Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/VU0iSYsfxB_fVHib5fbCnAyXC5M.roa
File:                     VU0iSYsfxB_fVHib5fbCnAyXC5M.roa (raw, json)
Hash identifier:          JvpzJn7Iy6SGq/1W4DpUdXzvUbzxyYWydY6OZabM8Ro=
Subject key identifier:   55:4D:22:49:8B:1F:C4:1F:DF:54:78:9B:E5:F6:C2:9C:0C:97:0B:93
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01841D803ABCEFB418BFA9AC511291EC3E62
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/VU0iSYsfxB_fVHib5fbCnAyXC5M.roa
Signing time:             Fri 28 Oct 2022 07:30:53 +0000
ROA not before:           Fri 28 Oct 2022 07:30:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     6137
IP address blocks:        163.5.112.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:1d:80:3a:bc:ef:b4:18:bf:a9:ac:51:12:91:ec:3e:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Oct 28 07:30:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=554d22498b1fc41fdf54789be5f6c29c0c970b93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:c9:3d:5e:d8:60:81:6d:fb:a6:e3:dd:ac:4f:
                    2a:db:e6:20:6f:42:e8:b6:83:cd:44:b0:35:43:90:
                    06:4c:f6:2d:6d:3e:54:fd:cd:fa:38:48:39:3e:aa:
                    16:1d:56:36:fc:d0:c1:c1:7f:af:28:a5:fd:f0:8d:
                    7c:b2:8c:42:b7:24:8c:81:7c:f5:35:7d:54:63:16:
                    e9:cc:2e:53:37:06:2b:a2:7d:6a:80:53:f6:80:4f:
                    cf:89:7e:5e:d7:c1:77:85:f0:c2:5e:27:88:51:3e:
                    b4:43:97:9f:0b:3b:8b:2b:9f:b2:99:7f:81:be:08:
                    be:7a:f5:15:5b:26:c5:ba:c3:16:38:9f:49:85:e7:
                    01:03:81:a3:cf:9a:39:4b:c0:41:9e:bd:b9:da:a0:
                    59:c4:f1:01:47:db:77:fe:68:1c:e0:d2:a7:11:9c:
                    23:ac:1f:0e:32:04:72:a2:91:d4:77:5a:87:54:ed:
                    b9:6d:e1:87:ca:4b:89:ea:b3:fb:92:50:24:ac:67:
                    cf:42:ec:20:48:ac:f7:41:59:c1:53:0e:8a:1e:7e:
                    5d:ba:55:10:a3:94:62:60:70:78:07:19:74:a5:98:
                    79:e3:fd:6d:73:36:ea:6b:48:5f:bc:fa:00:58:5a:
                    00:68:d5:f3:d5:31:5a:1b:f6:f9:96:8a:37:c4:de:
                    81:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:4D:22:49:8B:1F:C4:1F:DF:54:78:9B:E5:F6:C2:9C:0C:97:0B:93
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/VU0iSYsfxB_fVHib5fbCnAyXC5M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.112.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b0:1f:2b:84:d0:c4:77:22:96:0c:43:ef:fe:d0:58:99:f3:ac:
         c5:2a:ac:c4:cf:2d:48:b2:f6:4e:04:35:55:c1:df:c6:c3:69:
         ca:99:a4:da:cc:59:5c:e7:92:86:45:39:e6:8d:62:54:02:ba:
         a4:ae:4a:0f:fb:63:21:b9:d2:af:19:81:db:d6:1e:b4:d4:14:
         d3:4b:0d:68:d5:b2:80:c7:5f:63:2c:00:97:41:ad:c6:89:38:
         e7:69:0a:fc:b3:87:a7:1f:f2:d9:32:75:66:57:77:64:2f:91:
         a3:22:ed:ad:ac:ae:88:8a:66:45:8e:a5:ab:d9:a3:22:05:c7:
         14:36:fb:d1:39:c9:4f:37:89:b0:52:1e:ee:3c:41:72:bc:a4:
         5c:69:d4:64:d1:89:77:0f:60:93:34:71:d0:08:12:3b:dc:f7:
         9a:59:cd:35:09:62:1e:b0:da:97:82:4a:98:70:ee:ca:92:b7:
         56:20:44:c3:05:54:c5:f0:e4:06:cf:ca:66:04:41:ad:85:9d:
         f6:80:cb:92:e2:57:0f:2d:b7:41:dc:72:2c:6c:bc:8a:ad:1c:
         56:fa:40:2d:82:c8:e0:83:e3:a9:61:bc:48:75:4e:6c:d7:54:
         61:1e:5f:01:84:30:bd:ae:1c:7b:7a:f9:80:32:e4:94:55:ed:
         0c:f8:e4:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQdgDq877QYv6msURKR7D5iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMDI4MDczMDUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTRkMjI0OThiMWZjNDFmZGY1NDc4OWJlNWY2YzI5YzBjOTcwYjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzck9XthggW37puPdrE8q2+Ygb0Lo
toPNRLA1Q5AGTPYtbT5U/c36OEg5PqoWHVY2/NDBwX+vKKX98I18soxCtySMgXz1
NX1UYxbpzC5TNwYron1qgFP2gE/PiX5e18F3hfDCXieIUT60Q5efCzuLK5+ymX+B
vgi+evUVWybFusMWOJ9JhecBA4Gjz5o5S8BBnr252qBZxPEBR9t3/mgc4NKnEZwj
rB8OMgRyopHUd1qHVO25beGHykuJ6rP7klAkrGfPQuwgSKz3QVnBUw6KHn5dulUQ
o5RiYHB4Bxl0pZh54/1tczbqa0hfvPoAWFoAaNXz1TFaG/b5loo3xN6BHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFVNIkmLH8Qf31R4m+X2wpwMlwuTMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVlUwaVNZc2Z4Ql9mVkhpYjVmYkNuQXlYQzVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowVwMA0G
CSqGSIb3DQEBCwUAA4IBAQCwHyuE0MR3IpYMQ+/+0FiZ86zFKqzEzy1IsvZOBDVV
wd/Gw2nKmaTazFlc55KGRTnmjWJUArqkrkoP+2MhudKvGYHb1h601BTTSw1o1bKA
x19jLACXQa3GiTjnaQr8s4enH/LZMnVmV3dkL5GjIu2trK6IimZFjqWr2aMiBccU
NvvROclPN4mwUh7uPEFyvKRcadRk0Yl3D2CTNHHQCBI73PeaWc01CWIesNqXgkqY
cO7KkrdWIETDBVTF8OQGz8pmBEGthZ32gMuS4lcPLbdB3HIsbLyKrRxW+kAtgsjg
g+OpYbxIdU5s11RhHl8BhDC9rhx7evmAMuSUVe0M+OQg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:06 2024 by rpki-client on console-fra.rpki-client.org