Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/352e3138302e3134382e302f32332d3233203d3e20323131343332.roa
File:                     352e3138302e3134382e302f32332d3233203d3e20323131343332.roa (raw, json)
Hash identifier:          +5s2VnRg93TvJc8iSjgA6cZrnJ8+qY85bQFCaTd7IyM=
Subject key identifier:   CC:79:D7:1E:9B:C5:39:46:EF:62:58:AB:79:02:3B:08:68:5B:2F:64
Certificate issuer:       /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial:       34A15AD649E6E0445A7022CE216F741ABA2F75B8
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/352e3138302e3134382e302f32332d3233203d3e20323131343332.roa
Signing time:             Tue 11 Apr 2023 12:16:45 +0000
ROA not before:           Tue 11 Apr 2023 12:11:45 +0000
ROA not after:            Tue 09 Apr 2024 12:16:45 +0000
asID:                     211432
IP address blocks:        5.180.148.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:a1:5a:d6:49:e6:e0:44:5a:70:22:ce:21:6f:74:1a:ba:2f:75:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
        Validity
            Not Before: Apr 11 12:11:45 2023 GMT
            Not After : Apr  9 12:16:45 2024 GMT
        Subject: CN=CC79D71E9BC53946EF6258AB79023B08685B2F64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:97:50:2c:c1:68:29:5e:d8:7a:c9:5d:07:08:
                    88:ae:c1:d7:ba:2d:65:86:8d:05:1e:2f:3f:42:a2:
                    b0:e1:d5:b8:17:77:c5:6a:d9:55:55:12:85:56:60:
                    92:76:2c:8c:8c:6b:1e:9e:d5:d7:50:f4:29:0d:f5:
                    00:e4:a9:f2:a9:b7:c5:4b:87:f3:c3:d1:88:ef:ee:
                    33:60:90:ee:ff:3a:98:12:4b:63:ff:de:90:ff:f5:
                    e0:2d:fd:88:37:8a:aa:8a:0b:1a:64:3b:46:a1:16:
                    28:f7:5c:66:8f:26:9f:5e:47:36:b6:a1:d0:71:7d:
                    45:e7:b8:b9:09:12:b5:a1:2d:ad:2f:b8:57:10:80:
                    6e:12:d1:c7:ec:e9:a4:a8:d6:1e:14:6a:cb:2f:a8:
                    f1:bb:b0:ad:4a:69:4a:fd:a3:f2:da:a2:ba:3d:a5:
                    a9:7c:a6:50:5c:28:aa:a5:94:1b:4f:1a:7e:8b:f6:
                    5e:ee:0c:25:9b:ba:d4:87:3c:e7:05:54:ba:8d:c3:
                    8e:4a:17:0b:c5:b4:3c:58:d5:0c:cb:d9:8c:f8:3c:
                    96:f8:1b:5d:96:6b:bb:df:93:7d:4c:18:2b:44:4a:
                    ec:8d:93:da:ec:55:26:b6:3a:82:04:eb:be:7d:48:
                    6d:ef:f3:40:50:bc:c4:4f:9b:05:78:bd:f2:44:eb:
                    f7:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:79:D7:1E:9B:C5:39:46:EF:62:58:AB:79:02:3B:08:68:5B:2F:64
            X509v3 Authority Key Identifier:
                keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/352e3138302e3134382e302f32332d3233203d3e20323131343332.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.148.0/23

    Signature Algorithm: sha256WithRSAEncryption
         76:dd:08:8d:70:ed:0d:a4:b7:10:f4:0d:41:ce:7c:ec:47:b7:
         8a:c4:41:01:37:f5:0b:f1:f4:69:61:da:1d:af:1f:af:14:b9:
         c8:22:19:48:f8:89:c0:a7:a6:c5:8f:a7:34:24:96:ae:7b:eb:
         36:39:7a:0e:20:56:c7:d3:a1:c0:db:0b:21:7d:f0:98:06:d9:
         d8:9c:7e:cb:99:56:dc:6a:2c:74:98:f8:3f:68:53:83:ab:e0:
         a5:ae:15:7d:34:b0:bd:c3:39:8c:d8:25:d3:63:7d:ed:51:5b:
         20:b6:3c:2c:1f:27:52:c5:35:3c:9a:19:59:d1:b6:08:a5:fe:
         86:15:2d:73:63:17:91:97:75:c7:e1:7f:44:34:96:09:48:d9:
         4f:97:0e:d1:78:49:ba:00:54:9c:2a:5a:f5:7c:1d:6c:31:fa:
         81:10:fc:e3:70:56:4b:75:3e:c2:8c:fd:cb:a1:8a:30:03:fc:
         77:dd:1a:7a:4e:0b:09:0a:24:ef:4e:b0:94:96:14:63:76:81:
         98:9b:6e:29:e9:9e:2a:de:5b:75:4e:f1:54:36:be:c0:a7:45:
         ea:3c:f4:64:81:5e:45:49:36:f3:02:34:26:44:54:e9:4c:bb:
         61:ca:0e:2e:65:77:05:77:7c:0f:02:81:20:2e:d1:c3:87:ee:
         a0:5c:b7:2c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUNKFa1knm4ERacCLOIW90GrovdbgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yMzA0MTExMjExNDVaFw0yNDA0MDkxMjE2NDVaMDMxMTAvBgNV
BAMTKENDNzlENzFFOUJDNTM5NDZFRjYyNThBQjc5MDIzQjA4Njg1QjJGNjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0l1AswWgpXth6yV0HCIiuwde6
LWWGjQUeLz9CorDh1bgXd8Vq2VVVEoVWYJJ2LIyMax6e1ddQ9CkN9QDkqfKpt8VL
h/PD0Yjv7jNgkO7/OpgSS2P/3pD/9eAt/Yg3iqqKCxpkO0ahFij3XGaPJp9eRza2
odBxfUXnuLkJErWhLa0vuFcQgG4S0cfs6aSo1h4UassvqPG7sK1KaUr9o/Laoro9
pal8plBcKKqllBtPGn6L9l7uDCWbutSHPOcFVLqNw45KFwvFtDxY1QzL2Yz4PJb4
G12Wa7vfk31MGCtESuyNk9rsVSa2OoIE6759SG3v80BQvMRPmwV4vfJE6/efAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUzHnXHpvFOUbvYlireQI7CGhbL2QwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzUyZTMxMzgzMDJlMzEzNDM4
MmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzIzMTMxMzQzMzMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
BbSUMA0GCSqGSIb3DQEBCwUAA4IBAQB23QiNcO0NpLcQ9A1BznzsR7eKxEEBN/UL
8fRpYdodrx+vFLnIIhlI+InAp6bFj6c0JJaue+s2OXoOIFbH06HA2wshffCYBtnY
nH7LmVbcaix0mPg/aFODq+ClrhV9NLC9wzmM2CXTY33tUVsgtjwsHydSxTU8mhlZ
0bYIpf6GFS1zYxeRl3XH4X9ENJYJSNlPlw7ReEm6AFScKlr1fB1sMfqBEPzjcFZL
dT7CjP3LoYowA/x33Rp6TgsJCiTvTrCUlhRjdoGYm24p6Z4q3lt1TvFUNr7Ap0Xq
PPRkgV5FSTbzAjQmRFTpTLthyg4uZXcFd3wPAoEgLtHDh+6gXLcs
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-fra.rpki-client.org