Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3233322e302f32322d3232203d3e203136353039.roa
File:                     3134302e3135302e3233322e302f32322d3232203d3e203136353039.roa (raw, json)
Hash identifier:          MCZ7i2PBveeVFizpzJJtmBvB06zux8/DxZfH0WU/mXE=
Subject key identifier:   9E:48:F6:2E:9B:28:6A:7A:80:4D:9C:3C:AE:F6:17:CC:7D:7B:9B:B9
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       1D1FEB00B039743C1D4EED8C3054D27334D918D3
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3233322e302f32322d3232203d3e203136353039.roa
Signing time:             Mon 29 May 2023 14:39:49 +0000
ROA not before:           Mon 29 May 2023 14:34:49 +0000
ROA not after:            Mon 27 May 2024 14:39:49 +0000
asID:                     16509
IP address blocks:        140.150.232.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:1f:eb:00:b0:39:74:3c:1d:4e:ed:8c:30:54:d2:73:34:d9:18:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: May 29 14:34:49 2023 GMT
            Not After : May 27 14:39:49 2024 GMT
        Subject: CN=9E48F62E9B286A7A804D9C3CAEF617CC7D7B9BB9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:6f:f3:e1:5b:f5:65:b0:47:ce:0a:8e:83:c4:
                    2a:14:55:3b:e6:54:a2:8b:67:a6:da:bf:1e:8c:6f:
                    3c:9f:5a:ee:d3:36:b0:66:d9:35:bd:75:b3:0e:68:
                    3d:4f:f1:f7:ec:c8:8c:87:15:cc:9b:14:d9:b5:7f:
                    d8:51:65:cc:8f:dc:7b:94:0e:f3:2c:14:98:b5:bf:
                    aa:f0:a3:89:aa:3f:95:ed:05:24:2f:2e:2c:3e:0a:
                    e6:f7:3b:88:b4:63:ca:1c:49:5e:76:aa:7e:36:3f:
                    8f:e0:8f:89:c5:58:40:01:80:1b:a1:a5:8b:47:5e:
                    b3:1d:be:74:04:68:43:11:06:57:e4:1b:4e:1f:8b:
                    27:61:d7:28:0d:c9:2a:30:7f:66:af:95:7f:7b:0e:
                    41:b3:38:19:72:7c:f4:9f:f6:08:e1:c6:9c:28:45:
                    41:8d:f8:ac:38:bc:f6:48:f4:ce:e4:03:9b:49:54:
                    65:2e:9d:e2:5f:f2:6f:26:60:86:da:f3:3c:b6:91:
                    91:1d:0f:09:59:c2:f4:42:ce:84:6b:9e:02:e4:fa:
                    e6:1d:89:2e:f8:86:ad:d4:14:38:cf:b6:34:cc:9e:
                    df:dd:76:c8:8e:bf:0e:d8:3c:d3:c0:cf:32:a7:bb:
                    ab:2c:d4:23:27:87:fd:1f:6a:e1:82:32:cc:ff:7a:
                    0c:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:48:F6:2E:9B:28:6A:7A:80:4D:9C:3C:AE:F6:17:CC:7D:7B:9B:B9
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3233322e302f32322d3232203d3e203136353039.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.150.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         30:30:ef:08:f1:77:ad:50:40:6e:5b:f4:ee:ff:14:e2:86:dd:
         bc:46:4b:c8:19:84:a0:75:7c:90:6a:fd:61:d6:23:7d:09:83:
         30:8d:76:cc:ad:47:a5:89:a7:36:2f:24:83:92:1b:47:bd:9b:
         5d:29:a5:c1:c3:b8:eb:29:a3:7c:e8:aa:ba:dd:17:ac:35:ff:
         fc:b7:bf:6f:c9:4d:fb:df:66:27:f9:20:5c:0a:72:00:2c:65:
         a0:46:08:a5:6c:52:10:80:22:48:28:5e:cd:ff:27:ac:57:35:
         b6:90:12:99:c7:75:a9:fc:7d:70:d5:cc:e2:04:18:e6:d7:9e:
         51:68:ba:ca:39:08:15:f8:cb:77:8b:e6:a1:13:29:da:f3:0b:
         ff:16:1d:d1:db:e2:c5:1b:c9:63:f5:8c:44:7e:a5:e5:ff:be:
         10:63:07:4d:7e:b8:e2:f9:e9:e4:13:51:62:a1:20:f5:73:b3:
         33:00:aa:2a:4a:83:19:3e:d1:e9:dd:33:5b:53:5b:d8:fe:61:
         58:20:e4:6c:20:0b:d5:67:92:41:44:5b:72:3f:0f:b8:82:c4:
         78:17:72:cb:44:95:ea:3a:63:14:78:47:97:30:78:20:2a:4e:
         ca:36:6e:0e:dc:d1:fd:44:34:a4:6b:43:e8:76:70:94:69:ad:
         2f:80:17:df
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUHR/rALA5dDwdTu2MMFTSczTZGNMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yMzA1MjkxNDM0NDlaFw0yNDA1MjcxNDM5NDlaMDMxMTAvBgNV
BAMTKDlFNDhGNjJFOUIyODZBN0E4MDREOUMzQ0FFRjYxN0NDN0Q3QjlCQjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEb/PhW/VlsEfOCo6DxCoUVTvm
VKKLZ6bavx6MbzyfWu7TNrBm2TW9dbMOaD1P8ffsyIyHFcybFNm1f9hRZcyP3HuU
DvMsFJi1v6rwo4mqP5XtBSQvLiw+Cub3O4i0Y8ocSV52qn42P4/gj4nFWEABgBuh
pYtHXrMdvnQEaEMRBlfkG04fiydh1ygNySowf2avlX97DkGzOBlyfPSf9gjhxpwo
RUGN+Kw4vPZI9M7kA5tJVGUuneJf8m8mYIba8zy2kZEdDwlZwvRCzoRrngLk+uYd
iS74hq3UFDjPtjTMnt/ddsiOvw7YPNPAzzKnu6ss1CMnh/0fauGCMsz/egzPAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUnkj2LpsoanqATZw8rvYXzH17m7kwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDMwMmUzMTM1MzAyZTMy
MzMzMjJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMxMzYzNTMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAKMlugwDQYJKoZIhvcNAQELBQADggEBADAw7wjxd61QQG5b9O7/FOKG3bxGS8gZ
hKB1fJBq/WHWI30JgzCNdsytR6WJpzYvJIOSG0e9m10ppcHDuOspo3zoqrrdF6w1
//y3v2/JTfvfZif5IFwKcgAsZaBGCKVsUhCAIkgoXs3/J6xXNbaQEpnHdan8fXDV
zOIEGObXnlFouso5CBX4y3eL5qETKdrzC/8WHdHb4sUbyWP1jER+peX/vhBjB01+
uOL56eQTUWKhIPVzszMAqipKgxk+0endM1tTW9j+YVgg5GwgC9VnkkFEW3I/D7iC
xHgXcstEleo6YxR4R5cweCAqTso2bg7c0f1ENKRrQ+h2cJRprS+AF98=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:54 2024 by rpki-client on console-ams.rpki-client.org