Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/f0aAC5ddhCnAxTxOCa2iWZm4E8Y.roa
File:                     f0aAC5ddhCnAxTxOCa2iWZm4E8Y.roa (raw, json)
Hash identifier:          jfXfb9FZcFbChquxl3fSY6dPjqA/fYpWEpg1TKqKSxg=
Subject key identifier:   7F:46:80:0B:97:5D:84:29:C0:C5:3C:4E:09:AD:A2:59:99:B8:13:C6
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018500EF4E5E3E38D5F4BB75A3A967D26E53
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/f0aAC5ddhCnAxTxOCa2iWZm4E8Y.roa
Signing time:             Sun 11 Dec 2022 11:26:01 +0000
ROA not before:           Sun 11 Dec 2022 11:26:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     140947
IP address blocks:        163.5.103.0/24 maxlen: 24
                          163.5.109.0/24 maxlen: 24
                          163.5.235.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:00:ef:4e:5e:3e:38:d5:f4:bb:75:a3:a9:67:d2:6e:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Dec 11 11:26:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7f46800b975d8429c0c53c4e09ada25999b813c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:45:af:46:89:53:87:12:bd:32:32:fe:ca:a7:
                    60:e0:9c:a9:90:35:c6:1c:52:d7:ac:56:44:a8:75:
                    11:16:e1:60:66:b1:b1:81:4b:ba:1d:13:ea:47:14:
                    5a:8c:e8:9c:70:6a:5f:b2:83:36:c4:fc:2e:62:5a:
                    30:56:62:cc:93:63:0f:3c:e1:69:8f:38:e1:02:20:
                    f8:4d:b9:21:3f:ab:82:e7:5b:b7:a2:ec:70:c9:16:
                    26:95:d8:fd:7b:e0:b7:1c:86:ea:2e:5f:fd:fc:c9:
                    5c:1f:38:b2:ef:9b:4d:d4:8c:f3:a6:c0:2c:9a:e4:
                    77:94:d0:6e:9d:48:2d:2c:60:d4:19:96:3b:2d:0f:
                    cf:93:2f:3f:61:f7:96:4b:41:24:77:4d:fa:21:22:
                    1c:39:61:96:10:d5:1a:cf:e3:ca:ae:0e:83:69:e6:
                    39:3c:1c:4f:90:79:48:37:99:09:8c:56:68:9b:b7:
                    9e:fe:eb:1a:a0:48:03:dc:ef:51:3f:d8:ad:53:8e:
                    8b:5a:b8:1f:c8:13:46:97:70:c2:eb:85:e4:c0:84:
                    6c:68:e6:4a:96:c9:1c:cb:fb:bb:ff:11:97:07:3e:
                    e7:f1:5a:71:8e:cf:08:90:ad:f6:de:c1:35:31:b4:
                    1b:d6:c8:54:27:87:e1:f2:c4:93:fa:fd:18:7d:43:
                    fe:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:46:80:0B:97:5D:84:29:C0:C5:3C:4E:09:AD:A2:59:99:B8:13:C6
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/f0aAC5ddhCnAxTxOCa2iWZm4E8Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.103.0/24
                  163.5.109.0/24
                  163.5.235.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:94:97:99:ba:c0:35:e2:fa:09:3d:6c:07:e3:ad:aa:d4:f1:
         27:9c:b5:c8:e0:5e:34:47:67:41:d5:a5:db:8a:9a:1a:58:46:
         e6:3e:53:94:a0:42:dc:a5:83:a8:c2:0a:66:44:b8:84:d2:a2:
         43:42:1f:c9:e1:cf:61:22:aa:dd:de:b1:43:2a:e7:71:79:55:
         b8:7a:4f:02:92:b0:e2:b9:59:e0:01:f3:b5:80:2f:83:4c:50:
         00:18:fd:15:74:62:37:87:48:ea:56:dc:8c:33:62:9a:b8:53:
         48:80:c4:fa:3f:dd:54:3e:11:8e:69:16:46:66:7a:de:79:94:
         4d:31:bd:02:f4:8e:65:e9:c5:fc:dd:73:d5:db:2f:11:f7:92:
         b2:53:c4:8d:32:86:5d:26:d6:b7:c8:71:8e:34:2c:15:30:1d:
         4d:37:2b:75:be:b3:24:f7:46:ae:dd:a7:81:71:b8:e1:6c:67:
         98:eb:64:58:e7:e0:62:55:cd:c5:30:5a:33:1d:54:93:51:af:
         70:5b:30:7a:01:4a:99:10:46:cf:02:72:93:ed:8e:60:48:77:
         8c:dd:3c:7c:7a:84:fc:91:38:79:5c:72:95:04:df:85:14:e5:
         9e:31:a7:21:b4:f9:ba:62:67:4b:95:ca:4c:1d:be:1f:d5:9d:
         a2:07:a4:99
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYUA705ePjjV9Lt1o6ln0m5TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMjExMTEyNjAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjQ2ODAwYjk3NWQ4NDI5YzBjNTNjNGUwOWFkYTI1OTk5YjgxM2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuEWvRolThxK9MjL+yqdg4JypkDXG
HFLXrFZEqHURFuFgZrGxgUu6HRPqRxRajOiccGpfsoM2xPwuYlowVmLMk2MPPOFp
jzjhAiD4TbkhP6uC51u3ouxwyRYmldj9e+C3HIbqLl/9/MlcHziy75tN1IzzpsAs
muR3lNBunUgtLGDUGZY7LQ/Pky8/YfeWS0Ekd036ISIcOWGWENUaz+PKrg6DaeY5
PBxPkHlIN5kJjFZom7ee/usaoEgD3O9RP9itU46LWrgfyBNGl3DC64XkwIRsaOZK
lskcy/u7/xGXBz7n8Vpxjs8IkK323sE1MbQb1shUJ4fh8sST+v0YfUP+7wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH9GgAuXXYQpwMU8TgmtolmZuBPGMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZjBhQUM1ZGRoQ25BeFR4T0NhMmlXWm00RThZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowVnAwQA
owVtAwQAowXrMA0GCSqGSIb3DQEBCwUAA4IBAQAXlJeZusA14voJPWwH462q1PEn
nLXI4F40R2dB1aXbipoaWEbmPlOUoELcpYOowgpmRLiE0qJDQh/J4c9hIqrd3rFD
KudxeVW4ek8CkrDiuVngAfO1gC+DTFAAGP0VdGI3h0jqVtyMM2KauFNIgMT6P91U
PhGOaRZGZnreeZRNMb0C9I5l6cX83XPV2y8R95KyU8SNMoZdJta3yHGONCwVMB1N
Nyt1vrMk90au3aeBcbjhbGeY62RY5+BiVc3FMFozHVSTUa9wWzB6AUqZEEbPAnKT
7Y5gSHeM3Tx8eoT8kTh5XHKVBN+FFOWeMachtPm6YmdLlcpMHb4f1Z2iB6SZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:07 2024 by rpki-client on console-fra.rpki-client.org