Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/rXcqmD0wgPl583_XoHQvy8qeE78.roa
File:                     rXcqmD0wgPl583_XoHQvy8qeE78.roa (raw, json)
Hash identifier:          NWHizCSj4es22y7g77+y+vIZAaK93znqnfPuivs0ck8=
Subject key identifier:   AD:77:2A:98:3D:30:80:F9:79:F3:7F:D7:A0:74:2F:CB:CA:9E:13:BF
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018330CFBCA77DC27B201781BF41093A677A
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/rXcqmD0wgPl583_XoHQvy8qeE78.roa
Signing time:             Mon 12 Sep 2022 08:27:44 +0000
ROA not before:           Mon 12 Sep 2022 08:27:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     16509
IP address blocks:        163.5.190.0/24 maxlen: 24
                          163.5.252.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:30:cf:bc:a7:7d:c2:7b:20:17:81:bf:41:09:3a:67:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Sep 12 08:27:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ad772a983d3080f979f37fd7a0742fcbca9e13bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:99:f6:95:43:00:35:68:59:c8:f1:7c:e9:a0:
                    da:59:09:75:bf:f9:14:be:1b:45:38:1b:25:67:a4:
                    a9:c2:23:ea:ae:d4:b6:e1:1e:00:f6:19:64:bc:13:
                    3f:4b:bd:d2:2f:58:99:4e:c8:9f:0f:78:4b:4a:13:
                    9a:62:42:37:e6:a0:60:7f:78:15:61:d5:17:0f:a2:
                    87:02:0d:ab:96:3d:d4:b9:e3:44:54:38:da:84:92:
                    1e:bb:1f:e6:02:c0:f1:c0:e8:d4:b6:e9:6f:2c:32:
                    4b:fc:7f:8f:21:2c:f4:1c:6f:ee:f0:35:a3:30:94:
                    86:e1:7d:1e:90:da:5f:aa:29:6f:64:c2:70:a2:a5:
                    3e:8c:4a:45:e7:2a:48:22:25:d8:c7:f9:4b:4b:c9:
                    2b:56:34:c7:5d:31:ca:79:ec:40:bb:a2:8b:75:b5:
                    f0:8c:2e:41:b7:50:37:9c:a0:d0:20:19:6b:9a:1d:
                    80:35:79:87:c2:04:88:ae:01:14:e9:ad:5a:0c:c1:
                    5b:89:f7:c8:99:b8:c3:a0:2e:29:a7:3b:10:de:5e:
                    f9:ee:d0:5a:ab:f3:d2:bc:4e:0b:3a:d2:02:33:39:
                    ce:08:65:93:df:9b:b6:dd:f3:3c:12:66:ca:79:6b:
                    4f:bb:4e:56:24:a2:7f:ce:00:4c:21:f4:99:c8:47:
                    f6:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:77:2A:98:3D:30:80:F9:79:F3:7F:D7:A0:74:2F:CB:CA:9E:13:BF
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/rXcqmD0wgPl583_XoHQvy8qeE78.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.190.0/24
                  163.5.252.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:91:51:0e:5b:42:3c:ab:f0:24:f1:85:df:20:39:b7:41:b8:
         27:a0:45:a4:6e:a0:dd:f9:70:e2:30:ff:64:8e:56:c5:51:3f:
         66:bf:fb:c4:67:f9:d4:ae:da:b8:fa:8a:54:99:6b:04:bc:b0:
         11:95:e0:e1:d3:fb:60:0f:c2:00:29:d3:65:da:ac:3e:89:d9:
         0c:49:0d:87:b2:9d:72:79:4d:ef:37:df:f2:c6:7f:7b:26:fc:
         2c:19:53:15:e1:ea:d5:7e:27:4c:58:58:62:bf:99:95:59:a0:
         bb:ea:bf:da:c1:25:46:06:ee:0e:c8:a5:77:99:dc:7a:f5:b0:
         43:6d:f9:95:3e:73:08:76:8e:84:6d:ff:cb:0a:78:2d:ba:7c:
         db:d7:c5:81:83:45:7e:0c:11:bc:2a:b2:c2:26:6b:b2:24:ee:
         68:cd:bf:7d:98:60:c0:f9:41:f9:9d:89:e0:94:9a:c9:45:08:
         b6:12:81:f7:db:3b:3e:16:f2:75:86:87:9a:9a:e3:5b:d8:62:
         06:60:5c:8a:16:bb:85:8a:f3:e1:ca:8f:21:4e:02:b9:d5:92:
         91:0f:ba:9d:0b:5c:1a:be:ea:27:e1:7f:fa:ff:3b:e1:e2:6a:
         db:7f:8b:3c:2c:0f:12:aa:51:e2:15:84:96:49:06:21:a5:9f:
         bc:92:cb:17
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYMwz7ynfcJ7IBeBv0EJOmd6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwOTEyMDgyNzQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDc3MmE5ODNkMzA4MGY5NzlmMzdmZDdhMDc0MmZjYmNhOWUxM2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZn2lUMANWhZyPF86aDaWQl1v/kU
vhtFOBslZ6SpwiPqrtS24R4A9hlkvBM/S73SL1iZTsifD3hLShOaYkI35qBgf3gV
YdUXD6KHAg2rlj3UueNEVDjahJIeux/mAsDxwOjUtulvLDJL/H+PISz0HG/u8DWj
MJSG4X0ekNpfqilvZMJwoqU+jEpF5ypIIiXYx/lLS8krVjTHXTHKeexAu6KLdbXw
jC5Bt1A3nKDQIBlrmh2ANXmHwgSIrgEU6a1aDMFbiffImbjDoC4ppzsQ3l757tBa
q/PSvE4LOtICMznOCGWT35u23fM8EmbKeWtPu05WJKJ/zgBMIfSZyEf2LwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK13Kpg9MID5efN/16B0L8vKnhO/MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvclhjcW1EMHdnUGw1ODNfWG9IUXZ5OHFlRTc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowW+AwQA
owX8MA0GCSqGSIb3DQEBCwUAA4IBAQCJkVEOW0I8q/Ak8YXfIDm3QbgnoEWkbqDd
+XDiMP9kjlbFUT9mv/vEZ/nUrtq4+opUmWsEvLARleDh0/tgD8IAKdNl2qw+idkM
SQ2Hsp1yeU3vN9/yxn97JvwsGVMV4erVfidMWFhiv5mVWaC76r/awSVGBu4OyKV3
mdx69bBDbfmVPnMIdo6Ebf/LCngtunzb18WBg0V+DBG8KrLCJmuyJO5ozb99mGDA
+UH5nYnglJrJRQi2EoH32zs+FvJ1hoeamuNb2GIGYFyKFruFivPhyo8hTgK51ZKR
D7qdC1wavuon4X/6/zvh4mrbf4s8LA8SqlHiFYSWSQYhpZ+8kssX
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:35 2024 by rpki-client on console-ams.rpki-client.org