Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a326635633a3a2f34382d3438203d3e20323033303639.roa
File:                     326130353a646663353a326635633a3a2f34382d3438203d3e20323033303639.roa (raw, json)
Hash identifier:          wzC7XWFG3oz71jOgtOnc8eNhvNCgyi41gvPFErjwFBE=
Subject key identifier:   98:E0:7F:F6:8A:5E:D6:F5:5B:C7:4D:98:11:95:C9:D2:0D:7F:05:C8
Certificate issuer:       /CN=847138B5401830B89B52403C777718BB40B2B6B5
Certificate serial:       31FAD29474355F4E00B0A1F0B1355A7549047AFD
Authority key identifier: 84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a326635633a3a2f34382d3438203d3e20323033303639.roa
Signing time:             Tue 18 Apr 2023 22:11:25 +0000
ROA not before:           Tue 18 Apr 2023 22:06:25 +0000
ROA not after:            Tue 16 Apr 2024 22:11:25 +0000
asID:                     203069
IP address blocks:        2a05:dfc5:2f5c::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:fa:d2:94:74:35:5f:4e:00:b0:a1:f0:b1:35:5a:75:49:04:7a:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=847138B5401830B89B52403C777718BB40B2B6B5
        Validity
            Not Before: Apr 18 22:06:25 2023 GMT
            Not After : Apr 16 22:11:25 2024 GMT
        Subject: CN=98E07FF68A5ED6F55BC74D981195C9D20D7F05C8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:59:8d:dd:be:9a:13:49:2b:7c:5a:ae:65:d4:
                    16:78:84:81:fc:5c:c5:ac:34:60:8f:be:31:b1:51:
                    9e:1a:b9:e7:64:94:d9:81:ae:51:82:2c:b8:78:92:
                    b0:a6:cd:08:08:63:16:8a:0a:a0:bb:23:49:01:7b:
                    05:e3:a6:ed:40:90:ef:54:a4:05:d2:e6:38:95:de:
                    da:50:a9:9b:f0:d1:7a:ff:25:3e:96:3c:e9:e1:3a:
                    8c:1d:2d:bd:52:39:a4:98:db:fa:61:27:96:7e:0f:
                    58:fd:39:24:1b:c1:74:03:50:ad:33:b5:95:a1:96:
                    14:ec:81:8f:85:0a:a1:4b:fd:e9:ec:24:0e:50:c5:
                    27:41:86:62:b9:8d:44:12:67:5e:4d:4b:d6:af:40:
                    97:2c:1d:cc:0d:c4:7d:28:f7:8f:d1:76:ea:ed:99:
                    7e:44:61:d4:2a:29:6d:ad:65:62:de:46:a7:ae:38:
                    20:5e:65:58:2d:27:ee:ec:69:48:31:75:07:99:53:
                    bf:b4:bd:57:08:06:ef:55:fb:64:68:6f:a3:4e:25:
                    7a:ea:0b:3d:70:27:2c:5f:35:3b:e9:fc:86:af:e4:
                    c5:a4:38:55:54:b1:70:4b:af:23:a1:94:f7:f8:0c:
                    e6:f0:23:b6:5b:5e:9f:fc:ca:3e:84:e3:5f:94:2c:
                    a9:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:E0:7F:F6:8A:5E:D6:F5:5B:C7:4D:98:11:95:C9:D2:0D:7F:05:C8
            X509v3 Authority Key Identifier:
                keyid:84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/847138B5401830B89B52403C777718BB40B2B6B5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a326635633a3a2f34382d3438203d3e20323033303639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc5:2f5c::/48

    Signature Algorithm: sha256WithRSAEncryption
         52:2f:50:39:46:7c:83:c7:c6:37:8f:e6:1b:a3:31:17:03:83:
         d3:a3:5c:ad:90:48:b7:f2:df:a4:2d:f6:32:7f:d7:0e:83:7f:
         16:e2:18:b1:f2:12:bb:5c:88:f8:22:3b:44:94:b9:ad:87:dc:
         95:35:39:1a:ba:e2:45:0a:06:47:48:ea:af:5a:d9:6d:46:a0:
         c5:fa:ae:9b:49:8f:3a:52:45:5e:8f:80:48:7b:90:ef:d3:fa:
         7c:61:43:72:9c:c3:f3:af:88:68:d6:e9:24:38:d5:55:c8:36:
         c2:79:4b:ad:e4:47:00:bb:22:6d:15:c0:55:41:17:e8:c4:78:
         65:77:17:9e:a1:91:89:00:b7:96:06:54:9a:1f:f3:9c:39:e4:
         6a:0c:3e:29:b3:6a:7c:f3:d4:26:f8:f5:c1:12:2e:1f:48:39:
         20:13:0f:58:e3:be:fc:b5:7d:cd:d5:ad:5f:2b:3e:6b:7d:4b:
         cc:1e:a7:46:b3:ab:8f:6b:93:65:3a:2d:6c:64:7c:38:8a:5e:
         4b:f5:f7:ed:77:d7:ac:27:ed:e8:e8:44:a7:30:51:7a:5e:3b:
         7b:a2:7f:8d:ff:44:0a:30:0c:6b:9f:ff:27:71:bb:57:97:11:
         b0:ce:49:ae:00:5d:a0:5b:91:91:c2:7a:d5:3d:d2:55:21:2b:
         f3:82:fe:e2
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIUMfrSlHQ1X04AsKHwsTVadUkEev0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0
MEIyQjZCNTAeFw0yMzA0MTgyMjA2MjVaFw0yNDA0MTYyMjExMjVaMDMxMTAvBgNV
BAMTKDk4RTA3RkY2OEE1RUQ2RjU1QkM3NEQ5ODExOTVDOUQyMEQ3RjA1QzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtWY3dvpoTSSt8Wq5l1BZ4hIH8
XMWsNGCPvjGxUZ4auedklNmBrlGCLLh4krCmzQgIYxaKCqC7I0kBewXjpu1AkO9U
pAXS5jiV3tpQqZvw0Xr/JT6WPOnhOowdLb1SOaSY2/phJ5Z+D1j9OSQbwXQDUK0z
tZWhlhTsgY+FCqFL/ensJA5QxSdBhmK5jUQSZ15NS9avQJcsHcwNxH0o94/Rdurt
mX5EYdQqKW2tZWLeRqeuOCBeZVgtJ+7saUgxdQeZU7+0vVcIBu9V+2Rob6NOJXrq
Cz1wJyxfNTvp/Iav5MWkOFVUsXBLryOhlPf4DObwI7ZbXp/8yj6E41+ULKlVAgMB
AAGjggJ6MIICdjAdBgNVHQ4EFgQUmOB/9ope1vVbx02YEZXJ0g1/BcgwHwYDVR0j
BBgwFoAUhHE4tUAYMLibUkA8d3cYu0CytrUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJmOGU5NzctNzI3OC00NmNmLWFiZDEtOTljZDFmZDJi
ZTRlLzQvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIyQjZCNS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIy
QjZCNS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWJmOGU5Nzct
NzI3OC00NmNmLWFiZDEtOTljZDFmZDJiZTRlLzQvMzI2MTMwMzUzYTY0NjY2MzM1
M2EzMjY2MzU2MzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzMzMwMzYzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoF38UvXDANBgkqhkiG9w0BAQsFAAOCAQEAUi9QOUZ8g8fGN4/m
G6MxFwOD06NcrZBIt/LfpC32Mn/XDoN/FuIYsfISu1yI+CI7RJS5rYfclTU5Grri
RQoGR0jqr1rZbUagxfqum0mPOlJFXo+ASHuQ79P6fGFDcpzD86+IaNbpJDjVVcg2
wnlLreRHALsibRXAVUEX6MR4ZXcXnqGRiQC3lgZUmh/znDnkagw+KbNqfPPUJvj1
wRIuH0g5IBMPWOO+/LV9zdWtXys+a31LzB6nRrOrj2uTZTotbGR8OIpeS/X37XfX
rCft6OhEpzBRel47e6J/jf9ECjAMa5//J3G7V5cRsM5JrgBdoFuRkcJ61T3SVSEr
84L+4g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-fra.rpki-client.org