Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/bgiW_k-64vQnB35uunf5ZA_z4Rw.roa
File:                     bgiW_k-64vQnB35uunf5ZA_z4Rw.roa (raw, json)
Hash identifier:          6GO4dzWrIAMMNuzbJyWjvMCIdZmuAYFCNNk+SXtCbAc=
Subject key identifier:   6E:08:96:FE:4F:BA:E2:F4:27:07:7E:6E:BA:77:F9:64:0F:F3:E1:1C
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0183320C99FD8B6033B9BBFFCE674B9DA0D6
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/bgiW_k-64vQnB35uunf5ZA_z4Rw.roa
Signing time:             Mon 12 Sep 2022 14:13:50 +0000
ROA not before:           Mon 12 Sep 2022 14:13:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7018
IP address blocks:        163.5.231.0/24 maxlen: 24
                          163.5.232.0/24 maxlen: 24
                          163.5.235.0/24 maxlen: 24
                          163.5.234.0/24 maxlen: 24
                          163.5.253.0/24 maxlen: 24
                          163.5.250.0/24 maxlen: 24
                          163.5.165.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:32:0c:99:fd:8b:60:33:b9:bb:ff:ce:67:4b:9d:a0:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Sep 12 14:13:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6e0896fe4fbae2f427077e6eba77f9640ff3e11c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:d3:d6:31:db:a7:94:1d:0e:d1:f2:11:88:77:
                    cb:eb:38:fc:3e:5c:33:7f:e2:93:be:44:95:77:0e:
                    6e:a2:9b:54:43:54:f6:cf:28:94:6b:13:93:82:96:
                    83:33:e1:39:7c:f9:58:a8:7a:c4:7b:82:37:92:16:
                    2c:0d:c2:ab:29:75:22:29:c1:e2:5c:be:0a:2e:94:
                    a7:95:2b:d9:57:3a:b9:3c:8b:2e:79:19:cf:1f:9b:
                    41:9c:30:4b:6b:67:90:94:ba:3d:71:a3:55:d9:b5:
                    53:81:aa:90:82:51:b2:45:76:6f:8e:24:a4:0d:5c:
                    9d:36:5c:d0:8f:21:34:a2:10:59:9a:3c:f5:62:cb:
                    85:15:c4:85:ae:f5:1c:01:9a:ee:11:da:e1:64:21:
                    88:a6:9f:c9:2f:2c:ba:ce:6f:7a:6d:3d:bd:4e:d1:
                    eb:5e:b4:5c:77:c8:21:9c:7c:53:a1:58:54:9f:b2:
                    8a:d2:f0:a4:ce:24:dd:82:82:4d:9e:a8:ca:3f:64:
                    c6:e1:d7:af:f6:bb:3c:06:55:00:79:78:f8:f3:21:
                    14:8b:3c:3b:16:b0:dc:1c:f2:8b:fc:ca:8d:40:0f:
                    de:9e:89:14:e1:d0:56:ad:f8:32:84:ed:79:18:62:
                    6d:be:37:be:28:c5:b9:79:0d:4e:6a:84:65:5e:51:
                    3d:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:08:96:FE:4F:BA:E2:F4:27:07:7E:6E:BA:77:F9:64:0F:F3:E1:1C
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/bgiW_k-64vQnB35uunf5ZA_z4Rw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.165.0/24
                  163.5.231.0-163.5.232.255
                  163.5.234.0/23
                  163.5.250.0/24
                  163.5.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         91:7f:d1:b4:71:e4:31:28:6c:8d:a6:23:2a:36:90:71:77:58:
         00:12:da:59:de:5a:51:f9:f3:62:d0:4f:b1:f8:94:90:a9:0f:
         5f:28:3b:47:77:1d:e7:66:05:bd:d5:71:78:65:c1:79:39:da:
         92:38:0d:82:6d:e8:c9:9f:dd:c9:0f:8f:4a:64:78:23:62:5f:
         5f:af:81:d8:85:1f:e9:7c:cb:d4:d4:83:c4:2e:ea:84:d4:6d:
         1e:bd:5b:fb:3e:61:dc:5f:f0:63:49:99:92:5d:0c:cf:b9:c3:
         5f:33:7a:8a:eb:ae:fb:fa:87:2f:74:f0:cc:6d:06:75:d6:ae:
         6f:91:2d:e2:a6:16:7c:d2:1c:5d:59:b9:16:88:74:95:32:4f:
         36:86:af:e9:1d:26:fc:86:9d:b0:54:94:62:64:47:b9:5a:ea:
         b1:84:0b:d0:82:93:0a:ba:42:fe:57:e3:6b:e2:e7:9f:83:dd:
         71:cb:a8:69:c4:51:6c:a1:9b:e5:11:f1:0b:46:f3:19:f2:14:
         8f:02:ef:b7:77:89:ef:24:59:09:59:48:ee:20:18:ae:24:76:
         0a:44:9b:9f:77:a3:64:b0:f4:2d:78:4c:20:4b:65:2e:2e:64:
         3a:f2:33:a6:ae:86:52:71:1f:8f:97:56:74:db:32:e6:50:65:
         30:47:bb:e6
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYMyDJn9i2Azubv/zmdLnaDWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwOTEyMTQxMzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTA4OTZmZTRmYmFlMmY0MjcwNzdlNmViYTc3Zjk2NDBmZjNlMTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtPWMdunlB0O0fIRiHfL6zj8Plwz
f+KTvkSVdw5uoptUQ1T2zyiUaxOTgpaDM+E5fPlYqHrEe4I3khYsDcKrKXUiKcHi
XL4KLpSnlSvZVzq5PIsueRnPH5tBnDBLa2eQlLo9caNV2bVTgaqQglGyRXZvjiSk
DVydNlzQjyE0ohBZmjz1YsuFFcSFrvUcAZruEdrhZCGIpp/JLyy6zm96bT29TtHr
XrRcd8ghnHxToVhUn7KK0vCkziTdgoJNnqjKP2TG4dev9rs8BlUAeXj48yEUizw7
FrDcHPKL/MqNQA/enokU4dBWrfgyhO15GGJtvje+KMW5eQ1OaoRlXlE9ewIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFG4Ilv5PuuL0Jwd+brp3+WQP8+EcMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvYmdpV19rLTY0dlFuQjM1dXVuZjVaQV96NFJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAowWlMAwD
BACjBecDBACjBegDBAGjBeoDBACjBfoDBACjBf0wDQYJKoZIhvcNAQELBQADggEB
AJF/0bRx5DEobI2mIyo2kHF3WAAS2lneWlH582LQT7H4lJCpD18oO0d3HedmBb3V
cXhlwXk52pI4DYJt6Mmf3ckPj0pkeCNiX1+vgdiFH+l8y9TUg8Qu6oTUbR69W/s+
Ydxf8GNJmZJdDM+5w18zeorrrvv6hy908MxtBnXWrm+RLeKmFnzSHF1ZuRaIdJUy
TzaGr+kdJvyGnbBUlGJkR7la6rGEC9CCkwq6Qv5X42vi55+D3XHLqGnEUWyhm+UR
8QtG8xnyFI8C77d3ie8kWQlZSO4gGK4kdgpEm593o2Sw9C14TCBLZS4uZDryM6au
hlJxH4+XVnTbMuZQZTBHu+Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:06 2024 by rpki-client on console-fra.rpki-client.org