Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/tr4NIkYhEeI2hJTKzOn4GUyqNuc.roa
File:                     tr4NIkYhEeI2hJTKzOn4GUyqNuc.roa (raw, json)
Hash identifier:          +qbEY6Cxa7Ua0CKsr7ZWKPAL5nKHtryoPxFMaCCshQc=
Subject key identifier:   B6:BE:0D:22:46:21:11:E2:36:84:94:CA:CC:E9:F8:19:4C:AA:36:E7
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0183407E87B58AC900493738A40C2C34A287
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/tr4NIkYhEeI2hJTKzOn4GUyqNuc.roa
Signing time:             Thu 15 Sep 2022 09:32:57 +0000
ROA not before:           Thu 15 Sep 2022 09:32:57 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207459
IP address blocks:        163.5.215.0/24 maxlen: 24
                          163.5.121.0/24 maxlen: 24
                          163.5.144.0/24 maxlen: 24
                          163.5.145.0/24 maxlen: 24
                          163.5.163.0/24 maxlen: 24
                          163.5.168.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:40:7e:87:b5:8a:c9:00:49:37:38:a4:0c:2c:34:a2:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Sep 15 09:32:57 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b6be0d22462111e2368494cacce9f8194caa36e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:98:11:99:eb:88:c0:3a:ff:d7:13:96:cc:cd:
                    02:66:81:40:94:06:50:13:24:89:9d:bb:60:1d:7d:
                    6a:c5:b2:61:a5:9e:ba:c9:10:c0:00:86:a6:41:d1:
                    80:93:3d:eb:3c:80:df:6b:dd:0e:6c:fb:a7:61:cc:
                    42:a0:5d:d4:f5:96:cb:77:d1:87:35:85:e3:44:7c:
                    b1:9d:b0:b4:20:d9:f7:83:5b:42:ca:0d:56:8b:52:
                    32:76:49:00:d1:08:1f:17:7f:d5:f1:40:4d:56:da:
                    3d:af:10:24:c7:5f:84:32:63:8d:d3:70:a5:af:ee:
                    49:b6:d8:a7:f8:70:ff:4a:51:58:96:0d:0d:89:bb:
                    22:f8:1d:89:e2:75:8b:0f:b1:48:6d:18:85:fd:61:
                    8e:e3:a0:c8:7b:2a:ff:e5:9c:28:07:f2:eb:f0:05:
                    5a:21:9c:a1:02:bb:d1:72:4e:9a:3f:77:a2:20:97:
                    31:87:90:0e:ff:66:5c:6b:26:28:c7:8b:ac:e2:02:
                    97:1b:a6:80:88:f8:82:41:5b:18:cb:6b:9f:f3:85:
                    e7:d3:06:cc:1b:5c:d6:e3:09:7f:2c:2b:f8:1d:7e:
                    3a:e3:14:9a:fc:7f:30:65:5f:95:bc:e2:36:7c:80:
                    e3:ed:51:fd:e0:d4:b3:fc:db:65:d5:e8:41:cb:9a:
                    f8:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:BE:0D:22:46:21:11:E2:36:84:94:CA:CC:E9:F8:19:4C:AA:36:E7
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/tr4NIkYhEeI2hJTKzOn4GUyqNuc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.121.0/24
                  163.5.144.0/23
                  163.5.163.0/24
                  163.5.168.0/24
                  163.5.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:e9:c1:25:e5:fb:7a:db:56:01:fe:fa:ef:14:2f:b4:39:31:
         35:22:57:48:a4:95:0f:5c:6f:02:e5:36:d2:39:d5:41:87:5b:
         c3:94:23:9a:da:26:10:9a:7f:48:61:d2:a2:95:9a:f9:cd:94:
         99:b1:86:a4:e3:9f:bd:7f:13:10:f3:93:48:9a:7f:b8:94:cb:
         74:60:c4:48:bb:62:47:94:02:1b:63:ff:d0:3a:f4:05:c7:92:
         35:6f:8c:63:d0:b7:46:ac:01:bb:ff:9e:ad:d9:d0:5b:e1:28:
         ea:9b:1b:10:65:e9:74:71:6a:32:53:c0:03:c6:d3:fd:53:a6:
         09:13:1f:82:fd:2c:87:dc:22:43:7a:d5:c8:c6:f7:9e:e6:4d:
         80:46:16:0b:2a:61:3a:30:45:2f:c5:de:ee:a3:19:ee:7b:86:
         52:9b:23:8b:91:da:4b:24:48:99:03:2a:fd:b7:14:88:85:69:
         67:79:27:f7:06:8e:7f:44:d0:b3:c6:40:b9:a3:80:fe:e0:2a:
         f5:ed:3e:50:d3:de:2c:78:a6:db:fd:86:d0:dd:16:72:50:7b:
         6f:88:c5:94:86:8c:d7:a7:95:2b:b2:46:7a:8a:3f:e9:e1:52:
         d3:86:c5:5c:87:88:9f:0f:65:5b:e9:43:cf:c5:8b:6c:54:73:
         f7:f2:cd:b4
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYNAfoe1iskASTc4pAwsNKKHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwOTE1MDkzMjU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmJlMGQyMjQ2MjExMWUyMzY4NDk0Y2FjY2U5ZjgxOTRjYWEzNmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ZgRmeuIwDr/1xOWzM0CZoFAlAZQ
EySJnbtgHX1qxbJhpZ66yRDAAIamQdGAkz3rPIDfa90ObPunYcxCoF3U9ZbLd9GH
NYXjRHyxnbC0INn3g1tCyg1Wi1IydkkA0QgfF3/V8UBNVto9rxAkx1+EMmON03Cl
r+5Jttin+HD/SlFYlg0Nibsi+B2J4nWLD7FIbRiF/WGO46DIeyr/5ZwoB/Lr8AVa
IZyhArvRck6aP3eiIJcxh5AO/2ZcayYox4us4gKXG6aAiPiCQVsYy2uf84Xn0wbM
G1zW4wl/LCv4HX464xSa/H8wZV+VvOI2fIDj7VH94NSz/Ntl1ehBy5r4+QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLa+DSJGIRHiNoSUyszp+BlMqjbnMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdHI0TklrWWhFZUkyaEpUS3pPbjRHVXlxTnVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowV5AwQB
owWQAwQAowWjAwQAowWoAwQAowXXMA0GCSqGSIb3DQEBCwUAA4IBAQBP6cEl5ft6
21YB/vrvFC+0OTE1IldIpJUPXG8C5TbSOdVBh1vDlCOa2iYQmn9IYdKilZr5zZSZ
sYak45+9fxMQ85NImn+4lMt0YMRIu2JHlAIbY//QOvQFx5I1b4xj0LdGrAG7/56t
2dBb4SjqmxsQZel0cWoyU8ADxtP9U6YJEx+C/SyH3CJDetXIxvee5k2ARhYLKmE6
MEUvxd7uoxnue4ZSmyOLkdpLJEiZAyr9txSIhWlneSf3Bo5/RNCzxkC5o4D+4Cr1
7T5Q094seKbb/YbQ3RZyUHtviMWUhozXp5UrskZ6ij/p4VLThsVch4ifD2Vb6UPP
xYtsVHP38s20
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:36 2024 by rpki-client on console-ams.rpki-client.org