Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a33663a3a2f34382d3438203d3e20323033303639.roa
File:                     326130353a646663353a33663a3a2f34382d3438203d3e20323033303639.roa (raw, json)
Hash identifier:          mbI51lFHplaMDO5jJJhHyoxKhdYihgg/Z/6GgQIzdFM=
Subject key identifier:   C8:B9:DF:EA:24:A2:D5:12:F0:92:85:E8:92:E3:A5:34:BD:9E:33:3C
Certificate issuer:       /CN=847138B5401830B89B52403C777718BB40B2B6B5
Certificate serial:       365444E7D009B643400BADAF3F209114D7DC679A
Authority key identifier: 84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a33663a3a2f34382d3438203d3e20323033303639.roa
Signing time:             Fri 20 Jan 2023 16:48:21 +0000
ROA not before:           Fri 20 Jan 2023 16:43:21 +0000
ROA not after:            Fri 19 Jan 2024 16:48:21 +0000
asID:                     203069
IP address blocks:        2a05:dfc5:3f::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:54:44:e7:d0:09:b6:43:40:0b:ad:af:3f:20:91:14:d7:dc:67:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=847138B5401830B89B52403C777718BB40B2B6B5
        Validity
            Not Before: Jan 20 16:43:21 2023 GMT
            Not After : Jan 19 16:48:21 2024 GMT
        Subject: CN=C8B9DFEA24A2D512F09285E892E3A534BD9E333C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:55:63:5c:9c:97:10:21:ec:74:53:97:c3:f0:
                    5d:40:2e:a0:fe:c1:ee:b5:21:65:3d:8f:da:1b:b9:
                    68:03:c0:3d:ad:10:f7:4e:df:5e:e0:fe:2e:fe:65:
                    e4:d5:51:ba:bf:6f:f6:cc:5b:c8:56:68:55:34:3a:
                    1f:e7:a5:0d:9b:70:29:37:ef:3e:4f:9c:bd:91:a4:
                    0b:a0:1a:82:e9:1e:d3:c5:12:aa:3d:06:4e:2d:82:
                    28:6a:65:b0:69:c0:48:d8:cc:26:1f:1c:aa:20:fb:
                    af:90:09:23:3d:19:26:32:df:eb:24:07:f5:84:59:
                    79:f8:d0:ec:2f:dc:00:7d:38:cf:6f:3b:1f:61:ab:
                    e5:70:d5:a5:0f:68:3c:4e:38:78:11:fa:fa:c5:06:
                    26:34:4e:ff:14:a2:a3:93:80:17:2a:26:9c:a1:4c:
                    a9:8f:f4:c2:63:60:41:0f:e6:05:79:4e:21:ab:70:
                    ae:56:9b:31:ab:84:8d:5a:c4:5b:28:61:d5:a8:d8:
                    4a:43:e3:df:1d:05:c8:4d:c3:f7:30:5b:a5:29:30:
                    fb:63:1a:3a:17:e8:dd:83:fe:4d:45:06:c7:1b:4e:
                    9e:f1:c6:75:54:e7:e5:70:91:a0:91:bc:42:a5:0d:
                    87:49:9c:cc:03:20:9c:c9:cf:f0:f4:b2:73:86:1c:
                    e4:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:B9:DF:EA:24:A2:D5:12:F0:92:85:E8:92:E3:A5:34:BD:9E:33:3C
            X509v3 Authority Key Identifier:
                keyid:84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/847138B5401830B89B52403C777718BB40B2B6B5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a33663a3a2f34382d3438203d3e20323033303639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc5:3f::/48

    Signature Algorithm: sha256WithRSAEncryption
         17:32:86:6b:5b:76:37:4a:e2:d0:cc:83:2b:44:b2:ab:32:92:
         9b:67:dc:74:38:25:d9:df:1b:10:10:53:05:21:4a:d1:01:fc:
         79:aa:32:82:91:3b:3d:ea:8f:68:0d:2a:9e:1d:5a:ea:90:b4:
         e9:af:39:08:7a:83:95:ce:78:92:b3:30:d9:06:81:c1:d1:89:
         d1:d9:15:b8:f0:4c:b0:7b:c1:bf:5e:84:97:9c:d7:29:41:40:
         63:bb:7f:f7:a2:79:01:ed:19:f3:19:cf:b4:0e:bc:8c:59:a8:
         45:4a:e9:73:bd:bc:cb:06:76:89:ad:e5:f7:30:c8:cc:c8:cb:
         4e:78:96:5a:e9:91:6d:15:46:f6:11:e9:8c:ab:70:ee:57:9e:
         c8:d7:d5:cc:25:ac:b5:db:47:db:26:f4:96:94:3a:90:b1:a6:
         1f:e7:b0:8f:28:a7:ec:39:e7:bf:9c:3e:44:de:7e:d2:e0:6e:
         d3:9e:9a:dd:4f:cf:73:b7:77:16:ad:56:1b:68:73:b8:d4:51:
         d0:cb:e7:5b:1f:53:e5:72:fb:87:17:5d:fb:98:c2:62:f5:b9:
         38:23:04:c3:9c:49:a8:cd:ef:97:95:35:9e:9a:d3:35:00:72:
         28:1e:2c:94:bf:58:1a:53:5c:4b:43:b8:d8:7f:b5:d4:03:7d:
         4d:bc:80:2a
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIUNlRE59AJtkNAC62vPyCRFNfcZ5owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0
MEIyQjZCNTAeFw0yMzAxMjAxNjQzMjFaFw0yNDAxMTkxNjQ4MjFaMDMxMTAvBgNV
BAMTKEM4QjlERkVBMjRBMkQ1MTJGMDkyODVFODkyRTNBNTM0QkQ5RTMzM0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoVWNcnJcQIex0U5fD8F1ALqD+
we61IWU9j9obuWgDwD2tEPdO317g/i7+ZeTVUbq/b/bMW8hWaFU0Oh/npQ2bcCk3
7z5PnL2RpAugGoLpHtPFEqo9Bk4tgihqZbBpwEjYzCYfHKog+6+QCSM9GSYy3+sk
B/WEWXn40Owv3AB9OM9vOx9hq+Vw1aUPaDxOOHgR+vrFBiY0Tv8UoqOTgBcqJpyh
TKmP9MJjYEEP5gV5TiGrcK5WmzGrhI1axFsoYdWo2EpD498dBchNw/cwW6UpMPtj
GjoX6N2D/k1FBscbTp7xxnVU5+VwkaCRvEKlDYdJnMwDIJzJz/D0snOGHOT9AgMB
AAGjggJ2MIICcjAdBgNVHQ4EFgQUyLnf6iSi1RLwkoXokuOlNL2eMzwwHwYDVR0j
BBgwFoAUhHE4tUAYMLibUkA8d3cYu0CytrUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJmOGU5NzctNzI3OC00NmNmLWFiZDEtOTljZDFmZDJi
ZTRlLzQvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIyQjZCNS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIy
QjZCNS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWJmOGU5Nzct
NzI3OC00NmNmLWFiZDEtOTljZDFmZDJiZTRlLzQvMzI2MTMwMzUzYTY0NjY2MzM1
M2EzMzY2M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMDMzMzAzNjM5LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKgXfxQA/MA0GCSqGSIb3DQEBCwUAA4IBAQAXMoZrW3Y3SuLQzIMrRLKr
MpKbZ9x0OCXZ3xsQEFMFIUrRAfx5qjKCkTs96o9oDSqeHVrqkLTprzkIeoOVzniS
szDZBoHB0YnR2RW48Eywe8G/XoSXnNcpQUBju3/3onkB7RnzGc+0DryMWahFSulz
vbzLBnaJreX3MMjMyMtOeJZa6ZFtFUb2EemMq3DuV57I19XMJay120fbJvSWlDqQ
saYf57CPKKfsOee/nD5E3n7S4G7TnprdT89zt3cWrVYbaHO41FHQy+dbH1PlcvuH
F137mMJi9bk4IwTDnEmoze+XlTWemtM1AHIoHiyUv1gaU1xLQ7jYf7XUA31NvIAq
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:56 2024 by rpki-client on console-ams.rpki-client.org