Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/oDtbbiXt0aqGXyOweMe1U8dvv0Y.roa
File:                     oDtbbiXt0aqGXyOweMe1U8dvv0Y.roa (raw, json)
Hash identifier:          R8Cgax7kA2eZEE/GEoiIkRIT/yC6mPArWI4PCFIPEL0=
Subject key identifier:   A0:3B:5B:6E:25:ED:D1:AA:86:5F:23:B0:78:C7:B5:53:C7:6F:BF:46
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01855E8BDD93F304DE9BDAFFEDBACF80C1D5
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/oDtbbiXt0aqGXyOweMe1U8dvv0Y.roa
Signing time:             Thu 29 Dec 2022 15:41:42 +0000
ROA not before:           Thu 29 Dec 2022 15:41:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        163.5.192.0/24 maxlen: 24
                          163.5.228.0/24 maxlen: 24
                          163.5.237.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:5e:8b:dd:93:f3:04:de:9b:da:ff:ed:ba:cf:80:c1:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Dec 29 15:41:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a03b5b6e25edd1aa865f23b078c7b553c76fbf46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:f2:44:ad:9c:00:12:80:e2:9a:4a:6f:c7:66:
                    6b:17:bb:d5:c5:40:76:98:d3:3f:6f:cd:ed:20:e9:
                    d4:4c:1a:a0:9c:1c:25:d5:fc:00:43:66:8c:f0:49:
                    ed:4a:5f:f5:86:ee:3b:bb:ac:bb:ec:28:d5:49:e6:
                    5b:e5:98:43:8a:0a:25:2f:97:fc:27:de:b8:ba:20:
                    30:54:51:39:d7:af:eb:e4:4e:40:79:63:e8:50:29:
                    e4:bf:1f:23:fa:fe:67:dc:2b:b7:41:d9:13:75:40:
                    34:2f:26:66:01:71:6c:78:82:ca:a4:0b:a9:7d:c2:
                    78:8c:cc:41:7c:69:37:00:8d:16:52:47:d0:fb:93:
                    20:8b:8a:4c:fb:79:fb:1b:08:87:34:10:8f:b4:89:
                    01:79:28:bf:3c:40:f5:cb:84:06:d5:c9:ed:ed:6c:
                    26:55:ab:df:66:77:55:22:ce:d5:24:bc:c6:7f:a8:
                    3a:2f:9d:3e:dd:56:c1:f3:12:40:16:ef:72:3f:bc:
                    35:83:15:6f:09:c7:81:52:39:eb:75:be:d0:cf:c8:
                    58:6c:85:52:14:bf:c9:18:5f:1c:ff:5a:22:58:7e:
                    29:7c:32:85:18:ab:ae:ad:d5:35:19:48:f8:87:b9:
                    2f:bc:e5:f5:b5:b7:65:85:ef:69:56:a3:82:ef:72:
                    c2:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:3B:5B:6E:25:ED:D1:AA:86:5F:23:B0:78:C7:B5:53:C7:6F:BF:46
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/oDtbbiXt0aqGXyOweMe1U8dvv0Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.134.0/24
                  163.5.192.0/24
                  163.5.228.0/24
                  163.5.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:54:28:82:f0:e0:42:05:a8:f1:51:ce:de:a9:55:cd:d3:5e:
         43:36:fc:65:9f:37:46:5b:75:34:59:4f:9c:f0:57:e5:07:1a:
         0c:87:0c:f9:15:ad:de:c8:18:04:86:19:d3:a4:ec:2f:a8:8f:
         10:8f:b2:98:50:65:3e:74:06:38:ed:ad:ed:8c:a5:3c:bb:10:
         9b:be:17:0b:ea:19:cb:4a:34:7e:c7:09:4f:d4:1d:71:c9:6d:
         64:93:26:ae:6d:29:ad:76:da:60:b1:75:e6:c2:95:34:e0:fd:
         78:06:31:45:ab:61:c9:23:de:a9:94:af:3b:eb:9a:ad:fb:30:
         3a:de:e0:f7:22:3f:f7:84:b0:6a:a1:aa:6c:5a:f8:73:cc:77:
         f1:f6:91:43:5a:40:c7:92:19:e8:d7:8a:3b:f1:b9:9d:ae:00:
         0d:30:27:ed:58:a9:43:74:5a:91:4a:df:f7:bf:76:cb:3d:89:
         c1:c3:f4:7a:a0:4d:d1:21:57:c0:95:b9:24:b8:a8:73:2d:53:
         7a:72:c2:0c:37:44:7a:31:16:ce:eb:1e:8d:83:0b:e4:84:a7:
         cf:dd:62:d6:2b:73:7e:64:c9:d5:6c:a4:33:31:e6:6e:22:31:
         12:1a:c1:92:17:96:bd:42:45:8d:31:23:3b:3d:b0:03:5b:a4:
         0c:2a:f3:7e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVei92T8wTem9r/7brPgMHVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMjI5MTU0MTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDNiNWI2ZTI1ZWRkMWFhODY1ZjIzYjA3OGM3YjU1M2M3NmZiZjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/JErZwAEoDimkpvx2ZrF7vVxUB2
mNM/b83tIOnUTBqgnBwl1fwAQ2aM8EntSl/1hu47u6y77CjVSeZb5ZhDigolL5f8
J964uiAwVFE516/r5E5AeWPoUCnkvx8j+v5n3Cu3QdkTdUA0LyZmAXFseILKpAup
fcJ4jMxBfGk3AI0WUkfQ+5Mgi4pM+3n7GwiHNBCPtIkBeSi/PED1y4QG1cnt7Wwm
VavfZndVIs7VJLzGf6g6L50+3VbB8xJAFu9yP7w1gxVvCceBUjnrdb7Qz8hYbIVS
FL/JGF8c/1oiWH4pfDKFGKuurdU1GUj4h7kvvOX1tbdlhe9pVqOC73LCaQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKA7W24l7dGqhl8jsHjHtVPHb79GMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvb0R0YmJpWHQwYXFHWHlPd2VNZTFVOGR2djBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowWGAwQA
owXAAwQAowXkAwQAowXtMA0GCSqGSIb3DQEBCwUAA4IBAQCbVCiC8OBCBajxUc7e
qVXN015DNvxlnzdGW3U0WU+c8FflBxoMhwz5Fa3eyBgEhhnTpOwvqI8Qj7KYUGU+
dAY47a3tjKU8uxCbvhcL6hnLSjR+xwlP1B1xyW1kkyaubSmtdtpgsXXmwpU04P14
BjFFq2HJI96plK8765qt+zA63uD3Ij/3hLBqoapsWvhzzHfx9pFDWkDHkhno14o7
8bmdrgANMCftWKlDdFqRSt/3v3bLPYnBw/R6oE3RIVfAlbkkuKhzLVN6csIMN0R6
MRbO6x6NgwvkhKfP3WLWK3N+ZMnVbKQzMeZuIjESGsGSF5a9QkWNMSM7PbADW6QM
KvN+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:08 2024 by rpki-client on console-fra.rpki-client.org