Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Z1C4FzCyLAzfdVJ_kTh3OYtSMlo.roa
File:                     Z1C4FzCyLAzfdVJ_kTh3OYtSMlo.roa (raw, json)
Hash identifier:          LtYgMEKukXQDKUHcSc65A/Gr0Fbf251f5uzxg8d2JMg=
Subject key identifier:   67:50:B8:17:30:B2:2C:0C:DF:75:52:7F:91:38:77:39:8B:52:32:5A
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018558F458760BBA1D3973F4CECD78AF6BDD
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Z1C4FzCyLAzfdVJ_kTh3OYtSMlo.roa
Signing time:             Wed 28 Dec 2022 13:38:06 +0000
ROA not before:           Wed 28 Dec 2022 13:38:06 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        163.5.192.0/24 maxlen: 24
                          163.5.220.0/24 maxlen: 24
                          163.5.228.0/24 maxlen: 24
                          163.5.237.0/24 maxlen: 24
                          163.5.130.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24
                          163.5.153.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:58:f4:58:76:0b:ba:1d:39:73:f4:ce:cd:78:af:6b:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Dec 28 13:38:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6750b81730b22c0cdf75527f913877398b52325a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:bd:34:a4:af:5d:58:36:1b:aa:9d:7a:42:fe:
                    cf:b1:5a:f2:a9:f5:41:5e:48:f9:18:5c:aa:9c:e8:
                    3d:b4:7c:70:3a:5a:fd:1f:d5:a0:f8:8b:09:c2:19:
                    55:97:9f:2e:4c:4e:b0:5c:54:09:6e:92:aa:8d:ec:
                    bf:6a:ad:4e:6a:c9:ca:6b:ab:be:63:47:13:d2:22:
                    1a:b8:77:85:fe:16:5a:87:89:9c:29:8c:99:3c:e5:
                    f1:32:11:98:38:51:69:25:2b:28:3e:d5:b6:a8:cf:
                    55:59:9e:8a:69:95:97:a3:d1:e2:fe:fa:24:79:a1:
                    d9:07:20:e0:ee:c5:a4:b2:7c:35:02:0f:0a:21:a1:
                    8d:bb:f4:f8:b5:3a:17:cf:28:89:eb:0d:2a:8d:e8:
                    f3:c7:94:0b:94:e1:df:66:49:ee:6f:e0:c4:26:ae:
                    86:5f:ed:c9:e0:36:d3:62:96:66:be:3d:78:63:e5:
                    69:fc:e8:05:97:14:78:11:4e:88:96:ff:ba:76:cc:
                    2a:95:08:0f:03:5f:a7:d2:94:d3:4c:69:1f:be:06:
                    06:a0:52:be:14:37:62:a1:55:bf:9d:7d:99:43:71:
                    ac:23:c3:89:50:84:8a:85:c7:96:ce:7f:ff:ac:e9:
                    09:0b:a1:ae:72:05:2e:5e:2e:c7:97:38:3d:25:76:
                    2d:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:50:B8:17:30:B2:2C:0C:DF:75:52:7F:91:38:77:39:8B:52:32:5A
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Z1C4FzCyLAzfdVJ_kTh3OYtSMlo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.130.0/24
                  163.5.134.0/24
                  163.5.153.0/24
                  163.5.192.0/24
                  163.5.220.0/24
                  163.5.228.0/24
                  163.5.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a4:f4:f6:36:cf:75:1a:c2:cf:33:ea:46:1e:28:8b:85:37:da:
         59:44:61:22:03:86:c2:a5:29:f0:0f:cb:ca:89:8b:bb:72:7a:
         a0:0c:d4:f0:f2:b9:39:db:59:4d:c3:38:d8:23:59:0b:fc:d8:
         20:ea:3e:1b:40:9b:6e:2f:8d:cc:14:c1:e1:e7:ab:0e:b9:92:
         0d:17:3b:df:1f:16:93:ba:03:ec:9d:87:c3:27:46:67:c5:c0:
         2b:23:da:a5:2e:bd:06:e5:07:96:73:4c:15:b5:e5:80:1d:93:
         20:55:a0:a5:f5:04:26:1b:9e:a3:cd:51:89:79:fe:83:e4:c8:
         8e:46:4e:e3:4a:ac:96:42:c5:19:b5:50:fb:45:02:e5:1d:5c:
         db:17:d6:33:b3:82:ce:b2:4b:7d:85:d7:fe:6a:ef:0f:3f:a6:
         f1:5f:56:e4:92:be:62:8b:df:9a:bb:d0:1d:04:6f:da:29:ea:
         f2:b7:7d:4d:4a:0e:23:a2:2a:07:f3:c1:17:7e:15:fa:ba:ee:
         b6:c4:e8:00:d0:9c:81:58:8a:bb:e0:4a:0d:ff:0b:e4:ac:88:
         51:15:9b:ff:71:ac:91:46:e9:a3:a3:4f:1d:c3:ac:04:d9:62:
         65:06:9a:0f:bb:93:fe:b6:82:0b:d9:3c:68:a8:2f:68:27:88:
         85:1d:73:db
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVY9Fh2C7odOXP0zs14r2vdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMjI4MTMzODA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzUwYjgxNzMwYjIyYzBjZGY3NTUyN2Y5MTM4NzczOThiNTIzMjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzr00pK9dWDYbqp16Qv7PsVryqfVB
Xkj5GFyqnOg9tHxwOlr9H9Wg+IsJwhlVl58uTE6wXFQJbpKqjey/aq1OasnKa6u+
Y0cT0iIauHeF/hZah4mcKYyZPOXxMhGYOFFpJSsoPtW2qM9VWZ6KaZWXo9Hi/vok
eaHZByDg7sWksnw1Ag8KIaGNu/T4tToXzyiJ6w0qjejzx5QLlOHfZknub+DEJq6G
X+3J4DbTYpZmvj14Y+Vp/OgFlxR4EU6Ilv+6dswqlQgPA1+n0pTTTGkfvgYGoFK+
FDdioVW/nX2ZQ3GsI8OJUISKhceWzn//rOkJC6GucgUuXi7Hlzg9JXYt9QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGdQuBcwsiwM33VSf5E4dzmLUjJaMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvWjFDNEZ6Q3lMQXpmZFZKX2tUaDNPWXRTTWxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAowWCAwQA
owWGAwQAowWZAwQAowXAAwQAowXcAwQAowXkAwQAowXtMA0GCSqGSIb3DQEBCwUA
A4IBAQCk9PY2z3Uaws8z6kYeKIuFN9pZRGEiA4bCpSnwD8vKiYu7cnqgDNTw8rk5
21lNwzjYI1kL/Ngg6j4bQJtuL43MFMHh56sOuZINFzvfHxaTugPsnYfDJ0ZnxcAr
I9qlLr0G5QeWc0wVteWAHZMgVaCl9QQmG56jzVGJef6D5MiORk7jSqyWQsUZtVD7
RQLlHVzbF9Yzs4LOskt9hdf+au8PP6bxX1bkkr5ii9+au9AdBG/aKeryt31NSg4j
oioH88EXfhX6uu62xOgA0JyBWIq74EoN/wvkrIhRFZv/cayRRumjo08dw6wE2WJl
BpoPu5P+toIL2TxoqC9oJ4iFHXPb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:06 2024 by rpki-client on console-fra.rpki-client.org