Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/e4ce7c-ad7b-4006-8e6a-80352d1413d9/1/xeU6mHLDWTBVegkrIi_mv96RKL0.roa
File:                     xeU6mHLDWTBVegkrIi_mv96RKL0.roa (raw, json)
Hash identifier:          LfIROgk7NnHIXUdZdtrOUlMFpCSpcdPGaz2L+LqA/PI=
Subject key identifier:   C5:E5:3A:98:72:C3:59:30:55:7A:09:2B:22:2F:E6:BF:DE:91:28:BD
Certificate issuer:       /CN=66927b2b26b5214b9665d8dc85f414709714996c
Certificate serial:       0184DD5B9F803D5FFFB2FF04FE111F62B7A4
Authority key identifier: 66:92:7B:2B:26:B5:21:4B:96:65:D8:DC:85:F4:14:70:97:14:99:6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZpJ7Kya1IUuWZdjchfQUcJcUmWw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/e4ce7c-ad7b-4006-8e6a-80352d1413d9/1/xeU6mHLDWTBVegkrIi_mv96RKL0.roa
Signing time:             Sun 04 Dec 2022 13:37:59 +0000
ROA not before:           Sun 04 Dec 2022 13:37:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212098
IP address blocks:        185.223.163.0/24 maxlen: 24
                          2a10:8c80::/29 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:dd:5b:9f:80:3d:5f:ff:b2:ff:04:fe:11:1f:62:b7:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66927b2b26b5214b9665d8dc85f414709714996c
        Validity
            Not Before: Dec  4 13:37:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c5e53a9872c35930557a092b222fe6bfde9128bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:f6:d3:e4:0c:b1:b3:cc:2e:0c:f6:e0:d3:6c:
                    1c:b9:ff:40:41:d7:29:34:4a:b6:d9:82:49:e8:7b:
                    c7:8e:b6:59:d2:6c:a4:64:d2:14:36:57:20:2d:25:
                    9b:2c:9d:fa:63:58:8e:b1:12:a3:94:51:b5:f3:15:
                    7b:56:93:18:77:34:e6:2f:87:05:d6:55:a8:ea:a7:
                    c5:df:78:d7:a9:72:36:78:5e:e5:c3:cb:9e:c3:f4:
                    2c:3a:ee:15:88:42:b6:be:75:f1:1a:4c:a5:6b:20:
                    63:a3:06:4a:ab:42:72:df:df:61:e9:19:b1:7e:e8:
                    9e:37:bc:48:c4:66:c1:23:f6:ca:5e:47:60:22:20:
                    1e:6b:85:63:9b:07:18:1e:84:d2:e7:d7:9a:c2:8c:
                    d8:36:07:73:c5:76:0a:56:5f:20:be:6b:98:01:4b:
                    69:f1:a5:22:81:5e:ef:69:5d:28:5f:bb:0b:f9:86:
                    89:b4:9f:48:20:d2:e2:b0:bf:db:c7:9a:6a:d5:fb:
                    b4:6b:53:c6:99:7b:99:e6:ed:b9:b3:02:09:f2:13:
                    33:c4:b1:0b:96:22:1d:e2:e7:3f:16:d9:4a:7e:55:
                    a0:ab:59:18:ce:5a:17:da:45:a6:20:1a:1a:58:e1:
                    05:5c:4d:a6:31:6c:64:34:20:34:76:6e:3f:c0:0f:
                    89:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:E5:3A:98:72:C3:59:30:55:7A:09:2B:22:2F:E6:BF:DE:91:28:BD
            X509v3 Authority Key Identifier:
                keyid:66:92:7B:2B:26:B5:21:4B:96:65:D8:DC:85:F4:14:70:97:14:99:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZpJ7Kya1IUuWZdjchfQUcJcUmWw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/e4ce7c-ad7b-4006-8e6a-80352d1413d9/1/xeU6mHLDWTBVegkrIi_mv96RKL0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/e4ce7c-ad7b-4006-8e6a-80352d1413d9/1/ZpJ7Kya1IUuWZdjchfQUcJcUmWw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.223.163.0/24
                IPv6:
                  2a10:8c80::/29

    Signature Algorithm: sha256WithRSAEncryption
         35:49:c2:e9:84:1d:89:ff:51:56:65:04:45:b1:fe:df:5c:03:
         2a:fe:8a:44:83:63:29:92:e5:6a:39:6d:80:c7:e3:21:70:4c:
         5b:90:58:a7:b3:42:9e:6f:de:2c:07:06:8c:e7:38:43:75:3e:
         08:71:36:4a:a6:79:7e:2b:34:75:1b:a4:1d:d8:eb:9f:9f:ed:
         6f:95:4e:70:68:5f:44:2b:d7:b4:62:29:c1:7d:cb:79:24:42:
         85:cc:a6:da:db:f2:34:66:c2:53:54:48:25:15:72:ea:e9:9d:
         e2:92:56:32:f7:36:d0:df:16:24:3d:02:6a:ce:34:d1:45:fb:
         82:76:85:36:f2:ff:5f:48:e3:63:ae:a8:2d:98:60:e9:5c:da:
         0e:f5:64:1e:62:a1:f1:20:f6:be:57:f9:df:ff:1d:49:db:fb:
         08:23:76:aa:74:c8:ad:2c:d6:21:76:02:ef:4f:6d:75:d8:16:
         9c:59:9e:dd:10:c6:77:2f:85:f7:5d:0d:a7:09:09:b4:c6:31:
         3f:68:1f:cb:4d:e9:d9:26:58:dc:52:15:29:66:ee:2f:c8:c8:
         40:ad:7e:8a:22:ec:7c:96:ff:31:a6:53:d1:7b:2f:0e:7b:d2:
         af:3b:33:04:90:a1:48:3e:ac:c6:04:a0:f7:72:30:1b:6a:3f:
         fc:20:86:3a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYTdW5+APV//sv8E/hEfYrekMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OTI3YjJiMjZiNTIxNGI5NjY1ZDhkYzg1ZjQxNDcwOTcx
NDk5NmMwHhcNMjIxMjA0MTMzNzU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWU1M2E5ODcyYzM1OTMwNTU3YTA5MmIyMjJmZTZiZmRlOTEyOGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvbT5Ayxs8wuDPbg02wcuf9AQdcp
NEq22YJJ6HvHjrZZ0mykZNIUNlcgLSWbLJ36Y1iOsRKjlFG18xV7VpMYdzTmL4cF
1lWo6qfF33jXqXI2eF7lw8uew/QsOu4ViEK2vnXxGkylayBjowZKq0Jy399h6Rmx
fuieN7xIxGbBI/bKXkdgIiAea4VjmwcYHoTS59eawozYNgdzxXYKVl8gvmuYAUtp
8aUigV7vaV0oX7sL+YaJtJ9IINLisL/bx5pq1fu0a1PGmXuZ5u25swIJ8hMzxLEL
liId4uc/FtlKflWgq1kYzloX2kWmIBoaWOEFXE2mMWxkNCA0dm4/wA+JRwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMXlOphyw1kwVXoJKyIv5r/ekSi9MB8GA1UdIwQY
MBaAFGaSeysmtSFLlmXY3IX0FHCXFJlsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnBKN0t5YTFJVXVXWmRqY2hmUVVjSmNVbVd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9lNGNlN2MtYWQ3Yi00MDA2LThlNmEt
ODAzNTJkMTQxM2Q5LzEveGVVNm1ITERXVEJWZWdrcklpX212OTZSS0wwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9lNGNlN2MtYWQ3Yi00MDA2LThlNmEtODAzNTJkMTQxM2Q5
LzEvWnBKN0t5YTFJVXVXWmRqY2hmUVVjSmNVbVd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAud+jMA0E
AgACMAcDBQMqEIyAMA0GCSqGSIb3DQEBCwUAA4IBAQA1ScLphB2J/1FWZQRFsf7f
XAMq/opEg2MpkuVqOW2Ax+MhcExbkFins0Keb94sBwaM5zhDdT4IcTZKpnl+KzR1
G6Qd2Oufn+1vlU5waF9EK9e0YinBfct5JEKFzKba2/I0ZsJTVEglFXLq6Z3iklYy
9zbQ3xYkPQJqzjTRRfuCdoU28v9fSONjrqgtmGDpXNoO9WQeYqHxIPa+V/nf/x1J
2/sII3aqdMitLNYhdgLvT2112BacWZ7dEMZ3L4X3XQ2nCQm0xjE/aB/LTenZJljc
UhUpZu4vyMhArX6KIux8lv8xplPRey8Oe9KvOzMEkKFIPqzGBKD3cjAbaj/8IIY6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:09 2024 by rpki-client on console-fra.rpki-client.org