Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e31302e3135372e302f32342d3234203d3e20323131383330.roa
File:                     34352e31302e3135372e302f32342d3234203d3e20323131383330.roa (raw, json)
Hash identifier:          dWyAZ2PehrUhOV4zFyFSPuSHxAlr1npVQ6EPupvYkDQ=
Subject key identifier:   E5:BC:7D:BE:BE:19:55:93:49:2E:6C:21:89:FF:FD:BE:3A:2E:81:D7
Certificate issuer:       /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial:       3A3A54098EA76BFE1EEA98CF6443CF96D9FF7B86
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e31302e3135372e302f32342d3234203d3e20323131383330.roa
Signing time:             Mon 27 Mar 2023 08:28:00 +0000
ROA not before:           Mon 27 Mar 2023 08:23:00 +0000
ROA not after:            Mon 25 Mar 2024 08:28:00 +0000
asID:                     211830
IP address blocks:        45.10.157.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:3a:54:09:8e:a7:6b:fe:1e:ea:98:cf:64:43:cf:96:d9:ff:7b:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
        Validity
            Not Before: Mar 27 08:23:00 2023 GMT
            Not After : Mar 25 08:28:00 2024 GMT
        Subject: CN=E5BC7DBEBE195593492E6C2189FFFDBE3A2E81D7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:b9:9b:2a:05:4d:0f:0e:ff:de:97:87:fa:fa:
                    9e:6d:d0:09:ad:76:3f:27:14:4d:d3:23:35:1c:51:
                    2d:1f:95:4d:22:f6:4f:69:21:5c:7a:d3:5d:9b:41:
                    d9:a4:d7:9b:1a:10:13:c8:33:81:a3:e2:cf:ae:68:
                    cf:d9:d0:51:0d:59:58:7d:2b:5c:4c:13:48:06:bc:
                    90:c7:85:9d:23:5e:f5:28:8f:7c:a5:18:7a:e6:69:
                    f9:f6:f4:ba:c1:3f:81:42:5c:84:86:e1:42:be:db:
                    43:c6:86:89:b0:63:a6:7c:66:55:74:d6:f6:a3:68:
                    0d:62:1e:da:b1:93:b5:37:f4:39:e8:6d:d0:a8:cc:
                    87:5c:46:72:49:39:27:59:ee:93:df:96:ec:9c:ad:
                    66:d4:76:64:7a:bc:5b:28:1a:16:c8:d9:a0:44:d0:
                    93:da:60:18:e7:11:6b:89:bc:12:19:ce:57:fc:e9:
                    92:45:f4:20:c6:ee:16:fe:e7:a3:6d:a5:4f:06:73:
                    2c:78:d2:b9:75:02:2c:b0:3b:13:f2:00:05:2b:50:
                    2f:e3:20:30:e3:46:bc:24:75:f4:94:5b:41:36:12:
                    75:77:75:a8:41:b9:99:7b:e4:6b:bb:5a:27:ea:a9:
                    55:a5:8a:65:31:8f:ba:20:4c:71:4b:59:f4:ae:33:
                    a3:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:BC:7D:BE:BE:19:55:93:49:2E:6C:21:89:FF:FD:BE:3A:2E:81:D7
            X509v3 Authority Key Identifier:
                keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e31302e3135372e302f32342d3234203d3e20323131383330.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.10.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:00:ca:d7:37:36:2c:9b:fe:d2:d8:f8:37:33:7a:5d:c9:d6:
         32:5d:5c:32:c9:c2:67:20:7c:c7:b5:1f:aa:99:b7:e6:53:4d:
         64:63:ad:83:28:c6:1a:96:2d:b3:61:75:a0:4a:fd:33:d3:1a:
         0f:b7:a9:41:0d:9a:90:53:f7:9a:34:b2:98:6e:30:8a:b0:0b:
         0e:eb:1e:3d:37:76:8b:65:9b:7d:49:78:71:1c:3b:8b:2a:89:
         08:53:d6:4e:09:51:b5:ac:90:c7:88:4d:82:85:34:57:96:b2:
         33:49:d6:9f:2e:49:ab:bd:80:cf:95:8e:1c:8b:4d:7a:dd:17:
         66:c3:dc:ce:c8:27:66:67:8c:e9:61:99:b9:b2:d7:84:06:2f:
         90:3c:d6:69:3c:b8:a8:b8:e2:14:8c:09:1b:37:21:c4:94:5e:
         65:d3:70:7d:c9:d1:f6:78:d9:05:fb:6f:da:36:8f:ed:ee:db:
         ad:63:c1:76:b3:7c:e5:9e:28:5c:7f:d6:45:da:37:b3:cc:f6:
         61:cc:a3:db:49:19:06:69:d9:59:ee:fd:e8:ba:38:d3:5c:53:
         09:cf:07:b8:84:ac:69:2f:1f:b7:92:91:45:2a:15:49:17:11:
         a4:de:33:c8:08:a2:f8:0f:98:5f:a3:a9:8e:df:4f:a3:e2:50:
         97:20:83:7d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUOjpUCY6na/4e6pjPZEPPltn/e4YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yMzAzMjcwODIzMDBaFw0yNDAzMjUwODI4MDBaMDMxMTAvBgNV
BAMTKEU1QkM3REJFQkUxOTU1OTM0OTJFNkMyMTg5RkZGREJFM0EyRTgxRDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCquZsqBU0PDv/el4f6+p5t0Amt
dj8nFE3TIzUcUS0flU0i9k9pIVx6012bQdmk15saEBPIM4Gj4s+uaM/Z0FENWVh9
K1xME0gGvJDHhZ0jXvUoj3ylGHrmafn29LrBP4FCXISG4UK+20PGhomwY6Z8ZlV0
1vajaA1iHtqxk7U39DnobdCozIdcRnJJOSdZ7pPfluycrWbUdmR6vFsoGhbI2aBE
0JPaYBjnEWuJvBIZzlf86ZJF9CDG7hb+56NtpU8Gcyx40rl1AiywOxPyAAUrUC/j
IDDjRrwkdfSUW0E2EnV3dahBuZl75Gu7WifqqVWlimUxj7ogTHFLWfSuM6NrAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU5bx9vr4ZVZNJLmwhif/9vjougdcwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzQzNTJlMzEzMDJlMzEzNTM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMxMzgzMzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LQqdMA0GCSqGSIb3DQEBCwUAA4IBAQBQAMrXNzYsm/7S2Pg3M3pdydYyXVwyycJn
IHzHtR+qmbfmU01kY62DKMYali2zYXWgSv0z0xoPt6lBDZqQU/eaNLKYbjCKsAsO
6x49N3aLZZt9SXhxHDuLKokIU9ZOCVG1rJDHiE2ChTRXlrIzSdafLkmrvYDPlY4c
i0163Rdmw9zOyCdmZ4zpYZm5steEBi+QPNZpPLiouOIUjAkbNyHElF5l03B9ydH2
eNkF+2/aNo/t7tutY8F2s3zlnihcf9ZF2jezzPZhzKPbSRkGadlZ7v3oujjTXFMJ
zwe4hKxpLx+3kpFFKhVJFxGk3jPICKL4D5hfo6mO30+j4lCXIIN9
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-fra.rpki-client.org