Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e302e302f31372d3234203d3e2037333933.roa
File:                     3134382e3133352e302e302f31372d3234203d3e2037333933.roa (raw, json)
Hash identifier:          vKpOhieOpTnYS2ZxS4JTPTW3FMFTkeYBDfXA2Zr61JQ=
Subject key identifier:   09:C6:30:F5:90:C1:3F:82:67:21:71:19:ED:6C:BB:85:0B:34:FC:37
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       62BCB8C6049C4045A347F899EA20D59EAB365574
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e302e302f31372d3234203d3e2037333933.roa
Signing time:             Mon 27 Mar 2023 07:59:22 +0000
ROA not before:           Mon 27 Mar 2023 07:54:22 +0000
ROA not after:            Mon 25 Mar 2024 07:59:22 +0000
asID:                     7393
IP address blocks:        148.135.0.0/17 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:bc:b8:c6:04:9c:40:45:a3:47:f8:99:ea:20:d5:9e:ab:36:55:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: Mar 27 07:54:22 2023 GMT
            Not After : Mar 25 07:59:22 2024 GMT
        Subject: CN=09C630F590C13F8267217119ED6CBB850B34FC37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:86:52:0e:17:e7:b7:76:64:7a:dc:e9:16:d0:
                    4b:2a:d1:a6:38:29:24:dd:b7:8a:61:91:60:77:b1:
                    49:63:33:0a:d8:8c:16:ab:0c:3c:4c:a9:1a:81:5f:
                    c5:e5:18:7d:84:1a:1e:87:2e:d7:7c:27:b7:fa:5b:
                    bf:3e:de:e0:9f:17:82:05:54:17:00:55:ef:a7:e3:
                    01:5f:4c:95:65:20:8b:bd:23:da:e8:f9:e5:f1:f9:
                    b3:86:90:a6:43:8a:e3:8f:18:a9:42:12:a1:d2:a0:
                    97:ee:10:df:28:4c:0d:d7:74:b6:c9:b2:77:d3:8c:
                    53:51:67:80:4b:69:71:ec:82:f6:c0:d6:60:33:dc:
                    a4:72:99:66:a8:c9:81:29:73:d0:3a:dc:b1:e4:0c:
                    be:5d:d1:42:00:9f:b8:a2:e7:dd:4c:d8:a2:ee:15:
                    2f:94:78:9e:40:50:4e:51:14:1c:68:74:08:9d:ac:
                    e9:0f:9f:0b:79:e3:73:5c:8a:16:92:91:97:b6:53:
                    d3:8b:2b:c7:bd:99:68:78:f4:35:5d:e4:80:8b:f6:
                    bc:a4:f3:f7:44:f5:04:92:33:ed:c8:5a:03:3c:0a:
                    d3:80:16:08:10:92:6b:31:ea:26:3f:40:82:b4:18:
                    9a:62:af:11:87:9f:4a:2d:7c:09:39:00:92:ed:26:
                    ba:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:C6:30:F5:90:C1:3F:82:67:21:71:19:ED:6C:BB:85:0B:34:FC:37
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e302e302f31372d3234203d3e2037333933.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  148.135.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         55:6b:b8:bb:d6:63:56:62:6e:1a:41:89:fc:e6:1f:74:64:e9:
         81:f3:0b:07:d2:6c:e2:2f:68:e4:63:ee:2d:97:29:fe:30:73:
         2e:fc:67:c7:8f:69:ad:f9:e8:fd:64:c3:14:be:00:7c:f4:fd:
         f7:c6:f0:20:a6:74:87:a1:15:29:66:ba:a7:f3:e7:0a:eb:52:
         7c:84:aa:af:22:39:66:fa:e7:5b:87:90:dc:00:e4:ef:1c:a9:
         a7:93:54:9e:09:89:cf:ab:15:71:14:1f:67:6f:e7:bc:af:52:
         68:be:a8:31:10:d4:b7:8d:f7:86:ed:ff:63:06:a4:23:0a:ee:
         e8:3a:ba:44:78:99:87:26:42:ab:17:8d:13:42:8c:c2:26:df:
         70:86:f7:c0:fe:0e:79:13:26:d0:c4:64:7d:36:63:61:91:95:
         17:48:4e:3a:a1:2e:de:fc:ba:19:e6:ae:07:26:3e:96:d5:94:
         ab:df:a6:62:75:a5:8f:1c:75:54:65:c1:12:e4:39:44:ca:c0:
         0c:f9:05:d0:1a:04:f8:3b:59:38:48:62:50:58:a8:b2:f2:cf:
         18:8c:b8:29:4f:62:3b:0d:13:c8:3d:2c:a1:e1:84:c6:41:98:
         56:5a:b8:39:6b:c1:95:bb:fc:97:b3:26:14:26:bf:1f:91:d9:
         1b:9a:1f:4d
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUYry4xgScQEWjR/iZ6iDVnqs2VXQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yMzAzMjcwNzU0MjJaFw0yNDAzMjUwNzU5MjJaMDMxMTAvBgNV
BAMTKDA5QzYzMEY1OTBDMTNGODI2NzIxNzExOUVENkNCQjg1MEIzNEZDMzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/hlIOF+e3dmR63OkW0Esq0aY4
KSTdt4phkWB3sUljMwrYjBarDDxMqRqBX8XlGH2EGh6HLtd8J7f6W78+3uCfF4IF
VBcAVe+n4wFfTJVlIIu9I9ro+eXx+bOGkKZDiuOPGKlCEqHSoJfuEN8oTA3XdLbJ
snfTjFNRZ4BLaXHsgvbA1mAz3KRymWaoyYEpc9A63LHkDL5d0UIAn7ii591M2KLu
FS+UeJ5AUE5RFBxodAidrOkPnwt543NcihaSkZe2U9OLK8e9mWh49DVd5ICL9ryk
8/dE9QSSM+3IWgM8CtOAFggQkmsx6iY/QIK0GJpirxGHn0otfAk5AJLtJrr/AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUCcYw9ZDBP4JnIXEZ7Wy7hQs0/DcwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDM4MmUzMTMzMzUyZTMw
MmUzMDJmMzEzNzJkMzIzNDIwM2QzZTIwMzczMzM5MzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAeUhwAw
DQYJKoZIhvcNAQELBQADggEBAFVruLvWY1ZibhpBifzmH3Rk6YHzCwfSbOIvaORj
7i2XKf4wcy78Z8ePaa356P1kwxS+AHz0/ffG8CCmdIehFSlmuqfz5wrrUnyEqq8i
OWb651uHkNwA5O8cqaeTVJ4Jic+rFXEUH2dv57yvUmi+qDEQ1LeN94bt/2MGpCMK
7ug6ukR4mYcmQqsXjRNCjMIm33CG98D+DnkTJtDEZH02Y2GRlRdITjqhLt78uhnm
rgcmPpbVlKvfpmJ1pY8cdVRlwRLkOUTKwAz5BdAaBPg7WThIYlBYqLLyzxiMuClP
YjsNE8g9LKHhhMZBmFZauDlrwZW7/JezJhQmvx+R2RuaH00=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:54 2024 by rpki-client on console-ams.rpki-client.org