Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a623030623a3a2f34382d3438203d3e20323033303639.roa
File:                     326130353a646663353a623030623a3a2f34382d3438203d3e20323033303639.roa (raw, json)
Hash identifier:          3k+oCnLV2bqJwAuPXR+j14RIrL2ek2IdjSCU4KFS5TM=
Subject key identifier:   B4:F6:A1:8B:63:14:59:BE:10:61:B7:A5:0F:4B:6E:9C:52:0C:0B:24
Certificate issuer:       /CN=847138B5401830B89B52403C777718BB40B2B6B5
Certificate serial:       37466B5F1C82419674655CC1001B28774371EF9E
Authority key identifier: 84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a623030623a3a2f34382d3438203d3e20323033303639.roa
Signing time:             Thu 12 Jan 2023 21:28:11 +0000
ROA not before:           Thu 12 Jan 2023 21:23:11 +0000
ROA not after:            Thu 11 Jan 2024 21:28:11 +0000
asID:                     203069
IP address blocks:        2a05:dfc5:b00b::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:46:6b:5f:1c:82:41:96:74:65:5c:c1:00:1b:28:77:43:71:ef:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=847138B5401830B89B52403C777718BB40B2B6B5
        Validity
            Not Before: Jan 12 21:23:11 2023 GMT
            Not After : Jan 11 21:28:11 2024 GMT
        Subject: CN=B4F6A18B631459BE1061B7A50F4B6E9C520C0B24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:a4:77:2e:f0:53:70:f5:f4:7e:14:88:52:97:
                    78:4e:c0:25:e0:18:d5:41:57:ac:b1:05:be:f2:d9:
                    68:9e:a5:c3:05:1a:00:bf:19:ad:0c:47:b4:e5:09:
                    2e:e6:b8:13:14:d0:78:0e:e1:21:8c:ab:64:a9:ea:
                    f9:e3:56:6e:cb:c4:31:3c:d9:70:e5:d5:a6:19:fd:
                    94:34:b0:c9:ed:f6:41:4f:16:79:07:e9:d2:41:b4:
                    25:be:7d:4e:57:8d:ae:59:d8:b1:17:69:c7:c3:63:
                    0d:96:87:0c:c6:f0:75:18:c4:8a:33:fe:c8:40:df:
                    28:a6:58:bf:3e:49:14:93:0f:6b:b2:39:9d:f1:bb:
                    b7:4d:f0:0e:c5:24:d0:1a:fa:08:f6:18:fa:c4:1d:
                    e3:5e:c7:74:9f:9b:3c:e7:87:f3:ee:8a:e0:08:d4:
                    6a:a5:02:a7:4c:1c:ae:64:43:81:d5:2e:d2:69:08:
                    07:73:4f:03:1c:4c:87:4f:fd:7c:fa:0a:84:39:f0:
                    58:d8:5f:6a:a7:c3:53:b5:74:68:29:15:a9:0d:00:
                    fe:87:77:ad:65:82:1d:77:1a:f7:0a:99:fb:e6:71:
                    bc:3e:d4:25:02:a2:65:33:6a:9d:4a:6b:a9:02:24:
                    4c:bc:06:d6:ac:57:2a:57:11:67:e6:da:b4:ca:50:
                    88:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:F6:A1:8B:63:14:59:BE:10:61:B7:A5:0F:4B:6E:9C:52:0C:0B:24
            X509v3 Authority Key Identifier:
                keyid:84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/847138B5401830B89B52403C777718BB40B2B6B5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a623030623a3a2f34382d3438203d3e20323033303639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc5:b00b::/48

    Signature Algorithm: sha256WithRSAEncryption
         80:70:d7:94:30:6c:7f:14:ca:ab:b3:6e:06:b8:09:12:cb:8f:
         14:6a:3a:17:51:67:85:53:d4:c5:e5:92:7b:c3:6b:94:93:1b:
         c5:49:49:b9:f6:99:59:25:ee:9d:05:9f:9e:0b:cf:45:21:a9:
         cf:d5:aa:a4:dc:ea:24:06:c7:2e:43:41:83:3f:f5:b0:4a:d1:
         6a:e9:cf:60:89:c4:73:77:0f:fd:68:a3:d5:b6:34:3d:8b:fa:
         90:d8:24:9d:40:5f:9b:8c:71:67:6d:53:d2:23:77:e6:09:59:
         aa:71:29:b9:32:0a:65:24:a9:09:8e:40:0e:62:1f:87:b9:34:
         7e:32:0a:89:0a:d4:a6:6c:70:00:61:72:36:4c:61:38:40:fc:
         6d:61:ab:ca:78:e4:ac:de:ac:51:26:22:02:d7:c3:3c:b2:c7:
         4b:8b:d0:f1:48:9e:4e:ef:38:91:bb:21:16:66:37:7a:8a:e1:
         34:e2:da:0e:52:35:01:26:0d:49:0c:ad:c0:95:69:37:5b:89:
         29:76:9c:fd:69:03:a2:8e:e0:65:23:2d:cf:18:de:2c:cb:ef:
         57:a8:da:b2:f9:ad:2e:9c:cc:b0:5c:73:d4:ed:2f:f2:57:75:
         6a:33:c8:c4:c7:4c:89:72:a8:2e:ff:48:d9:a5:c5:50:2a:45:
         8b:c9:0f:25
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIUN0ZrXxyCQZZ0ZVzBABsod0Nx754wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0
MEIyQjZCNTAeFw0yMzAxMTIyMTIzMTFaFw0yNDAxMTEyMTI4MTFaMDMxMTAvBgNV
BAMTKEI0RjZBMThCNjMxNDU5QkUxMDYxQjdBNTBGNEI2RTlDNTIwQzBCMjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUpHcu8FNw9fR+FIhSl3hOwCXg
GNVBV6yxBb7y2WiepcMFGgC/Ga0MR7TlCS7muBMU0HgO4SGMq2Sp6vnjVm7LxDE8
2XDl1aYZ/ZQ0sMnt9kFPFnkH6dJBtCW+fU5Xja5Z2LEXacfDYw2WhwzG8HUYxIoz
/shA3yimWL8+SRSTD2uyOZ3xu7dN8A7FJNAa+gj2GPrEHeNex3Sfmzznh/PuiuAI
1GqlAqdMHK5kQ4HVLtJpCAdzTwMcTIdP/Xz6CoQ58FjYX2qnw1O1dGgpFakNAP6H
d61lgh13GvcKmfvmcbw+1CUComUzap1Ka6kCJEy8BtasVypXEWfm2rTKUIgBAgMB
AAGjggJ6MIICdjAdBgNVHQ4EFgQUtPahi2MUWb4QYbelD0tunFIMCyQwHwYDVR0j
BBgwFoAUhHE4tUAYMLibUkA8d3cYu0CytrUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJmOGU5NzctNzI3OC00NmNmLWFiZDEtOTljZDFmZDJi
ZTRlLzQvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIyQjZCNS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIy
QjZCNS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWJmOGU5Nzct
NzI3OC00NmNmLWFiZDEtOTljZDFmZDJiZTRlLzQvMzI2MTMwMzUzYTY0NjY2MzM1
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzMzMwMzYzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoF38WwCzANBgkqhkiG9w0BAQsFAAOCAQEAgHDXlDBsfxTKq7Nu
BrgJEsuPFGo6F1FnhVPUxeWSe8NrlJMbxUlJufaZWSXunQWfngvPRSGpz9WqpNzq
JAbHLkNBgz/1sErRaunPYInEc3cP/Wij1bY0PYv6kNgknUBfm4xxZ21T0iN35glZ
qnEpuTIKZSSpCY5ADmIfh7k0fjIKiQrUpmxwAGFyNkxhOED8bWGrynjkrN6sUSYi
AtfDPLLHS4vQ8UieTu84kbshFmY3eorhNOLaDlI1ASYNSQytwJVpN1uJKXac/WkD
oo7gZSMtzxjeLMvvV6jasvmtLpzMsFxz1O0v8ld1ajPIxMdMiXKoLv9I2aXFUCpF
i8kPJQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-fra.rpki-client.org