Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/S1U5AWsafdwRyNu3V8DQ5HIxUk4.roa
File:                     S1U5AWsafdwRyNu3V8DQ5HIxUk4.roa (raw, json)
Hash identifier:          zDqndPAz7tRH+KLe3UStojd5Ey61daAdP746tBpNtUY=
Subject key identifier:   4B:55:39:01:6B:1A:7D:DC:11:C8:DB:B7:57:C0:D0:E4:72:31:52:4E
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01824A22FD079D004B967622AEF3708FED39
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/S1U5AWsafdwRyNu3V8DQ5HIxUk4.roa
Signing time:             Fri 29 Jul 2022 13:26:23 +0000
ROA not before:           Fri 29 Jul 2022 13:26:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        163.5.168.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:4a:22:fd:07:9d:00:4b:96:76:22:ae:f3:70:8f:ed:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jul 29 13:26:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4b5539016b1a7ddc11c8dbb757c0d0e47231524e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:0e:83:7f:90:81:ce:91:37:26:47:50:99:cd:
                    5d:b5:26:fb:4c:ce:9a:07:4d:e4:a2:27:d1:cf:ee:
                    62:5d:a2:88:34:8a:05:fc:60:c2:d8:4f:74:1c:ee:
                    80:a2:8a:5c:d3:e0:a7:85:1b:c0:52:79:7f:e1:47:
                    0e:dd:28:4c:b2:bf:76:ec:da:dd:76:c4:3f:0d:e3:
                    d3:bf:df:ba:aa:05:87:dd:2b:ab:d3:29:29:bf:2a:
                    60:26:3f:80:98:c0:b5:82:cd:38:35:5d:ac:29:0c:
                    f9:bf:70:e2:fd:aa:64:bb:37:b0:4b:48:44:32:e8:
                    90:88:a0:00:c8:b7:04:53:13:87:3a:a0:b3:01:9e:
                    65:5a:9a:26:0b:ad:17:b0:e0:70:b6:35:ef:36:f3:
                    12:87:f9:8f:b8:d7:a9:0f:e8:c4:cc:5a:c7:d6:df:
                    76:fa:bd:b9:ca:79:32:29:d1:d7:5c:34:19:76:24:
                    65:ee:1f:8a:3a:d1:e6:dc:12:92:0a:d5:90:9b:25:
                    5d:66:b0:33:6f:f3:b5:11:19:b3:e1:86:06:d2:db:
                    d8:40:76:95:be:9d:a2:38:b7:2c:9f:26:23:dc:40:
                    6e:e1:74:9c:68:52:0a:ce:82:d1:62:d2:cf:ee:1d:
                    0c:cf:d2:58:4b:d4:f5:a2:7c:4d:4f:02:b2:1b:1f:
                    19:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:55:39:01:6B:1A:7D:DC:11:C8:DB:B7:57:C0:D0:E4:72:31:52:4E
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/S1U5AWsafdwRyNu3V8DQ5HIxUk4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.168.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:45:a2:16:0e:4d:5a:7a:b3:ae:a1:03:4e:25:3c:10:6d:1d:
         bf:9d:72:b9:04:6e:0b:ac:f1:87:8b:4d:6b:64:82:76:83:6c:
         b3:2e:6a:17:4d:22:ea:60:93:e4:c3:a0:e2:51:1b:4d:83:63:
         57:15:65:7a:c7:82:e5:e0:ee:2f:a4:39:b9:82:71:61:74:d9:
         ff:26:5d:9e:5f:bd:d4:0b:4e:45:75:df:cc:73:f0:62:ad:10:
         08:21:28:e5:04:6e:9f:37:0f:f4:43:4f:4d:68:f9:1c:fa:36:
         32:cc:96:af:06:17:ed:16:85:e3:1b:68:4d:76:ce:5e:a0:bd:
         a2:8b:a1:3e:46:5d:9a:bc:f1:6a:88:f6:26:5e:0d:c7:69:c1:
         06:84:f0:1b:de:16:7f:f4:a3:6a:b6:1c:68:c1:e0:2b:01:95:
         cf:7c:0e:56:48:6e:63:86:dc:61:c1:51:9c:36:24:38:a7:43:
         c1:7f:a4:5d:30:0b:db:a9:1b:a5:b1:3f:7f:d0:f3:ab:f8:a9:
         99:cd:42:d1:99:e4:e3:6d:8d:2b:db:c6:7c:3d:48:8f:23:89:
         0e:f6:08:40:c6:7e:72:8e:72:59:dc:7a:f7:84:38:62:80:14:
         61:e8:f5:ea:74:98:a7:a5:a1:ee:b6:b0:64:b1:df:eb:2a:0a:
         a9:e4:59:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJKIv0HnQBLlnYirvNwj+05MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwNzI5MTMyNjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjU1MzkwMTZiMWE3ZGRjMTFjOGRiYjc1N2MwZDBlNDcyMzE1MjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnw6Df5CBzpE3JkdQmc1dtSb7TM6a
B03koifRz+5iXaKINIoF/GDC2E90HO6Aoopc0+CnhRvAUnl/4UcO3ShMsr927Nrd
dsQ/DePTv9+6qgWH3Sur0ykpvypgJj+AmMC1gs04NV2sKQz5v3Di/apkuzewS0hE
MuiQiKAAyLcEUxOHOqCzAZ5lWpomC60XsOBwtjXvNvMSh/mPuNepD+jEzFrH1t92
+r25ynkyKdHXXDQZdiRl7h+KOtHm3BKSCtWQmyVdZrAzb/O1ERmz4YYG0tvYQHaV
vp2iOLcsnyYj3EBu4XScaFIKzoLRYtLP7h0Mz9JYS9T1onxNTwKyGx8ZQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEtVOQFrGn3cEcjbt1fA0ORyMVJOMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUzFVNUFXc2FmZHdSeU51M1Y4RFE1SEl4VWs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowWoMA0G
CSqGSIb3DQEBCwUAA4IBAQB3RaIWDk1aerOuoQNOJTwQbR2/nXK5BG4LrPGHi01r
ZIJ2g2yzLmoXTSLqYJPkw6DiURtNg2NXFWV6x4Ll4O4vpDm5gnFhdNn/Jl2eX73U
C05Fdd/Mc/BirRAIISjlBG6fNw/0Q09NaPkc+jYyzJavBhftFoXjG2hNds5eoL2i
i6E+Rl2avPFqiPYmXg3HacEGhPAb3hZ/9KNqthxoweArAZXPfA5WSG5jhtxhwVGc
NiQ4p0PBf6RdMAvbqRulsT9/0POr+KmZzULRmeTjbY0r28Z8PUiPI4kO9ghAxn5y
jnJZ3Hr3hDhigBRh6PXqdJinpaHutrBksd/rKgqp5Fl2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:05 2024 by rpki-client on console-fra.rpki-client.org