Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/t9lJL3HyY930n4EkWJ5YsmaWULU.roa
File:                     t9lJL3HyY930n4EkWJ5YsmaWULU.roa (raw, json)
Hash identifier:          qUSPylvQpz4d4fptokTUne31CK9PH6bkEhjn00rgCi0=
Subject key identifier:   B7:D9:49:2F:71:F2:63:DD:F4:9F:81:24:58:9E:58:B2:66:96:50:B5
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018316602633F7285D5906D3C776204E7713
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/t9lJL3HyY930n4EkWJ5YsmaWULU.roa
Signing time:             Wed 07 Sep 2022 05:15:43 +0000
ROA not before:           Wed 07 Sep 2022 05:15:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     140947
IP address blocks:        163.5.211.0/24 maxlen: 24
                          163.5.225.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:16:60:26:33:f7:28:5d:59:06:d3:c7:76:20:4e:77:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Sep  7 05:15:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b7d9492f71f263ddf49f8124589e58b2669650b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:dd:3d:15:7d:9a:50:95:b2:95:a7:3c:a4:b5:
                    67:e8:99:e7:7a:ac:9a:70:32:24:84:30:b0:1a:e9:
                    e5:8e:5c:85:6a:b0:b9:17:64:c9:6c:24:68:cf:d3:
                    01:7d:0f:f7:9c:8e:b3:d6:75:79:79:15:05:53:b5:
                    e6:7c:2a:4d:b5:af:07:2e:04:57:e2:87:98:9e:b5:
                    db:7e:24:a3:ba:0f:c4:ba:65:df:bf:79:54:af:cb:
                    0c:51:cc:1e:2a:f4:d5:ea:1c:7f:ff:7e:20:18:55:
                    c1:96:6b:5b:ff:65:73:ad:de:23:fe:b3:50:77:2a:
                    e9:ac:a5:6f:46:81:21:52:e2:56:b9:45:78:e7:76:
                    f4:a7:ca:17:22:fa:af:81:c4:78:86:85:06:3e:f6:
                    0b:e3:11:26:8c:0e:c5:6f:bf:ec:05:31:e2:79:75:
                    43:c4:eb:3d:42:f6:62:72:75:9f:83:45:6d:a3:bd:
                    0b:37:4f:3b:b4:15:b0:3c:a8:e0:e5:1c:8e:82:0a:
                    85:5b:8f:53:06:ff:88:d6:24:a0:c5:18:c1:d1:4f:
                    ad:f9:d1:7e:18:9d:17:bb:25:67:fb:f1:28:08:1d:
                    eb:fe:82:70:98:4e:0b:dd:ed:c4:b5:ad:1e:52:54:
                    5c:2c:27:86:d4:41:7a:13:b4:33:3d:b6:7a:32:57:
                    ef:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:D9:49:2F:71:F2:63:DD:F4:9F:81:24:58:9E:58:B2:66:96:50:B5
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/t9lJL3HyY930n4EkWJ5YsmaWULU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.211.0/24
                  163.5.225.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:89:14:b9:40:08:d8:df:55:94:fd:d7:4d:6b:73:ef:c9:99:
         eb:5b:7c:ae:38:02:90:17:cb:b4:2e:e7:36:96:24:28:1a:2f:
         15:05:56:8d:75:58:ae:cc:da:21:25:f7:f1:4e:2f:a6:26:b7:
         8a:47:18:6b:14:44:b2:8f:59:45:55:6d:77:ed:23:21:25:e8:
         fe:61:ef:84:01:8f:e7:68:29:f9:e6:62:7e:a5:f9:54:80:63:
         88:e1:18:f2:c0:96:46:be:71:95:75:d2:bd:44:76:c9:fa:fa:
         d1:e1:64:6e:f3:8b:b8:1b:6f:3b:1d:c7:db:64:da:b8:2b:fc:
         df:af:5a:fc:69:65:d7:5f:be:72:f3:78:1b:12:9c:87:51:6a:
         2f:d8:ae:fb:18:f4:20:4c:2b:67:fa:4a:67:e8:aa:ab:07:50:
         69:67:70:70:83:5a:9c:32:41:0f:47:01:ed:bc:1b:a6:16:99:
         ea:a1:8d:de:59:d8:d9:8f:8b:a6:48:1d:e3:4d:d0:6a:9e:53:
         2a:0d:1f:d2:27:0e:fb:90:fd:d1:8f:2f:f6:40:1e:99:ab:b5:
         4f:61:62:ca:1c:17:ac:63:86:b8:d7:81:8e:ee:34:93:f9:ed:
         10:32:f4:df:14:a1:53:6f:e9:cc:ef:d2:aa:a2:ea:07:c2:0d:
         1e:01:1d:d0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYMWYCYz9yhdWQbTx3YgTncTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwOTA3MDUxNTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2Q5NDkyZjcxZjI2M2RkZjQ5ZjgxMjQ1ODllNThiMjY2OTY1MGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAht09FX2aUJWylac8pLVn6Jnneqya
cDIkhDCwGunljlyFarC5F2TJbCRoz9MBfQ/3nI6z1nV5eRUFU7XmfCpNta8HLgRX
4oeYnrXbfiSjug/EumXfv3lUr8sMUcweKvTV6hx//34gGFXBlmtb/2Vzrd4j/rNQ
dyrprKVvRoEhUuJWuUV453b0p8oXIvqvgcR4hoUGPvYL4xEmjA7Fb7/sBTHieXVD
xOs9QvZicnWfg0Vto70LN087tBWwPKjg5RyOggqFW49TBv+I1iSgxRjB0U+t+dF+
GJ0XuyVn+/EoCB3r/oJwmE4L3e3Eta0eUlRcLCeG1EF6E7QzPbZ6MlfvOQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLfZSS9x8mPd9J+BJFieWLJmllC1MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdDlsSkwzSHlZOTMwbjRFa1dKNVlzbWFXVUxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowXTAwQA
owXhMA0GCSqGSIb3DQEBCwUAA4IBAQANiRS5QAjY31WU/ddNa3PvyZnrW3yuOAKQ
F8u0Luc2liQoGi8VBVaNdViuzNohJffxTi+mJreKRxhrFESyj1lFVW137SMhJej+
Ye+EAY/naCn55mJ+pflUgGOI4RjywJZGvnGVddK9RHbJ+vrR4WRu84u4G287Hcfb
ZNq4K/zfr1r8aWXXX75y83gbEpyHUWov2K77GPQgTCtn+kpn6KqrB1BpZ3Bwg1qc
MkEPRwHtvBumFpnqoY3eWdjZj4umSB3jTdBqnlMqDR/SJw77kP3Rjy/2QB6Zq7VP
YWLKHBesY4a414GO7jST+e0QMvTfFKFTb+nM79KqouoHwg0eAR3Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:08 2024 by rpki-client on console-fra.rpki-client.org