Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/bi--Ya01TZTzG15S30q_tapsxNg.roa
File:                     bi--Ya01TZTzG15S30q_tapsxNg.roa (raw, json)
Hash identifier:          qOMe/srziOrhaI+cePJtHI4UKGKf/mrrehEvWTezSmY=
Subject key identifier:   6E:2F:BE:61:AD:35:4D:94:F3:1B:5E:52:DF:4A:BF:B5:AA:6C:C4:D8
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018282BC6E85070C3912795CA201FCE1AFCB
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/bi--Ya01TZTzG15S30q_tapsxNg.roa
Signing time:             Tue 09 Aug 2022 13:12:43 +0000
ROA not before:           Tue 09 Aug 2022 13:12:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     33387
IP address blocks:        163.5.153.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:82:bc:6e:85:07:0c:39:12:79:5c:a2:01:fc:e1:af:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Aug  9 13:12:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6e2fbe61ad354d94f31b5e52df4abfb5aa6cc4d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:ed:02:fd:95:b4:32:64:28:f4:8f:5e:2f:79:
                    46:98:43:32:10:0f:f0:50:ca:d2:a7:30:c8:85:40:
                    3b:2c:84:93:10:56:73:1a:9c:a5:a1:47:c9:48:05:
                    26:ef:00:27:f5:7e:a7:7a:bf:21:df:ee:39:05:c6:
                    53:fe:85:92:90:b6:25:c3:18:c6:b0:28:d7:c8:46:
                    b9:c6:d1:7e:c1:28:e0:94:2d:5c:2c:bb:7f:da:f4:
                    b2:79:0b:23:61:47:0c:7d:a8:a4:f8:06:c3:d6:88:
                    3e:7f:e4:fd:22:5a:93:67:bc:88:64:69:cf:d5:06:
                    03:80:92:8b:ee:9c:fe:17:2b:1b:63:5a:ed:7c:71:
                    91:78:ba:ee:aa:4c:4e:0e:b3:13:ae:96:37:b9:6f:
                    05:65:c2:a2:8c:c5:b8:19:1b:fe:72:c6:2b:89:a7:
                    0b:de:25:0c:03:74:cc:7f:66:cb:b3:7a:f9:af:71:
                    36:b9:b2:be:af:3a:55:0d:be:3b:de:77:ed:1c:d5:
                    31:66:7f:d5:98:35:05:ff:94:9e:5c:81:c6:ba:bb:
                    b9:1c:fc:97:dc:95:da:21:f4:46:a4:e8:a9:56:39:
                    fa:94:a2:67:19:ea:a3:35:66:0a:14:27:35:f4:33:
                    9c:f9:33:b0:ac:2f:19:6a:b7:02:90:b0:b7:96:5e:
                    01:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:2F:BE:61:AD:35:4D:94:F3:1B:5E:52:DF:4A:BF:B5:AA:6C:C4:D8
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/bi--Ya01TZTzG15S30q_tapsxNg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.153.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:38:60:f2:60:66:aa:16:ba:14:58:df:10:01:d3:7d:3f:2e:
         e0:7b:c7:45:a0:d7:2c:d2:d8:6b:f3:40:a2:fd:d2:ae:7c:c6:
         bd:bf:c5:24:ed:9f:35:30:a2:ad:8f:24:0e:08:52:92:83:fa:
         50:d9:88:cd:c9:24:84:94:f2:55:bd:b5:1e:7f:48:35:aa:20:
         3c:19:c6:68:cb:57:a4:18:f7:4c:d3:b7:30:86:2b:3c:95:fd:
         5a:9b:c1:f6:a6:f8:7d:ad:df:6f:85:69:b3:10:c7:bd:7c:ca:
         bd:04:6c:f2:1b:37:03:55:64:fe:4e:bd:ac:20:0f:d2:65:fb:
         e5:d0:5e:04:1c:e8:83:0e:5c:6a:01:5c:ce:07:0c:97:70:38:
         17:2f:09:39:ef:1b:f8:ff:7c:15:52:60:2f:08:4a:4e:97:0d:
         df:5e:16:be:4a:49:41:a2:53:c6:c5:84:9a:b3:59:d0:1c:77:
         41:34:39:2e:e5:c0:18:50:2b:83:67:cc:cd:64:70:2b:ea:d7:
         7c:fa:8a:e9:7d:8e:13:13:59:7a:b7:fa:0b:ed:bc:d1:94:97:
         0a:84:74:62:16:29:01:e9:e5:4d:1d:f2:12:68:19:78:83:d5:
         3f:9f:b4:3b:3a:48:7d:f4:a1:c8:8b:06:bc:39:e6:13:e1:32:
         ec:43:e4:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKCvG6FBww5EnlcogH84a/LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjIwODA5MTMxMjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTJmYmU2MWFkMzU0ZDk0ZjMxYjVlNTJkZjRhYmZiNWFhNmNjNGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgO0C/ZW0MmQo9I9eL3lGmEMyEA/w
UMrSpzDIhUA7LISTEFZzGpyloUfJSAUm7wAn9X6ner8h3+45BcZT/oWSkLYlwxjG
sCjXyEa5xtF+wSjglC1cLLt/2vSyeQsjYUcMfaik+AbD1og+f+T9IlqTZ7yIZGnP
1QYDgJKL7pz+FysbY1rtfHGReLruqkxODrMTrpY3uW8FZcKijMW4GRv+csYriacL
3iUMA3TMf2bLs3r5r3E2ubK+rzpVDb473nftHNUxZn/VmDUF/5SeXIHGuru5HPyX
3JXaIfRGpOipVjn6lKJnGeqjNWYKFCc19DOc+TOwrC8ZarcCkLC3ll4B9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG4vvmGtNU2U8xteUt9Kv7WqbMTYMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvYmktLVlhMDFUWlR6RzE1UzMwcV90YXBzeE5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowWZMA0G
CSqGSIb3DQEBCwUAA4IBAQANOGDyYGaqFroUWN8QAdN9Py7ge8dFoNcs0thr80Ci
/dKufMa9v8Uk7Z81MKKtjyQOCFKSg/pQ2YjNySSElPJVvbUef0g1qiA8GcZoy1ek
GPdM07cwhis8lf1am8H2pvh9rd9vhWmzEMe9fMq9BGzyGzcDVWT+Tr2sIA/SZfvl
0F4EHOiDDlxqAVzOBwyXcDgXLwk57xv4/3wVUmAvCEpOlw3fXha+SklBolPGxYSa
s1nQHHdBNDku5cAYUCuDZ8zNZHAr6td8+orpfY4TE1l6t/oL7bzRlJcKhHRiFikB
6eVNHfISaBl4g9U/n7Q7Okh99KHIiwa8OeYT4TLsQ+TH
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:33 2024 by rpki-client on console-ams.rpki-client.org