Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/XZyQ0BTFkHN_deujP3Td36QBFBI.roa
File:                     XZyQ0BTFkHN_deujP3Td36QBFBI.roa (raw, json)
Hash identifier:          VpC5TtYTnoWb5YiTrCvoVNLe+fJyAHuX0Y5cQvVxp1I=
Subject key identifier:   5D:9C:90:D0:14:C5:90:73:7F:75:EB:A3:3F:74:DD:DF:A4:01:14:12
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01854E253EE3B169002572701CE5738F7FED
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/XZyQ0BTFkHN_deujP3Td36QBFBI.roa
Signing time:             Mon 26 Dec 2022 11:15:41 +0000
ROA not before:           Mon 26 Dec 2022 11:15:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207326
IP address blocks:        163.5.219.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:4e:25:3e:e3:b1:69:00:25:72:70:1c:e5:73:8f:7f:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Dec 26 11:15:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5d9c90d014c590737f75eba33f74dddfa4011412
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:ce:45:68:c9:d5:c6:8b:fc:26:0c:a6:7c:17:
                    ec:2b:8e:d6:6b:5c:16:fe:3d:11:a4:29:e8:82:ec:
                    50:f2:4c:c7:71:bf:24:a8:9c:d6:83:bb:48:6b:0e:
                    47:cb:39:f8:23:af:d2:71:3d:9d:89:7e:c9:78:83:
                    40:64:8a:6a:d8:c6:54:a9:11:90:39:a8:80:85:ff:
                    a3:2c:09:6d:aa:e4:1a:73:f7:4f:8e:3b:18:a6:98:
                    28:9d:1e:ee:a4:cd:01:2d:b8:fb:7c:69:5f:9a:b4:
                    ac:8e:14:cc:02:1b:8d:9b:af:27:81:d0:10:c7:e6:
                    cd:8d:a2:81:f1:14:29:25:52:db:8e:c5:04:fe:c7:
                    08:be:79:86:1c:ad:41:fd:01:16:b4:3a:e9:d2:5a:
                    40:05:2e:21:88:a7:5c:75:27:7f:45:e2:c7:2a:11:
                    81:5b:24:7b:78:c4:b7:3c:39:48:e1:a3:03:68:27:
                    99:d2:d0:45:77:b4:d8:80:db:9f:8c:d8:e1:90:90:
                    09:05:f6:66:e3:eb:71:9c:2d:2e:ba:a2:d4:79:fa:
                    f0:79:fd:e4:7b:a1:ce:31:b8:a1:a7:74:a0:32:37:
                    cf:6e:e7:de:e4:35:53:bd:85:eb:06:df:f7:98:c8:
                    b4:3c:36:65:06:9e:1f:67:f1:36:2c:aa:d8:cf:71:
                    cf:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:9C:90:D0:14:C5:90:73:7F:75:EB:A3:3F:74:DD:DF:A4:01:14:12
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/XZyQ0BTFkHN_deujP3Td36QBFBI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.219.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:3b:b2:43:37:32:65:78:8c:d8:36:98:8b:7a:a0:66:86:69:
         82:84:1f:99:ce:df:26:f8:2f:83:89:a7:d7:af:a3:c5:7c:57:
         2c:e1:5f:bc:a0:38:00:30:b9:c9:e7:ca:07:f8:43:d7:d3:80:
         47:3c:be:09:e3:6b:2d:70:79:6d:61:1a:cf:01:f6:a0:d8:ff:
         68:3a:37:9f:2f:32:9f:db:a8:56:9c:f8:a2:1f:d4:55:bf:5c:
         62:d8:49:c6:2a:59:53:50:75:62:24:40:95:0c:e2:8d:e6:b3:
         5d:36:d5:2d:78:9a:57:54:2e:bc:13:84:da:ed:d4:bb:8d:04:
         7a:61:df:aa:19:33:87:e5:88:43:62:b5:77:d6:21:bc:21:c7:
         0b:42:c7:8e:63:a2:d8:89:12:fb:8c:5e:68:f0:b3:7f:d5:3d:
         4f:96:de:97:17:d6:eb:81:cd:90:9a:c1:4e:4e:cc:78:6e:7f:
         5a:70:b6:66:bf:1f:24:e1:e4:ec:fe:88:a6:b8:94:91:05:a2:
         92:af:07:0f:5a:be:84:3c:f3:d9:66:1e:7e:2b:00:c8:d0:78:
         01:81:30:ac:63:16:3d:30:d2:bf:6e:b2:ad:63:a8:83:7b:b7:
         33:f3:90:00:99:2b:95:7d:19:41:15:94:68:a1:d4:8b:5f:c7:
         fb:46:c7:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVOJT7jsWkAJXJwHOVzj3/tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMjI2MTExNTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDljOTBkMDE0YzU5MDczN2Y3NWViYTMzZjc0ZGRkZmE0MDExNDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArs5FaMnVxov8JgymfBfsK47Wa1wW
/j0RpCnoguxQ8kzHcb8kqJzWg7tIaw5Hyzn4I6/ScT2diX7JeINAZIpq2MZUqRGQ
OaiAhf+jLAltquQac/dPjjsYppgonR7upM0BLbj7fGlfmrSsjhTMAhuNm68ngdAQ
x+bNjaKB8RQpJVLbjsUE/scIvnmGHK1B/QEWtDrp0lpABS4hiKdcdSd/ReLHKhGB
WyR7eMS3PDlI4aMDaCeZ0tBFd7TYgNufjNjhkJAJBfZm4+txnC0uuqLUefrwef3k
e6HOMbihp3SgMjfPbufe5DVTvYXrBt/3mMi0PDZlBp4fZ/E2LKrYz3HPHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF2ckNAUxZBzf3Xroz903d+kARQSMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvWFp5UTBCVEZrSE5fZGV1alAzVGQzNlFCRkJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowXbMA0G
CSqGSIb3DQEBCwUAA4IBAQATO7JDNzJleIzYNpiLeqBmhmmChB+Zzt8m+C+DiafX
r6PFfFcs4V+8oDgAMLnJ58oH+EPX04BHPL4J42stcHltYRrPAfag2P9oOjefLzKf
26hWnPiiH9RVv1xi2EnGKllTUHViJECVDOKN5rNdNtUteJpXVC68E4Ta7dS7jQR6
Yd+qGTOH5YhDYrV31iG8IccLQseOY6LYiRL7jF5o8LN/1T1Plt6XF9brgc2QmsFO
Tsx4bn9acLZmvx8k4eTs/oimuJSRBaKSrwcPWr6EPPPZZh5+KwDI0HgBgTCsYxY9
MNK/brKtY6iDe7cz85AAmSuVfRlBFZRoodSLX8f7Rse/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:33 2024 by rpki-client on console-ams.rpki-client.org