Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a326635653a3a2f34382d3438203d3e20323033303639.roa
File:                     326130353a646663353a326635653a3a2f34382d3438203d3e20323033303639.roa (raw, json)
Hash identifier:          SR3tQC3y5fCIYaqyOgo3NNMF7+13jr/yQxRBY/arrjY=
Subject key identifier:   96:DE:42:5A:01:EC:43:55:A9:93:B9:2A:44:B2:45:96:9C:44:66:5C
Certificate issuer:       /CN=847138B5401830B89B52403C777718BB40B2B6B5
Certificate serial:       4D52A8E61C6A8BD232E5674164F3626576E28889
Authority key identifier: 84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a326635653a3a2f34382d3438203d3e20323033303639.roa
Signing time:             Fri 20 Jan 2023 16:33:15 +0000
ROA not before:           Fri 20 Jan 2023 16:28:15 +0000
ROA not after:            Fri 19 Jan 2024 16:33:15 +0000
asID:                     203069
IP address blocks:        2a05:dfc5:2f5e::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:52:a8:e6:1c:6a:8b:d2:32:e5:67:41:64:f3:62:65:76:e2:88:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=847138B5401830B89B52403C777718BB40B2B6B5
        Validity
            Not Before: Jan 20 16:28:15 2023 GMT
            Not After : Jan 19 16:33:15 2024 GMT
        Subject: CN=96DE425A01EC4355A993B92A44B245969C44665C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:a8:a3:26:a3:1f:dc:ee:76:19:4f:c3:d9:f2:
                    dd:ee:ef:17:49:75:d6:09:61:50:db:51:2c:64:81:
                    4c:cc:f7:fe:57:a7:25:67:b7:02:90:74:f4:9c:ca:
                    a1:20:4c:aa:ae:8e:68:fa:0a:b2:c7:1d:96:ef:e7:
                    ca:43:a4:93:73:7c:20:5d:dc:bc:74:e9:db:2a:0c:
                    5d:50:cb:7b:01:80:fe:a6:18:5a:8b:e9:e5:ee:0f:
                    59:bb:fd:3e:40:7e:3a:bf:7f:95:49:7a:ad:e6:01:
                    ad:fc:6b:4d:8e:a6:fd:39:4b:3a:5f:82:5b:bb:4a:
                    2b:f9:b3:ae:7f:2d:9f:8e:db:69:8e:8f:ca:35:9a:
                    9d:3b:c0:42:44:e1:3f:f0:a9:b7:5c:db:8c:61:08:
                    3b:9b:bd:73:25:a5:76:83:83:29:fd:a1:e7:44:f8:
                    da:e8:67:ed:32:78:0c:15:a0:da:c6:e6:03:72:2a:
                    16:aa:6d:75:88:98:51:03:45:ad:b2:e3:e7:68:0b:
                    e4:ff:04:70:f8:a5:19:19:08:cd:b6:7d:52:69:59:
                    3b:37:d5:aa:a6:83:4c:c5:7c:8f:da:2c:e5:6e:b9:
                    d8:32:42:65:c8:c0:a5:b1:5d:dd:1b:d4:e2:fc:3a:
                    c5:bd:83:4b:7c:08:1e:c7:a1:64:f7:3b:ca:e0:10:
                    86:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:DE:42:5A:01:EC:43:55:A9:93:B9:2A:44:B2:45:96:9C:44:66:5C
            X509v3 Authority Key Identifier:
                keyid:84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/847138B5401830B89B52403C777718BB40B2B6B5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a326635653a3a2f34382d3438203d3e20323033303639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc5:2f5e::/48

    Signature Algorithm: sha256WithRSAEncryption
         7b:94:03:6d:16:37:6d:73:c0:44:b6:51:08:75:5e:8d:a5:04:
         ce:57:f3:52:73:31:73:eb:d7:e3:25:64:61:19:20:3e:6f:de:
         b7:32:36:63:d7:5c:71:ac:5e:ca:c8:e8:1d:d4:98:fe:4d:d1:
         fc:af:ee:89:a9:d0:c5:24:ae:0c:f0:ab:ce:36:78:33:1b:d8:
         bf:be:87:55:76:23:b9:fc:91:c4:09:9d:d9:8e:37:35:5d:ec:
         23:7e:91:a5:5e:28:3e:34:27:83:9e:fb:1e:f8:a2:ed:3b:c4:
         d2:a1:12:2e:7d:82:ac:7a:5e:93:ef:8e:92:be:83:f5:21:f6:
         0e:86:b9:b2:bf:fa:57:2a:71:cd:90:8f:da:d1:ad:cf:e4:3e:
         85:16:89:ae:22:d8:0d:61:64:49:64:42:9a:00:45:d9:43:67:
         cb:a7:dc:33:bd:cc:e6:40:49:08:6c:cd:fa:5e:37:6c:64:95:
         36:36:9f:75:4c:e7:69:c6:20:69:9a:71:c2:df:23:ef:0c:b2:
         63:84:3e:47:a5:06:9c:6d:13:bf:74:5b:48:c6:ff:37:96:36:
         6a:99:4a:a6:51:66:23:2e:9b:99:c1:c1:c4:f1:f5:01:44:4f:
         5f:9b:a4:a6:18:53:13:3f:fc:47:6a:31:0c:bf:63:72:83:7f:
         07:cd:47:b5
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIUTVKo5hxqi9Iy5WdBZPNiZXbiiIkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0
MEIyQjZCNTAeFw0yMzAxMjAxNjI4MTVaFw0yNDAxMTkxNjMzMTVaMDMxMTAvBgNV
BAMTKDk2REU0MjVBMDFFQzQzNTVBOTkzQjkyQTQ0QjI0NTk2OUM0NDY2NUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+qKMmox/c7nYZT8PZ8t3u7xdJ
ddYJYVDbUSxkgUzM9/5XpyVntwKQdPScyqEgTKqujmj6CrLHHZbv58pDpJNzfCBd
3Lx06dsqDF1Qy3sBgP6mGFqL6eXuD1m7/T5Afjq/f5VJeq3mAa38a02Opv05Szpf
glu7Siv5s65/LZ+O22mOj8o1mp07wEJE4T/wqbdc24xhCDubvXMlpXaDgyn9oedE
+NroZ+0yeAwVoNrG5gNyKhaqbXWImFEDRa2y4+doC+T/BHD4pRkZCM22fVJpWTs3
1aqmg0zFfI/aLOVuudgyQmXIwKWxXd0b1OL8OsW9g0t8CB7HoWT3O8rgEIbjAgMB
AAGjggJ6MIICdjAdBgNVHQ4EFgQUlt5CWgHsQ1Wpk7kqRLJFlpxEZlwwHwYDVR0j
BBgwFoAUhHE4tUAYMLibUkA8d3cYu0CytrUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJmOGU5NzctNzI3OC00NmNmLWFiZDEtOTljZDFmZDJi
ZTRlLzQvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIyQjZCNS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIy
QjZCNS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWJmOGU5Nzct
NzI3OC00NmNmLWFiZDEtOTljZDFmZDJiZTRlLzQvMzI2MTMwMzUzYTY0NjY2MzM1
M2EzMjY2MzU2NTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzMzMwMzYzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoF38UvXjANBgkqhkiG9w0BAQsFAAOCAQEAe5QDbRY3bXPARLZR
CHVejaUEzlfzUnMxc+vX4yVkYRkgPm/etzI2Y9dccaxeysjoHdSY/k3R/K/uianQ
xSSuDPCrzjZ4MxvYv76HVXYjufyRxAmd2Y43NV3sI36RpV4oPjQng577Hvii7TvE
0qESLn2CrHpek++Okr6D9SH2Doa5sr/6VypxzZCP2tGtz+Q+hRaJriLYDWFkSWRC
mgBF2UNny6fcM73M5kBJCGzN+l43bGSVNjafdUznacYgaZpxwt8j7wyyY4Q+R6UG
nG0Tv3RbSMb/N5Y2aplKplFmIy6bmcHBxPH1AURPX5ukphhTEz/8R2oxDL9jcoN/
B81HtQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-fra.rpki-client.org