Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/N73nCStC-jqbiO7TA5_CkfJEzDs.roa
File:                     N73nCStC-jqbiO7TA5_CkfJEzDs.roa (raw, json)
Hash identifier:          ES7s4PkueexZEvvPo1MS0jNlQdrApA50LAQojbzk8b4=
Subject key identifier:   37:BD:E7:09:2B:42:FA:3A:9B:88:EE:D3:03:9F:C2:91:F2:44:CC:3B
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0182CA7EFBABE30AF5E3FD7C1320181FF527
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/N73nCStC-jqbiO7TA5_CkfJEzDs.roa
Signing time:             Tue 23 Aug 2022 11:38:15 +0000
ROA not before:           Tue 23 Aug 2022 11:38:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204843
IP address blocks:        163.5.229.0/24 maxlen: 24
                          163.5.159.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:ca:7e:fb:ab:e3:0a:f5:e3:fd:7c:13:20:18:1f:f5:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Aug 23 11:38:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=37bde7092b42fa3a9b88eed3039fc291f244cc3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:a6:dd:dc:45:58:42:f6:c8:14:ac:5a:92:16:
                    14:76:90:7f:89:1c:67:86:8d:8f:a6:07:64:0c:94:
                    a3:be:43:94:ee:20:82:c7:2d:82:7c:f1:d8:44:b1:
                    71:a3:9a:21:bd:b8:2d:20:a8:6d:78:e5:68:2a:ef:
                    52:75:0b:3b:45:2a:95:bf:71:71:6c:59:c4:cd:08:
                    ef:34:33:7f:89:98:b9:68:bc:f5:f4:5d:c9:7c:ac:
                    7e:33:7f:0e:0a:ec:b8:d1:44:87:45:c9:45:c2:40:
                    ed:70:f3:46:9f:e9:99:ce:07:b3:34:ad:b1:18:c5:
                    dc:47:f9:57:fb:31:d0:ff:4f:50:0d:b3:45:63:86:
                    a9:9a:07:5a:00:c6:d2:d0:0b:ba:1d:84:aa:88:a6:
                    95:07:70:7b:f1:ba:d8:e5:d8:ee:a7:1b:fe:e3:f7:
                    5a:60:4b:e2:4e:a5:5d:6e:26:8f:df:6d:82:6a:93:
                    93:af:69:90:e4:bc:ef:46:44:3f:15:3d:b9:aa:43:
                    1a:d0:93:22:0e:44:c0:af:c6:b3:ed:2d:52:d1:57:
                    9a:24:25:53:06:1e:58:0e:c2:70:3a:b1:27:3f:41:
                    49:78:97:c8:25:fd:d8:d8:56:3c:85:22:d6:3b:90:
                    d9:0e:e5:56:df:aa:8d:75:ea:b9:4e:8e:73:d6:81:
                    81:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:BD:E7:09:2B:42:FA:3A:9B:88:EE:D3:03:9F:C2:91:F2:44:CC:3B
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/N73nCStC-jqbiO7TA5_CkfJEzDs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.159.0/24
                  163.5.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:81:dd:95:fb:73:90:05:fc:cd:0c:99:23:ef:2f:fe:9d:ac:
         72:58:4f:af:fd:54:73:38:46:66:7c:a3:ca:a1:16:ca:5f:f9:
         5f:c1:f9:4f:a1:a9:08:75:44:91:16:5a:71:b0:6d:4d:3f:48:
         09:98:d5:4f:04:6a:c7:95:d8:19:2e:32:6c:b7:3b:86:52:f6:
         ac:29:29:12:23:2f:3b:cc:e8:3e:1b:17:4c:cd:ce:ac:7d:8e:
         65:d2:62:4d:d1:a5:b1:dd:7e:30:ba:7c:31:d8:68:9d:71:4b:
         ce:a4:8c:0a:9b:f9:86:f8:6a:02:60:bc:10:74:47:0d:25:cb:
         72:ef:b1:93:3d:c5:69:05:73:03:5b:0a:4c:8f:53:db:bf:9a:
         7b:80:48:6f:05:34:62:c5:0d:2b:15:0c:3f:f4:c4:e2:ef:94:
         62:8e:28:a6:b7:60:be:8e:40:28:f2:1d:fb:b8:cb:ee:a5:79:
         ad:82:61:5e:82:fb:5a:53:7d:8f:b8:f6:13:43:6e:41:1e:9f:
         df:00:81:23:2b:12:60:ab:b2:ab:07:0e:ea:91:48:63:06:13:
         70:16:9e:d2:36:c0:41:1a:62:7c:82:a4:4c:08:2d:35:24:8d:
         32:bf:ba:dc:58:7d:8f:a9:28:cf:bb:29:c7:5a:79:d3:75:70:
         4a:2e:e3:dd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYLKfvur4wr14/18EyAYH/UnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwODIzMTEzODE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2JkZTcwOTJiNDJmYTNhOWI4OGVlZDMwMzlmYzI5MWYyNDRjYzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKbd3EVYQvbIFKxakhYUdpB/iRxn
ho2PpgdkDJSjvkOU7iCCxy2CfPHYRLFxo5ohvbgtIKhteOVoKu9SdQs7RSqVv3Fx
bFnEzQjvNDN/iZi5aLz19F3JfKx+M38OCuy40USHRclFwkDtcPNGn+mZzgezNK2x
GMXcR/lX+zHQ/09QDbNFY4apmgdaAMbS0Au6HYSqiKaVB3B78brY5djupxv+4/da
YEviTqVdbiaP322CapOTr2mQ5LzvRkQ/FT25qkMa0JMiDkTAr8az7S1S0VeaJCVT
Bh5YDsJwOrEnP0FJeJfIJf3Y2FY8hSLWO5DZDuVW36qNdeq5To5z1oGBJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDe95wkrQvo6m4ju0wOfwpHyRMw7MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvTjczbkNTdEMtanFiaU83VEE1X0NrZkpFekRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowWfAwQA
owXlMA0GCSqGSIb3DQEBCwUAA4IBAQAggd2V+3OQBfzNDJkj7y/+naxyWE+v/VRz
OEZmfKPKoRbKX/lfwflPoakIdUSRFlpxsG1NP0gJmNVPBGrHldgZLjJstzuGUvas
KSkSIy87zOg+GxdMzc6sfY5l0mJN0aWx3X4wunwx2GidcUvOpIwKm/mG+GoCYLwQ
dEcNJcty77GTPcVpBXMDWwpMj1Pbv5p7gEhvBTRixQ0rFQw/9MTi75Rijiimt2C+
jkAo8h37uMvupXmtgmFegvtaU32PuPYTQ25BHp/fAIEjKxJgq7KrBw7qkUhjBhNw
Fp7SNsBBGmJ8gqRMCC01JI0yv7rcWH2PqSjPuynHWnnTdXBKLuPd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:05 2024 by rpki-client on console-fra.rpki-client.org