Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e3138372e3132382e302f32342d3234203d3e203432333636.roa
File:                     3139332e3138372e3132382e302f32342d3234203d3e203432333636.roa (raw, json)
Hash identifier:          /ddcsgfDd9Gk8RH+DNDzr1pqTbA9C3oyENp+d3SGcnI=
Subject key identifier:   C5:EA:A4:D9:2A:D9:A6:6A:5A:22:AC:B7:7B:5A:E0:97:16:74:F7:3C
Certificate issuer:       /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial:       7688D43EB9C8CE93C8220417D7B77817F555E739
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e3138372e3132382e302f32342d3234203d3e203432333636.roa
Signing time:             Mon 17 Apr 2023 11:23:54 +0000
ROA not before:           Mon 17 Apr 2023 11:18:54 +0000
ROA not after:            Mon 15 Apr 2024 11:23:54 +0000
asID:                     42366
IP address blocks:        193.187.128.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:88:d4:3e:b9:c8:ce:93:c8:22:04:17:d7:b7:78:17:f5:55:e7:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
        Validity
            Not Before: Apr 17 11:18:54 2023 GMT
            Not After : Apr 15 11:23:54 2024 GMT
        Subject: CN=C5EAA4D92AD9A66A5A22ACB77B5AE0971674F73C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:81:0c:c7:81:9e:83:8f:a2:53:a8:1b:ce:e0:
                    ce:2b:ab:cc:1c:30:e9:ae:13:d5:26:fa:ba:fd:b8:
                    6b:fb:4a:87:d8:de:cc:f7:db:9a:41:1c:0e:91:b0:
                    bb:cc:d9:2e:12:5e:ea:8a:7f:c7:aa:65:c5:9c:35:
                    ae:55:f0:7f:02:f3:c5:7c:cb:44:5d:41:93:8b:06:
                    c5:50:4a:bd:b1:5c:ac:ad:23:a5:30:44:dd:27:77:
                    db:df:03:40:8f:49:de:2d:30:a1:13:bf:b2:ae:e0:
                    7e:3b:dd:4b:82:46:d9:ea:4e:84:31:e7:e0:25:cd:
                    62:d9:77:4f:42:96:ed:70:58:af:72:a6:16:40:02:
                    d8:be:d7:d7:6b:d6:47:8d:71:5b:62:08:f4:fe:77:
                    6e:8e:17:34:1e:4b:28:34:07:df:3c:69:fc:4d:31:
                    0d:bb:22:c7:fb:95:e3:e6:f8:4c:a4:a6:5b:6d:b4:
                    ff:41:a9:6d:b5:27:65:c9:71:35:b9:eb:6d:bd:3e:
                    cc:78:07:8a:55:0e:59:91:0c:0e:2e:bc:15:04:5b:
                    a0:15:c0:eb:e5:8d:c4:5c:dc:c8:56:d5:78:ee:42:
                    aa:00:e0:28:09:0e:1c:54:cc:b9:2e:0c:00:84:2b:
                    a1:98:92:80:82:c3:b7:a2:66:31:cc:3e:cb:b1:3b:
                    00:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:EA:A4:D9:2A:D9:A6:6A:5A:22:AC:B7:7B:5A:E0:97:16:74:F7:3C
            X509v3 Authority Key Identifier:
                keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e3138372e3132382e302f32342d3234203d3e203432333636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.187.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:66:f8:61:cc:33:d9:0e:da:ca:6d:68:07:14:41:82:90:e0:
         37:d1:b6:bc:60:39:d9:63:43:be:97:78:5d:54:8c:81:a0:15:
         50:ad:03:3d:65:85:f3:2f:1a:54:89:c9:8b:4a:09:8b:e6:ec:
         10:72:f2:13:88:8b:89:93:96:2f:69:d1:a8:ca:b9:7f:c4:4c:
         83:02:36:a8:fa:18:f6:bd:82:3d:7d:ce:5d:40:29:01:0c:56:
         a7:b9:12:10:2e:5c:33:ed:ed:33:a3:44:05:4c:c3:77:e3:dc:
         07:c4:bb:8f:26:d1:ee:9a:74:05:1a:f0:15:d4:d1:46:3b:c7:
         d0:63:8f:fe:cb:9e:14:0c:d9:39:e8:d8:52:59:99:76:5c:63:
         c1:3b:96:0a:8e:2c:a0:0a:10:8d:a9:d3:ea:a7:88:5e:ae:7e:
         b7:24:f2:ac:fe:49:ec:a6:0d:61:28:62:c5:69:c7:94:9b:6f:
         6f:5f:3d:cc:76:56:d1:cc:c3:92:f5:f5:94:81:74:f8:42:62:
         48:9b:95:7d:2d:c8:46:3b:cb:4c:d8:2a:be:d5:50:b4:a8:9e:
         28:be:24:44:47:26:0b:de:0b:77:6c:b5:ad:89:4f:8d:3b:51:
         43:70:d1:a8:98:6f:e0:6a:23:2f:51:fa:1f:75:f6:55:80:10:
         bb:47:5d:c7
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUdojUPrnIzpPIIgQX17d4F/VV5zkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yMzA0MTcxMTE4NTRaFw0yNDA0MTUxMTIzNTRaMDMxMTAvBgNV
BAMTKEM1RUFBNEQ5MkFEOUE2NkE1QTIyQUNCNzdCNUFFMDk3MTY3NEY3M0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDggQzHgZ6Dj6JTqBvO4M4rq8wc
MOmuE9Um+rr9uGv7SofY3sz325pBHA6RsLvM2S4SXuqKf8eqZcWcNa5V8H8C88V8
y0RdQZOLBsVQSr2xXKytI6UwRN0nd9vfA0CPSd4tMKETv7Ku4H473UuCRtnqToQx
5+AlzWLZd09Clu1wWK9yphZAAti+19dr1keNcVtiCPT+d26OFzQeSyg0B988afxN
MQ27Isf7lePm+EykpltttP9BqW21J2XJcTW56229Psx4B4pVDlmRDA4uvBUEW6AV
wOvljcRc3MhW1XjuQqoA4CgJDhxUzLkuDACEK6GYkoCCw7eiZjHMPsuxOwBZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUxeqk2SrZpmpaIqy3e1rglxZ09zwwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTMzMmUzMTM4MzcyZTMx
MzIzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzIzMzM2MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADBu4AwDQYJKoZIhvcNAQELBQADggEBAC5m+GHMM9kO2sptaAcUQYKQ4DfRtrxg
OdljQ76XeF1UjIGgFVCtAz1lhfMvGlSJyYtKCYvm7BBy8hOIi4mTli9p0ajKuX/E
TIMCNqj6GPa9gj19zl1AKQEMVqe5EhAuXDPt7TOjRAVMw3fj3AfEu48m0e6adAUa
8BXU0UY7x9Bjj/7LnhQM2Tno2FJZmXZcY8E7lgqOLKAKEI2p0+qniF6ufrck8qz+
SeymDWEoYsVpx5Sbb29fPcx2VtHMw5L19ZSBdPhCYkiblX0tyEY7y0zYKr7VULSo
nii+JERHJgveC3dsta2JT407UUNw0aiYb+BqIy9R+h919lWAELtHXcc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-fra.rpki-client.org