Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/wS_5f4fea494TDEjLf4q4weSM6A.roa
File:                     wS_5f4fea494TDEjLf4q4weSM6A.roa (raw, json)
Hash identifier:          FqfbC9vfP3Q7Ld1g3M7+vjwfXwhQ9esSIqftHJocpLw=
Subject key identifier:   C1:2F:F9:7F:87:DE:6B:8F:78:4C:31:23:2D:FE:2A:E3:07:92:33:A0
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0183F4D9697FC6563799B8E6224DAE7EEC79
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/wS_5f4fea494TDEjLf4q4weSM6A.roa
Signing time:             Thu 20 Oct 2022 10:03:52 +0000
ROA not before:           Thu 20 Oct 2022 10:03:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     30823
IP address blocks:        163.5.90.0/24 maxlen: 24
                          163.5.114.0/24 maxlen: 24
                          163.5.233.0/24 maxlen: 24
                          163.5.236.0/24 maxlen: 24
                          163.5.140.0/24 maxlen: 24
                          163.5.142.0/24 maxlen: 24
                          163.5.247.0/24 maxlen: 24
                          163.5.141.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:f4:d9:69:7f:c6:56:37:99:b8:e6:22:4d:ae:7e:ec:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Oct 20 10:03:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c12ff97f87de6b8f784c31232dfe2ae3079233a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:b9:16:c5:b6:1d:9e:3a:75:8d:47:13:78:11:
                    14:91:d9:02:f9:bd:7d:74:36:92:f9:08:d9:49:89:
                    d4:b8:4c:b1:8c:3d:f7:d8:24:bd:24:3e:8f:93:42:
                    1b:9a:09:02:de:56:66:03:23:50:e7:4b:85:f7:75:
                    f2:bf:8a:cf:0f:7c:fc:3d:b8:fb:8e:e0:00:cb:35:
                    6a:46:36:dc:68:26:b6:8e:60:e4:62:9a:db:74:01:
                    7d:65:52:a1:e7:97:0b:17:7d:0b:df:10:f3:4b:2e:
                    9c:ad:b0:77:fc:c0:78:18:0c:e3:d0:97:8a:1e:b0:
                    6e:4a:32:d5:a9:09:d5:20:df:5e:21:45:45:64:49:
                    26:8e:fd:08:75:a7:0f:56:76:2e:ba:10:55:d7:a5:
                    60:58:40:b3:b9:30:4a:ff:26:2c:36:c3:24:3e:f9:
                    30:65:5a:07:75:01:67:94:d5:28:a8:29:f9:5a:70:
                    b1:8f:a8:6e:d2:5e:ae:59:dd:df:dc:6d:b6:af:ec:
                    34:91:81:2f:d5:15:23:b9:cd:b7:10:b5:85:c3:f2:
                    7f:7c:4e:7c:43:37:e8:34:7a:d0:44:ae:38:2c:4c:
                    08:c2:2b:a8:2f:05:29:8e:e0:c5:bb:d6:ee:ba:f1:
                    0f:4b:77:90:d5:fe:47:89:ee:a6:f8:ac:e9:40:63:
                    b8:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:2F:F9:7F:87:DE:6B:8F:78:4C:31:23:2D:FE:2A:E3:07:92:33:A0
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/wS_5f4fea494TDEjLf4q4weSM6A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.90.0/24
                  163.5.114.0/24
                  163.5.140.0-163.5.142.255
                  163.5.233.0/24
                  163.5.236.0/24
                  163.5.247.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:52:f2:57:8e:a5:44:fe:b9:95:8c:5e:f4:07:32:60:81:1b:
         fa:7e:e2:1f:69:f9:39:3e:a7:8a:05:6b:b3:65:a8:55:35:a2:
         61:16:e2:33:79:05:89:ae:54:18:11:19:5a:4d:da:9d:2f:ee:
         e3:46:6b:0f:b4:db:aa:5c:fe:48:d5:72:10:56:12:15:f2:8e:
         cc:0b:d9:1e:9f:4b:5d:70:08:3d:ee:0a:1f:12:cb:88:da:62:
         5f:31:d4:6f:b6:26:88:91:78:40:24:5a:1a:e3:d5:37:57:d2:
         a5:33:ec:d6:63:44:dc:ba:6f:57:6c:03:dd:0b:1d:59:03:5b:
         47:ff:8c:9e:bb:77:e3:1a:84:1e:be:23:9d:ac:5c:47:5e:e7:
         e2:53:09:52:68:2e:0f:ba:82:f2:ad:b2:fd:9f:e5:73:65:b8:
         91:93:1b:40:3b:9f:d7:fe:bf:b4:66:4b:c4:8c:0d:e5:b4:5c:
         96:4c:1e:e6:60:aa:e1:b2:5b:73:e4:9d:44:4c:3f:91:40:e5:
         47:8a:ff:a2:8e:34:36:7c:ce:0c:7c:e4:38:c2:06:4f:d1:6f:
         5b:c9:64:dd:63:5b:38:28:d9:62:45:c6:3f:94:6b:ed:8c:67:
         19:65:c6:c5:9d:57:7e:0b:f1:e5:10:11:96:2a:f4:0e:16:99:
         f8:a0:25:f1
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYP02Wl/xlY3mbjmIk2ufux5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMDIwMTAwMzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTJmZjk3Zjg3ZGU2YjhmNzg0YzMxMjMyZGZlMmFlMzA3OTIzM2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibkWxbYdnjp1jUcTeBEUkdkC+b19
dDaS+QjZSYnUuEyxjD332CS9JD6Pk0IbmgkC3lZmAyNQ50uF93Xyv4rPD3z8Pbj7
juAAyzVqRjbcaCa2jmDkYprbdAF9ZVKh55cLF30L3xDzSy6crbB3/MB4GAzj0JeK
HrBuSjLVqQnVIN9eIUVFZEkmjv0IdacPVnYuuhBV16VgWECzuTBK/yYsNsMkPvkw
ZVoHdQFnlNUoqCn5WnCxj6hu0l6uWd3f3G22r+w0kYEv1RUjuc23ELWFw/J/fE58
QzfoNHrQRK44LEwIwiuoLwUpjuDFu9buuvEPS3eQ1f5Hie6m+KzpQGO4DQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFMEv+X+H3muPeEwxIy3+KuMHkjOgMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvd1NfNWY0ZmVhNDk0VERFakxmNHE0d2VTTTZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAowVaAwQA
owVyMAwDBAKjBYwDBACjBY4DBACjBekDBACjBewDBACjBfcwDQYJKoZIhvcNAQEL
BQADggEBAFdS8leOpUT+uZWMXvQHMmCBG/p+4h9p+Tk+p4oFa7NlqFU1omEW4jN5
BYmuVBgRGVpN2p0v7uNGaw+026pc/kjVchBWEhXyjswL2R6fS11wCD3uCh8Sy4ja
Yl8x1G+2JoiReEAkWhrj1TdX0qUz7NZjRNy6b1dsA90LHVkDW0f/jJ67d+MahB6+
I52sXEde5+JTCVJoLg+6gvKtsv2f5XNluJGTG0A7n9f+v7RmS8SMDeW0XJZMHuZg
quGyW3PknURMP5FA5UeK/6KONDZ8zgx85DjCBk/Rb1vJZN1jWzgo2WJFxj+Ua+2M
ZxllxsWdV34L8eUQEZYq9A4WmfigJfE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:36 2024 by rpki-client on console-ams.rpki-client.org