Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Tyz50IgPjzd7vp7Cg8kJWychf_8.roa
File:                     Tyz50IgPjzd7vp7Cg8kJWychf_8.roa (raw, json)
Hash identifier:          FbFW0hxEovfKaKgRqy0LQas7lXnvNGvuA4+K9uiukmg=
Subject key identifier:   4F:2C:F9:D0:88:0F:8F:37:7B:BE:9E:C2:83:C9:09:5B:27:21:7F:FF
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0182269A4FC6746C6F252A59D9DB8BCB53BB
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Tyz50IgPjzd7vp7Cg8kJWychf_8.roa
Signing time:             Fri 22 Jul 2022 15:50:23 +0000
ROA not before:           Fri 22 Jul 2022 15:50:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207459
IP address blocks:        163.5.128.0/24 maxlen: 24
                          163.5.129.0/24 maxlen: 24
                          163.5.163.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:26:9a:4f:c6:74:6c:6f:25:2a:59:d9:db:8b:cb:53:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jul 22 15:50:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4f2cf9d0880f8f377bbe9ec283c9095b27217fff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:48:75:10:79:fe:28:8c:99:ca:56:1f:b7:ca:
                    89:ea:e0:60:22:0a:0e:66:06:04:be:e5:4d:f1:7f:
                    a1:87:c2:30:ae:73:f6:0f:71:49:7b:4f:ba:8e:eb:
                    ca:f4:d7:3f:55:3f:0d:a5:0e:e4:b2:63:e4:a7:4d:
                    17:bd:e2:df:cc:5c:b0:e3:1d:00:8f:54:ee:ce:8e:
                    0a:0a:d7:78:4f:5a:47:f3:45:e3:98:69:55:5a:31:
                    d2:fb:9f:fc:83:2d:16:b8:f4:a2:ed:4f:98:2d:51:
                    f3:de:73:ff:a5:24:20:87:39:4a:4f:50:d6:26:f2:
                    2c:92:70:9f:f4:53:6b:e8:9f:9f:c6:00:70:2b:12:
                    3a:f4:98:64:5f:60:92:3f:c4:12:26:0e:ee:5e:e6:
                    4c:1f:ee:b2:4c:e0:5c:fc:dd:29:cd:15:cc:ad:4a:
                    df:c8:f0:d2:e8:0d:8f:6e:94:b4:34:1a:9f:2d:bc:
                    13:f2:7c:f0:8c:54:b2:3e:a8:c6:00:82:79:41:fd:
                    8d:85:1f:2f:c0:cd:49:96:a7:56:95:49:70:c8:36:
                    a3:d9:0e:f0:29:2e:2d:4f:89:e3:9e:6d:c5:d4:a7:
                    e0:31:61:ff:21:42:d8:a3:04:2d:38:6e:fe:16:e0:
                    90:ba:26:d0:dc:53:ba:33:bc:cc:b3:f3:27:46:c8:
                    35:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:2C:F9:D0:88:0F:8F:37:7B:BE:9E:C2:83:C9:09:5B:27:21:7F:FF
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Tyz50IgPjzd7vp7Cg8kJWychf_8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.128.0/23
                  163.5.163.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:81:4e:7d:b8:14:99:e7:b2:a9:4b:cb:cc:ce:cb:5e:b7:d1:
         da:72:8d:4a:f6:3f:2c:a8:21:f8:12:e8:06:1d:f4:36:90:b1:
         07:a2:d3:0e:df:2e:36:79:8d:41:6d:d1:71:20:16:78:15:26:
         af:42:a9:39:d5:96:98:73:8b:61:be:b5:59:50:62:b0:85:a5:
         d6:f3:4b:3e:ad:54:24:99:93:a5:25:ad:43:2e:54:77:05:ed:
         a3:01:8c:6f:5d:ba:02:6f:de:8f:08:55:fd:78:b8:d5:06:e1:
         f1:9f:86:b8:b3:67:f0:13:2d:7a:66:05:50:7c:02:75:c1:5f:
         16:a1:81:cc:d1:f7:ad:e7:ed:1e:b9:a0:29:de:10:02:09:99:
         8b:5f:ad:0c:5b:5f:de:64:39:e9:75:22:f7:b8:cc:15:3a:ef:
         0f:88:2d:10:70:ac:58:bf:fa:f7:bc:21:66:72:26:10:96:76:
         90:e4:45:98:62:72:11:41:c7:22:bb:0e:63:00:eb:a4:96:e6:
         a1:e1:eb:f8:c8:49:bd:59:02:a7:a8:a4:e5:61:d1:fe:51:9b:
         8e:35:5f:b5:6d:16:e4:d8:c9:29:3f:f9:cf:4d:3a:83:5f:58:
         30:75:ab:19:12:1f:2a:c7:b7:dd:48:47:12:d6:eb:23:70:77:
         74:4c:09:05
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYImmk/GdGxvJSpZ2duLy1O7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwNzIyMTU1MDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjJjZjlkMDg4MGY4ZjM3N2JiZTllYzI4M2M5MDk1YjI3MjE3ZmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkh1EHn+KIyZylYft8qJ6uBgIgoO
ZgYEvuVN8X+hh8IwrnP2D3FJe0+6juvK9Nc/VT8NpQ7ksmPkp00XveLfzFyw4x0A
j1Tuzo4KCtd4T1pH80XjmGlVWjHS+5/8gy0WuPSi7U+YLVHz3nP/pSQghzlKT1DW
JvIsknCf9FNr6J+fxgBwKxI69JhkX2CSP8QSJg7uXuZMH+6yTOBc/N0pzRXMrUrf
yPDS6A2PbpS0NBqfLbwT8nzwjFSyPqjGAIJ5Qf2NhR8vwM1JlqdWlUlwyDaj2Q7w
KS4tT4njnm3F1KfgMWH/IULYowQtOG7+FuCQuibQ3FO6M7zMs/MnRsg11QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE8s+dCID483e76ewoPJCVsnIX//MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVHl6NTBJZ1BqemQ3dnA3Q2c4a0pXeWNoZl84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBowWAAwQA
owWjMA0GCSqGSIb3DQEBCwUAA4IBAQAUgU59uBSZ57KpS8vMzstet9Haco1K9j8s
qCH4EugGHfQ2kLEHotMO3y42eY1BbdFxIBZ4FSavQqk51ZaYc4thvrVZUGKwhaXW
80s+rVQkmZOlJa1DLlR3Be2jAYxvXboCb96PCFX9eLjVBuHxn4a4s2fwEy16ZgVQ
fAJ1wV8WoYHM0fet5+0euaAp3hACCZmLX60MW1/eZDnpdSL3uMwVOu8PiC0QcKxY
v/r3vCFmciYQlnaQ5EWYYnIRQcciuw5jAOukluah4ev4yEm9WQKnqKTlYdH+UZuO
NV+1bRbk2MkpP/nPTTqDX1gwdasZEh8qx7fdSEcS1usjcHd0TAkF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:06 2024 by rpki-client on console-fra.rpki-client.org