Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uhDa7aAwGXCRbOZu_58uUt8hzWQ.roa
File:                     uhDa7aAwGXCRbOZu_58uUt8hzWQ.roa (raw, json)
Hash identifier:          NOsrA7SP4bnvdMtfFYZr2eJLbVzS3MlE4+W+oO791x0=
Subject key identifier:   BA:10:DA:ED:A0:30:19:70:91:6C:E6:6E:FF:9F:2E:52:DF:21:CD:64
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0183872DCA52B3EF6C0BDDD03E5FFE8B276A
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uhDa7aAwGXCRbOZu_58uUt8hzWQ.roa
Signing time:             Thu 29 Sep 2022 02:57:48 +0000
ROA not before:           Thu 29 Sep 2022 02:57:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     46573
IP address blocks:        163.5.239.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:87:2d:ca:52:b3:ef:6c:0b:dd:d0:3e:5f:fe:8b:27:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Sep 29 02:57:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ba10daeda0301970916ce66eff9f2e52df21cd64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:5e:dc:ef:b5:99:18:f6:85:c5:38:bf:4b:bb:
                    c9:0a:68:6f:90:cd:ec:ef:1b:81:0d:e8:f8:98:00:
                    0a:15:e4:34:07:2a:9f:f4:f5:db:be:7a:f1:b7:3e:
                    3f:37:c9:8c:08:d9:67:ad:3f:a2:bd:ae:cd:16:50:
                    ef:58:31:a5:9e:85:03:a2:a5:98:a4:95:b4:32:5c:
                    af:2a:35:b1:4b:e4:f5:96:74:b0:73:03:9d:87:25:
                    60:7f:c4:b9:a3:ca:2b:cf:b7:7a:58:79:d0:f5:1f:
                    db:9c:77:6f:81:76:f7:0e:1b:65:c7:7b:1c:48:cc:
                    f5:91:15:24:a3:44:be:b4:32:8d:be:43:16:d5:8c:
                    e0:29:18:93:74:48:49:0e:7b:5f:33:46:fc:1e:38:
                    2c:b9:26:f1:ef:60:58:83:40:c7:d3:3d:05:e1:13:
                    07:25:c1:f2:4a:3e:71:a2:85:6a:13:b3:2a:a8:f7:
                    f1:90:ca:75:00:92:24:29:e7:28:ae:37:de:22:79:
                    f2:f0:17:b9:39:c7:73:34:f7:e1:f7:74:9c:83:1b:
                    ca:bf:79:08:8b:db:71:50:01:71:31:5c:56:0c:ec:
                    d9:06:27:f5:ab:85:5e:ec:94:0d:ca:7d:90:8d:db:
                    f8:ad:27:a2:d8:fc:7a:79:e6:f0:5f:ac:05:19:7c:
                    76:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:10:DA:ED:A0:30:19:70:91:6C:E6:6E:FF:9F:2E:52:DF:21:CD:64
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/uhDa7aAwGXCRbOZu_58uUt8hzWQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:50:96:cc:3f:12:1b:67:d6:74:f2:dd:be:c2:0d:51:45:ad:
         07:f3:60:51:e7:d5:6a:b1:11:87:ce:9e:17:db:9f:39:7a:27:
         f1:8f:e7:3f:ad:09:19:f7:77:b0:e4:80:43:11:b8:b2:67:4d:
         48:90:bb:e7:24:31:28:20:44:ef:9a:f5:3e:c2:88:5e:8e:0e:
         ef:33:8c:7f:49:59:6a:38:1f:52:31:7b:d1:a5:70:0b:bb:5a:
         91:b7:f5:20:b6:96:29:3a:fd:bc:2d:a7:24:87:d4:cf:18:4d:
         76:55:6a:00:c0:28:fb:11:1d:c2:fa:96:24:df:a8:36:8e:5b:
         6d:f6:bc:f4:29:5e:87:d4:dc:40:ef:81:d9:77:67:80:58:bf:
         4f:a0:c9:c1:2f:a5:c1:ae:81:bd:10:74:03:05:88:7e:01:44:
         62:66:4d:b8:11:5a:30:60:69:a0:d6:a5:03:95:de:03:d0:d3:
         49:0b:d2:87:2f:72:ab:1d:68:06:f8:be:f5:38:cf:2c:6c:6d:
         a2:8b:af:50:d6:c7:e6:69:88:59:9e:0c:ba:0b:2f:39:a4:e7:
         7a:ad:37:e3:ee:ef:87:a9:a6:1b:ff:87:e6:26:1b:72:64:e1:
         c5:20:5c:f2:34:ed:bc:37:d9:fb:73:97:d0:18:46:76:82:97:
         46:21:17:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOHLcpSs+9sC93QPl/+iydqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwOTI5MDI1NzQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTEwZGFlZGEwMzAxOTcwOTE2Y2U2NmVmZjlmMmU1MmRmMjFjZDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw17c77WZGPaFxTi/S7vJCmhvkM3s
7xuBDej4mAAKFeQ0Byqf9PXbvnrxtz4/N8mMCNlnrT+iva7NFlDvWDGlnoUDoqWY
pJW0MlyvKjWxS+T1lnSwcwOdhyVgf8S5o8orz7d6WHnQ9R/bnHdvgXb3Dhtlx3sc
SMz1kRUko0S+tDKNvkMW1YzgKRiTdEhJDntfM0b8HjgsuSbx72BYg0DH0z0F4RMH
JcHySj5xooVqE7MqqPfxkMp1AJIkKecorjfeInny8Be5OcdzNPfh93ScgxvKv3kI
i9txUAFxMVxWDOzZBif1q4Ve7JQNyn2Qjdv4rSei2Px6eebwX6wFGXx2FQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLoQ2u2gMBlwkWzmbv+fLlLfIc1kMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdWhEYTdhQXdHWENSYk9adV81OHVVdDhoeldRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowXvMA0G
CSqGSIb3DQEBCwUAA4IBAQB5UJbMPxIbZ9Z08t2+wg1RRa0H82BR59VqsRGHzp4X
2585eifxj+c/rQkZ93ew5IBDEbiyZ01IkLvnJDEoIETvmvU+wohejg7vM4x/SVlq
OB9SMXvRpXALu1qRt/UgtpYpOv28Lackh9TPGE12VWoAwCj7ER3C+pYk36g2jltt
9rz0KV6H1NxA74HZd2eAWL9PoMnBL6XBroG9EHQDBYh+AURiZk24EVowYGmg1qUD
ld4D0NNJC9KHL3KrHWgG+L71OM8sbG2ii69Q1sfmaYhZngy6Cy85pOd6rTfj7u+H
qaYb/4fmJhtyZOHFIFzyNO28N9n7c5fQGEZ2gpdGIRfK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:08 2024 by rpki-client on console-fra.rpki-client.org