Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TvlnyedSXnxvr__v38jdBTUBw78.roa
File:                     TvlnyedSXnxvr__v38jdBTUBw78.roa (raw, json)
Hash identifier:          Vqeqe28MMtr9yx+WwFTGQbz/d+9wtA6ar4E2D673yM0=
Subject key identifier:   4E:F9:67:C9:E7:52:5E:7C:6F:AF:FF:EF:DF:C8:DD:05:35:01:C3:BF
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01827C9DB0A85DAE00A13696636264102162
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TvlnyedSXnxvr__v38jdBTUBw78.roa
Signing time:             Mon 08 Aug 2022 08:41:25 +0000
ROA not before:           Mon 08 Aug 2022 08:41:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     24875
IP address blocks:        163.5.191.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:7c:9d:b0:a8:5d:ae:00:a1:36:96:63:62:64:10:21:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Aug  8 08:41:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4ef967c9e7525e7c6fafffefdfc8dd053501c3bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:9f:61:5f:4e:93:99:4f:f6:40:4c:21:1e:63:
                    5c:14:e3:e2:8c:fa:42:25:cf:e1:de:3a:09:b6:eb:
                    59:14:9a:f2:d5:55:c4:14:52:db:54:46:2e:c2:1d:
                    c5:f6:1d:f0:14:d1:ef:a2:93:cb:04:d0:f7:4a:0e:
                    b4:0d:1e:4a:a6:a3:a4:f4:eb:45:32:b4:fb:86:cc:
                    df:fd:82:b4:b0:ff:03:db:e1:4a:27:31:2e:a2:97:
                    8c:70:51:5f:90:4f:a0:26:0d:5f:c3:07:73:6b:e5:
                    06:e9:e1:76:27:0e:0d:5e:c4:22:04:db:03:fd:83:
                    e2:e0:37:ce:6f:28:21:b4:13:70:a0:03:8d:d0:30:
                    00:d8:7b:69:ed:9e:b1:3b:50:2d:93:4e:58:86:05:
                    ab:c5:ed:e2:a7:18:4d:45:07:94:b3:a4:12:08:0c:
                    70:45:db:e1:5f:a6:95:98:86:cb:e8:20:b6:50:09:
                    38:7b:26:7f:dd:8c:7a:ec:7e:6f:43:1a:1b:bc:6e:
                    4a:c8:40:4e:0e:a3:be:17:75:eb:51:1b:80:4a:3b:
                    52:c7:0b:c0:3e:fe:6f:94:40:88:2c:04:14:55:77:
                    fc:d4:00:98:f9:a7:cf:13:0b:c5:45:2e:10:a1:39:
                    26:11:8f:f5:e5:ca:d5:01:11:55:0e:5a:26:3f:09:
                    90:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:F9:67:C9:E7:52:5E:7C:6F:AF:FF:EF:DF:C8:DD:05:35:01:C3:BF
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TvlnyedSXnxvr__v38jdBTUBw78.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.191.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:74:9e:b1:a8:75:e9:6d:91:db:bf:95:a3:1a:36:ae:4c:a8:
         f3:db:c2:a9:57:41:32:a6:5a:67:b9:be:14:ee:a6:73:6c:41:
         15:b9:1a:00:92:3e:e2:48:84:ee:6c:39:eb:c0:22:b1:6c:81:
         a3:b7:34:9f:2d:d3:ee:a9:09:88:99:f4:53:bf:d8:c7:6e:e3:
         98:59:bb:61:80:5d:d1:9d:3c:66:32:13:8a:12:fe:00:6a:f9:
         93:42:54:4b:4a:6b:59:6a:f1:72:52:af:58:18:90:33:1c:53:
         c3:3f:23:60:f7:03:01:99:56:f6:08:f6:92:75:06:9a:8b:dd:
         60:67:a5:fb:05:5a:a1:72:61:95:3d:7e:05:86:51:de:39:27:
         6c:6a:00:6b:b5:df:79:09:33:f7:a2:43:ae:8e:dc:c8:27:91:
         39:9d:58:34:dd:c5:c4:bb:9e:56:42:6b:0a:92:11:a9:b7:d9:
         00:2a:c2:b8:c5:44:5e:91:4b:f2:3e:0e:46:72:f4:99:c2:7c:
         e5:2c:d6:a6:e6:28:13:51:b6:dc:86:2c:e0:fe:8c:23:c6:7e:
         3e:73:37:ea:d5:f5:49:70:40:7e:7f:55:79:4b:fe:53:18:7e:
         7b:26:bf:50:01:a5:8a:67:9c:87:cf:8a:41:76:d2:52:3f:4f:
         f1:5b:cb:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJ8nbCoXa4AoTaWY2JkECFiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwODA4MDg0MTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWY5NjdjOWU3NTI1ZTdjNmZhZmZmZWZkZmM4ZGQwNTM1MDFjM2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJ9hX06TmU/2QEwhHmNcFOPijPpC
Jc/h3joJtutZFJry1VXEFFLbVEYuwh3F9h3wFNHvopPLBND3Sg60DR5KpqOk9OtF
MrT7hszf/YK0sP8D2+FKJzEuopeMcFFfkE+gJg1fwwdza+UG6eF2Jw4NXsQiBNsD
/YPi4DfObyghtBNwoAON0DAA2Htp7Z6xO1Atk05YhgWrxe3ipxhNRQeUs6QSCAxw
RdvhX6aVmIbL6CC2UAk4eyZ/3Yx67H5vQxobvG5KyEBODqO+F3XrURuASjtSxwvA
Pv5vlECILAQUVXf81ACY+afPEwvFRS4QoTkmEY/15crVARFVDlomPwmQkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE75Z8nnUl58b6//79/I3QU1AcO/MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVHZsbnllZFNYbnh2cl9fdjM4amRCVFVCdzc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowW/MA0G
CSqGSIb3DQEBCwUAA4IBAQApdJ6xqHXpbZHbv5WjGjauTKjz28KpV0Eyplpnub4U
7qZzbEEVuRoAkj7iSITubDnrwCKxbIGjtzSfLdPuqQmImfRTv9jHbuOYWbthgF3R
nTxmMhOKEv4AavmTQlRLSmtZavFyUq9YGJAzHFPDPyNg9wMBmVb2CPaSdQaai91g
Z6X7BVqhcmGVPX4FhlHeOSdsagBrtd95CTP3okOujtzIJ5E5nVg03cXEu55WQmsK
khGpt9kAKsK4xURekUvyPg5GcvSZwnzlLNam5igTUbbchizg/owjxn4+czfq1fVJ
cEB+f1V5S/5TGH57Jr9QAaWKZ5yHz4pBdtJSP0/xW8s5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:06 2024 by rpki-client on console-fra.rpki-client.org