Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/zfv0x8_B3jVYEJds1nBCYxBaZxs.roa
File:                     zfv0x8_B3jVYEJds1nBCYxBaZxs.roa (raw, json)
Hash identifier:          bh3GP6vtAc+yLEqaiRoYVOmmS5iQSOZ6jyZP/SixR6E=
Subject key identifier:   CD:FB:F4:C7:CF:C1:DE:35:58:10:97:6C:D6:70:42:63:10:5A:67:1B
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0184134494810F34280A961E49B1C00E2239
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/zfv0x8_B3jVYEJds1nBCYxBaZxs.roa
Signing time:             Wed 26 Oct 2022 07:49:32 +0000
ROA not before:           Wed 26 Oct 2022 07:49:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211440
IP address blocks:        163.5.251.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:13:44:94:81:0f:34:28:0a:96:1e:49:b1:c0:0e:22:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Oct 26 07:49:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cdfbf4c7cfc1de355810976cd6704263105a671b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:74:12:91:27:5e:71:a9:e8:eb:0a:54:4e:f8:
                    b5:9e:c4:55:98:db:d8:b2:de:d8:1a:bf:5d:f3:81:
                    04:65:e3:49:18:0b:f8:1f:15:65:fb:0c:f2:9c:ad:
                    c5:f4:c6:47:1a:62:f4:68:a6:5e:b5:f7:e6:5b:7d:
                    10:b8:55:34:f1:a6:2d:40:b9:b0:cc:8a:9c:de:cb:
                    04:0c:28:7a:24:3e:a2:0b:9b:c0:4d:cd:7e:e0:fc:
                    74:0f:97:65:c6:9a:5f:7b:69:87:60:35:56:63:df:
                    18:78:5c:9f:e1:18:ab:e6:46:15:95:54:61:aa:44:
                    04:e4:b2:b8:a4:f7:0d:56:77:32:2a:c4:15:93:8f:
                    85:88:fc:71:5f:2d:41:da:14:e0:c8:81:76:d8:ca:
                    5b:99:0c:c4:32:2c:a8:68:39:e7:00:42:88:13:90:
                    9b:46:f9:b6:8e:c8:06:20:8c:05:ec:4f:bd:4f:d3:
                    f4:12:12:89:21:83:f2:31:1a:a7:da:9f:ce:4b:26:
                    05:6f:46:78:5d:7e:73:4d:18:e1:81:b0:6c:6a:b0:
                    4c:0f:13:01:49:35:1c:7a:27:cf:ff:50:1f:73:f7:
                    35:0c:f7:7a:b7:10:05:1c:cc:4d:6c:16:ed:7a:f3:
                    65:9a:fc:af:2a:5a:58:ce:0a:19:70:7e:53:06:65:
                    77:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:FB:F4:C7:CF:C1:DE:35:58:10:97:6C:D6:70:42:63:10:5A:67:1B
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/zfv0x8_B3jVYEJds1nBCYxBaZxs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.251.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:c4:70:05:cc:43:2e:42:93:10:18:a1:d6:7a:ed:a3:9d:9f:
         3c:62:16:bc:54:19:c6:47:25:7f:4e:8f:c8:a2:57:4f:84:91:
         50:12:f6:b0:6d:0b:cd:16:fd:f8:2c:c3:41:1c:df:ca:de:59:
         5f:c9:8f:91:62:b0:a1:89:9f:28:42:21:ed:c6:5b:c4:4a:37:
         49:c0:0a:35:0c:e3:00:fb:13:1f:f4:ae:07:8c:6e:e8:22:e0:
         fd:09:1d:13:e0:00:24:b5:9a:24:47:f8:69:82:ab:42:e5:4d:
         c1:05:7e:d6:72:4b:f6:47:b5:e7:f0:41:9a:31:6f:10:3b:53:
         ed:b5:e8:a1:17:ab:5c:8c:c3:be:1c:bd:ee:ad:6d:bb:80:48:
         4e:b9:35:3e:0c:c3:38:4b:c7:0a:f9:ce:38:96:48:17:dd:06:
         46:38:f8:f6:50:73:c5:62:b5:78:79:53:15:88:75:d9:87:ef:
         b1:9f:4c:5c:c3:da:c9:32:10:a3:d5:b4:d8:3b:b8:3e:79:33:
         e6:a7:48:cf:ac:47:e6:d7:f7:cf:6c:9e:a6:1a:1c:ef:ca:48:
         c2:df:ae:48:bc:98:8f:4c:5d:3f:0a:3c:09:2d:49:3e:51:90:
         91:33:59:9d:8e:71:fc:32:d8:23:4f:4d:f2:d1:ae:a7:2a:7f:
         3c:64:77:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQTRJSBDzQoCpYeSbHADiI5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIxMDI2MDc0OTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGZiZjRjN2NmYzFkZTM1NTgxMDk3NmNkNjcwNDI2MzEwNWE2NzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXQSkSdecano6wpUTvi1nsRVmNvY
st7YGr9d84EEZeNJGAv4HxVl+wzynK3F9MZHGmL0aKZetffmW30QuFU08aYtQLmw
zIqc3ssEDCh6JD6iC5vATc1+4Px0D5dlxppfe2mHYDVWY98YeFyf4Rir5kYVlVRh
qkQE5LK4pPcNVncyKsQVk4+FiPxxXy1B2hTgyIF22MpbmQzEMiyoaDnnAEKIE5Cb
Rvm2jsgGIIwF7E+9T9P0EhKJIYPyMRqn2p/OSyYFb0Z4XX5zTRjhgbBsarBMDxMB
STUceifP/1Afc/c1DPd6txAFHMxNbBbtevNlmvyvKlpYzgoZcH5TBmV3owIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM379MfPwd41WBCXbNZwQmMQWmcbMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvemZ2MHg4X0IzalZZRUpkczFuQkNZeEJhWnhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowX7MA0G
CSqGSIb3DQEBCwUAA4IBAQAVxHAFzEMuQpMQGKHWeu2jnZ88Yha8VBnGRyV/To/I
oldPhJFQEvawbQvNFv34LMNBHN/K3llfyY+RYrChiZ8oQiHtxlvESjdJwAo1DOMA
+xMf9K4HjG7oIuD9CR0T4AAktZokR/hpgqtC5U3BBX7Wckv2R7Xn8EGaMW8QO1Pt
teihF6tcjMO+HL3urW27gEhOuTU+DMM4S8cK+c44lkgX3QZGOPj2UHPFYrV4eVMV
iHXZh++xn0xcw9rJMhCj1bTYO7g+eTPmp0jPrEfm1/fPbJ6mGhzvykjC365IvJiP
TF0/CjwJLUk+UZCRM1mdjnH8MtgjT03y0a6nKn88ZHdS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:09 2024 by rpki-client on console-fra.rpki-client.org