Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a33643a3a2f34382d3438203d3e20323033303639.roa
File:                     326130353a646663353a33643a3a2f34382d3438203d3e20323033303639.roa (raw, json)
Hash identifier:          zFwxQ2QLUqqF5YBmJkcWHepiiQQrcn9HT9csBAdCiPM=
Subject key identifier:   90:A2:F0:E5:EC:B7:B6:D4:C6:C5:8F:95:0F:17:04:0E:8C:46:E4:20
Certificate issuer:       /CN=847138B5401830B89B52403C777718BB40B2B6B5
Certificate serial:       2B2C9AB3E1B8B873910E4415ABDBF4797DDCE5CF
Authority key identifier: 84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a33643a3a2f34382d3438203d3e20323033303639.roa
Signing time:             Fri 20 Jan 2023 16:48:34 +0000
ROA not before:           Fri 20 Jan 2023 16:43:34 +0000
ROA not after:            Fri 19 Jan 2024 16:48:34 +0000
asID:                     203069
IP address blocks:        2a05:dfc5:3d::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:2c:9a:b3:e1:b8:b8:73:91:0e:44:15:ab:db:f4:79:7d:dc:e5:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=847138B5401830B89B52403C777718BB40B2B6B5
        Validity
            Not Before: Jan 20 16:43:34 2023 GMT
            Not After : Jan 19 16:48:34 2024 GMT
        Subject: CN=90A2F0E5ECB7B6D4C6C58F950F17040E8C46E420
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:3f:ea:86:e6:fd:f8:e3:ef:f9:f3:06:cf:c1:
                    8a:02:b0:58:5c:31:12:66:8c:b4:3b:95:1b:c7:53:
                    a8:ba:cf:43:8d:f6:da:7d:c1:c6:2e:9c:d8:3b:5a:
                    4d:7b:11:a9:87:db:c3:71:7e:81:a7:80:42:55:cc:
                    53:3f:d8:48:56:a7:43:e4:5d:f5:cd:5a:d8:b6:b7:
                    5d:0b:24:af:98:ed:2f:af:f2:3e:91:3d:73:95:9e:
                    c1:21:18:6d:47:38:85:bd:3c:0b:38:b4:05:8d:cc:
                    a6:fe:60:be:47:78:b0:bb:fa:b5:41:14:64:6d:b9:
                    8e:55:05:97:83:92:5a:bd:0f:57:57:b3:41:3e:a9:
                    d7:c5:c6:cb:48:eb:41:b7:04:3f:af:64:bc:1a:af:
                    b9:2a:99:d8:ec:1f:3b:3c:a9:1c:d5:8c:6d:cf:fe:
                    99:43:68:bc:cc:ad:e4:cb:f3:de:32:dc:a3:a3:39:
                    3f:fe:b4:f3:34:bc:15:a6:8d:40:18:44:90:c2:97:
                    6b:99:14:d3:8b:7c:68:d9:f4:e1:66:4c:84:ad:f5:
                    2e:39:10:0c:1c:05:9d:d1:b2:4a:bc:cc:fb:5d:a1:
                    f5:f9:7f:69:5d:b5:b4:71:2f:f7:4f:d0:d6:36:05:
                    99:0e:f4:5f:be:55:1b:ee:74:d2:a8:b2:cd:6c:0f:
                    ce:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:A2:F0:E5:EC:B7:B6:D4:C6:C5:8F:95:0F:17:04:0E:8C:46:E4:20
            X509v3 Authority Key Identifier:
                keyid:84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/847138B5401830B89B52403C777718BB40B2B6B5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a33643a3a2f34382d3438203d3e20323033303639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc5:3d::/48

    Signature Algorithm: sha256WithRSAEncryption
         20:99:a4:58:92:22:b5:f7:05:03:82:54:e9:a4:fe:4c:69:c1:
         9c:9a:13:26:e5:af:24:5e:84:1b:f3:36:d8:64:8c:77:41:8e:
         c6:93:7b:2c:66:55:41:1b:af:c9:47:e2:72:fb:ce:8e:16:62:
         a2:6e:06:0e:9d:d2:3a:83:6e:e1:3c:19:94:b4:c4:7b:74:35:
         b7:1b:93:98:a2:f4:ce:d2:87:3f:be:9e:62:9d:a1:2b:7e:fe:
         8e:6f:c3:bf:89:07:15:b7:82:66:de:04:20:5c:54:ac:4f:81:
         20:0e:97:c6:48:3f:2b:fa:44:b1:fd:4b:4e:97:ba:b8:fe:bb:
         7c:0e:1a:26:ae:4a:ea:13:43:59:00:23:d9:85:00:52:fd:20:
         ac:12:56:16:c4:0d:87:10:84:bc:2c:a7:cb:73:47:7e:70:7d:
         6e:b4:08:fa:42:b0:18:f6:d7:4a:82:a7:f9:36:f6:16:3a:2c:
         6b:73:c2:81:0f:86:15:67:15:a0:da:b9:bc:d7:e3:eb:26:1d:
         20:14:69:5a:40:dd:8a:a8:e0:b7:c0:b9:e2:5a:f2:22:7f:33:
         ff:bf:b3:a9:14:30:cb:22:90:51:cf:b2:b1:f2:db:18:28:66:
         1a:23:3f:a9:cc:2f:b6:fc:0e:a7:a7:00:0f:0b:37:71:9a:c3:
         a9:22:d9:9b
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIUKyyas+G4uHORDkQVq9v0eX3c5c8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0
MEIyQjZCNTAeFw0yMzAxMjAxNjQzMzRaFw0yNDAxMTkxNjQ4MzRaMDMxMTAvBgNV
BAMTKDkwQTJGMEU1RUNCN0I2RDRDNkM1OEY5NTBGMTcwNDBFOEM0NkU0MjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKP+qG5v344+/58wbPwYoCsFhc
MRJmjLQ7lRvHU6i6z0ON9tp9wcYunNg7Wk17EamH28NxfoGngEJVzFM/2EhWp0Pk
XfXNWti2t10LJK+Y7S+v8j6RPXOVnsEhGG1HOIW9PAs4tAWNzKb+YL5HeLC7+rVB
FGRtuY5VBZeDklq9D1dXs0E+qdfFxstI60G3BD+vZLwar7kqmdjsHzs8qRzVjG3P
/plDaLzMreTL894y3KOjOT/+tPM0vBWmjUAYRJDCl2uZFNOLfGjZ9OFmTISt9S45
EAwcBZ3Rskq8zPtdofX5f2ldtbRxL/dP0NY2BZkO9F++VRvudNKoss1sD857AgMB
AAGjggJ2MIICcjAdBgNVHQ4EFgQUkKLw5ey3ttTGxY+VDxcEDoxG5CAwHwYDVR0j
BBgwFoAUhHE4tUAYMLibUkA8d3cYu0CytrUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJmOGU5NzctNzI3OC00NmNmLWFiZDEtOTljZDFmZDJi
ZTRlLzQvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIyQjZCNS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIy
QjZCNS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWJmOGU5Nzct
NzI3OC00NmNmLWFiZDEtOTljZDFmZDJiZTRlLzQvMzI2MTMwMzUzYTY0NjY2MzM1
M2EzMzY0M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMDMzMzAzNjM5LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKgXfxQA9MA0GCSqGSIb3DQEBCwUAA4IBAQAgmaRYkiK19wUDglTppP5M
acGcmhMm5a8kXoQb8zbYZIx3QY7Gk3ssZlVBG6/JR+Jy+86OFmKibgYOndI6g27h
PBmUtMR7dDW3G5OYovTO0oc/vp5inaErfv6Ob8O/iQcVt4Jm3gQgXFSsT4EgDpfG
SD8r+kSx/UtOl7q4/rt8DhomrkrqE0NZACPZhQBS/SCsElYWxA2HEIS8LKfLc0d+
cH1utAj6QrAY9tdKgqf5NvYWOixrc8KBD4YVZxWg2rm81+PrJh0gFGlaQN2KqOC3
wLniWvIifzP/v7OpFDDLIpBRz7Kx8tsYKGYaIz+pzC+2/A6npwAPCzdxmsOpItmb
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-fra.rpki-client.org