Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TBYzr3Jk13cBFiG0ixztyX-srmw.roa
File:                     TBYzr3Jk13cBFiG0ixztyX-srmw.roa (raw, json)
Hash identifier:          GjQjuONvtxuNBCZPkqPMY/L28e0cNtdtOkAbMD8JU20=
Subject key identifier:   4C:16:33:AF:72:64:D7:77:01:16:21:B4:8B:1C:ED:C9:7F:AC:AE:6C
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0184C3957A3D6E1B69BF706A0C74134D8645
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TBYzr3Jk13cBFiG0ixztyX-srmw.roa
Signing time:             Tue 29 Nov 2022 13:31:03 +0000
ROA not before:           Tue 29 Nov 2022 13:31:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        163.5.199.0/24 maxlen: 24
                          163.5.206.0/24 maxlen: 24
                          163.5.208.0/24 maxlen: 24
                          163.5.209.0/24 maxlen: 24
                          163.5.207.0/24 maxlen: 24
                          163.5.155.0/24 maxlen: 24
                          163.5.157.0/24 maxlen: 24
                          163.5.156.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:c3:95:7a:3d:6e:1b:69:bf:70:6a:0c:74:13:4d:86:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Nov 29 13:31:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4c1633af7264d777011621b48b1cedc97facae6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:3b:c5:43:f1:94:4c:9b:94:db:a8:5f:43:e8:
                    cd:18:f5:5c:23:65:10:a5:be:07:1b:31:b7:05:29:
                    c0:f8:86:34:46:bd:4f:91:0c:93:17:15:a0:24:e8:
                    89:6d:0b:f7:04:ea:0e:f4:4b:45:c0:f8:f2:34:55:
                    58:e8:84:15:2e:f6:17:35:09:25:75:3f:37:51:7c:
                    57:f3:d7:cb:4e:47:3f:e0:9d:32:29:ff:5b:78:88:
                    f9:2b:ce:8a:e5:fb:e1:15:e4:e6:da:1b:e3:cf:48:
                    9e:1e:05:29:2a:5f:14:50:35:df:cd:10:14:73:ef:
                    bb:eb:38:18:5c:04:59:50:0e:1b:09:b4:22:8a:03:
                    84:eb:df:04:5a:ad:15:67:ef:af:75:2f:c5:ef:83:
                    17:01:86:90:5c:1e:4c:18:1e:96:a0:87:63:3c:da:
                    22:98:b8:6c:81:da:d9:d8:83:95:33:4e:7d:8a:93:
                    65:60:d0:48:00:7a:6d:ae:40:2e:60:ed:f6:06:76:
                    4c:14:c4:ba:15:d8:2a:26:0d:18:bd:e9:5c:0f:aa:
                    4e:53:5a:5b:60:6a:59:cc:e5:0e:19:f6:d0:0f:4e:
                    9c:e5:a6:bf:9d:d4:ee:cc:7a:5c:54:08:bb:00:d5:
                    07:76:55:b6:37:75:4d:8d:ae:d7:70:01:20:3a:1b:
                    35:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:16:33:AF:72:64:D7:77:01:16:21:B4:8B:1C:ED:C9:7F:AC:AE:6C
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TBYzr3Jk13cBFiG0ixztyX-srmw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.155.0-163.5.157.255
                  163.5.199.0/24
                  163.5.206.0-163.5.209.255

    Signature Algorithm: sha256WithRSAEncryption
         78:42:54:2f:99:61:09:45:fa:0b:e8:36:3e:3e:e0:f7:a3:b7:
         af:53:a7:3e:8d:2e:4e:29:6b:e7:67:0e:e9:e5:cb:d3:10:d8:
         91:eb:53:10:3d:72:ee:b2:fe:12:d1:e1:b8:11:e7:41:15:8e:
         e9:12:d5:04:55:3e:c0:0a:41:b2:8d:df:70:bd:30:36:b7:d3:
         73:36:d8:9d:2b:23:78:e6:1e:21:f7:8f:90:a0:f2:dd:07:42:
         f7:81:b1:2d:ab:7b:f2:20:95:20:de:b7:8c:6e:ca:5e:d5:a5:
         c1:3a:ce:5f:50:75:76:ec:bf:2f:8d:c0:23:3b:3c:40:b6:3a:
         8e:a8:ff:df:38:67:b1:d1:11:7f:2f:f4:5f:c3:9c:bc:b5:66:
         9a:23:03:92:b1:cd:56:51:e3:aa:71:53:00:78:5f:3f:7d:71:
         a0:79:e1:6e:5c:6d:88:ac:31:5b:7a:24:33:7a:1e:ad:9d:f1:
         da:86:97:ba:e5:24:bb:b6:d5:99:74:47:06:5d:e3:c3:6d:f5:
         20:d5:1d:35:c5:b1:18:5c:de:9d:f3:45:af:8e:ad:a6:93:e2:
         ef:ea:ed:a1:25:cb:53:e2:11:25:cd:3d:4d:2c:d0:f8:ee:af:
         2d:35:e2:d8:21:7d:e2:4d:dd:4e:60:14:95:1f:bf:f4:fd:74:
         b1:bf:89:75
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYTDlXo9bhtpv3BqDHQTTYZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMTI5MTMzMTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzE2MzNhZjcyNjRkNzc3MDExNjIxYjQ4YjFjZWRjOTdmYWNhZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjvFQ/GUTJuU26hfQ+jNGPVcI2UQ
pb4HGzG3BSnA+IY0Rr1PkQyTFxWgJOiJbQv3BOoO9EtFwPjyNFVY6IQVLvYXNQkl
dT83UXxX89fLTkc/4J0yKf9beIj5K86K5fvhFeTm2hvjz0ieHgUpKl8UUDXfzRAU
c++76zgYXARZUA4bCbQiigOE698EWq0VZ++vdS/F74MXAYaQXB5MGB6WoIdjPNoi
mLhsgdrZ2IOVM059ipNlYNBIAHptrkAuYO32BnZMFMS6FdgqJg0YvelcD6pOU1pb
YGpZzOUOGfbQD06c5aa/ndTuzHpcVAi7ANUHdlW2N3VNja7XcAEgOhs1qQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFEwWM69yZNd3ARYhtIsc7cl/rK5sMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVEJZenIzSmsxM2NCRmlHMGl4enR5WC1zcm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBACjBZsD
BAGjBZwDBACjBccwDAMEAaMFzgMEAaMF0DANBgkqhkiG9w0BAQsFAAOCAQEAeEJU
L5lhCUX6C+g2Pj7g96O3r1OnPo0uTilr52cO6eXL0xDYketTED1y7rL+EtHhuBHn
QRWO6RLVBFU+wApBso3fcL0wNrfTczbYnSsjeOYeIfePkKDy3QdC94GxLat78iCV
IN63jG7KXtWlwTrOX1B1duy/L43AIzs8QLY6jqj/3zhnsdERfy/0X8OcvLVmmiMD
krHNVlHjqnFTAHhfP31xoHnhblxtiKwxW3okM3oerZ3x2oaXuuUku7bVmXRHBl3j
w231INUdNcWxGFzenfNFr46tppPi7+rtoSXLU+IRJc09TSzQ+O6vLTXi2CF94k3d
TmAUlR+/9P10sb+JdQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:06 2024 by rpki-client on console-fra.rpki-client.org