Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a326635633a3a2f34382d3438203d3e20323033303639.roa
File:                     326130353a646663353a326635633a3a2f34382d3438203d3e20323033303639.roa (raw, json)
Hash identifier:          RhgkUo1oyjT7s/KSrbc9gdGWIP1Usw5DXsoYAMpOExg=
Subject key identifier:   DF:78:76:D8:22:E5:E2:C2:4D:68:7F:29:47:4B:FB:12:A8:67:C9:17
Certificate issuer:       /CN=847138B5401830B89B52403C777718BB40B2B6B5
Certificate serial:       35E8061A49C758F70B87A26129C0752D143DAC2D
Authority key identifier: 84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a326635633a3a2f34382d3438203d3e20323033303639.roa
Signing time:             Fri 20 Jan 2023 16:11:58 +0000
ROA not before:           Fri 20 Jan 2023 16:06:58 +0000
ROA not after:            Fri 19 Jan 2024 16:11:58 +0000
asID:                     203069
IP address blocks:        2a05:dfc5:2f5c::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:e8:06:1a:49:c7:58:f7:0b:87:a2:61:29:c0:75:2d:14:3d:ac:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=847138B5401830B89B52403C777718BB40B2B6B5
        Validity
            Not Before: Jan 20 16:06:58 2023 GMT
            Not After : Jan 19 16:11:58 2024 GMT
        Subject: CN=DF7876D822E5E2C24D687F29474BFB12A867C917
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:ed:7b:0a:eb:e4:1a:a0:19:60:72:be:9a:cd:
                    5a:cf:c0:1e:6e:f2:a6:9e:01:15:18:6b:b5:41:47:
                    01:7d:49:4a:75:70:8f:a3:e6:ee:87:27:56:77:82:
                    f8:19:c2:89:55:e9:60:df:42:9d:c4:98:68:f8:63:
                    a9:19:24:b8:19:5f:cb:db:71:6b:ca:66:d5:fb:14:
                    66:ed:09:6e:9e:a4:bd:bb:9f:e4:04:2c:e1:a1:2a:
                    d3:70:13:b9:e7:aa:75:55:f3:27:5e:59:05:7e:fd:
                    8c:d9:78:c9:ed:62:2e:ba:33:5a:38:14:47:94:12:
                    e8:cf:2a:02:18:33:68:a4:0b:ae:7d:ec:95:68:74:
                    df:1d:76:9a:eb:5b:d4:5a:52:e6:7f:34:25:0c:5c:
                    06:fc:57:a4:00:86:de:a9:e7:b7:11:69:48:ab:70:
                    f9:e8:95:fc:cf:c7:99:e1:9a:c5:5c:11:68:d3:4b:
                    c4:ff:bd:24:c2:34:25:21:7a:16:3d:30:56:24:2c:
                    79:5a:05:c1:f4:b5:ec:48:b6:07:2a:c1:27:f7:90:
                    07:33:3b:ab:1f:26:3a:b9:6b:84:9e:d8:80:2d:2c:
                    90:60:8c:21:49:0b:c5:46:00:6d:59:15:59:30:35:
                    e1:04:44:72:2d:b1:ae:29:7c:32:1c:5b:d7:f4:3d:
                    36:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:78:76:D8:22:E5:E2:C2:4D:68:7F:29:47:4B:FB:12:A8:67:C9:17
            X509v3 Authority Key Identifier:
                keyid:84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/847138B5401830B89B52403C777718BB40B2B6B5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a326635633a3a2f34382d3438203d3e20323033303639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc5:2f5c::/48

    Signature Algorithm: sha256WithRSAEncryption
         a6:a0:96:4f:f6:ea:4d:26:26:f5:d5:94:84:3e:4b:ba:b8:43:
         25:52:e9:87:b9:38:1a:f0:4f:b1:94:a6:bf:2e:fd:7d:25:41:
         c5:44:8b:4d:49:90:51:e2:a5:0c:30:cf:f3:79:a8:94:80:99:
         e2:cd:da:90:9b:88:f8:f4:17:5b:d5:2a:d9:06:d3:bd:46:e1:
         ff:d8:73:0e:47:29:02:2b:ae:f9:4d:82:fb:f4:8e:81:84:0e:
         3f:7a:68:89:1d:da:68:d5:74:db:27:be:29:c6:17:0b:60:20:
         96:df:34:b2:e5:ca:04:f9:1c:fb:a2:47:81:24:5f:23:f5:4e:
         23:19:80:3d:54:61:2e:38:72:cb:78:a8:fe:62:3f:66:f2:79:
         21:cf:9d:b9:92:b1:5d:f0:8b:99:b0:87:f2:c4:fd:3d:cb:3d:
         66:c3:60:10:31:76:4b:20:3f:4b:d0:b3:c8:8c:63:c4:db:dd:
         ee:8d:6e:61:be:bc:5a:c5:a1:cc:40:99:40:cb:ce:60:76:ad:
         58:72:22:a6:f1:14:ae:09:f3:f2:ed:54:3f:66:70:2f:ca:08:
         7e:1b:01:06:3f:ba:4f:b5:4a:84:bf:11:0d:12:b7:b4:75:65:
         68:cc:89:dd:bd:35:a4:6a:ca:15:e7:72:c0:3e:59:da:a8:ae:
         ef:4f:a6:34
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIUNegGGknHWPcLh6JhKcB1LRQ9rC0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0
MEIyQjZCNTAeFw0yMzAxMjAxNjA2NThaFw0yNDAxMTkxNjExNThaMDMxMTAvBgNV
BAMTKERGNzg3NkQ4MjJFNUUyQzI0RDY4N0YyOTQ3NEJGQjEyQTg2N0M5MTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCf7XsK6+QaoBlgcr6azVrPwB5u
8qaeARUYa7VBRwF9SUp1cI+j5u6HJ1Z3gvgZwolV6WDfQp3EmGj4Y6kZJLgZX8vb
cWvKZtX7FGbtCW6epL27n+QELOGhKtNwE7nnqnVV8ydeWQV+/YzZeMntYi66M1o4
FEeUEujPKgIYM2ikC6597JVodN8ddprrW9RaUuZ/NCUMXAb8V6QAht6p57cRaUir
cPnolfzPx5nhmsVcEWjTS8T/vSTCNCUhehY9MFYkLHlaBcH0texItgcqwSf3kAcz
O6sfJjq5a4Se2IAtLJBgjCFJC8VGAG1ZFVkwNeEERHItsa4pfDIcW9f0PTYbAgMB
AAGjggJ6MIICdjAdBgNVHQ4EFgQU33h22CLl4sJNaH8pR0v7EqhnyRcwHwYDVR0j
BBgwFoAUhHE4tUAYMLibUkA8d3cYu0CytrUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJmOGU5NzctNzI3OC00NmNmLWFiZDEtOTljZDFmZDJi
ZTRlLzQvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIyQjZCNS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIy
QjZCNS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWJmOGU5Nzct
NzI3OC00NmNmLWFiZDEtOTljZDFmZDJiZTRlLzQvMzI2MTMwMzUzYTY0NjY2MzM1
M2EzMjY2MzU2MzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzMzMwMzYzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoF38UvXDANBgkqhkiG9w0BAQsFAAOCAQEApqCWT/bqTSYm9dWU
hD5LurhDJVLph7k4GvBPsZSmvy79fSVBxUSLTUmQUeKlDDDP83molICZ4s3akJuI
+PQXW9Uq2QbTvUbh/9hzDkcpAiuu+U2C+/SOgYQOP3poiR3aaNV02ye+KcYXC2Ag
lt80suXKBPkc+6JHgSRfI/VOIxmAPVRhLjhyy3io/mI/ZvJ5Ic+duZKxXfCLmbCH
8sT9Pcs9ZsNgEDF2SyA/S9CzyIxjxNvd7o1uYb68WsWhzECZQMvOYHatWHIipvEU
rgnz8u1UP2ZwL8oIfhsBBj+6T7VKhL8RDRK3tHVlaMyJ3b01pGrKFedywD5Z2qiu
70+mNA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:56 2024 by rpki-client on console-ams.rpki-client.org