Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a33653a3a2f34382d3438203d3e20323033303639.roa
File:                     326130353a646663353a33653a3a2f34382d3438203d3e20323033303639.roa (raw, json)
Hash identifier:          zV7576smpfnji7F75le993FQQuUnHQUdy3I26B12iiw=
Subject key identifier:   ED:69:C3:92:4F:42:68:DC:EE:3A:D2:EB:A8:94:7A:6E:07:F4:C8:97
Certificate issuer:       /CN=847138B5401830B89B52403C777718BB40B2B6B5
Certificate serial:       409516BBF9D8C176ECBE64AE52E9A150D62E3D76
Authority key identifier: 84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a33653a3a2f34382d3438203d3e20323033303639.roa
Signing time:             Fri 20 Jan 2023 16:48:49 +0000
ROA not before:           Fri 20 Jan 2023 16:43:49 +0000
ROA not after:            Fri 19 Jan 2024 16:48:49 +0000
asID:                     203069
IP address blocks:        2a05:dfc5:3e::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:95:16:bb:f9:d8:c1:76:ec:be:64:ae:52:e9:a1:50:d6:2e:3d:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=847138B5401830B89B52403C777718BB40B2B6B5
        Validity
            Not Before: Jan 20 16:43:49 2023 GMT
            Not After : Jan 19 16:48:49 2024 GMT
        Subject: CN=ED69C3924F4268DCEE3AD2EBA8947A6E07F4C897
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:e8:91:3d:53:b4:fc:99:fb:45:bd:af:d2:bd:
                    e0:4b:e1:0a:60:3f:13:c2:52:24:58:7c:18:09:5a:
                    02:a6:23:f2:72:c4:d0:fe:76:7e:bb:c1:fa:ba:c7:
                    93:c7:ed:a8:24:72:0c:82:72:56:ff:68:89:e3:86:
                    3b:93:16:e0:69:7f:be:22:b1:ea:4f:56:6c:88:7a:
                    5b:d7:84:5d:9d:24:bb:ff:d4:35:f7:51:94:90:5f:
                    33:6e:fa:6b:5b:5a:b4:bb:76:45:df:d8:ca:cf:4f:
                    0d:35:44:cf:19:67:d5:d7:55:8e:20:62:51:4d:e6:
                    44:92:74:67:6d:56:21:8b:30:76:66:e5:b7:10:56:
                    c4:ab:50:3c:0f:5f:ca:bf:6a:a8:99:e0:88:45:af:
                    03:0b:4b:c1:d3:e0:dd:c6:7c:15:11:80:e9:db:61:
                    c4:c9:a6:66:d4:e4:28:a1:ee:01:69:04:f5:2b:e1:
                    d9:11:9b:66:26:79:f8:71:d7:79:9d:f8:2d:f6:e4:
                    11:8d:e3:1e:7e:af:86:d4:3f:76:e1:c2:cc:b7:85:
                    d5:8d:b8:9f:ba:94:ef:0f:cf:a6:83:a6:29:65:c2:
                    45:bc:1d:cd:6a:a6:08:3e:c5:07:ab:1f:de:b7:63:
                    97:78:72:1c:4c:c4:9c:fe:fa:3f:cf:0d:5e:a7:a8:
                    78:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:69:C3:92:4F:42:68:DC:EE:3A:D2:EB:A8:94:7A:6E:07:F4:C8:97
            X509v3 Authority Key Identifier:
                keyid:84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/847138B5401830B89B52403C777718BB40B2B6B5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a33653a3a2f34382d3438203d3e20323033303639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc5:3e::/48

    Signature Algorithm: sha256WithRSAEncryption
         83:9e:de:e4:70:0b:86:b2:66:42:c3:26:38:fd:44:90:8c:55:
         4b:e8:e1:2e:c4:02:4c:49:59:f0:05:0d:ab:e8:f7:22:49:1b:
         e0:58:37:cf:5f:0b:26:29:2d:66:2a:66:47:47:2c:c5:99:07:
         90:83:ec:60:d4:dd:c6:a5:29:a5:64:64:1a:a6:1c:57:f6:cb:
         aa:e1:db:2b:cc:02:43:56:ff:89:cd:a0:7b:b6:38:98:45:02:
         e3:01:90:9c:ef:48:7c:c3:cc:60:86:4d:8c:1b:10:b7:23:db:
         33:74:e3:c5:56:9d:00:20:19:d7:e2:11:a6:86:66:11:b6:50:
         99:2e:d0:7a:94:a4:bc:cc:a2:3a:11:e2:1f:71:6d:1f:6a:16:
         ca:90:3e:a6:64:e5:41:27:90:45:4a:ec:07:be:91:1d:47:11:
         d4:eb:1b:2a:db:49:39:71:c4:ed:5f:24:d3:77:a4:9c:e9:8b:
         70:31:27:37:1b:45:29:4d:c9:49:06:a8:ad:b5:10:3c:71:48:
         ce:78:0d:f3:6a:b4:84:e7:dc:b0:d8:2a:62:b9:27:92:b7:26:
         49:af:37:e2:e1:33:c0:04:fd:04:90:4e:7e:7e:e1:ab:38:fd:
         08:bd:5a:c6:6a:28:85:72:dc:18:56:71:21:1e:37:24:06:3f:
         03:ce:49:3e
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIUQJUWu/nYwXbsvmSuUumhUNYuPXYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0
MEIyQjZCNTAeFw0yMzAxMjAxNjQzNDlaFw0yNDAxMTkxNjQ4NDlaMDMxMTAvBgNV
BAMTKEVENjlDMzkyNEY0MjY4RENFRTNBRDJFQkE4OTQ3QTZFMDdGNEM4OTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCs6JE9U7T8mftFva/SveBL4Qpg
PxPCUiRYfBgJWgKmI/JyxND+dn67wfq6x5PH7agkcgyCclb/aInjhjuTFuBpf74i
sepPVmyIelvXhF2dJLv/1DX3UZSQXzNu+mtbWrS7dkXf2MrPTw01RM8ZZ9XXVY4g
YlFN5kSSdGdtViGLMHZm5bcQVsSrUDwPX8q/aqiZ4IhFrwMLS8HT4N3GfBURgOnb
YcTJpmbU5Cih7gFpBPUr4dkRm2Ymefhx13md+C325BGN4x5+r4bUP3bhwsy3hdWN
uJ+6lO8Pz6aDpillwkW8Hc1qpgg+xQerH963Y5d4chxMxJz++j/PDV6nqHjJAgMB
AAGjggJ2MIICcjAdBgNVHQ4EFgQU7WnDkk9CaNzuOtLrqJR6bgf0yJcwHwYDVR0j
BBgwFoAUhHE4tUAYMLibUkA8d3cYu0CytrUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJmOGU5NzctNzI3OC00NmNmLWFiZDEtOTljZDFmZDJi
ZTRlLzQvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIyQjZCNS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIy
QjZCNS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWJmOGU5Nzct
NzI3OC00NmNmLWFiZDEtOTljZDFmZDJiZTRlLzQvMzI2MTMwMzUzYTY0NjY2MzM1
M2EzMzY1M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMDMzMzAzNjM5LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKgXfxQA+MA0GCSqGSIb3DQEBCwUAA4IBAQCDnt7kcAuGsmZCwyY4/USQ
jFVL6OEuxAJMSVnwBQ2r6PciSRvgWDfPXwsmKS1mKmZHRyzFmQeQg+xg1N3GpSml
ZGQaphxX9suq4dsrzAJDVv+JzaB7tjiYRQLjAZCc70h8w8xghk2MGxC3I9szdOPF
Vp0AIBnX4hGmhmYRtlCZLtB6lKS8zKI6EeIfcW0fahbKkD6mZOVBJ5BFSuwHvpEd
RxHU6xsq20k5ccTtXyTTd6Sc6YtwMSc3G0UpTclJBqittRA8cUjOeA3zarSE59yw
2CpiuSeStyZJrzfi4TPABP0EkE5+fuGrOP0IvVrGaiiFctwYVnEhHjckBj8Dzkk+
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:56 2024 by rpki-client on console-ams.rpki-client.org