Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3233362e302f32322d3232203d3e203539343332.roa
File:                     3134302e3135302e3233362e302f32322d3232203d3e203539343332.roa (raw, json)
Hash identifier:          xD6e+hE3OCiRgh9IWf/ZoAsd2YxfZSVbC1+yL6ft7ys=
Subject key identifier:   E3:F1:6A:A1:A4:E2:72:EC:D1:AF:F3:07:90:78:1A:03:B4:E0:3C:87
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       66B6DEA2BA407770926A0CA7DF03ACA9E7D77508
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3233362e302f32322d3232203d3e203539343332.roa
Signing time:             Thu 25 May 2023 08:11:59 +0000
ROA not before:           Thu 25 May 2023 08:06:59 +0000
ROA not after:            Thu 23 May 2024 08:11:59 +0000
asID:                     59432
IP address blocks:        140.150.236.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:b6:de:a2:ba:40:77:70:92:6a:0c:a7:df:03:ac:a9:e7:d7:75:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: May 25 08:06:59 2023 GMT
            Not After : May 23 08:11:59 2024 GMT
        Subject: CN=E3F16AA1A4E272ECD1AFF30790781A03B4E03C87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:2a:45:88:20:0b:0c:d9:42:f0:35:6a:b9:90:
                    a3:c2:d5:c4:05:69:9f:9e:04:cf:44:ba:ea:f5:a3:
                    d7:41:b8:eb:a0:f9:1b:5b:20:e8:b0:1a:86:4e:e3:
                    22:b6:b9:e0:da:c9:85:e6:f2:38:b4:f6:96:69:a4:
                    17:5a:5a:f2:c4:5e:f8:d0:a5:7e:45:ec:09:6f:b6:
                    79:3b:49:83:45:ae:d9:da:53:81:56:c1:df:2e:71:
                    de:df:73:f0:b0:81:cb:a5:72:d2:c6:81:97:bb:5a:
                    c5:fb:1d:2d:58:89:4f:47:56:95:fd:ba:5a:92:c6:
                    43:42:ad:60:35:02:fc:58:d6:ab:c6:9c:06:3c:68:
                    df:6a:b9:f7:82:01:b8:ab:42:7b:0c:60:bc:56:52:
                    34:ef:a5:82:e9:7c:ac:e5:0c:86:e5:b3:95:6e:cb:
                    21:41:30:e5:c9:b8:d5:03:06:14:5d:21:45:6a:f5:
                    f5:78:6c:80:7a:95:09:e8:1f:99:5f:74:6b:71:a0:
                    e9:7a:20:0e:67:76:43:8b:bb:b4:fd:ce:39:7e:e9:
                    87:00:f0:f0:bb:be:35:e7:c0:7a:5c:b5:8f:f2:9e:
                    e5:a8:8c:7e:a1:75:c8:93:ca:37:19:54:b3:b3:a3:
                    90:01:38:61:9a:44:56:35:42:76:ee:7e:0e:c3:63:
                    14:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:F1:6A:A1:A4:E2:72:EC:D1:AF:F3:07:90:78:1A:03:B4:E0:3C:87
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3233362e302f32322d3232203d3e203539343332.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.150.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         86:46:7c:c0:82:a8:59:4d:d0:af:d0:c9:71:6d:44:80:2c:63:
         14:52:63:e4:18:e7:8b:a0:3a:9c:1f:fd:08:49:95:6f:23:36:
         16:9c:78:e0:ba:ec:2b:1a:70:dc:d2:44:ed:54:bb:29:41:b2:
         21:de:1b:f6:f3:8c:72:99:03:6f:34:a1:f8:91:15:47:78:92:
         bb:07:78:a5:ba:bf:71:63:9b:a2:6d:99:1e:f6:15:20:d6:c7:
         0a:2a:f4:68:6a:e8:23:12:cf:ae:4d:9b:2c:99:7d:9e:f7:c6:
         e8:f4:9f:c5:39:cc:e2:72:65:6e:93:c5:97:a5:84:12:4f:bf:
         9d:09:25:f9:2f:a4:91:2e:74:9b:12:f1:e6:83:cc:1e:22:67:
         fd:6f:e2:94:ad:c8:17:ae:b2:b0:aa:8a:2b:2b:44:22:73:56:
         f1:41:01:fe:c6:0b:b3:7a:e0:ec:f6:99:ae:e0:d8:40:6b:95:
         25:ac:1e:71:c1:4a:9f:61:1f:c3:15:9b:44:9e:b8:f1:4f:53:
         32:3f:8b:fe:c6:0c:b9:d2:31:4e:8e:92:7c:44:77:29:c7:29:
         69:69:11:fe:90:3d:43:47:77:a5:1e:dc:02:0e:03:61:0b:fd:
         70:06:e7:23:b0:0d:a2:9a:c4:47:43:af:77:2a:59:4a:7e:99:
         08:17:c4:ce
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZrbeorpAd3CSagyn3wOsqefXdQgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yMzA1MjUwODA2NTlaFw0yNDA1MjMwODExNTlaMDMxMTAvBgNV
BAMTKEUzRjE2QUExQTRFMjcyRUNEMUFGRjMwNzkwNzgxQTAzQjRFMDNDODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfKkWIIAsM2ULwNWq5kKPC1cQF
aZ+eBM9Euur1o9dBuOug+RtbIOiwGoZO4yK2ueDayYXm8ji09pZppBdaWvLEXvjQ
pX5F7Alvtnk7SYNFrtnaU4FWwd8ucd7fc/CwgculctLGgZe7WsX7HS1YiU9HVpX9
ulqSxkNCrWA1AvxY1qvGnAY8aN9qufeCAbirQnsMYLxWUjTvpYLpfKzlDIbls5Vu
yyFBMOXJuNUDBhRdIUVq9fV4bIB6lQnoH5lfdGtxoOl6IA5ndkOLu7T9zjl+6YcA
8PC7vjXnwHpctY/ynuWojH6hdciTyjcZVLOzo5ABOGGaRFY1Qnbufg7DYxRnAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU4/FqoaTicuzRr/MHkHgaA7TgPIcwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDMwMmUzMTM1MzAyZTMy
MzMzNjJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDM1MzkzNDMzMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAKMluwwDQYJKoZIhvcNAQELBQADggEBAIZGfMCCqFlN0K/QyXFtRIAsYxRSY+QY
54ugOpwf/QhJlW8jNhaceOC67CsacNzSRO1UuylBsiHeG/bzjHKZA280ofiRFUd4
krsHeKW6v3Fjm6JtmR72FSDWxwoq9Ghq6CMSz65NmyyZfZ73xuj0n8U5zOJyZW6T
xZelhBJPv50JJfkvpJEudJsS8eaDzB4iZ/1v4pStyBeusrCqiisrRCJzVvFBAf7G
C7N64Oz2ma7g2EBrlSWsHnHBSp9hH8MVm0SeuPFPUzI/i/7GDLnSMU6OknxEdynH
KWlpEf6QPUNHd6Ue3AIOA2EL/XAG5yOwDaKaxEdDr3cqWUp+mQgXxM4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-fra.rpki-client.org