Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e33342e3233352e302f32342d3234203d3e203432333636.roa
File:                     3139342e33342e3233352e302f32342d3234203d3e203432333636.roa (raw, json)
Hash identifier:          Fuv71BM6/zWCoDSuI+QN4P4LJcCmbdsUV2hhj2tKqT8=
Subject key identifier:   D1:A3:C6:3D:6A:D5:86:85:D5:43:81:04:2F:08:8D:1C:A2:82:5A:B7
Certificate issuer:       /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial:       1DEA248561472B97E10BF952379F71C9BFE822DA
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e33342e3233352e302f32342d3234203d3e203432333636.roa
Signing time:             Mon 17 Apr 2023 11:23:27 +0000
ROA not before:           Mon 17 Apr 2023 11:18:27 +0000
ROA not after:            Mon 15 Apr 2024 11:23:27 +0000
asID:                     42366
IP address blocks:        194.34.235.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:ea:24:85:61:47:2b:97:e1:0b:f9:52:37:9f:71:c9:bf:e8:22:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
        Validity
            Not Before: Apr 17 11:18:27 2023 GMT
            Not After : Apr 15 11:23:27 2024 GMT
        Subject: CN=D1A3C63D6AD58685D54381042F088D1CA2825AB7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:a7:28:e9:8b:50:c7:8c:36:51:3a:22:68:0b:
                    be:09:4e:cf:c2:c6:f0:15:2f:5b:6a:a3:c9:eb:2c:
                    6b:bf:3d:61:eb:f5:f2:7e:1c:b3:73:8d:7e:3b:91:
                    22:e2:ff:1d:83:4d:c2:eb:1b:56:da:cb:ac:da:4f:
                    8d:d3:69:9c:0a:f1:9e:37:0a:ed:c2:a8:11:f9:ab:
                    eb:ab:e8:1d:ff:bb:4a:7e:bb:6d:ac:48:d0:dc:fe:
                    d5:57:13:37:0b:71:2b:1a:d1:d3:47:34:d9:f1:d5:
                    be:83:10:84:4b:dd:01:89:02:bd:9d:82:47:3a:7c:
                    f7:01:b3:46:f5:67:3f:eb:95:9c:59:43:df:52:2d:
                    51:c4:ed:b5:10:94:7a:c0:20:08:e5:5e:39:39:c3:
                    6b:1f:8f:5c:7d:b4:91:39:5b:2d:d9:34:31:be:df:
                    0e:1d:73:5b:bb:8c:f9:a8:d8:8f:54:25:13:81:59:
                    7a:2c:b4:2d:e2:26:08:bf:b4:8d:07:47:00:33:85:
                    40:26:d6:98:88:e3:70:4f:4e:3f:34:ef:ac:27:cd:
                    37:97:fb:bd:d2:09:d6:3e:4c:3a:aa:23:e8:77:cd:
                    8d:35:47:7b:1b:4d:3d:e1:ef:09:c3:ed:90:e2:ce:
                    7b:9a:bb:db:0a:a3:20:86:92:f9:bd:ef:f0:73:1e:
                    84:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:A3:C6:3D:6A:D5:86:85:D5:43:81:04:2F:08:8D:1C:A2:82:5A:B7
            X509v3 Authority Key Identifier:
                keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e33342e3233352e302f32342d3234203d3e203432333636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.34.235.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:60:d5:8c:74:1f:33:51:18:c3:69:bd:8d:e8:fc:b0:a4:69:
         d3:35:7f:00:15:18:86:fc:3e:2d:85:a8:8a:98:c9:36:2d:d9:
         42:50:e5:42:5d:3c:54:cd:b9:d1:68:d5:0c:df:67:31:db:b5:
         6d:d3:1b:60:fe:8a:e6:2f:fa:38:65:2a:a9:75:a3:38:4a:0c:
         d9:f7:34:ee:7f:61:c6:ae:f2:a0:3f:78:3a:62:82:31:82:72:
         a5:44:d8:47:dd:90:54:4a:f4:b4:71:1e:08:5f:b9:70:f6:30:
         14:0a:ce:38:f9:66:9e:a7:fb:4d:6b:1f:ef:30:7d:e6:42:f5:
         b4:42:87:7b:ab:17:09:40:08:1c:b9:20:6d:e0:49:f7:89:bb:
         ad:0f:fa:54:42:77:cc:a0:66:e3:02:b4:a8:b8:2e:98:3c:55:
         85:82:fb:dc:dd:ad:bd:1e:7e:9f:86:93:33:2b:6b:3a:9f:80:
         3e:4a:3c:74:f3:52:ef:76:2c:a5:fd:1b:23:9f:2d:e0:80:b6:
         a2:e8:bf:6f:ba:cd:89:66:99:5a:e7:5d:7c:f0:13:0c:6a:38:
         8d:0c:ba:40:e9:16:8d:93:7f:92:b4:ec:56:b5:a2:f5:9a:a2:
         4a:fe:54:9a:a2:13:7f:58:63:e7:4f:35:2e:cd:e9:f5:cf:fb:
         59:a7:f1:f4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUHeokhWFHK5fhC/lSN59xyb/oItowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yMzA0MTcxMTE4MjdaFw0yNDA0MTUxMTIzMjdaMDMxMTAvBgNV
BAMTKEQxQTNDNjNENkFENTg2ODVENTQzODEwNDJGMDg4RDFDQTI4MjVBQjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJpyjpi1DHjDZROiJoC74JTs/C
xvAVL1tqo8nrLGu/PWHr9fJ+HLNzjX47kSLi/x2DTcLrG1bay6zaT43TaZwK8Z43
Cu3CqBH5q+ur6B3/u0p+u22sSNDc/tVXEzcLcSsa0dNHNNnx1b6DEIRL3QGJAr2d
gkc6fPcBs0b1Zz/rlZxZQ99SLVHE7bUQlHrAIAjlXjk5w2sfj1x9tJE5Wy3ZNDG+
3w4dc1u7jPmo2I9UJROBWXostC3iJgi/tI0HRwAzhUAm1piI43BPTj8076wnzTeX
+73SCdY+TDqqI+h3zY01R3sbTT3h7wnD7ZDiznuau9sKoyCGkvm97/BzHoRhAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU0aPGPWrVhoXVQ4EELwiNHKKCWrcwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTM0MmUzMzM0MmUzMjMz
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMyMzMzNjM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wiLrMA0GCSqGSIb3DQEBCwUAA4IBAQBaYNWMdB8zURjDab2N6PywpGnTNX8AFRiG
/D4thaiKmMk2LdlCUOVCXTxUzbnRaNUM32cx27Vt0xtg/ormL/o4ZSqpdaM4SgzZ
9zTuf2HGrvKgP3g6YoIxgnKlRNhH3ZBUSvS0cR4IX7lw9jAUCs44+Waep/tNax/v
MH3mQvW0Qod7qxcJQAgcuSBt4En3ibutD/pUQnfMoGbjArSouC6YPFWFgvvc3a29
Hn6fhpMzK2s6n4A+Sjx081Lvdiyl/Rsjny3ggLai6L9vus2JZpla51188BMMajiN
DLpA6RaNk3+StOxWtaL1mqJK/lSaohN/WGPnTzUuzen1z/tZp/H0
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:11 2024 by rpki-client on console-ams.rpki-client.org