Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a623131623a3a2f34382d3438203d3e20323033303639.roa
File:                     326130353a646663353a623131623a3a2f34382d3438203d3e20323033303639.roa (raw, json)
Hash identifier:          IZZn/RWKyT5Zn7WQVe/RYDn3MYGX3pkmZOYdQFoIRSg=
Subject key identifier:   B5:3A:39:D0:A9:3D:6C:FC:75:C8:5B:5E:83:C8:EB:56:E9:CA:F0:97
Certificate issuer:       /CN=847138B5401830B89B52403C777718BB40B2B6B5
Certificate serial:       53E8FB6B26DE5DA16AB5EAD2786A9F53AFB559CC
Authority key identifier: 84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a623131623a3a2f34382d3438203d3e20323033303639.roa
Signing time:             Tue 18 Apr 2023 11:05:23 +0000
ROA not before:           Tue 18 Apr 2023 11:00:23 +0000
ROA not after:            Tue 16 Apr 2024 11:05:23 +0000
asID:                     203069
IP address blocks:        2a05:dfc5:b11b::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:e8:fb:6b:26:de:5d:a1:6a:b5:ea:d2:78:6a:9f:53:af:b5:59:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=847138B5401830B89B52403C777718BB40B2B6B5
        Validity
            Not Before: Apr 18 11:00:23 2023 GMT
            Not After : Apr 16 11:05:23 2024 GMT
        Subject: CN=B53A39D0A93D6CFC75C85B5E83C8EB56E9CAF097
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:d7:51:33:c7:9c:b9:35:01:80:e7:99:f5:96:
                    f9:f2:da:dd:f5:4d:1a:5a:36:21:de:77:43:23:56:
                    f8:ad:a3:30:7c:20:f4:40:ae:64:35:4f:8b:ed:5e:
                    00:46:f6:9a:ce:ba:8e:4f:12:d9:0a:1c:07:6d:32:
                    4e:36:61:6c:46:27:26:03:69:ba:cb:a6:17:29:34:
                    0e:f8:0a:e7:4d:e6:79:f7:82:53:da:33:70:17:58:
                    96:26:3e:9e:6a:bd:d6:a4:7d:b1:ce:c3:fc:85:cf:
                    e9:5f:02:a3:fd:a6:f0:18:8b:ae:fd:36:0c:bb:45:
                    fc:30:f6:23:29:39:d6:18:87:0a:55:fb:7b:c8:5f:
                    3a:28:62:32:47:cd:a3:04:12:41:28:6a:f4:8c:01:
                    a8:68:8d:3a:9a:e7:fd:3a:53:4e:68:41:90:5c:05:
                    d3:17:6d:85:b5:16:8a:c4:e7:f9:ff:49:95:18:46:
                    cc:75:a5:b3:71:5d:7c:1b:cc:f8:18:90:91:99:94:
                    d3:bb:e1:04:f0:f6:88:5c:db:91:32:3f:7b:58:84:
                    49:51:79:66:38:27:68:71:4a:9c:e0:17:49:5e:52:
                    43:d6:71:50:ef:30:b0:42:cc:f0:1d:cc:b5:7f:f5:
                    50:78:69:7c:15:3b:29:fd:9c:fe:21:ae:28:fb:17:
                    5a:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:3A:39:D0:A9:3D:6C:FC:75:C8:5B:5E:83:C8:EB:56:E9:CA:F0:97
            X509v3 Authority Key Identifier:
                keyid:84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/847138B5401830B89B52403C777718BB40B2B6B5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a623131623a3a2f34382d3438203d3e20323033303639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc5:b11b::/48

    Signature Algorithm: sha256WithRSAEncryption
         4d:16:41:d4:b1:c7:32:ed:e6:b4:89:1e:42:b5:3a:b1:05:bf:
         38:af:d2:6f:3c:cb:f5:1f:16:62:9f:85:f1:c3:c8:2f:ce:cd:
         00:23:53:59:40:d9:c4:3d:e5:fc:3f:e0:90:26:cf:fd:d8:99:
         8f:85:1c:16:df:63:ab:bb:40:eb:4f:67:00:84:6b:61:a3:81:
         2d:d1:3f:bc:e5:93:17:87:47:27:f6:93:28:63:b6:e2:7e:29:
         fd:e8:05:34:c0:7b:b4:2e:06:ac:c1:b6:f8:a3:2e:10:00:b4:
         35:58:17:8b:db:77:54:46:88:5b:4a:de:9b:33:36:4c:41:f6:
         bd:e9:7c:18:ca:5f:09:cd:84:48:db:e5:85:fc:aa:25:49:e6:
         30:9f:dc:32:33:ca:56:50:39:a6:24:09:53:8a:e6:35:fc:90:
         8a:48:27:04:d2:81:15:5b:f6:c7:31:e8:62:9e:09:12:1c:11:
         86:7e:d5:02:24:74:73:59:0d:6e:ff:76:a5:e3:a0:6f:31:ce:
         a4:fb:5e:12:c2:b5:21:e7:11:17:3f:8c:64:45:a8:55:74:9a:
         45:3a:31:48:7d:0a:4d:e6:50:9e:8d:86:cb:90:03:4e:68:65:
         c4:8d:43:4f:a3:9d:22:22:6a:a3:1c:eb:78:fd:e6:79:fd:a5:
         99:8d:67:62
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIUU+j7aybeXaFqterSeGqfU6+1WcwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0
MEIyQjZCNTAeFw0yMzA0MTgxMTAwMjNaFw0yNDA0MTYxMTA1MjNaMDMxMTAvBgNV
BAMTKEI1M0EzOUQwQTkzRDZDRkM3NUM4NUI1RTgzQzhFQjU2RTlDQUYwOTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/11Ezx5y5NQGA55n1lvny2t31
TRpaNiHed0MjVvitozB8IPRArmQ1T4vtXgBG9prOuo5PEtkKHAdtMk42YWxGJyYD
abrLphcpNA74CudN5nn3glPaM3AXWJYmPp5qvdakfbHOw/yFz+lfAqP9pvAYi679
Ngy7Rfww9iMpOdYYhwpV+3vIXzooYjJHzaMEEkEoavSMAahojTqa5/06U05oQZBc
BdMXbYW1ForE5/n/SZUYRsx1pbNxXXwbzPgYkJGZlNO74QTw9ohc25EyP3tYhElR
eWY4J2hxSpzgF0leUkPWcVDvMLBCzPAdzLV/9VB4aXwVOyn9nP4hrij7F1pRAgMB
AAGjggJ6MIICdjAdBgNVHQ4EFgQUtTo50Kk9bPx1yFteg8jrVunK8JcwHwYDVR0j
BBgwFoAUhHE4tUAYMLibUkA8d3cYu0CytrUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJmOGU5NzctNzI3OC00NmNmLWFiZDEtOTljZDFmZDJi
ZTRlLzQvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIyQjZCNS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIy
QjZCNS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWJmOGU5Nzct
NzI3OC00NmNmLWFiZDEtOTljZDFmZDJiZTRlLzQvMzI2MTMwMzUzYTY0NjY2MzM1
M2E2MjMxMzE2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzMzMwMzYzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoF38WxGzANBgkqhkiG9w0BAQsFAAOCAQEATRZB1LHHMu3mtIke
QrU6sQW/OK/SbzzL9R8WYp+F8cPIL87NACNTWUDZxD3l/D/gkCbP/diZj4UcFt9j
q7tA609nAIRrYaOBLdE/vOWTF4dHJ/aTKGO24n4p/egFNMB7tC4GrMG2+KMuEAC0
NVgXi9t3VEaIW0remzM2TEH2vel8GMpfCc2ESNvlhfyqJUnmMJ/cMjPKVlA5piQJ
U4rmNfyQikgnBNKBFVv2xzHoYp4JEhwRhn7VAiR0c1kNbv92peOgbzHOpPteEsK1
IecRFz+MZEWoVXSaRToxSH0KTeZQno2Gy5ADTmhlxI1DT6OdIiJqoxzreP3mef2l
mY1nYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-fra.rpki-client.org