Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/WqcxOku08cWCJpG3X4cRYNdZ5cQ.roa
File:                     WqcxOku08cWCJpG3X4cRYNdZ5cQ.roa (raw, json)
Hash identifier:          pLHszpJK76RcITmfsOya3gOZVKitnOX+pnaJUWc4V2k=
Subject key identifier:   5A:A7:31:3A:4B:B4:F1:C5:82:26:91:B7:5F:87:11:60:D7:59:E5:C4
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0183BCB502212A01E0D7DD6D7A4933544AD9
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/WqcxOku08cWCJpG3X4cRYNdZ5cQ.roa
Signing time:             Sun 09 Oct 2022 12:25:22 +0000
ROA not before:           Sun 09 Oct 2022 12:25:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7118
IP address blocks:        163.5.199.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:bc:b5:02:21:2a:01:e0:d7:dd:6d:7a:49:33:54:4a:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Oct  9 12:25:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5aa7313a4bb4f1c5822691b75f871160d759e5c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:90:ca:64:33:66:4f:25:9e:af:35:8f:2b:6b:
                    85:30:bd:b6:24:f8:f9:d6:cb:9a:d3:09:a7:5d:5c:
                    4e:e8:da:7f:73:cb:00:d8:81:b7:a9:81:62:52:54:
                    0f:9c:88:a2:4b:99:65:3f:5f:89:87:85:2b:b0:96:
                    08:f1:88:ae:7e:6b:f7:8a:8b:4c:b8:9a:b6:49:1d:
                    b5:2c:07:e8:6d:4e:8e:b5:73:79:24:f6:48:32:f8:
                    2a:4f:d1:99:e5:f4:53:2b:89:e4:70:83:29:8b:53:
                    9a:99:3a:72:49:fc:88:d2:74:b0:b6:8c:53:0d:04:
                    f5:c9:3b:1d:5e:ef:cb:24:4c:bc:55:e9:8f:42:b5:
                    a0:99:b4:92:ca:47:ea:72:43:ea:41:c4:05:5e:5f:
                    b9:2f:d4:ce:58:5e:ba:8c:be:7f:9c:b4:d7:5b:1e:
                    47:79:b1:20:1a:e9:93:62:dd:31:52:50:0b:00:64:
                    85:d2:3d:2c:54:9a:cf:f7:04:3d:e2:fa:c2:bf:8f:
                    ff:79:8b:24:5b:f9:da:d0:d5:4e:b5:e6:73:f0:7b:
                    eb:98:f7:dd:f1:1e:31:b5:ef:74:a4:50:d3:c6:b8:
                    b4:0d:83:92:c8:58:d2:e7:c0:b5:ad:c2:68:c0:4a:
                    ea:21:8d:f4:2e:86:28:a9:12:db:2a:1c:7d:4f:c0:
                    62:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:A7:31:3A:4B:B4:F1:C5:82:26:91:B7:5F:87:11:60:D7:59:E5:C4
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/WqcxOku08cWCJpG3X4cRYNdZ5cQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.199.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:d2:8e:d4:aa:b7:9a:48:2c:68:b1:56:25:a4:31:b4:c8:d8:
         a3:22:b2:c3:cd:bb:27:a1:c2:14:6e:24:9f:81:a3:b3:e0:55:
         ff:18:e3:bb:a5:eb:71:9e:95:de:0b:79:2d:55:d7:61:bf:88:
         cf:58:df:7c:04:00:f2:8f:9d:7e:34:fc:4c:02:ba:e3:b7:a3:
         90:fc:87:e1:e5:19:c4:44:13:79:21:2d:dd:20:c8:69:a8:ac:
         e8:1c:2c:7e:f4:9a:42:60:b9:1a:96:8d:c5:10:4e:8d:ce:76:
         a5:81:ed:39:54:ec:21:96:5f:39:4a:86:95:43:fc:96:fd:77:
         f8:64:9b:ae:93:63:89:03:8d:3f:c3:89:1b:dc:38:ba:b2:51:
         42:74:e4:1c:05:38:ca:40:9d:52:ca:5c:3d:41:fa:60:88:a2:
         cb:88:3a:ad:f9:02:15:59:5d:9b:87:76:16:a1:cb:08:bb:a8:
         b8:51:08:6e:87:33:95:40:e6:6b:06:42:73:bd:2b:2e:a0:86:
         0a:2b:55:d1:c6:d5:e2:9e:22:36:f0:33:02:7c:e7:e4:17:76:
         b1:e0:86:fc:ce:51:ee:ca:08:dd:92:d1:a2:62:f1:2a:cc:a1:
         59:37:dd:43:0b:c4:e9:76:69:94:9b:c0:28:05:bd:25:b3:79:
         29:7d:99:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYO8tQIhKgHg191tekkzVErZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMDA5MTIyNTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWE3MzEzYTRiYjRmMWM1ODIyNjkxYjc1Zjg3MTE2MGQ3NTllNWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJDKZDNmTyWerzWPK2uFML22JPj5
1sua0wmnXVxO6Np/c8sA2IG3qYFiUlQPnIiiS5llP1+Jh4UrsJYI8Yiufmv3iotM
uJq2SR21LAfobU6OtXN5JPZIMvgqT9GZ5fRTK4nkcIMpi1OamTpySfyI0nSwtoxT
DQT1yTsdXu/LJEy8VemPQrWgmbSSykfqckPqQcQFXl+5L9TOWF66jL5/nLTXWx5H
ebEgGumTYt0xUlALAGSF0j0sVJrP9wQ94vrCv4//eYskW/na0NVOteZz8HvrmPfd
8R4xte90pFDTxri0DYOSyFjS58C1rcJowErqIY30LoYoqRLbKhx9T8BiCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFqnMTpLtPHFgiaRt1+HEWDXWeXEMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvV3FjeE9rdTA4Y1dDSnBHM1g0Y1JZTmRaNWNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowXHMA0G
CSqGSIb3DQEBCwUAA4IBAQBT0o7UqreaSCxosVYlpDG0yNijIrLDzbsnocIUbiSf
gaOz4FX/GOO7petxnpXeC3ktVddhv4jPWN98BADyj51+NPxMArrjt6OQ/Ifh5RnE
RBN5IS3dIMhpqKzoHCx+9JpCYLkalo3FEE6Nznalge05VOwhll85SoaVQ/yW/Xf4
ZJuuk2OJA40/w4kb3Di6slFCdOQcBTjKQJ1Sylw9QfpgiKLLiDqt+QIVWV2bh3YW
ocsIu6i4UQhuhzOVQOZrBkJzvSsuoIYKK1XRxtXiniI28DMCfOfkF3ax4Ib8zlHu
ygjdktGiYvEqzKFZN91DC8TpdmmUm8AoBb0ls3kpfZnV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:32 2024 by rpki-client on console-ams.rpki-client.org