Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/roViZjIRc2eAsN5vRMxTimyfXeA.roa
File:                     roViZjIRc2eAsN5vRMxTimyfXeA.roa (raw, json)
Hash identifier:          tse/xiWa0cP1n3jbWfw0EjrvDiQcnf06LsLDz/o23l4=
Subject key identifier:   AE:85:62:66:32:11:73:67:80:B0:DE:6F:44:CC:53:8A:6C:9F:5D:E0
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       01827E6061A97264A0AE319A1BDBC5F3E932
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/roViZjIRc2eAsN5vRMxTimyfXeA.roa
Signing time:             Mon 08 Aug 2022 16:53:41 +0000
ROA not before:           Mon 08 Aug 2022 16:53:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        163.5.190.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:7e:60:61:a9:72:64:a0:ae:31:9a:1b:db:c5:f3:e9:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Aug  8 16:53:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ae8562663211736780b0de6f44cc538a6c9f5de0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:c2:42:dd:fc:bb:16:e5:7d:64:45:b2:10:22:
                    4c:b9:36:ea:fb:cd:7a:7d:9f:56:d3:26:7a:1f:57:
                    94:af:91:e8:ca:1c:e3:d5:da:eb:00:db:9d:52:52:
                    c8:18:8a:10:63:b3:bb:a2:34:43:48:e9:d6:33:94:
                    a0:b9:ae:0c:69:51:3c:74:23:a1:3e:59:8d:f0:38:
                    9b:88:68:71:34:fd:5d:b7:74:c9:5e:2a:37:7a:84:
                    2e:44:b8:d5:e0:9f:e5:44:0a:1d:0e:00:5d:e3:52:
                    73:0f:eb:f6:28:c1:8a:33:58:60:f5:88:55:44:f6:
                    b5:e6:25:b2:47:5d:9f:95:65:1f:f3:4e:83:fd:32:
                    67:f3:87:ca:04:05:f5:23:f9:ee:c5:b4:ae:be:cd:
                    60:79:39:4d:ce:7b:d4:ae:8e:1f:10:5f:47:4c:4b:
                    22:79:e1:0e:53:94:81:bc:43:b7:43:d8:10:5b:ce:
                    b1:5d:d3:c1:ca:e1:5d:52:9e:4a:f1:ae:51:5b:96:
                    2f:d3:54:d4:a2:07:e8:41:e6:ae:20:d5:e9:9a:05:
                    96:36:f6:ed:61:19:57:0e:b5:f6:f0:d6:78:13:99:
                    44:2d:f1:ad:95:71:39:c9:77:63:50:f1:53:3a:36:
                    45:43:6e:98:ff:aa:2b:fa:98:47:3c:28:5d:a9:d1:
                    6f:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:85:62:66:32:11:73:67:80:B0:DE:6F:44:CC:53:8A:6C:9F:5D:E0
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/roViZjIRc2eAsN5vRMxTimyfXeA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.190.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ac:2b:1e:74:ff:9e:87:e9:af:74:8c:28:71:cf:e1:8a:fc:f3:
         a0:8e:0b:94:51:8a:a1:97:2c:95:43:70:98:25:a8:d0:9a:e1:
         51:a0:07:83:66:b2:06:eb:4e:97:b4:4e:73:df:d7:a3:52:5a:
         76:19:18:8a:38:c8:a0:66:1a:7d:00:70:f1:6e:98:6c:61:69:
         52:5b:18:cb:a9:bd:f5:51:0e:bf:8a:ba:15:81:af:d7:3f:c6:
         0a:53:92:c8:15:46:f2:d2:48:c2:2a:4a:d1:b6:56:d1:aa:42:
         e2:ca:39:89:69:7a:4e:ec:d8:a2:ed:16:0b:a1:ab:d2:45:a0:
         89:2d:85:b8:0c:2a:70:69:cf:d0:93:1b:3e:30:38:94:c5:fe:
         cc:8c:71:eb:b0:87:89:13:6a:22:7a:03:89:d0:d8:35:7a:40:
         d3:21:b5:01:43:5c:f1:14:76:3a:36:d9:16:2f:a4:e4:0c:c1:
         77:d7:bb:60:89:62:a8:16:85:05:d1:eb:de:e8:7d:b4:37:7b:
         d0:1f:0e:c0:3f:80:c3:30:07:19:f7:62:70:31:34:25:65:56:
         25:cc:a7:98:78:6b:47:72:d5:0a:93:f7:15:28:c4:ef:b4:62:
         97:12:6b:91:c4:fb:ff:d7:28:61:91:a9:ff:33:2a:10:be:6d:
         27:f0:67:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJ+YGGpcmSgrjGaG9vF8+kyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwODA4MTY1MzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTg1NjI2NjMyMTE3MzY3ODBiMGRlNmY0NGNjNTM4YTZjOWY1ZGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6MJC3fy7FuV9ZEWyECJMuTbq+816
fZ9W0yZ6H1eUr5Hoyhzj1drrANudUlLIGIoQY7O7ojRDSOnWM5Sgua4MaVE8dCOh
PlmN8DibiGhxNP1dt3TJXio3eoQuRLjV4J/lRAodDgBd41JzD+v2KMGKM1hg9YhV
RPa15iWyR12flWUf806D/TJn84fKBAX1I/nuxbSuvs1geTlNznvUro4fEF9HTEsi
eeEOU5SBvEO3Q9gQW86xXdPByuFdUp5K8a5RW5Yv01TUogfoQeauINXpmgWWNvbt
YRlXDrX28NZ4E5lELfGtlXE5yXdjUPFTOjZFQ26Y/6or+phHPChdqdFv5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK6FYmYyEXNngLDeb0TMU4psn13gMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvcm9WaVpqSVJjMmVBc041dlJNeFRpbXlmWGVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowW+MA0G
CSqGSIb3DQEBCwUAA4IBAQCsKx50/56H6a90jChxz+GK/POgjguUUYqhlyyVQ3CY
JajQmuFRoAeDZrIG606XtE5z39ejUlp2GRiKOMigZhp9AHDxbphsYWlSWxjLqb31
UQ6/iroVga/XP8YKU5LIFUby0kjCKkrRtlbRqkLiyjmJaXpO7Nii7RYLoavSRaCJ
LYW4DCpwac/Qkxs+MDiUxf7MjHHrsIeJE2oiegOJ0Ng1ekDTIbUBQ1zxFHY6NtkW
L6TkDMF317tgiWKoFoUF0eve6H20N3vQHw7AP4DDMAcZ92JwMTQlZVYlzKeYeGtH
ctUKk/cVKMTvtGKXEmuRxPv/1yhhkan/MyoQvm0n8GdI
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:36 2024 by rpki-client on console-ams.rpki-client.org