Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e3131322e302f32302d3230203d3e2030.roa
File:                     3134382e3133352e3131322e302f32302d3230203d3e2030.roa (raw, json)
Hash identifier:          CjMl0ydKXVMN06lBl2aEKlfa5EAsDSoKfiNmkVWFFgI=
Subject key identifier:   02:E8:20:57:9D:9F:D2:2E:D0:A3:62:C2:3D:62:01:8E:84:97:AF:1C
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       48755E929B1F593F7C30E768A2F86E23658CFA07
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e3131322e302f32302d3230203d3e2030.roa
Signing time:             Fri 03 Feb 2023 09:18:51 +0000
ROA not before:           Fri 03 Feb 2023 09:13:51 +0000
ROA not after:            Fri 02 Feb 2024 09:18:51 +0000
asID:                     0
IP address blocks:        148.135.112.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:75:5e:92:9b:1f:59:3f:7c:30:e7:68:a2:f8:6e:23:65:8c:fa:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: Feb  3 09:13:51 2023 GMT
            Not After : Feb  2 09:18:51 2024 GMT
        Subject: CN=02E820579D9FD22ED0A362C23D62018E8497AF1C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:43:7b:5c:ca:7f:aa:73:6a:94:50:9d:89:36:
                    f7:81:28:19:0d:a6:26:bb:10:43:b7:96:a0:ca:21:
                    10:8e:25:29:32:20:30:fd:d8:e4:04:d9:ff:f2:05:
                    e7:b4:fb:f5:c1:6b:7b:2f:bc:d8:75:0a:5b:05:f8:
                    65:df:bb:e1:1b:f8:bb:10:eb:83:0d:83:7b:76:58:
                    23:e0:d2:1e:5a:03:7d:0a:ee:05:67:94:29:ee:20:
                    20:88:b1:77:0f:4c:3d:64:5b:1b:15:17:35:a6:2c:
                    9d:bd:02:a2:e7:64:6d:85:49:bc:59:39:eb:c4:c7:
                    8e:34:b2:4c:83:2a:e0:84:2b:d4:eb:1a:4a:64:92:
                    e2:32:1e:5c:ba:e9:c0:d7:0d:63:85:56:4a:13:03:
                    b8:9d:a2:1b:b7:61:e7:ac:73:c5:a0:63:ca:5e:10:
                    73:f1:13:8e:e2:d6:ba:7a:d8:06:81:e2:db:44:36:
                    ea:58:a0:5f:9f:cd:db:c7:00:57:2b:58:88:52:eb:
                    69:4a:ed:e2:3b:f0:1b:07:1b:e7:e9:44:fd:c6:f5:
                    2f:dd:77:7a:bd:db:c1:9c:c5:ce:61:f8:a0:d7:60:
                    64:6e:bf:a6:18:ab:6f:65:cb:f0:c4:14:5a:b3:c0:
                    06:97:43:d4:50:07:db:46:5f:a6:bb:f4:32:10:b7:
                    c8:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:E8:20:57:9D:9F:D2:2E:D0:A3:62:C2:3D:62:01:8E:84:97:AF:1C
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e3131322e302f32302d3230203d3e2030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  148.135.112.0/20

    Signature Algorithm: sha256WithRSAEncryption
         b8:63:ab:2e:16:26:91:f7:c2:71:59:c2:49:69:99:46:fd:8e:
         30:0b:3f:59:3d:23:9f:fd:2e:09:c0:b8:8d:af:56:0e:5c:b5:
         b1:d6:cb:c0:e8:2f:cd:ea:1f:54:63:5e:ca:7b:82:3a:70:0e:
         11:ab:d9:3b:7f:fd:aa:bf:f4:4f:9a:f7:d0:05:9f:df:a6:24:
         0d:05:46:38:71:5c:b7:a1:6e:87:15:1e:6f:35:7c:f4:65:36:
         1e:ae:6a:db:8c:a9:45:3a:97:3f:71:7d:b8:de:b5:39:d4:ed:
         8f:cd:31:23:2b:ad:27:e0:c3:3f:8c:e5:f0:d5:1a:77:4f:b0:
         78:5b:fe:82:0b:2b:39:62:bc:d8:7b:02:b6:f1:8a:eb:9e:b3:
         e9:60:67:ca:ea:16:ee:63:5d:3a:40:25:cc:35:b0:e8:a6:9f:
         ed:4c:72:ca:df:7d:41:77:9e:b2:70:ce:aa:f3:30:60:18:f6:
         7a:68:92:be:f1:42:33:84:cc:6b:1c:2f:cc:45:67:13:03:a5:
         ca:52:7d:4c:f0:fd:7f:c9:e9:da:fb:61:ae:40:b5:f9:45:ed:
         e6:0b:fe:f1:4a:a7:12:0b:a7:b0:17:83:0f:50:ec:ac:6a:d0:
         7f:a7:c6:ac:9d:af:3d:ba:f1:95:b8:ba:fc:a0:99:b7:8b:a2:
         02:92:f2:f8
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUSHVekpsfWT98MOdoovhuI2WM+gcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yMzAyMDMwOTEzNTFaFw0yNDAyMDIwOTE4NTFaMDMxMTAvBgNV
BAMTKDAyRTgyMDU3OUQ5RkQyMkVEMEEzNjJDMjNENjIwMThFODQ5N0FGMUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdQ3tcyn+qc2qUUJ2JNveBKBkN
pia7EEO3lqDKIRCOJSkyIDD92OQE2f/yBee0+/XBa3svvNh1ClsF+GXfu+Eb+LsQ
64MNg3t2WCPg0h5aA30K7gVnlCnuICCIsXcPTD1kWxsVFzWmLJ29AqLnZG2FSbxZ
OevEx440skyDKuCEK9TrGkpkkuIyHly66cDXDWOFVkoTA7idohu3Yeesc8WgY8pe
EHPxE47i1rp62AaB4ttENupYoF+fzdvHAFcrWIhS62lK7eI78BsHG+fpRP3G9S/d
d3q928Gcxc5h+KDXYGRuv6YYq29ly/DEFFqzwAaXQ9RQB9tGX6a79DIQt8gFAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUAuggV52f0i7Qo2LCPWIBjoSXrxwwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDM4MmUzMTMzMzUyZTMx
MzEzMjJlMzAyZjMyMzAyZDMyMzAyMDNkM2UyMDMwLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQElIdwMA0G
CSqGSIb3DQEBCwUAA4IBAQC4Y6suFiaR98JxWcJJaZlG/Y4wCz9ZPSOf/S4JwLiN
r1YOXLWx1svA6C/N6h9UY17Ke4I6cA4Rq9k7f/2qv/RPmvfQBZ/fpiQNBUY4cVy3
oW6HFR5vNXz0ZTYermrbjKlFOpc/cX243rU51O2PzTEjK60n4MM/jOXw1Rp3T7B4
W/6CCys5YrzYewK28YrrnrPpYGfK6hbuY106QCXMNbDopp/tTHLK331Bd56ycM6q
8zBgGPZ6aJK+8UIzhMxrHC/MRWcTA6XKUn1M8P1/yena+2GuQLX5Re3mC/7xSqcS
C6ewF4MPUOysatB/p8asna89uvGVuLr8oJm3i6ICkvL4
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:54 2024 by rpki-client on console-ams.rpki-client.org