:7f:40:6b:dd:d7:c7:6a:49:8b:59:01:
                    14:08:c0:2b:5d:02:86:a1:93:30:93:e2:07:29:e3:
                    08:8e:8d:01:c4:7a:0e:ce:73:3e:1b:47:06:4b:ca:
                    ee:10:ef:98:b3:d3:54:ae:06:5a:26:3d:ba:0d:db:
                    38:95:5f:29:a5:1e:1d:b9:08:b6:c8:19:0c:bd:98:
                    88:6c:3b:0f:e4:dd:19:29:52:58:0b:1b:7a:22:02:
                    73:a8:61:02:fb:e6:c8:14:25:57:63:8a:6a:0e:87:
                    e2:3f:3a:71:44:0b:7f:0c:ed:29:3e:ae:5f:cd:8c:
                    80:06:44:31:01:77:76:63:12:cf:d4:da:25:d9:2b:
                    e4:6c:7c:1a:38:84:fe:2d:76:12:a0:29:18:da:d4:
                    3a:7f:a9:00:37:2b:9a:0a:67:2e:98:21:aa:0f:0a:
                    0d:85:6b:af:72:25:22:c7:9d:af:25:cc:f9:3b:e2:
                    c1:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:F2:C6:33:1A:20:05:81:37:21:1B:DB:A4:6A:D0:4B:47:AE:4A:0A
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/J_LGMxogBYE3IRvbpGrQS0euSgo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.32.0/24
                  163.5.94.0/23
                  163.5.112.0/23
                  163.5.116.0/24
                  163.5.135.0/24
                  163.5.142.0/24
                  163.5.186.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:7e:70:99:59:3c:1c:11:7a:5e:7f:01:11:4b:85:f3:a2:fe:
         32:cf:5f:7d:29:94:1d:84:ef:58:51:4a:d2:f8:8e:1b:5c:a4:
         05:8e:c6:36:c2:7d:39:83:f8:de:a1:50:57:96:60:89:4a:e5:
         cd:c6:91:a5:61:26:a0:6d:26:be:01:9e:47:02:47:00:f0:3a:
         c6:13:aa:c3:b8:55:5e:63:e6:d8:68:05:14:d3:17:9d:61:35:
         8b:94:9a:b4:d9:ec:0a:85:48:a4:c2:32:8b:65:af:69:e9:be:
         5e:6f:95:bd:26:db:4f:3d:d8:fd:56:be:ea:24:66:4f:69:0f:
         32:eb:d1:2e:b5:3c:7c:3a:f4:3f:be:2e:39:ed:0e:2c:35:33:
         6c:9c:12:be:65:f7:8e:73:47:85:4e:cc:e5:2a:89:82:fc:32:
         49:20:50:d0:50:a1:bd:77:e2:4e:68:fd:c0:74:b2:57:34:b0:
         ae:e2:c7:0c:ec:1f:32:e3:fc:9b:75:9c:77:6c:9f:57:c5:56:
         b2:28:a8:22:69:03:b9:ca:6f:6d:76:a6:52:f1:10:ac:59:81:
         ba:5d:38:19:52:02:7e:30:99:bb:1f:09:6c:ba:b2:cc:62:f6:
         56:0c:0d:61:69:f1:37:c0:cb:6e:57:b8:72:bf:d6:73:90:92:
         d0:69:b3:f3
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVpQ0u9zk44I6uxwmFLohpxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMjMxMTczODE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2YyYzYzMzFhMjAwNTgxMzcyMTFiZGJhNDZhZDA0YjQ3YWU0YTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTUeoZpXp/9Q9JRAo8PclNI91Uxq
ADK2qDnrZyCmvPQDAbc0cUeohg6irseL0Hi3Su7Bw0dcJQhf0dX90KsxmiNXhiQ5
D7eQLwq3SojJf0Br3dfHakmLWQEUCMArXQKGoZMwk+IHKeMIjo0BxHoOznM+G0cG
S8ruEO+Ys9NUrgZaJj26Dds4lV8ppR4duQi2yBkMvZiIbDsP5N0ZKVJYCxt6IgJz
qGEC++bIFCVXY4pqDofiPzpxRAt/DO0pPq5fzYyABkQxAXd2YxLP1Nol2SvkbHwa
OIT+LXYSoCkY2tQ6f6kANyuaCmcumCGqDwoNhWuvciUix52vJcz5O+LBzQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCfyxjMaIAWBNyEb26Rq0EtHrkoKMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvSl9MR014b2dCWUUzSVJ2YnBHclFTMGV1U2dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAowUgAwQB
owVeAwQBowVwAwQAowV0AwQAowWHAwQAowWOAwQAowW6MA0GCSqGSIb3DQEBCwUA
A4IBAQAJfnCZWTwcEXpefwERS4Xzov4yz199KZQdhO9YUUrS+I4bXKQFjsY2wn05
g/jeoVBXlmCJSuXNxpGlYSagbSa+AZ5HAkcA8DrGE6rDuFVeY+bYaAUU0xedYTWL
lJq02ewKhUikwjKLZa9p6b5eb5W9JttPPdj9Vr7qJGZPaQ8y69EutTx8OvQ/vi45
7Q4sNTNsnBK+ZfeOc0eFTszlKomC/DJJIFDQUKG9d+JOaP3AdLJXNLCu4scM7B8y
4/ybdZx3bJ9XxVayKKgiaQO5ym9tdqZS8RCsWYG6XTgZUgJ+MJm7HwlsurLMYvZW
DA1hafE3wMtuV7hyv9ZzkJLQabPz
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:30 2024 by rpki-client on console-ams.rpki-client.org