Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3233322e302f32322d3234203d3e203631333137.roa
File:                     3134302e3135302e3233322e302f32322d3234203d3e203631333137.roa (raw, json)
Hash identifier:          mcCwrB6+u4trXSqKKVaAi5jNjXMLFAlQygBYbqBLeX0=
Subject key identifier:   FF:C5:8A:62:99:76:DB:86:26:53:42:E4:54:4A:D1:7B:9A:5D:2D:41
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       0AFACC79D8784B2182F92380CEDA054859A26D4B
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3233322e302f32322d3234203d3e203631333137.roa
Signing time:             Wed 22 Feb 2023 10:29:33 +0000
ROA not before:           Wed 22 Feb 2023 10:24:33 +0000
ROA not after:            Wed 21 Feb 2024 10:29:33 +0000
asID:                     61317
IP address blocks:        140.150.232.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:fa:cc:79:d8:78:4b:21:82:f9:23:80:ce:da:05:48:59:a2:6d:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: Feb 22 10:24:33 2023 GMT
            Not After : Feb 21 10:29:33 2024 GMT
        Subject: CN=FFC58A629976DB86265342E4544AD17B9A5D2D41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:95:e7:cd:a8:ea:a6:8a:70:d4:f3:49:30:c8:
                    4c:f4:21:03:34:28:ce:3b:71:d3:44:4c:98:8d:eb:
                    b1:74:4f:d5:b0:7d:72:2e:a6:76:0e:97:e9:cf:03:
                    25:34:c2:bd:0a:2f:89:39:14:c5:8e:0f:1e:36:22:
                    f5:c5:2a:bd:2c:ef:0c:84:a5:5a:d4:45:36:21:11:
                    bf:06:f5:68:19:e9:87:5c:08:f5:d7:ea:64:58:55:
                    c0:3c:e1:23:1a:32:a6:47:2c:7a:61:40:65:56:39:
                    32:75:85:6e:38:a8:33:45:99:0e:65:37:92:66:dc:
                    8d:b8:84:75:94:18:d5:40:ab:18:ae:6d:e5:7b:19:
                    7b:30:6d:f3:ba:84:6e:dc:84:42:e7:98:69:e8:da:
                    57:de:50:fa:d9:c9:aa:52:12:aa:45:10:6b:ca:d6:
                    d9:ed:c1:db:dc:53:8b:d0:cd:6d:98:b8:9d:25:d7:
                    72:1f:5f:96:82:a7:dd:ad:98:0b:5a:04:ee:68:59:
                    5b:00:19:93:25:5e:c4:45:4e:d6:12:07:cd:3b:ff:
                    f5:0c:2c:35:a3:02:59:f8:0d:f3:a8:5a:f4:1d:3c:
                    2b:49:d1:e9:8e:8a:75:30:8e:eb:c6:3b:1d:78:1a:
                    74:da:8f:9b:a4:1e:e6:2b:6f:32:97:c4:fc:27:47:
                    0d:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:C5:8A:62:99:76:DB:86:26:53:42:E4:54:4A:D1:7B:9A:5D:2D:41
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3233322e302f32322d3234203d3e203631333137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.150.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3f:65:dc:5b:02:05:44:ec:03:8d:f6:0a:95:f2:00:05:cb:ac:
         6d:98:e3:49:0c:de:be:1e:e8:58:fa:c1:3d:ec:83:3f:30:eb:
         1f:3b:81:70:30:ad:53:55:db:9e:15:a0:83:ba:f1:26:27:6c:
         d3:db:35:60:fc:1d:4a:b9:47:d8:85:7a:f2:b4:d7:fb:ee:51:
         a6:0b:ee:89:21:44:98:05:7d:88:e7:68:2c:8c:af:ed:3c:f4:
         13:fb:4d:c1:a3:08:0c:a4:b0:13:ea:5a:25:c5:3a:84:29:1c:
         dd:df:c9:38:58:45:84:4b:49:27:85:df:db:f4:cb:2a:4d:6d:
         1f:13:95:4c:de:26:24:2d:69:be:32:50:e3:50:b9:e2:b2:2e:
         c3:8a:0c:98:ec:ef:99:56:68:75:8a:2d:9b:13:c5:c3:f0:1c:
         3b:a3:3d:3d:fc:6f:c7:cc:21:9b:b6:27:87:f5:f2:81:72:68:
         a0:36:3f:6c:16:29:ad:78:51:3a:f4:0e:6f:4b:7a:6b:46:35:
         e7:40:14:63:f8:6e:f7:f2:12:8a:9f:9b:6c:f6:1f:de:dd:2e:
         52:3a:e0:13:83:71:a3:4e:b1:2a:9a:d3:47:5e:29:4f:d5:23:
         ec:2a:31:90:49:5b:2a:d8:33:33:0d:bd:05:de:7c:c4:52:2e:
         78:8e:95:1a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUCvrMedh4SyGC+SOAztoFSFmibUswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yMzAyMjIxMDI0MzNaFw0yNDAyMjExMDI5MzNaMDMxMTAvBgNV
BAMTKEZGQzU4QTYyOTk3NkRCODYyNjUzNDJFNDU0NEFEMTdCOUE1RDJENDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4lefNqOqminDU80kwyEz0IQM0
KM47cdNETJiN67F0T9WwfXIupnYOl+nPAyU0wr0KL4k5FMWODx42IvXFKr0s7wyE
pVrURTYhEb8G9WgZ6YdcCPXX6mRYVcA84SMaMqZHLHphQGVWOTJ1hW44qDNFmQ5l
N5Jm3I24hHWUGNVAqxiubeV7GXswbfO6hG7chELnmGno2lfeUPrZyapSEqpFEGvK
1tntwdvcU4vQzW2YuJ0l13IfX5aCp92tmAtaBO5oWVsAGZMlXsRFTtYSB807//UM
LDWjAln4DfOoWvQdPCtJ0emOinUwjuvGOx14GnTaj5ukHuYrbzKXxPwnRw3nAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU/8WKYpl224YmU0LkVErRe5pdLUEwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDMwMmUzMTM1MzAyZTMy
MzMzMjJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM2MzEzMzMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAKMlugwDQYJKoZIhvcNAQELBQADggEBAD9l3FsCBUTsA432CpXyAAXLrG2Y40kM
3r4e6Fj6wT3sgz8w6x87gXAwrVNV254VoIO68SYnbNPbNWD8HUq5R9iFevK01/vu
UaYL7okhRJgFfYjnaCyMr+089BP7TcGjCAyksBPqWiXFOoQpHN3fyThYRYRLSSeF
39v0yypNbR8TlUzeJiQtab4yUONQueKyLsOKDJjs75lWaHWKLZsTxcPwHDujPT38
b8fMIZu2J4f18oFyaKA2P2wWKa14UTr0Dm9LemtGNedAFGP4bvfyEoqfm2z2H97d
LlI64BODcaNOsSqa00deKU/VI+wqMZBJWyrYMzMNvQXefMRSLniOlRo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-fra.rpki-client.org