Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a32663a3a2f34382d3438203d3e20323033303639.roa
File:                     326130353a646663353a32663a3a2f34382d3438203d3e20323033303639.roa (raw, json)
Hash identifier:          It+9RTyx2Hzov3Ot0w7JIgHEwFyVemO0lyxDdMrd750=
Subject key identifier:   6F:60:96:A5:B1:2E:4B:00:0E:6F:97:47:C2:5B:6E:39:FA:DD:49:DF
Certificate issuer:       /CN=847138B5401830B89B52403C777718BB40B2B6B5
Certificate serial:       1C8930DF983D0B6AA2E77B8EC4DC30D7C2E4D07D
Authority key identifier: 84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a32663a3a2f34382d3438203d3e20323033303639.roa
Signing time:             Fri 20 Jan 2023 16:33:39 +0000
ROA not before:           Fri 20 Jan 2023 16:28:39 +0000
ROA not after:            Fri 19 Jan 2024 16:33:39 +0000
asID:                     203069
IP address blocks:        2a05:dfc5:2f::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1c:89:30:df:98:3d:0b:6a:a2:e7:7b:8e:c4:dc:30:d7:c2:e4:d0:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=847138B5401830B89B52403C777718BB40B2B6B5
        Validity
            Not Before: Jan 20 16:28:39 2023 GMT
            Not After : Jan 19 16:33:39 2024 GMT
        Subject: CN=6F6096A5B12E4B000E6F9747C25B6E39FADD49DF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:e9:20:97:82:16:c6:eb:80:c7:15:d2:2c:d9:
                    5b:fe:3e:0e:60:a0:7e:66:fd:7a:42:55:d8:05:3e:
                    08:4f:07:2a:60:23:02:3b:9d:79:3a:bc:8f:b6:95:
                    b3:48:e1:6b:da:50:4c:c3:f0:30:cc:8e:f0:73:e0:
                    1b:aa:3e:64:ef:e2:b0:79:da:10:ef:10:2f:8b:2f:
                    80:b0:26:49:e4:02:65:a9:5f:25:6b:51:16:4d:8c:
                    a8:c8:44:0e:17:10:c5:13:8c:ff:f7:24:3a:8e:5c:
                    da:bc:d2:b3:e8:22:da:7b:e7:a0:3b:1e:a4:e7:11:
                    14:b0:1e:60:aa:6a:08:63:01:ac:57:2c:6a:ca:a4:
                    c2:18:13:54:c7:3c:4a:86:18:35:f6:d5:24:2b:c2:
                    e2:b2:02:75:1a:7b:c4:c5:03:dd:c3:db:aa:be:47:
                    3b:93:ec:45:85:69:4a:5b:95:73:9c:b2:01:52:46:
                    0a:bb:21:c4:80:aa:87:00:ff:70:be:17:cb:da:df:
                    c4:6e:65:56:91:12:01:df:42:ff:67:6f:65:d5:13:
                    5d:d8:2a:d1:ee:9c:d7:10:f3:ab:3b:e9:be:df:52:
                    87:79:51:98:59:7f:c9:c8:de:dd:ed:2e:e1:a2:7e:
                    ef:77:7c:10:17:69:35:d5:a4:1a:79:dc:e6:f4:a7:
                    fe:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:60:96:A5:B1:2E:4B:00:0E:6F:97:47:C2:5B:6E:39:FA:DD:49:DF
            X509v3 Authority Key Identifier:
                keyid:84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/847138B5401830B89B52403C777718BB40B2B6B5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a32663a3a2f34382d3438203d3e20323033303639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc5:2f::/48

    Signature Algorithm: sha256WithRSAEncryption
         83:46:67:ef:2b:21:f5:37:3b:65:05:aa:7f:83:8c:4f:99:02:
         06:06:fc:ef:78:6b:50:28:e3:33:64:02:a9:35:1e:da:97:cb:
         8d:af:a9:ec:01:dc:d1:ec:15:be:db:cd:9e:45:18:89:21:03:
         3e:ca:c7:f4:3f:0a:c8:b1:bb:9f:35:7e:ba:36:ff:23:e7:79:
         94:16:99:2d:4c:5b:88:5f:02:1d:2d:2f:00:1f:60:22:88:33:
         24:63:33:08:99:42:3c:9b:19:1f:0c:11:00:89:14:5c:81:5f:
         4f:21:74:d2:0f:fe:2f:91:94:ea:00:b0:ba:0a:c2:80:d6:a2:
         64:0d:63:e1:b7:6c:b2:08:5d:58:e7:80:43:f2:d3:22:d3:f8:
         a3:98:6f:ae:f1:b9:9d:be:48:19:1b:5c:ad:0d:3b:1b:ba:3e:
         a1:15:b5:b0:ae:38:6d:0a:65:1a:05:46:31:7d:21:42:64:3c:
         70:87:79:44:78:de:46:71:7e:d4:2f:c4:22:9d:bc:bb:4b:bc:
         e0:da:94:43:2a:4a:25:d7:a2:16:e5:87:a0:ec:3e:4b:ea:e9:
         31:60:5c:d2:9c:84:8a:5e:5c:88:4e:e9:fc:cb:1c:f6:f6:1f:
         5c:20:ba:62:05:a1:47:3f:5b:fa:50:1d:75:09:a1:2f:c1:bd:
         23:a8:e3:8c
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIUHIkw35g9C2qi53uOxNww18Lk0H0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0
MEIyQjZCNTAeFw0yMzAxMjAxNjI4MzlaFw0yNDAxMTkxNjMzMzlaMDMxMTAvBgNV
BAMTKDZGNjA5NkE1QjEyRTRCMDAwRTZGOTc0N0MyNUI2RTM5RkFERDQ5REYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC16SCXghbG64DHFdIs2Vv+Pg5g
oH5m/XpCVdgFPghPBypgIwI7nXk6vI+2lbNI4WvaUEzD8DDMjvBz4BuqPmTv4rB5
2hDvEC+LL4CwJknkAmWpXyVrURZNjKjIRA4XEMUTjP/3JDqOXNq80rPoItp756A7
HqTnERSwHmCqaghjAaxXLGrKpMIYE1THPEqGGDX21SQrwuKyAnUae8TFA93D26q+
RzuT7EWFaUpblXOcsgFSRgq7IcSAqocA/3C+F8va38RuZVaREgHfQv9nb2XVE13Y
KtHunNcQ86s76b7fUod5UZhZf8nI3t3tLuGifu93fBAXaTXVpBp53Ob0p/4rAgMB
AAGjggJ2MIICcjAdBgNVHQ4EFgQUb2CWpbEuSwAOb5dHwltuOfrdSd8wHwYDVR0j
BBgwFoAUhHE4tUAYMLibUkA8d3cYu0CytrUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJmOGU5NzctNzI3OC00NmNmLWFiZDEtOTljZDFmZDJi
ZTRlLzQvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIyQjZCNS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIy
QjZCNS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWJmOGU5Nzct
NzI3OC00NmNmLWFiZDEtOTljZDFmZDJiZTRlLzQvMzI2MTMwMzUzYTY0NjY2MzM1
M2EzMjY2M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMDMzMzAzNjM5LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKgXfxQAvMA0GCSqGSIb3DQEBCwUAA4IBAQCDRmfvKyH1NztlBap/g4xP
mQIGBvzveGtQKOMzZAKpNR7al8uNr6nsAdzR7BW+282eRRiJIQM+ysf0PwrIsbuf
NX66Nv8j53mUFpktTFuIXwIdLS8AH2AiiDMkYzMImUI8mxkfDBEAiRRcgV9PIXTS
D/4vkZTqALC6CsKA1qJkDWPht2yyCF1Y54BD8tMi0/ijmG+u8bmdvkgZG1ytDTsb
uj6hFbWwrjhtCmUaBUYxfSFCZDxwh3lEeN5GcX7UL8Qinby7S7zg2pRDKkol16IW
5Yeg7D5L6ukxYFzSnISKXlyITun8yxz29h9cILpiBaFHP1v6UB11CaEvwb0jqOOM
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-fra.rpki-client.org