Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vAFnfkL50y9MEsG6S0Eg6pPHze8.roa
File:                     vAFnfkL50y9MEsG6S0Eg6pPHze8.roa (raw, json)
Hash identifier:          oW8Fi/3Ty0iISkjz53FGU4dyymmHaJL8At8wGTsnACc=
Subject key identifier:   BC:01:67:7E:42:F9:D3:2F:4C:12:C1:BA:4B:41:20:EA:93:C7:CD:EF
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0183EA94EDF9420EB2E21A2FCEC913C61C17
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vAFnfkL50y9MEsG6S0Eg6pPHze8.roa
Signing time:             Tue 18 Oct 2022 10:12:52 +0000
ROA not before:           Tue 18 Oct 2022 10:12:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61138
IP address blocks:        163.5.117.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:ea:94:ed:f9:42:0e:b2:e2:1a:2f:ce:c9:13:c6:1c:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Oct 18 10:12:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bc01677e42f9d32f4c12c1ba4b4120ea93c7cdef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:be:ed:d9:76:b8:e7:18:03:c2:f0:24:3b:78:
                    df:6b:df:2f:db:b0:81:5d:a9:b8:1e:27:6a:62:ed:
                    34:e7:77:6f:4f:0d:15:25:63:a0:e7:17:9a:f2:f9:
                    7a:e3:c7:a0:9b:7c:fd:5b:f7:d0:da:d5:44:64:70:
                    47:f1:3d:11:62:ee:38:21:af:29:79:f8:7c:f3:64:
                    ad:70:c0:0c:1d:a2:a4:a6:67:15:7b:e8:14:e9:4c:
                    a2:e7:a5:69:51:d5:55:ab:e9:0b:a4:70:94:66:37:
                    6d:0d:09:07:8d:5c:2f:44:90:d1:b9:be:50:ca:32:
                    fe:54:74:d1:a2:4f:10:b7:e6:fb:26:b6:94:4c:1a:
                    84:2e:0a:bf:27:b4:22:4b:8c:80:0c:10:1d:64:ca:
                    a8:07:51:42:9e:9d:7a:e7:e5:76:8f:98:95:ff:6e:
                    79:e4:7a:72:68:a3:b7:49:e8:f1:53:45:bd:86:94:
                    81:90:38:1a:60:26:91:f2:f3:ec:ca:e9:ed:ec:38:
                    23:04:29:55:e7:a4:c3:91:fa:7f:6c:1a:b6:b5:59:
                    05:fb:fa:e7:12:d5:75:84:c0:5a:d0:a9:cf:05:78:
                    59:9d:8b:46:e9:ae:76:07:1c:67:57:4a:5a:9b:f0:
                    8f:9d:f7:ff:c5:7f:1d:94:3b:ae:2a:50:a5:8d:26:
                    f6:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:01:67:7E:42:F9:D3:2F:4C:12:C1:BA:4B:41:20:EA:93:C7:CD:EF
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vAFnfkL50y9MEsG6S0Eg6pPHze8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.117.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:3c:59:94:83:1e:e7:14:58:ea:c9:df:f4:4e:ea:79:b8:03:
         de:85:04:cb:98:8d:46:ed:21:49:23:63:b6:b5:c4:8c:29:66:
         d3:de:3c:da:40:a7:ee:ba:b8:31:e7:98:d2:f5:bd:55:50:b1:
         c9:1b:40:28:6e:96:89:fa:50:fe:95:a2:d6:f9:16:13:17:b8:
         e2:73:1c:d5:a8:b9:db:3b:25:72:b3:73:37:8f:2b:82:f2:c9:
         f9:19:b2:95:f2:5a:20:09:05:15:ea:d0:49:79:b2:1d:96:16:
         a6:36:34:0b:f8:fd:e6:a4:84:02:60:55:c6:a0:5e:81:b8:1d:
         54:b9:36:7d:43:dd:35:65:1c:67:3c:0e:b7:bd:3c:70:c7:32:
         32:0e:40:79:fb:92:00:74:44:ce:09:b2:a6:8b:8d:bc:b7:74:
         33:f9:c8:73:e1:e4:03:3d:93:b3:9d:6c:24:d7:be:8d:92:12:
         c6:0f:7a:f3:30:50:aa:98:5b:5a:be:36:3a:52:29:d7:c7:bd:
         b9:a8:f0:a4:b9:b8:da:38:02:51:a1:55:c1:c0:bf:82:21:db:
         37:18:c6:62:69:04:a8:6b:ed:a8:5f:ab:e8:f0:7d:2e:e6:46:
         6a:70:9e:be:02:f9:8d:31:de:75:05:93:42:4c:07:32:5c:6d:
         88:7b:06:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPqlO35Qg6y4hovzskTxhwXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMDE4MTAxMjUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzAxNjc3ZTQyZjlkMzJmNGMxMmMxYmE0YjQxMjBlYTkzYzdjZGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqb7t2Xa45xgDwvAkO3jfa98v27CB
Xam4HidqYu0053dvTw0VJWOg5xea8vl648egm3z9W/fQ2tVEZHBH8T0RYu44Ia8p
efh882StcMAMHaKkpmcVe+gU6Uyi56VpUdVVq+kLpHCUZjdtDQkHjVwvRJDRub5Q
yjL+VHTRok8Qt+b7JraUTBqELgq/J7QiS4yADBAdZMqoB1FCnp165+V2j5iV/255
5HpyaKO3SejxU0W9hpSBkDgaYCaR8vPsyunt7DgjBClV56TDkfp/bBq2tVkF+/rn
EtV1hMBa0KnPBXhZnYtG6a52BxxnV0pam/CPnff/xX8dlDuuKlCljSb2sQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLwBZ35C+dMvTBLBuktBIOqTx83vMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdkFGbmZrTDUweTlNRXNHNlMwRWc2cFBIemU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowV1MA0G
CSqGSIb3DQEBCwUAA4IBAQAEPFmUgx7nFFjqyd/0Tup5uAPehQTLmI1G7SFJI2O2
tcSMKWbT3jzaQKfuurgx55jS9b1VULHJG0AobpaJ+lD+laLW+RYTF7jicxzVqLnb
OyVys3M3jyuC8sn5GbKV8logCQUV6tBJebIdlhamNjQL+P3mpIQCYFXGoF6BuB1U
uTZ9Q901ZRxnPA63vTxwxzIyDkB5+5IAdETOCbKmi428t3Qz+chz4eQDPZOznWwk
176NkhLGD3rzMFCqmFtavjY6UinXx725qPCkubjaOAJRoVXBwL+CIds3GMZiaQSo
a+2oX6vo8H0u5kZqcJ6+AvmNMd51BZNCTAcyXG2IewbK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:08 2024 by rpki-client on console-fra.rpki-client.org