Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3235352e3132382e302f32332d3234203d3e203432333636.roa
File:                     3138352e3235352e3132382e302f32332d3234203d3e203432333636.roa (raw, json)
Hash identifier:          Ac2b5vTnl06BcQBNMPOT7aFa0Hs/gaAZgqU+GBdBLyo=
Subject key identifier:   8F:DA:CE:58:DA:86:0E:3B:F8:EC:3F:46:0A:4A:88:FC:DF:97:01:A9
Certificate issuer:       /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial:       780F530CF83A08DF717C7900D66D79185D42EDB7
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3235352e3132382e302f32332d3234203d3e203432333636.roa
Signing time:             Mon 17 Apr 2023 11:21:41 +0000
ROA not before:           Mon 17 Apr 2023 11:16:41 +0000
ROA not after:            Mon 15 Apr 2024 11:21:41 +0000
asID:                     42366
IP address blocks:        185.255.128.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:0f:53:0c:f8:3a:08:df:71:7c:79:00:d6:6d:79:18:5d:42:ed:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
        Validity
            Not Before: Apr 17 11:16:41 2023 GMT
            Not After : Apr 15 11:21:41 2024 GMT
        Subject: CN=8FDACE58DA860E3BF8EC3F460A4A88FCDF9701A9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:be:15:89:d3:c4:b3:5a:4f:27:ff:f9:f0:1f:
                    e3:dd:cd:01:25:75:5f:8a:d5:1e:ba:72:58:0e:d9:
                    20:57:b0:94:84:ee:62:bb:8d:1c:1a:df:3b:17:b8:
                    22:67:05:7e:a6:65:58:86:e3:07:e6:5c:62:f1:f4:
                    90:c8:f1:57:5d:a6:02:92:8a:d1:56:0c:7f:f7:0e:
                    dc:e9:27:47:67:a1:6a:12:0b:a2:4d:32:65:d5:9a:
                    1c:f2:9f:ff:0a:b9:37:9b:8a:af:3d:19:ff:e0:20:
                    ec:a8:1a:33:ba:3d:e7:f1:08:23:e5:0c:5f:0c:9c:
                    d1:dc:e5:f1:80:af:9b:fc:bf:47:6c:69:66:16:28:
                    7c:9d:48:97:17:60:75:33:d4:73:b4:fd:0e:05:77:
                    eb:0d:56:13:b5:56:ad:96:0f:eb:fc:42:31:04:79:
                    78:ce:f2:ad:db:b6:d9:b6:59:b3:bf:eb:66:53:fd:
                    d9:7a:c1:25:1e:05:38:49:96:a6:e7:0c:73:d4:8d:
                    d5:cb:f9:60:2f:3f:2a:32:e5:a0:1b:f9:84:71:0c:
                    ee:ca:eb:05:2b:8e:18:4b:d1:9f:f3:45:34:08:c0:
                    92:ba:b4:65:bc:03:dd:44:4b:94:01:eb:11:b1:bd:
                    b6:3c:1b:21:f2:52:d5:1e:2b:96:38:b3:6c:6a:9e:
                    2f:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:DA:CE:58:DA:86:0E:3B:F8:EC:3F:46:0A:4A:88:FC:DF:97:01:A9
            X509v3 Authority Key Identifier:
                keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3235352e3132382e302f32332d3234203d3e203432333636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.255.128.0/23

    Signature Algorithm: sha256WithRSAEncryption
         99:a0:3e:65:4b:1d:cf:0c:76:69:b0:ed:b2:85:1e:df:d7:21:
         f4:9e:30:7f:04:01:7c:ed:e9:a3:c5:df:2c:ed:e7:fb:f5:e6:
         4a:86:85:31:51:37:8c:99:2d:93:d8:93:53:74:79:e6:e0:c8:
         09:10:a6:9a:3f:0c:0b:33:36:5c:d5:d4:a0:80:01:f5:d7:fd:
         00:1b:b9:00:3d:2c:94:12:55:c1:61:12:00:f9:c0:b4:0d:c6:
         fd:4f:c3:05:f3:db:f0:ae:2e:b5:53:c1:73:c1:0d:fd:09:25:
         e3:f9:2c:65:43:f5:95:e5:c4:ed:0f:af:b8:f6:79:f5:2e:b0:
         b6:73:19:eb:6e:18:0f:bc:22:70:48:76:ee:3c:84:f3:db:08:
         26:6c:e9:34:c3:c4:af:f4:7e:b6:f7:57:b3:22:3b:97:bd:a3:
         5f:07:bf:e2:80:31:c5:f7:7e:40:6a:cf:fe:53:69:60:d1:ef:
         e3:2d:3d:83:fe:f7:9b:85:74:d4:94:aa:bc:dd:2b:62:60:76:
         71:28:44:40:95:95:71:5b:88:f9:09:df:19:1f:37:10:e2:e2:
         88:1f:60:a5:c1:59:88:5d:da:4e:e3:67:7d:d6:88:34:80:16:
         d2:b8:7f:67:64:f1:2c:e3:1f:4f:3e:7d:d5:44:05:fc:9d:0b:
         25:5c:9f:85
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeA9TDPg6CN9xfHkA1m15GF1C7bcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yMzA0MTcxMTE2NDFaFw0yNDA0MTUxMTIxNDFaMDMxMTAvBgNV
BAMTKDhGREFDRTU4REE4NjBFM0JGOEVDM0Y0NjBBNEE4OEZDREY5NzAxQTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtvhWJ08SzWk8n//nwH+PdzQEl
dV+K1R66clgO2SBXsJSE7mK7jRwa3zsXuCJnBX6mZViG4wfmXGLx9JDI8VddpgKS
itFWDH/3DtzpJ0dnoWoSC6JNMmXVmhzyn/8KuTebiq89Gf/gIOyoGjO6PefxCCPl
DF8MnNHc5fGAr5v8v0dsaWYWKHydSJcXYHUz1HO0/Q4Fd+sNVhO1Vq2WD+v8QjEE
eXjO8q3bttm2WbO/62ZT/dl6wSUeBThJlqbnDHPUjdXL+WAvPyoy5aAb+YRxDO7K
6wUrjhhL0Z/zRTQIwJK6tGW8A91ES5QB6xGxvbY8GyHyUtUeK5Y4s2xqni+1AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUj9rOWNqGDjv47D9GCkqI/N+XAakwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzODM1MmUzMjM1MzUyZTMx
MzIzODJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM0MzIzMzM2MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG5/4AwDQYJKoZIhvcNAQELBQADggEBAJmgPmVLHc8Mdmmw7bKFHt/XIfSeMH8E
AXzt6aPF3yzt5/v15kqGhTFRN4yZLZPYk1N0eebgyAkQppo/DAszNlzV1KCAAfXX
/QAbuQA9LJQSVcFhEgD5wLQNxv1PwwXz2/CuLrVTwXPBDf0JJeP5LGVD9ZXlxO0P
r7j2efUusLZzGetuGA+8InBIdu48hPPbCCZs6TTDxK/0frb3V7MiO5e9o18Hv+KA
McX3fkBqz/5TaWDR7+MtPYP+95uFdNSUqrzdK2JgdnEoRECVlXFbiPkJ3xkfNxDi
4ogfYKXBWYhd2k7jZ33WiDSAFtK4f2dk8SzjH08+fdVEBfydCyVcn4U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:11 2024 by rpki-client on console-ams.rpki-client.org