Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e302e302f32302d3230203d3e2030.roa
File:                     3134382e3133352e302e302f32302d3230203d3e2030.roa (raw, json)
Hash identifier:          M2/GkwiwNT2S2qVKUTFT0dUDlMsqGWydYwobTq1ecFw=
Subject key identifier:   8B:85:FA:4D:17:AD:77:74:C5:AA:CE:ED:77:88:FB:18:E8:DF:C5:D2
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       6B274D9E2C804F37300B2FA1C282EF3CEF5BF78B
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e302e302f32302d3230203d3e2030.roa
Signing time:             Fri 03 Feb 2023 09:17:13 +0000
ROA not before:           Fri 03 Feb 2023 09:12:13 +0000
ROA not after:            Fri 02 Feb 2024 09:17:13 +0000
asID:                     0
IP address blocks:        148.135.0.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:27:4d:9e:2c:80:4f:37:30:0b:2f:a1:c2:82:ef:3c:ef:5b:f7:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: Feb  3 09:12:13 2023 GMT
            Not After : Feb  2 09:17:13 2024 GMT
        Subject: CN=8B85FA4D17AD7774C5AACEED7788FB18E8DFC5D2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:12:7c:0c:7e:1c:35:2a:a0:35:74:aa:63:33:
                    ce:84:48:a3:32:3a:94:31:54:1f:21:6d:ce:a0:43:
                    5a:11:91:c6:c3:23:ab:95:51:64:84:ce:ac:0c:a2:
                    9a:eb:58:b7:cc:f3:63:34:12:f9:ba:31:5c:ae:ba:
                    ca:28:05:4d:de:b4:60:e3:a6:42:75:bc:cb:ac:fa:
                    be:22:59:44:fd:15:76:3c:6b:88:c9:7e:f5:96:3b:
                    a8:f8:35:e2:5c:e6:38:92:f8:5b:fe:2b:2a:07:68:
                    97:d5:57:d3:38:d4:6d:50:ad:11:11:7a:08:e9:c1:
                    3c:1e:33:0f:59:66:90:32:c2:17:d0:83:83:b6:e6:
                    c2:c6:3e:27:9f:af:33:23:1d:1b:b7:3e:92:a4:c8:
                    11:fd:62:c3:99:a9:c6:a9:a7:c7:54:9d:5f:1f:e1:
                    c3:f3:91:7d:b9:f2:be:69:66:c9:af:9a:d4:87:f6:
                    b7:b1:73:cd:51:25:6b:d4:28:1c:cb:c7:a4:fb:57:
                    4f:0c:00:ce:40:f8:e6:41:99:f9:74:a2:87:73:c3:
                    f3:94:ce:46:e8:ea:87:ea:5e:24:7b:c9:60:7d:4c:
                    b5:79:bf:db:00:b7:fa:41:98:17:b4:0f:01:89:74:
                    af:0b:53:92:37:4b:d8:b2:46:9a:89:48:3b:00:dd:
                    e9:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:85:FA:4D:17:AD:77:74:C5:AA:CE:ED:77:88:FB:18:E8:DF:C5:D2
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e302e302f32302d3230203d3e2030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  148.135.0.0/20

    Signature Algorithm: sha256WithRSAEncryption
         50:33:ac:79:60:4f:83:78:02:d2:54:23:2a:29:11:df:e7:ea:
         49:a2:7d:30:21:92:bf:8c:f1:28:be:e7:c5:64:fb:88:ef:b0:
         0c:2f:bb:f7:b5:a4:31:18:cc:b1:12:b1:1b:e9:0e:45:fb:6e:
         ca:21:1e:c1:e7:c3:80:5a:09:db:e4:ea:be:62:67:7d:e7:90:
         35:98:01:09:d0:34:c0:42:ea:f9:82:d7:74:67:4f:2b:9b:3d:
         64:a4:49:7f:69:a9:9d:28:cb:35:c4:cb:f9:9c:57:9f:46:bc:
         dc:01:15:08:28:f8:6a:59:7c:ac:64:94:cc:3d:f2:15:b9:f1:
         6a:2b:e5:94:17:99:9d:d7:a2:e3:cd:7e:1b:44:b2:04:84:c3:
         20:3b:e8:e1:41:ca:57:4f:fa:ec:b7:1a:e6:63:ce:a9:b9:04:
         bb:76:10:2d:ba:93:5d:86:ce:55:55:ff:20:9b:d0:53:6e:82:
         81:a8:75:0d:3d:f2:c1:cf:ad:4f:e9:63:ba:08:7e:3a:cb:d2:
         ea:15:8c:f7:8c:3b:0d:23:71:0e:d7:8c:cf:e7:ca:61:95:3a:
         ed:1a:0d:55:5b:0f:a9:2f:d8:07:24:69:5b:f4:6a:33:b6:4c:
         be:5d:cd:38:0a:ad:ae:4e:8d:f0:0d:c1:ff:9b:3f:90:88:05:
         f8:9a:d3:e7
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUaydNniyATzcwCy+hwoLvPO9b94swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yMzAyMDMwOTEyMTNaFw0yNDAyMDIwOTE3MTNaMDMxMTAvBgNV
BAMTKDhCODVGQTREMTdBRDc3NzRDNUFBQ0VFRDc3ODhGQjE4RThERkM1RDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+EnwMfhw1KqA1dKpjM86ESKMy
OpQxVB8hbc6gQ1oRkcbDI6uVUWSEzqwMoprrWLfM82M0Evm6MVyuusooBU3etGDj
pkJ1vMus+r4iWUT9FXY8a4jJfvWWO6j4NeJc5jiS+Fv+KyoHaJfVV9M41G1QrRER
egjpwTweMw9ZZpAywhfQg4O25sLGPiefrzMjHRu3PpKkyBH9YsOZqcapp8dUnV8f
4cPzkX258r5pZsmvmtSH9rexc81RJWvUKBzLx6T7V08MAM5A+OZBmfl0oodzw/OU
zkbo6ofqXiR7yWB9TLV5v9sAt/pBmBe0DwGJdK8LU5I3S9iyRpqJSDsA3enRAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUi4X6TRetd3TFqs7td4j7GOjfxdIwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDM4MmUzMTMzMzUyZTMw
MmUzMDJmMzIzMDJkMzIzMDIwM2QzZTIwMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBASUhwAwDQYJKoZI
hvcNAQELBQADggEBAFAzrHlgT4N4AtJUIyopEd/n6kmifTAhkr+M8Si+58Vk+4jv
sAwvu/e1pDEYzLESsRvpDkX7bsohHsHnw4BaCdvk6r5iZ33nkDWYAQnQNMBC6vmC
13RnTyubPWSkSX9pqZ0oyzXEy/mcV59GvNwBFQgo+GpZfKxklMw98hW58Wor5ZQX
mZ3XouPNfhtEsgSEwyA76OFByldP+uy3GuZjzqm5BLt2EC26k12GzlVV/yCb0FNu
goGodQ098sHPrU/pY7oIfjrL0uoVjPeMOw0jcQ7XjM/nymGVOu0aDVVbD6kv2Ack
aVv0ajO2TL5dzTgKra5OjfANwf+bP5CIBfia0+c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:54 2024 by rpki-client on console-ams.rpki-client.org