Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/d2Nz-JtHWLasYyMBW-K6h5G3FRQ.roa
File:                     d2Nz-JtHWLasYyMBW-K6h5G3FRQ.roa (raw, json)
Hash identifier:          SEeTEug4GVJCQ9KUlJEFa4xwAPZYGnqFURh9aiWkUmc=
Subject key identifier:   77:63:73:F8:9B:47:58:B6:AC:63:23:01:5B:E2:BA:87:91:B7:15:14
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01845AE7018642B78110F69B0DA449481855
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/d2Nz-JtHWLasYyMBW-K6h5G3FRQ.roa
Signing time:             Wed 09 Nov 2022 05:39:59 +0000
ROA not before:           Wed 09 Nov 2022 05:39:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49581
IP address blocks:        163.5.108.0/24 maxlen: 24
                          163.5.106.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:5a:e7:01:86:42:b7:81:10:f6:9b:0d:a4:49:48:18:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Nov  9 05:39:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=776373f89b4758b6ac6323015be2ba8791b71514
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:16:53:65:68:e5:a9:23:3d:2a:10:2c:2e:48:
                    24:b9:f2:cd:36:f5:d4:48:b2:58:b6:f1:b6:9e:d8:
                    68:36:5a:62:8d:81:bd:c9:61:9a:fe:ef:9a:2c:61:
                    7a:fd:fd:4c:bd:f6:04:cb:fd:6f:e4:d5:a4:9d:18:
                    02:6c:cf:eb:7a:19:70:35:d9:ba:12:e2:82:a9:0c:
                    d0:dd:03:b2:97:c6:76:ee:df:a0:06:d3:c5:2f:d2:
                    f9:3d:3e:69:95:f3:d4:0d:38:31:86:45:31:17:ae:
                    cf:48:15:8a:68:8e:81:da:21:bf:2d:c7:bc:b2:eb:
                    a7:ee:e9:b4:56:69:6d:37:b1:7e:79:e2:d8:d4:a7:
                    32:d4:4b:ec:9b:79:0b:4c:42:9a:c2:f5:d7:4d:53:
                    ad:b0:d9:a5:66:65:e2:76:f1:55:df:bd:a5:6d:d7:
                    4c:c8:4f:f4:3d:dd:1f:81:bd:0b:0c:4e:ec:9c:4e:
                    3d:62:6b:e4:ad:7d:65:dd:62:b7:b9:51:b6:95:1b:
                    ce:48:e0:f0:89:cd:86:e3:72:66:45:4c:0b:9e:d9:
                    c5:e3:a6:53:7c:c8:30:00:b6:31:8e:eb:80:a3:34:
                    c9:6b:5d:22:7f:60:56:a3:73:79:3b:4c:0f:19:42:
                    70:da:60:83:5b:8c:98:06:f3:5a:df:89:3a:8f:da:
                    f3:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:63:73:F8:9B:47:58:B6:AC:63:23:01:5B:E2:BA:87:91:B7:15:14
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/d2Nz-JtHWLasYyMBW-K6h5G3FRQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.106.0/24
                  163.5.108.0/24

    Signature Algorithm: sha256WithRSAEncryption
         61:dc:62:d2:59:43:57:bc:54:04:92:cd:5f:55:7c:6e:74:70:
         b1:23:1e:56:d2:94:b6:7a:28:70:ea:8c:b9:f5:1a:97:e6:ca:
         7e:47:67:11:44:7d:c4:8f:4b:49:8e:0d:fb:2b:7b:66:d0:79:
         a1:29:de:89:44:27:f0:2e:82:c8:f4:91:98:a9:91:72:37:4b:
         9a:05:31:33:c2:65:e8:9a:3e:65:59:9b:f3:f5:31:56:15:bf:
         53:cd:d3:3d:e3:15:52:40:15:79:d0:0c:3a:46:f4:6e:83:04:
         28:99:38:8b:9c:7b:25:64:cc:53:1b:a4:41:4a:2e:ba:f4:38:
         1c:e8:90:cc:81:24:dd:75:6e:8d:2a:bf:93:9d:dd:9e:7c:fd:
         e5:92:37:b1:dc:3a:74:f2:cb:c8:de:48:32:87:c5:d3:3d:e5:
         c1:bb:1f:3b:e3:f9:e8:60:6c:0f:48:2a:74:36:67:34:2e:e7:
         82:9c:69:fa:75:02:ed:24:75:d0:f1:9d:fc:b6:fd:85:3f:c3:
         eb:39:e9:c3:4d:b6:b6:8d:17:a8:92:3f:e9:0f:d8:29:7d:b8:
         6d:13:54:3b:77:5d:ac:4b:2f:8c:12:11:83:0e:23:31:91:dc:
         98:1b:35:c6:89:38:ba:2c:a8:59:58:b9:06:bb:a0:b1:92:40:
         fb:f9:54:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRa5wGGQreBEPabDaRJSBhVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMTA5MDUzOTU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzYzNzNmODliNDc1OGI2YWM2MzIzMDE1YmUyYmE4NzkxYjcxNTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxZTZWjlqSM9KhAsLkgkufLNNvXU
SLJYtvG2nthoNlpijYG9yWGa/u+aLGF6/f1MvfYEy/1v5NWknRgCbM/rehlwNdm6
EuKCqQzQ3QOyl8Z27t+gBtPFL9L5PT5plfPUDTgxhkUxF67PSBWKaI6B2iG/Lce8
suun7um0VmltN7F+eeLY1Kcy1Evsm3kLTEKawvXXTVOtsNmlZmXidvFV372lbddM
yE/0Pd0fgb0LDE7snE49YmvkrX1l3WK3uVG2lRvOSODwic2G43JmRUwLntnF46ZT
fMgwALYxjuuAozTJa10if2BWo3N5O0wPGUJw2mCDW4yYBvNa34k6j9rzWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHdjc/ibR1i2rGMjAVviuoeRtxUUMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZDJOei1KdEhXTGFzWXlNQlctSzZoNUczRlJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowVqAwQA
owVsMA0GCSqGSIb3DQEBCwUAA4IBAQBh3GLSWUNXvFQEks1fVXxudHCxIx5W0pS2
eihw6oy59RqX5sp+R2cRRH3Ej0tJjg37K3tm0HmhKd6JRCfwLoLI9JGYqZFyN0ua
BTEzwmXomj5lWZvz9TFWFb9TzdM94xVSQBV50Aw6RvRugwQomTiLnHslZMxTG6RB
Si669Dgc6JDMgSTddW6NKr+Tnd2efP3lkjex3Dp08svI3kgyh8XTPeXBux874/no
YGwPSCp0Nmc0LueCnGn6dQLtJHXQ8Z38tv2FP8PrOenDTba2jReokj/pD9gpfbht
E1Q7d12sSy+MEhGDDiMxkdyYGzXGiTi6LKhZWLkGu6CxkkD7+VSn
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:33 2024 by rpki-client on console-ams.rpki-client.org