Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/pWgqjjOix5p8Yo5dHqwRudzks9I.roa
File:                     pWgqjjOix5p8Yo5dHqwRudzks9I.roa (raw, json)
Hash identifier:          k+U/VClZDUQ0NIZwgs9ssW+10eHJcr2pb8EFvhfgmT0=
Subject key identifier:   A5:68:2A:8E:33:A2:C7:9A:7C:62:8E:5D:1E:AC:11:B9:DC:E4:B3:D2
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0183561CC844A52D4825930710415E6FDC02
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/pWgqjjOix5p8Yo5dHqwRudzks9I.roa
Signing time:             Mon 19 Sep 2022 14:17:50 +0000
ROA not before:           Mon 19 Sep 2022 14:17:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7018
IP address blocks:        163.5.110.0/24 maxlen: 24
                          163.5.111.0/24 maxlen: 24
                          163.5.231.0/24 maxlen: 24
                          163.5.232.0/24 maxlen: 24
                          163.5.126.0/24 maxlen: 24
                          163.5.235.0/24 maxlen: 24
                          163.5.234.0/24 maxlen: 24
                          163.5.253.0/24 maxlen: 24
                          163.5.250.0/24 maxlen: 24
                          163.5.165.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:56:1c:c8:44:a5:2d:48:25:93:07:10:41:5e:6f:dc:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Sep 19 14:17:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a5682a8e33a2c79a7c628e5d1eac11b9dce4b3d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:b8:df:da:91:48:73:f3:6e:6a:52:51:a8:bc:
                    8e:64:6b:8c:cb:a5:cb:74:4f:5b:45:95:88:a2:96:
                    89:88:2f:d7:0c:5a:20:3d:95:95:47:00:2e:e4:11:
                    4f:59:52:93:c2:28:73:11:3e:ec:dd:0b:23:5a:85:
                    ac:5f:71:fc:90:5a:2f:2e:b8:a3:ec:c7:c0:f3:c8:
                    d2:98:c1:de:a9:5e:98:01:e2:61:b7:35:9e:8c:92:
                    03:9a:52:3a:bb:3e:58:e4:99:4a:9d:13:a6:55:51:
                    11:d3:08:a9:a2:58:b9:b6:5d:a9:8e:05:b1:81:7f:
                    ab:18:48:60:28:38:12:2d:fa:fe:7e:fe:f0:a3:95:
                    60:b2:90:e8:b6:a4:19:d3:08:f3:39:da:e5:13:5e:
                    1f:d7:81:5d:af:19:d4:e1:1d:fa:ca:20:91:17:4f:
                    12:19:e4:fa:91:7e:a1:bc:ff:0e:9d:f6:0a:29:06:
                    f9:eb:30:01:c8:df:44:43:9b:0b:51:7d:e5:cd:54:
                    70:9e:f7:e2:2f:52:16:8c:b1:87:69:ec:a3:55:1e:
                    4c:75:e2:40:26:e1:c2:38:80:ca:18:df:0a:aa:ff:
                    b3:bd:e2:24:9b:0d:d4:7f:83:de:e3:6c:7a:85:07:
                    5b:6d:db:ab:02:2a:eb:0f:93:57:b4:22:39:a0:fa:
                    c0:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:68:2A:8E:33:A2:C7:9A:7C:62:8E:5D:1E:AC:11:B9:DC:E4:B3:D2
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/pWgqjjOix5p8Yo5dHqwRudzks9I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.110.0/23
                  163.5.126.0/24
                  163.5.165.0/24
                  163.5.231.0-163.5.232.255
                  163.5.234.0/23
                  163.5.250.0/24
                  163.5.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:12:bb:19:30:8c:9a:ec:81:77:10:1f:2a:7b:50:dc:8a:80:
         a0:2f:6e:33:39:77:65:99:6b:76:d5:d5:19:7f:cb:71:9f:d1:
         51:8c:23:7f:71:5a:5e:17:e9:04:b5:32:a7:da:76:a2:ad:0d:
         54:84:fa:bb:5a:72:6a:ce:3e:bc:cd:52:a7:e5:df:d6:a7:7c:
         3b:d7:29:49:09:50:fa:75:9b:cc:c2:0e:55:40:40:9d:05:26:
         19:e0:c5:fe:38:b2:dc:75:49:13:cc:96:39:08:80:3a:54:f2:
         0e:53:62:1f:6d:e0:da:46:1b:48:bf:a0:01:69:cb:ea:ec:99:
         c7:9b:ed:b4:a2:d9:f2:0a:fb:c5:4c:36:2f:bf:74:4c:09:60:
         32:77:6b:25:91:aa:ec:61:7f:f0:10:85:36:79:83:fa:e6:09:
         bc:fd:36:7f:8d:86:5e:0c:83:79:77:7e:5d:83:e8:c6:38:f6:
         4f:e6:f1:16:58:63:30:da:db:b2:6a:94:eb:36:8e:d7:22:6d:
         e7:a6:b8:45:2d:c8:4e:36:f2:4a:3c:f2:9e:d2:eb:c5:fb:70:
         5e:83:2d:c0:cd:8b:d9:13:35:c9:44:a3:af:91:a0:03:8f:7c:
         e7:32:44:0b:60:a0:9c:5e:ff:90:04:32:61:67:b8:e3:6c:8a:
         28:27:22:c4
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYNWHMhEpS1IJZMHEEFeb9wCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwOTE5MTQxNzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTY4MmE4ZTMzYTJjNzlhN2M2MjhlNWQxZWFjMTFiOWRjZTRiM2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbjf2pFIc/NualJRqLyOZGuMy6XL
dE9bRZWIopaJiC/XDFogPZWVRwAu5BFPWVKTwihzET7s3QsjWoWsX3H8kFovLrij
7MfA88jSmMHeqV6YAeJhtzWejJIDmlI6uz5Y5JlKnROmVVER0wipoli5tl2pjgWx
gX+rGEhgKDgSLfr+fv7wo5VgspDotqQZ0wjzOdrlE14f14FdrxnU4R36yiCRF08S
GeT6kX6hvP8OnfYKKQb56zAByN9EQ5sLUX3lzVRwnvfiL1IWjLGHaeyjVR5MdeJA
JuHCOIDKGN8Kqv+zveIkmw3Uf4Pe42x6hQdbbdurAirrD5NXtCI5oPrA2wIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFKVoKo4zoseafGKOXR6sEbnc5LPSMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvcFdncWpqT2l4NXA4WW81ZEhxd1J1ZHprczlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQBowVuAwQA
owV+AwQAowWlMAwDBACjBecDBACjBegDBAGjBeoDBACjBfoDBACjBf0wDQYJKoZI
hvcNAQELBQADggEBAI8SuxkwjJrsgXcQHyp7UNyKgKAvbjM5d2WZa3bV1Rl/y3Gf
0VGMI39xWl4X6QS1MqfadqKtDVSE+rtacmrOPrzNUqfl39anfDvXKUkJUPp1m8zC
DlVAQJ0FJhngxf44stx1SRPMljkIgDpU8g5TYh9t4NpGG0i/oAFpy+rsmceb7bSi
2fIK+8VMNi+/dEwJYDJ3ayWRquxhf/AQhTZ5g/rmCbz9Nn+Nhl4Mg3l3fl2D6MY4
9k/m8RZYYzDa27JqlOs2jtcibeemuEUtyE428ko88p7S68X7cF6DLcDNi9kTNclE
o6+RoAOPfOcyRAtgoJxe/5AEMmFnuONsiignIsQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:35 2024 by rpki-client on console-ams.rpki-client.org