Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Y5x31Tnk-Y6qWUag3vZHxd_u7oQ.roa
File:                     Y5x31Tnk-Y6qWUag3vZHxd_u7oQ.roa (raw, json)
Hash identifier:          csOvmAnZvJ0xOcHWKD11rvgSUkWrtwBYzwY+xb76aXY=
Subject key identifier:   63:9C:77:D5:39:E4:F9:8E:AA:59:46:A0:DE:F6:47:C5:DF:EE:EE:84
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01828709C9C8561BB4BA21C77D8E71E85BDB
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Y5x31Tnk-Y6qWUag3vZHxd_u7oQ.roa
Signing time:             Wed 10 Aug 2022 09:15:41 +0000
ROA not before:           Wed 10 Aug 2022 09:15:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        163.5.179.0/24 maxlen: 24
                          163.5.212.0/24 maxlen: 24
                          163.5.152.0/24 maxlen: 24
                          163.5.166.0/24 maxlen: 24
                          163.5.169.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:87:09:c9:c8:56:1b:b4:ba:21:c7:7d:8e:71:e8:5b:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Aug 10 09:15:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=639c77d539e4f98eaa5946a0def647c5dfeeee84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:5a:af:16:13:68:56:1d:1b:d8:18:d4:d4:f5:
                    27:94:7f:50:d7:23:69:6a:1e:e9:e2:a6:dc:4e:2f:
                    2c:09:ed:b1:43:a1:bf:9f:a0:88:ee:ec:95:be:03:
                    af:ef:00:d9:36:86:a7:81:92:f3:1c:e0:ac:48:10:
                    42:62:d7:54:f5:15:41:d8:8f:5d:d1:e3:f3:cf:37:
                    c6:ac:0e:88:95:fc:49:c8:8c:bc:5f:f3:e3:30:7f:
                    59:fd:77:76:90:35:33:c8:d9:33:04:3d:30:6f:d3:
                    9f:04:17:d8:3e:9e:4c:7a:b6:ab:ca:40:47:7e:c2:
                    5e:64:e5:37:35:da:a1:c5:d5:f6:12:09:3c:ba:03:
                    bb:66:da:be:e2:6e:0f:11:02:7f:75:df:23:a7:d4:
                    da:b9:ef:fd:2d:6d:d4:40:c4:19:60:be:5e:7e:e0:
                    23:d7:32:e2:59:9b:b2:fd:c0:92:a1:2b:e8:d8:7d:
                    f1:36:2f:af:51:dd:8f:bc:45:8c:15:87:80:5d:ea:
                    94:9a:49:e7:d3:61:3d:7e:dc:44:80:df:7d:dc:9f:
                    40:e7:1f:dd:cc:f2:49:4a:8a:04:15:7b:4b:5d:fd:
                    fe:2b:ad:76:aa:2b:df:0a:5f:57:11:af:12:b8:2d:
                    0b:4a:55:da:b6:c9:c8:0d:02:b1:40:98:dc:41:ce:
                    37:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:9C:77:D5:39:E4:F9:8E:AA:59:46:A0:DE:F6:47:C5:DF:EE:EE:84
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Y5x31Tnk-Y6qWUag3vZHxd_u7oQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.152.0/24
                  163.5.166.0/24
                  163.5.169.0/24
                  163.5.179.0/24
                  163.5.212.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:51:b5:72:57:aa:27:24:37:5e:cf:47:64:24:eb:f1:b0:9c:
         f0:e2:c8:28:74:bd:d0:3b:c8:4c:a5:ee:25:62:55:95:14:c0:
         95:6a:96:a3:f3:3a:7d:77:e1:92:09:85:7a:c9:4f:cf:26:3a:
         7e:94:1d:92:e2:1a:ff:4f:1a:42:39:6b:45:8d:01:a0:b4:04:
         7d:83:b7:c0:7a:5f:03:04:b6:cc:79:6b:e1:e7:4e:99:f9:5a:
         f0:1a:a2:20:99:cc:e4:ea:fe:5b:20:ef:df:33:bf:46:ab:35:
         8b:9a:02:8a:0a:d5:1b:9c:62:77:e1:a3:85:6a:0a:8d:ba:a5:
         6b:c6:e9:0b:53:29:88:88:8c:34:1e:22:fc:61:4b:77:a4:72:
         7f:eb:ec:ed:84:a0:14:d2:70:ba:61:29:1c:1e:ce:ca:dd:c0:
         cb:6f:b8:9a:25:b3:2f:6f:ca:fd:64:b2:7a:35:6e:bd:f0:70:
         f4:b5:85:d1:6a:39:1d:cf:c0:4d:17:cc:61:a3:4e:4b:33:24:
         18:1c:d1:cb:ba:95:e5:31:4e:6e:37:21:4d:ae:32:d9:62:21:
         36:0a:74:0f:09:d7:64:42:81:ad:a2:57:96:8f:c3:8e:6c:5b:
         6d:11:b3:94:fe:74:ea:8c:3a:bb:d3:61:33:84:d3:bf:01:ea:
         27:3d:ed:6c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYKHCcnIVhu0uiHHfY5x6FvbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwODEwMDkxNTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzljNzdkNTM5ZTRmOThlYWE1OTQ2YTBkZWY2NDdjNWRmZWVlZTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAglqvFhNoVh0b2BjU1PUnlH9Q1yNp
ah7p4qbcTi8sCe2xQ6G/n6CI7uyVvgOv7wDZNoangZLzHOCsSBBCYtdU9RVB2I9d
0ePzzzfGrA6IlfxJyIy8X/PjMH9Z/Xd2kDUzyNkzBD0wb9OfBBfYPp5MerarykBH
fsJeZOU3NdqhxdX2Egk8ugO7Ztq+4m4PEQJ/dd8jp9Taue/9LW3UQMQZYL5efuAj
1zLiWZuy/cCSoSvo2H3xNi+vUd2PvEWMFYeAXeqUmknn02E9ftxEgN993J9A5x/d
zPJJSooEFXtLXf3+K612qivfCl9XEa8SuC0LSlXatsnIDQKxQJjcQc43lwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGOcd9U55PmOqllGoN72R8Xf7u6EMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvWTV4MzFUbmstWTZxV1VhZzN2Wkh4ZF91N29RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowWYAwQA
owWmAwQAowWpAwQAowWzAwQAowXUMA0GCSqGSIb3DQEBCwUAA4IBAQBXUbVyV6on
JDdez0dkJOvxsJzw4sgodL3QO8hMpe4lYlWVFMCVapaj8zp9d+GSCYV6yU/PJjp+
lB2S4hr/TxpCOWtFjQGgtAR9g7fAel8DBLbMeWvh506Z+VrwGqIgmczk6v5bIO/f
M79GqzWLmgKKCtUbnGJ34aOFagqNuqVrxukLUymIiIw0HiL8YUt3pHJ/6+zthKAU
0nC6YSkcHs7K3cDLb7iaJbMvb8r9ZLJ6NW698HD0tYXRajkdz8BNF8xho05LMyQY
HNHLupXlMU5uNyFNrjLZYiE2CnQPCddkQoGtoleWj8OObFttEbOU/nTqjDq702Ez
hNO/AeonPe1s
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:33 2024 by rpki-client on console-ams.rpki-client.org