Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/zWcxDcOLfnL-WT0K_de5F-VPUiU.roa
File:                     zWcxDcOLfnL-WT0K_de5F-VPUiU.roa (raw, json)
Hash identifier:          Z4KvAhzBP/bwN5ycsPzBb/rqmLhRYzSKoIV9NFbNLqI=
Subject key identifier:   CD:67:31:0D:C3:8B:7E:72:FE:59:3D:0A:FD:D7:B9:17:E5:4F:52:25
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       012C1F9A
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/zWcxDcOLfnL-WT0K_de5F-VPUiU.roa
Signing time:             Tue 14 Jun 2022 12:50:44 +0000
ROA not before:           Tue 14 Jun 2022 12:50:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     56339
IP address blocks:        163.5.65.0/24 maxlen: 24
                          163.5.68.0/24 maxlen: 24
                          163.5.69.0/24 maxlen: 24
                          163.5.70.0/24 maxlen: 24
                          163.5.72.0/24 maxlen: 24
                          163.5.73.0/24 maxlen: 24
                          163.5.82.0/24 maxlen: 24
                          163.5.85.0/24 maxlen: 24
                          163.5.80.0/24 maxlen: 24
                          163.5.81.0/24 maxlen: 24
                          163.5.93.0/24 maxlen: 24
                          163.5.94.0/24 maxlen: 24
                          163.5.98.0/24 maxlen: 24
                          163.5.103.0/24 maxlen: 24
                          163.5.104.0/24 maxlen: 24
                          163.5.105.0/24 maxlen: 24
                          163.5.100.0/24 maxlen: 24
                          163.5.101.0/24 maxlen: 24
                          163.5.102.0/24 maxlen: 24
                          163.5.110.0/24 maxlen: 24
                          163.5.111.0/24 maxlen: 24
                          163.5.112.0/24 maxlen: 24
                          163.5.106.0/24 maxlen: 24
                          163.5.107.0/24 maxlen: 24
                          163.5.109.0/24 maxlen: 24
                          163.5.117.0/24 maxlen: 24
                          163.5.118.0/24 maxlen: 24
                          163.5.113.0/24 maxlen: 24
                          163.5.114.0/24 maxlen: 24
                          163.5.115.0/24 maxlen: 24
                          163.5.116.0/24 maxlen: 24
                          163.5.12.0/24 maxlen: 24
                          163.5.13.0/24 maxlen: 24
                          163.5.14.0/24 maxlen: 24
                          163.5.20.0/24 maxlen: 24
                          163.5.23.0/24 maxlen: 24
                          163.5.40.0/24 maxlen: 24
                          163.5.41.0/24 maxlen: 24
                          163.5.42.0/24 maxlen: 24
                          163.5.43.0/24 maxlen: 24
                          163.5.44.0/24 maxlen: 24
                          163.5.48.0/24 maxlen: 24
                          163.5.49.0/24 maxlen: 24
                          163.5.50.0/24 maxlen: 24
                          163.5.51.0/24 maxlen: 24
                          163.5.45.0/24 maxlen: 24
                          163.5.46.0/24 maxlen: 24
                          163.5.47.0/24 maxlen: 24
                          163.5.54.0/24 maxlen: 24
                          163.5.55.0/24 maxlen: 24
                          163.5.56.0/24 maxlen: 24
                          163.5.57.0/24 maxlen: 24
                          163.5.52.0/24 maxlen: 24
                          163.5.53.0/24 maxlen: 24
                          163.5.119.0/24 maxlen: 24
                          163.5.120.0/24 maxlen: 24
                          163.5.121.0/24 maxlen: 24
                          163.5.122.0/24 maxlen: 24
                          163.5.123.0/24 maxlen: 24
                          163.5.124.0/24 maxlen: 24
                          163.5.126.0/24 maxlen: 24
                          163.5.2.0/24 maxlen: 24
                          163.5.10.0/24 maxlen: 24
                          163.5.11.0/24 maxlen: 24
                          163.5.5.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 19668890 (0x12c1f9a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jun 14 12:50:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cd67310dc38b7e72fe593d0afdd7b917e54f5225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:92:db:20:d4:db:4e:82:ce:35:12:5e:c2:d8:
                    61:14:6a:bf:73:df:fc:33:a5:9f:fb:04:54:d5:64:
                    81:20:f8:7b:6b:03:e1:77:b5:77:97:4f:72:d6:fe:
                    f9:bc:ff:53:db:81:df:07:6a:11:1c:9f:9b:c6:fb:
                    b4:52:75:9d:1e:e1:9d:31:0c:8e:7a:a0:01:73:6c:
                    34:47:69:31:ba:c9:90:bf:a4:5e:89:b0:1b:e8:ad:
                    6d:d0:ab:29:0f:58:7a:b4:aa:9a:75:ca:46:ba:0f:
                    64:35:26:b0:69:13:51:07:d8:09:fa:a7:87:97:ee:
                    75:8c:80:5e:00:e1:c4:78:50:c5:b8:23:92:78:b9:
                    ad:e7:94:ac:41:ed:a8:00:21:18:df:45:2b:00:72:
                    9c:b9:36:b8:8d:04:8c:cf:0b:c6:83:88:a9:34:7c:
                    b4:fe:81:ed:46:9f:5e:a2:54:d3:ee:25:37:72:f4:
                    dd:91:76:b6:49:67:27:4e:66:32:5b:91:d1:2f:02:
                    9f:ed:1d:30:98:02:92:29:32:3d:66:70:05:e4:02:
                    02:59:46:a3:1d:d0:d8:cf:36:16:c2:da:fa:56:01:
                    a4:80:a8:f0:ae:7b:97:bf:87:c3:3d:9e:e4:9f:31:
                    1b:f1:8f:74:b4:00:2d:25:15:17:1a:c2:87:e7:2f:
                    b8:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:67:31:0D:C3:8B:7E:72:FE:59:3D:0A:FD:D7:B9:17:E5:4F:52:25
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/zWcxDcOLfnL-WT0K_de5F-VPUiU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.2.0/24
                  163.5.5.0/24
                  163.5.10.0-163.5.14.255
                  163.5.20.0/24
                  163.5.23.0/24
                  163.5.40.0-163.5.57.255
                  163.5.65.0/24
                  163.5.68.0-163.5.70.255
                  163.5.72.0/23
                  163.5.80.0-163.5.82.255
                  163.5.85.0/24
                  163.5.93.0-163.5.94.255
                  163.5.98.0/24
                  163.5.100.0-163.5.107.255
                  163.5.109.0-163.5.124.255
                  163.5.126.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:cb:6c:58:d9:a1:10:97:22:17:7a:1a:cf:7c:61:5f:43:2f:
         cf:08:00:25:28:01:12:81:2f:41:92:7f:2a:8b:05:9c:ed:44:
         c3:2a:f6:8b:d3:f9:60:ca:72:7a:91:6d:6a:02:25:27:d9:2c:
         fa:24:d9:ed:9b:f2:5c:db:1f:4b:48:5a:7c:9a:f7:a5:24:61:
         e4:ff:18:cf:e2:e6:8e:f9:39:ef:74:60:64:2e:44:f8:30:a2:
         ec:79:3d:17:cb:e8:ee:96:1e:df:f3:f1:fb:92:55:43:c9:33:
         d1:ad:c0:b7:73:37:f1:06:02:c1:eb:fa:0f:4b:8d:e1:7d:85:
         b3:b5:30:46:a7:c4:9a:4f:8a:73:d1:13:83:59:d8:1d:ba:80:
         69:82:a7:d4:c9:94:2b:4e:b6:9a:70:0c:21:44:1d:e6:34:c5:
         cd:56:d6:bc:72:7b:4f:f4:88:b4:85:65:f7:39:f2:c2:0b:6d:
         25:73:e7:f0:32:e8:94:b5:b4:93:a6:56:27:30:40:4d:fb:7e:
         d1:84:7b:de:fb:6f:d0:2f:dc:b5:6f:62:2c:d8:93:99:8f:47:
         b8:23:31:5b:03:ed:e2:16:5f:1f:b5:18:d5:93:ee:49:c0:d6:
         f5:6e:d5:03:0d:53:33:d9:ef:7f:63:6f:6d:70:4d:de:9a:16:
         2d:c3:15:57
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgIEASwfmjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
Y2U4NTFiNmRkNWQzNjRlZTE5ZTBiMzgyMDFiM2U4ZGYyNjI0YmNiMB4XDTIyMDYx
NDEyNTA0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2Q2NzMxMGRjMzhi
N2U3MmZlNTkzZDBhZmRkN2I5MTdlNTRmNTIyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMKS2yDU206CzjUSXsLYYRRqv3Pf/DOln/sEVNVkgSD4e2sD
4Xe1d5dPctb++bz/U9uB3wdqERyfm8b7tFJ1nR7hnTEMjnqgAXNsNEdpMbrJkL+k
XomwG+itbdCrKQ9YerSqmnXKRroPZDUmsGkTUQfYCfqnh5fudYyAXgDhxHhQxbgj
kni5reeUrEHtqAAhGN9FKwBynLk2uI0EjM8LxoOIqTR8tP6B7UafXqJU0+4lN3L0
3ZF2tklnJ05mMluR0S8Cn+0dMJgCkikyPWZwBeQCAllGox3Q2M82FsLa+lYBpICo
8K57l7+Hwz2e5J8xG/GPdLQALSUVFxrCh+cvuP8CAwEAAaOCAqAwggKcMB0GA1Ud
DgQWBBTNZzENw4t+cv5ZPQr917kX5U9SJTAfBgNVHSMEGDAWgBQM6FG23V02TuGe
CzggGz6N8mJLyzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RPaFJ0dDFkTms3aG5nczRJQnMtamZKaVM4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTMvZDAyZGZiLTk2NzMtNDlhOC05NzFjLTlmZTk0MTA4ZmYwMS8x
L3pXY3hEY09MZm5MLVdUMEtfZGU1Ri1WUFVpVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTMv
ZDAyZGZiLTk2NzMtNDlhOC05NzFjLTlmZTk0MTA4ZmYwMS8xL0RPaFJ0dDFkTms3
aG5nczRJQnMtamZKaVM4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
tQYIKwYBBQUHAQcBAf8EgaUwgaIwgZ8EAgABMIGYAwQAowUCAwQAowUFMAwDBAGj
BQoDBACjBQ4DBACjBRQDBACjBRcwDAMEA6MFKAMEAaMFOAMEAKMFQTAMAwQCowVE
AwQAowVGAwQBowVIMAwDBASjBVADBACjBVIDBACjBVUwDAMEAKMFXQMEAKMFXgME
AKMFYjAMAwQCowVkAwQCowVoMAwDBACjBW0DBACjBXwDBACjBX4wDQYJKoZIhvcN
AQELBQADggEBAE/LbFjZoRCXIhd6Gs98YV9DL88IACUoARKBL0GSfyqLBZztRMMq
9ovT+WDKcnqRbWoCJSfZLPok2e2b8lzbH0tIWnya96UkYeT/GM/i5o75Oe90YGQu
RPgwoux5PRfL6O6WHt/z8fuSVUPJM9GtwLdzN/EGAsHr+g9LjeF9hbO1MEanxJpP
inPRE4NZ2B26gGmCp9TJlCtOtppwDCFEHeY0xc1W1rxye0/0iLSFZfc58sILbSVz
5/Ay6JS1tJOmVicwQE37ftGEe977b9Av3LVvYizYk5mPR7gjMVsD7eIWXx+1GNWT
7knA1vVu1QMNUzPZ739jb21wTd6aFi3DFVc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:09 2024 by rpki-client on console-fra.rpki-client.org