Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a32653a3a2f34382d3438203d3e20323033303639.roa
File:                     326130353a646663353a32653a3a2f34382d3438203d3e20323033303639.roa (raw, json)
Hash identifier:          xk/lcGQuhRClejQ0tEMynOpZ4s275G3oDMm9B+EKpv8=
Subject key identifier:   BE:5B:CC:A8:C9:55:17:AC:B6:BF:8C:A2:34:13:D2:5C:F9:E6:D2:4A
Certificate issuer:       /CN=847138B5401830B89B52403C777718BB40B2B6B5
Certificate serial:       01B1D0267454CA02B3D74C3102936029EE51E91A
Authority key identifier: 84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a32653a3a2f34382d3438203d3e20323033303639.roa
Signing time:             Fri 20 Jan 2023 16:34:02 +0000
ROA not before:           Fri 20 Jan 2023 16:29:02 +0000
ROA not after:            Fri 19 Jan 2024 16:34:02 +0000
asID:                     203069
IP address blocks:        2a05:dfc5:2e::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:b1:d0:26:74:54:ca:02:b3:d7:4c:31:02:93:60:29:ee:51:e9:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=847138B5401830B89B52403C777718BB40B2B6B5
        Validity
            Not Before: Jan 20 16:29:02 2023 GMT
            Not After : Jan 19 16:34:02 2024 GMT
        Subject: CN=BE5BCCA8C95517ACB6BF8CA23413D25CF9E6D24A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:03:a4:6a:31:d0:a2:59:c3:7e:23:1e:bb:28:
                    8c:3f:88:fe:dd:f8:c7:8a:4e:20:2a:43:23:1d:5c:
                    7f:0b:d8:d4:18:72:c6:37:a2:f0:f9:ad:21:eb:24:
                    ab:28:a8:ed:2d:8c:6b:d0:2d:88:32:ff:7e:db:dc:
                    64:12:8f:3f:05:d8:6a:62:ad:5e:a2:44:9d:6a:f4:
                    25:33:ac:3e:2c:17:f8:7f:77:fe:e9:1e:7f:11:3d:
                    14:71:07:07:65:48:d7:9b:fc:88:74:7f:f6:da:34:
                    1f:79:75:ad:cc:61:d3:01:58:63:d5:c0:2a:81:6f:
                    d2:d0:9c:7b:6e:2e:0a:83:72:a9:b6:a6:d1:8e:09:
                    60:cf:02:bf:31:02:8c:27:a7:c8:b9:68:3a:bf:5c:
                    30:9d:d3:55:ca:4e:2d:ce:1d:03:83:9c:80:77:15:
                    41:db:d9:39:6c:40:e6:6b:31:49:08:42:0d:0a:e0:
                    14:0e:ba:66:29:c7:0a:e9:ba:51:ae:87:46:17:37:
                    77:a1:e7:74:18:6d:61:13:b2:f6:31:4d:c7:c7:e5:
                    a1:da:0c:8a:40:de:1a:df:15:9a:d4:24:62:d9:25:
                    86:9a:a5:35:cd:64:6f:2e:93:c1:df:e8:ab:fd:99:
                    6b:ed:34:43:1b:d4:26:5a:74:06:99:27:f7:2f:80:
                    f7:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:5B:CC:A8:C9:55:17:AC:B6:BF:8C:A2:34:13:D2:5C:F9:E6:D2:4A
            X509v3 Authority Key Identifier:
                keyid:84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/847138B5401830B89B52403C777718BB40B2B6B5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a32653a3a2f34382d3438203d3e20323033303639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc5:2e::/48

    Signature Algorithm: sha256WithRSAEncryption
         14:c5:cb:41:8d:4d:8d:e3:04:cf:8d:ef:03:cf:23:a7:b3:23:
         2f:ce:23:5c:81:db:63:45:3f:9c:4a:d8:79:7a:b8:a2:b3:97:
         16:97:04:21:96:19:77:ff:5d:4e:bd:a9:06:4c:7d:64:d4:b2:
         97:64:b1:e2:4c:a6:ce:f4:8f:38:be:bd:6e:97:6d:cf:17:f0:
         9a:d6:64:8e:0b:c7:15:dd:90:a9:df:8c:6e:dd:1f:9c:ee:f2:
         12:a6:5f:64:0e:78:fb:93:12:9f:96:c5:96:88:bf:bb:f5:c8:
         c7:9b:f1:d9:bd:01:94:cb:f1:fc:4d:bc:33:a7:0f:42:85:48:
         1e:e7:b0:2a:fb:66:33:b5:7c:81:ac:5f:de:9a:a6:b5:fc:e3:
         9c:9f:b2:09:87:6c:20:42:7b:f0:57:23:62:a4:3c:ee:d4:5b:
         c9:f5:24:7f:66:e3:d6:36:2a:93:53:6b:0a:f9:f2:cc:11:90:
         2c:b2:ac:1b:f9:43:29:7a:7a:85:7a:78:9a:8b:15:b2:a6:d6:
         78:ce:15:4a:b5:c5:92:f5:4f:1f:b4:f9:8a:f0:36:de:5a:ac:
         a1:94:00:d6:ff:74:68:28:a4:ab:0b:ca:7b:07:93:e9:1c:81:
         97:01:c8:e3:3e:13:2d:f2:aa:5f:9f:5b:ad:a2:3a:d3:34:a5:
         7b:2e:77:93
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIUAbHQJnRUygKz10wxApNgKe5R6RowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0
MEIyQjZCNTAeFw0yMzAxMjAxNjI5MDJaFw0yNDAxMTkxNjM0MDJaMDMxMTAvBgNV
BAMTKEJFNUJDQ0E4Qzk1NTE3QUNCNkJGOENBMjM0MTNEMjVDRjlFNkQyNEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHA6RqMdCiWcN+Ix67KIw/iP7d
+MeKTiAqQyMdXH8L2NQYcsY3ovD5rSHrJKsoqO0tjGvQLYgy/37b3GQSjz8F2Gpi
rV6iRJ1q9CUzrD4sF/h/d/7pHn8RPRRxBwdlSNeb/Ih0f/baNB95da3MYdMBWGPV
wCqBb9LQnHtuLgqDcqm2ptGOCWDPAr8xAownp8i5aDq/XDCd01XKTi3OHQODnIB3
FUHb2TlsQOZrMUkIQg0K4BQOumYpxwrpulGuh0YXN3eh53QYbWETsvYxTcfH5aHa
DIpA3hrfFZrUJGLZJYaapTXNZG8uk8Hf6Kv9mWvtNEMb1CZadAaZJ/cvgPchAgMB
AAGjggJ2MIICcjAdBgNVHQ4EFgQUvlvMqMlVF6y2v4yiNBPSXPnm0kowHwYDVR0j
BBgwFoAUhHE4tUAYMLibUkA8d3cYu0CytrUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJmOGU5NzctNzI3OC00NmNmLWFiZDEtOTljZDFmZDJi
ZTRlLzQvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIyQjZCNS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIy
QjZCNS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWJmOGU5Nzct
NzI3OC00NmNmLWFiZDEtOTljZDFmZDJiZTRlLzQvMzI2MTMwMzUzYTY0NjY2MzM1
M2EzMjY1M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMDMzMzAzNjM5LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKgXfxQAuMA0GCSqGSIb3DQEBCwUAA4IBAQAUxctBjU2N4wTPje8DzyOn
syMvziNcgdtjRT+cSth5eriis5cWlwQhlhl3/11OvakGTH1k1LKXZLHiTKbO9I84
vr1ul23PF/Ca1mSOC8cV3ZCp34xu3R+c7vISpl9kDnj7kxKflsWWiL+79cjHm/HZ
vQGUy/H8Tbwzpw9ChUge57Aq+2YztXyBrF/emqa1/OOcn7IJh2wgQnvwVyNipDzu
1FvJ9SR/ZuPWNiqTU2sK+fLMEZAssqwb+UMpenqFeniaixWyptZ4zhVKtcWS9U8f
tPmK8DbeWqyhlADW/3RoKKSrC8p7B5PpHIGXAcjjPhMt8qpfn1utojrTNKV7LneT
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-fra.rpki-client.org