Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/lxY63tY_rKi_U3s4VMj8cI9N_8I.roa
File:                     lxY63tY_rKi_U3s4VMj8cI9N_8I.roa (raw, json)
Hash identifier:          GFaD5ojj+D7yhSJ3Z+LaWugAAbainia+MvQdQM3iIf8=
Subject key identifier:   97:16:3A:DE:D6:3F:AC:A8:BF:53:7B:38:54:C8:FC:70:8F:4D:FF:C2
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0182376FB2619344CBFE30397E0F7C06C788
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/lxY63tY_rKi_U3s4VMj8cI9N_8I.roa
Signing time:             Mon 25 Jul 2022 22:17:23 +0000
ROA not before:           Mon 25 Jul 2022 22:17:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204372
IP address blocks:        163.5.161.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:37:6f:b2:61:93:44:cb:fe:30:39:7e:0f:7c:06:c7:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jul 25 22:17:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=97163aded63faca8bf537b3854c8fc708f4dffc2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:b8:d2:a4:0c:7d:2e:58:4d:07:b3:34:89:a6:
                    e9:d1:c1:f9:79:3b:74:87:f0:d2:94:9f:a5:47:56:
                    30:d4:09:7f:11:80:0e:09:13:58:51:aa:bf:19:51:
                    43:65:cd:13:2c:f1:25:1b:a4:76:14:5c:00:0c:44:
                    08:8a:6d:08:ec:c9:0b:71:c2:0f:5f:98:6c:2b:78:
                    1c:92:60:b9:6f:9a:bc:93:65:86:70:76:26:12:7e:
                    62:ff:5d:3c:fc:18:db:5c:94:bd:35:2f:a2:59:80:
                    e5:2e:e0:c9:38:63:d9:d7:9c:e2:9b:41:99:5d:89:
                    5d:d2:54:69:fe:2a:99:f8:af:01:f2:a2:12:96:c3:
                    27:73:c1:d3:ae:94:3c:65:c4:b5:c9:31:81:b0:56:
                    13:f1:fe:80:02:6b:da:24:1f:e2:57:ea:21:16:b2:
                    cc:d3:33:b5:69:7b:f0:79:4b:be:3f:e8:d0:6e:c7:
                    17:b9:07:33:f3:af:b3:e1:ba:aa:16:b4:52:6a:ea:
                    60:5e:bd:01:a1:53:57:ce:2b:6f:7a:79:6f:70:96:
                    70:9a:f5:8c:18:3a:1d:a1:e8:3e:b1:2d:a7:25:16:
                    22:8d:3d:dd:0c:9d:b1:ad:5b:74:70:be:f3:f2:89:
                    f3:03:14:46:68:67:d5:15:3c:71:c7:d1:b6:0e:d6:
                    58:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:16:3A:DE:D6:3F:AC:A8:BF:53:7B:38:54:C8:FC:70:8F:4D:FF:C2
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/lxY63tY_rKi_U3s4VMj8cI9N_8I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.161.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:28:93:66:a0:53:fb:e6:98:cd:0b:3b:3d:6f:1b:cc:bf:0d:
         7f:62:74:7e:52:a5:1c:b1:85:37:e4:9b:b8:c0:a3:2a:5e:8d:
         49:b2:f7:a5:ca:bd:70:c1:1d:db:b2:97:e0:34:e4:9d:68:b6:
         b1:6a:dc:4e:89:eb:4c:84:89:10:d4:82:9b:89:45:0f:31:ad:
         0e:f8:c2:a7:ee:aa:80:20:3c:c5:d1:5d:f4:bd:6f:7c:2e:e5:
         f9:5e:e4:65:b9:cd:23:61:4b:fb:dc:d4:8a:3a:5d:26:46:06:
         93:0d:f9:cb:2b:9f:59:71:4f:10:13:21:d9:85:c3:1d:43:f8:
         2f:78:0d:2d:70:d0:f9:1a:6e:d5:bd:2d:d8:f9:2a:16:30:bf:
         b4:e9:0e:98:09:bb:7f:ed:4d:cc:3a:70:f4:a4:80:17:72:a9:
         d6:1e:02:36:18:42:2a:cb:f1:5e:34:89:ae:a9:7c:46:16:11:
         66:5b:d5:6d:7d:b0:f4:84:6d:c6:7a:46:a3:f2:de:70:ec:e5:
         b8:35:62:d9:7e:cb:2b:b1:be:fe:df:05:9c:6a:ec:01:56:e4:
         54:c0:12:f8:38:65:3d:6b:67:65:5c:37:6d:5e:b0:9b:7c:0b:
         d3:9e:d2:04:d7:72:7e:ae:2b:9a:75:81:ad:13:49:83:36:02:
         53:69:07:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYI3b7Jhk0TL/jA5fg98BseIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwNzI1MjIxNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzE2M2FkZWQ2M2ZhY2E4YmY1MzdiMzg1NGM4ZmM3MDhmNGRmZmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLjSpAx9LlhNB7M0iabp0cH5eTt0
h/DSlJ+lR1Yw1Al/EYAOCRNYUaq/GVFDZc0TLPElG6R2FFwADEQIim0I7MkLccIP
X5hsK3gckmC5b5q8k2WGcHYmEn5i/108/BjbXJS9NS+iWYDlLuDJOGPZ15zim0GZ
XYld0lRp/iqZ+K8B8qISlsMnc8HTrpQ8ZcS1yTGBsFYT8f6AAmvaJB/iV+ohFrLM
0zO1aXvweUu+P+jQbscXuQcz86+z4bqqFrRSaupgXr0BoVNXzitvenlvcJZwmvWM
GDodoeg+sS2nJRYijT3dDJ2xrVt0cL7z8onzAxRGaGfVFTxxx9G2DtZY5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJcWOt7WP6yov1N7OFTI/HCPTf/CMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbHhZNjN0WV9yS2lfVTNzNFZNajhjSTlOXzhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowWhMA0G
CSqGSIb3DQEBCwUAA4IBAQARKJNmoFP75pjNCzs9bxvMvw1/YnR+UqUcsYU35Ju4
wKMqXo1Jsvelyr1wwR3bspfgNOSdaLaxatxOietMhIkQ1IKbiUUPMa0O+MKn7qqA
IDzF0V30vW98LuX5XuRluc0jYUv73NSKOl0mRgaTDfnLK59ZcU8QEyHZhcMdQ/gv
eA0tcND5Gm7VvS3Y+SoWML+06Q6YCbt/7U3MOnD0pIAXcqnWHgI2GEIqy/FeNImu
qXxGFhFmW9VtfbD0hG3Gekaj8t5w7OW4NWLZfssrsb7+3wWcauwBVuRUwBL4OGU9
a2dlXDdtXrCbfAvTntIE13J+riuadYGtE0mDNgJTaQe7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:07 2024 by rpki-client on console-fra.rpki-client.org