Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/322e35382e33362e302f32322d3234203d3e203432333636.roa
File:                     322e35382e33362e302f32322d3234203d3e203432333636.roa (raw, json)
Hash identifier:          ewu90dewtY1FW0V2SH94bBWRKx0q7qvj556HefWXT/4=
Subject key identifier:   76:DC:0F:D4:C3:AD:5E:26:82:0F:FC:8A:5D:A4:10:EF:B1:44:DF:5C
Certificate issuer:       /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial:       48365AD8BC289A7108FBC5CC0ACCAAC945BAE7BB
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/322e35382e33362e302f32322d3234203d3e203432333636.roa
Signing time:             Mon 17 Apr 2023 11:24:20 +0000
ROA not before:           Mon 17 Apr 2023 11:19:20 +0000
ROA not after:            Mon 15 Apr 2024 11:24:20 +0000
asID:                     42366
IP address blocks:        2.58.36.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:36:5a:d8:bc:28:9a:71:08:fb:c5:cc:0a:cc:aa:c9:45:ba:e7:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
        Validity
            Not Before: Apr 17 11:19:20 2023 GMT
            Not After : Apr 15 11:24:20 2024 GMT
        Subject: CN=76DC0FD4C3AD5E26820FFC8A5DA410EFB144DF5C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:71:12:95:96:c9:99:e1:09:c4:ba:62:d8:e1:
                    5e:1d:6d:3f:bd:04:12:2a:f5:46:d3:92:77:2d:70:
                    1e:3a:9f:20:00:f4:74:d7:f6:71:43:b5:13:eb:cc:
                    a6:a7:12:d7:4f:45:0b:8e:56:90:61:44:f8:ec:f5:
                    65:b9:53:c8:a3:4c:50:d1:46:f7:db:a9:65:9e:0b:
                    82:a3:22:e7:38:ee:ed:e3:4d:c5:ec:18:96:37:ec:
                    e5:1d:5a:c7:90:22:33:92:ee:83:f2:08:b2:d2:04:
                    e8:e2:15:c9:e8:95:5b:40:7e:76:58:f2:ae:dd:92:
                    d9:b4:60:d8:e5:4f:49:8c:21:89:df:ad:79:19:71:
                    ef:34:7c:3a:8f:00:3e:d8:39:41:22:fd:3b:b2:78:
                    6d:78:6d:5f:d8:26:68:45:27:23:6e:b1:e5:02:b9:
                    94:8c:8f:b1:55:0b:4a:c1:3a:4b:83:24:82:38:24:
                    7a:20:d4:ab:6c:b7:ec:36:19:ac:c5:57:e2:2c:57:
                    d3:37:1f:8b:26:bb:4b:d0:02:c8:29:28:9e:0f:a1:
                    64:fc:3e:1f:9a:7b:d1:4e:7a:0c:44:80:21:f8:ba:
                    5d:c6:fe:e7:11:2d:f2:d2:dc:94:c4:da:f2:8a:04:
                    c4:39:96:ac:5c:01:f7:f5:64:ca:ba:4b:16:b2:b5:
                    52:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:DC:0F:D4:C3:AD:5E:26:82:0F:FC:8A:5D:A4:10:EF:B1:44:DF:5C
            X509v3 Authority Key Identifier:
                keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/322e35382e33362e302f32322d3234203d3e203432333636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.58.36.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0a:f8:2b:d4:0a:7e:04:0d:f3:5b:9b:d1:71:78:df:2c:a4:a8:
         21:61:cc:75:61:e5:4d:58:3b:fc:58:ac:6e:85:0e:ed:06:a1:
         f9:e0:b0:38:ac:ca:88:1c:2e:d5:47:f3:8f:cf:61:a8:8d:a7:
         ac:e3:9c:68:2e:f6:e1:1e:97:64:8e:6f:59:eb:8a:0f:e2:c3:
         7f:8d:29:27:bd:bf:1c:f0:ad:43:37:01:31:66:b8:ea:5f:b1:
         18:8b:32:8e:ed:a8:99:b1:33:a2:a7:fe:35:e6:2c:6c:00:af:
         9b:cf:f7:7a:5e:d5:62:56:fe:c5:09:85:34:b9:be:1c:9a:43:
         91:84:16:6f:af:c3:33:78:66:94:8a:16:8f:e1:f8:44:7c:fa:
         ba:6f:94:f1:9b:ef:88:e9:d9:d1:ee:29:e7:87:a0:f9:3f:79:
         4e:a3:49:3a:19:47:0b:88:b4:b8:a8:8f:02:62:ff:d6:9f:91:
         0c:43:d4:38:79:b5:ab:c1:df:4d:fc:95:5f:45:8c:03:d8:c7:
         7c:9d:d6:79:4e:e7:1d:56:0c:06:7a:5a:95:0f:8a:27:e4:1b:
         4f:b9:c2:58:48:b2:66:a4:d2:87:df:cf:ae:12:c5:73:55:a2:
         27:50:d4:f6:6d:0c:81:26:f8:97:c0:1e:b0:cd:26:7b:81:10:
         77:5b:55:88
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUSDZa2LwomnEI+8XMCsyqyUW657swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yMzA0MTcxMTE5MjBaFw0yNDA0MTUxMTI0MjBaMDMxMTAvBgNV
BAMTKDc2REMwRkQ0QzNBRDVFMjY4MjBGRkM4QTVEQTQxMEVGQjE0NERGNUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvcRKVlsmZ4QnEumLY4V4dbT+9
BBIq9UbTknctcB46nyAA9HTX9nFDtRPrzKanEtdPRQuOVpBhRPjs9WW5U8ijTFDR
RvfbqWWeC4KjIuc47u3jTcXsGJY37OUdWseQIjOS7oPyCLLSBOjiFcnolVtAfnZY
8q7dktm0YNjlT0mMIYnfrXkZce80fDqPAD7YOUEi/TuyeG14bV/YJmhFJyNuseUC
uZSMj7FVC0rBOkuDJII4JHog1Ktst+w2GazFV+IsV9M3H4smu0vQAsgpKJ4PoWT8
Ph+ae9FOegxEgCH4ul3G/ucRLfLS3JTE2vKKBMQ5lqxcAff1ZMq6SxaytVKJAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUdtwP1MOtXiaCD/yKXaQQ77FE31wwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzIyZTM1MzgyZTMzMzYyZTMw
MmYzMjMyMmQzMjM0MjAzZDNlMjAzNDMyMzMzNjM2LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjokMA0G
CSqGSIb3DQEBCwUAA4IBAQAK+CvUCn4EDfNbm9FxeN8spKghYcx1YeVNWDv8WKxu
hQ7tBqH54LA4rMqIHC7VR/OPz2Gojaes45xoLvbhHpdkjm9Z64oP4sN/jSknvb8c
8K1DNwExZrjqX7EYizKO7aiZsTOip/415ixsAK+bz/d6XtViVv7FCYU0ub4cmkOR
hBZvr8MzeGaUihaP4fhEfPq6b5Txm++I6dnR7innh6D5P3lOo0k6GUcLiLS4qI8C
Yv/Wn5EMQ9Q4ebWrwd9N/JVfRYwD2Md8ndZ5TucdVgwGelqVD4on5BtPucJYSLJm
pNKH38+uEsVzVaInUNT2bQyBJviXwB6wzSZ7gRB3W1WI
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-fra.rpki-client.org