Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/plZqI2ELUXwZFT7CYN4JMkONCtY.roa
File:                     plZqI2ELUXwZFT7CYN4JMkONCtY.roa (raw, json)
Hash identifier:          kHBi/t+1m2uzFAFOv00NHdIwKp6votT5tRbMGIlWcIo=
Subject key identifier:   A6:56:6A:23:61:0B:51:7C:19:15:3E:C2:60:DE:09:32:43:8D:0A:D6
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0182253634A0E23847019C1979C3D23B2717
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/plZqI2ELUXwZFT7CYN4JMkONCtY.roa
Signing time:             Fri 22 Jul 2022 09:21:25 +0000
ROA not before:           Fri 22 Jul 2022 09:21:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7018
IP address blocks:        163.5.165.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:25:36:34:a0:e2:38:47:01:9c:19:79:c3:d2:3b:27:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jul 22 09:21:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a6566a23610b517c19153ec260de0932438d0ad6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:e4:41:f6:17:49:11:29:5e:e2:8a:9f:1e:38:
                    ff:dc:18:99:8c:53:e3:40:20:63:11:25:7e:25:f8:
                    5a:51:60:b7:70:8e:f8:27:3d:89:48:db:b6:54:ec:
                    69:95:6f:42:26:c0:a5:fc:0d:70:4f:66:1a:57:9c:
                    e7:2c:26:dd:d1:a9:a2:14:46:d4:fb:4f:34:d5:cb:
                    12:9e:d3:4e:46:8d:50:ef:31:2a:a6:06:a3:5d:3c:
                    97:8a:e5:fa:36:37:63:f7:40:c7:15:de:73:df:8b:
                    6b:d6:39:65:72:34:c6:dd:df:64:8a:9a:8d:38:80:
                    b0:3c:32:da:d9:94:f6:e6:32:70:e9:9e:2a:ee:83:
                    62:01:1d:dc:b0:22:49:e2:f3:b4:9a:d1:b6:72:8a:
                    17:60:87:fb:50:6e:6b:2d:cb:5d:1e:fd:f9:a5:47:
                    bb:7f:68:10:09:22:9a:1d:de:a9:aa:50:34:f9:da:
                    15:89:0a:a1:4e:40:00:8e:9e:0a:00:c7:eb:00:a6:
                    2e:49:05:07:57:49:80:57:dc:51:6d:80:b0:76:53:
                    b1:44:7a:a6:9b:ff:7e:f8:2a:1b:cd:6b:31:a2:40:
                    8e:24:50:6e:d1:56:f3:36:55:74:f7:6f:ce:a5:f5:
                    94:15:77:f4:b5:1c:39:f6:9c:59:88:40:ab:42:18:
                    4b:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:56:6A:23:61:0B:51:7C:19:15:3E:C2:60:DE:09:32:43:8D:0A:D6
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/plZqI2ELUXwZFT7CYN4JMkONCtY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.165.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:3e:3d:21:7f:29:39:8f:a8:ec:9d:fb:92:48:0a:bc:8a:ef:
         d6:78:a4:98:cb:6d:8a:3b:33:ad:de:a4:6c:56:7e:ab:3d:6f:
         22:39:50:07:e8:f9:cc:7c:4b:95:21:04:9a:58:6d:3b:23:32:
         9e:41:99:e8:73:92:8c:2e:f5:09:29:c8:56:ce:53:cf:c9:39:
         f5:28:b7:4e:cc:76:07:73:2d:9f:0d:9d:c9:61:0b:7e:b8:ea:
         18:6a:fc:a6:f3:aa:14:3f:e9:c8:ff:e6:ce:b0:9c:90:5c:1b:
         20:80:f8:89:e5:80:d5:86:3c:ed:35:01:ad:6f:dd:74:a5:3c:
         96:cc:f4:4a:5c:a0:27:57:26:d2:d6:01:24:4c:a8:dd:6f:f4:
         3b:c9:f3:49:d8:2f:c6:5e:c7:8b:18:35:1a:36:6a:33:5e:1d:
         66:99:94:82:85:ce:c7:58:3c:3c:95:b3:db:5a:70:08:5a:bc:
         69:75:fc:7d:c1:3e:98:7c:65:46:fa:8d:3e:ea:56:d5:81:df:
         3f:08:ca:71:14:57:9b:82:f4:a3:e3:a7:ce:cc:d9:db:6b:58:
         a3:51:3d:b1:d3:3c:80:0a:78:b2:a3:f7:ca:05:58:1c:99:5f:
         df:53:78:c9:50:58:4a:70:d2:8c:7e:44:a9:ba:27:7e:19:45:
         72:88:67:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIlNjSg4jhHAZwZecPSOycXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwNzIyMDkyMTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjU2NmEyMzYxMGI1MTdjMTkxNTNlYzI2MGRlMDkzMjQzOGQwYWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneRB9hdJESle4oqfHjj/3BiZjFPj
QCBjESV+JfhaUWC3cI74Jz2JSNu2VOxplW9CJsCl/A1wT2YaV5znLCbd0amiFEbU
+0801csSntNORo1Q7zEqpgajXTyXiuX6Njdj90DHFd5z34tr1jllcjTG3d9kipqN
OICwPDLa2ZT25jJw6Z4q7oNiAR3csCJJ4vO0mtG2cooXYIf7UG5rLctdHv35pUe7
f2gQCSKaHd6pqlA0+doViQqhTkAAjp4KAMfrAKYuSQUHV0mAV9xRbYCwdlOxRHqm
m/9++CobzWsxokCOJFBu0VbzNlV092/OpfWUFXf0tRw59pxZiECrQhhLcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKZWaiNhC1F8GRU+wmDeCTJDjQrWMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvcGxacUkyRUxVWHdaRlQ3Q1lONEpNa09OQ3RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowWlMA0G
CSqGSIb3DQEBCwUAA4IBAQBLPj0hfyk5j6jsnfuSSAq8iu/WeKSYy22KOzOt3qRs
Vn6rPW8iOVAH6PnMfEuVIQSaWG07IzKeQZnoc5KMLvUJKchWzlPPyTn1KLdOzHYH
cy2fDZ3JYQt+uOoYavym86oUP+nI/+bOsJyQXBsggPiJ5YDVhjztNQGtb910pTyW
zPRKXKAnVybS1gEkTKjdb/Q7yfNJ2C/GXseLGDUaNmozXh1mmZSChc7HWDw8lbPb
WnAIWrxpdfx9wT6YfGVG+o0+6lbVgd8/CMpxFFebgvSj46fOzNnba1ijUT2x0zyA
Cniyo/fKBVgcmV/fU3jJUFhKcNKMfkSpuid+GUVyiGdy
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:35 2024 by rpki-client on console-ams.rpki-client.org