Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a636465663a3a2f34382d3438203d3e20323033303639.roa
File:                     326130353a646663353a636465663a3a2f34382d3438203d3e20323033303639.roa (raw, json)
Hash identifier:          mL/UkqAn/1NsEDWybx4T2tPYlNtcNbc7H46x5dBpo0M=
Subject key identifier:   E9:15:29:3A:32:28:0D:C0:55:FE:74:04:73:F7:07:C5:61:71:D3:B8
Certificate issuer:       /CN=847138B5401830B89B52403C777718BB40B2B6B5
Certificate serial:       589504F1C586B2F9F5DB61D3FE50E8A780E617F4
Authority key identifier: 84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a636465663a3a2f34382d3438203d3e20323033303639.roa
Signing time:             Tue 18 Apr 2023 08:01:56 +0000
ROA not before:           Tue 18 Apr 2023 07:56:56 +0000
ROA not after:            Tue 16 Apr 2024 08:01:56 +0000
asID:                     203069
IP address blocks:        2a05:dfc5:cdef::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:95:04:f1:c5:86:b2:f9:f5:db:61:d3:fe:50:e8:a7:80:e6:17:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=847138B5401830B89B52403C777718BB40B2B6B5
        Validity
            Not Before: Apr 18 07:56:56 2023 GMT
            Not After : Apr 16 08:01:56 2024 GMT
        Subject: CN=E915293A32280DC055FE740473F707C56171D3B8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:8f:c7:e8:c5:da:72:60:2f:30:31:6f:8a:05:
                    29:2b:53:57:68:8b:1f:43:18:4d:56:1f:47:1a:71:
                    01:c2:62:59:64:e6:2f:cd:92:11:a0:2f:63:2f:a1:
                    30:16:8d:69:a3:67:0c:31:c7:62:9c:67:de:fa:bc:
                    18:66:6f:23:cf:0b:0a:66:e1:1e:07:f1:c6:e9:82:
                    bb:6c:d0:db:a5:e8:a6:1a:38:bb:bd:bf:90:cd:9d:
                    86:25:75:f0:a3:cd:8e:29:f0:ea:e4:24:1f:24:ed:
                    49:0a:81:a7:76:0f:f0:32:62:ad:86:1c:71:30:64:
                    57:83:34:36:fb:b9:57:b6:38:61:c0:2b:00:78:2e:
                    62:5c:a9:d0:b8:49:3e:e9:cc:17:a0:30:24:58:9c:
                    b1:64:61:2c:62:a2:de:8d:ed:ae:4a:a7:be:1b:5d:
                    14:c9:46:48:c0:23:35:05:35:a8:4f:0a:ea:26:c8:
                    b1:70:a2:eb:6b:4e:bd:a1:ca:30:1f:10:e3:5d:1e:
                    f0:b5:5e:cb:ae:fd:77:40:b8:30:ff:e4:1d:3f:a9:
                    d6:7d:e5:be:01:87:61:50:e7:3a:ee:c9:a5:60:9e:
                    fc:10:1d:5c:d2:b4:c2:a6:70:e0:db:ec:8b:4d:51:
                    4e:cd:b4:dc:95:94:5c:85:74:27:90:a0:f7:07:6a:
                    fd:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:15:29:3A:32:28:0D:C0:55:FE:74:04:73:F7:07:C5:61:71:D3:B8
            X509v3 Authority Key Identifier:
                keyid:84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/847138B5401830B89B52403C777718BB40B2B6B5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a636465663a3a2f34382d3438203d3e20323033303639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc5:cdef::/48

    Signature Algorithm: sha256WithRSAEncryption
         72:1f:0d:24:90:35:e1:df:6b:e7:af:60:44:df:c3:2d:97:31:
         2b:24:da:ef:ec:8f:50:bd:88:fd:49:7d:85:21:8b:e9:23:03:
         9e:6c:75:3b:76:2c:80:d6:9f:f8:52:f8:41:e5:73:a8:14:e1:
         6d:8e:34:d4:b8:4d:a1:18:13:6d:35:fd:98:1b:d9:36:52:d6:
         bc:b1:cb:a3:13:62:35:1e:26:2a:e8:57:a8:ee:05:51:5d:98:
         db:39:f4:8c:68:c2:04:11:6a:f8:c1:88:1e:5f:60:ae:41:b0:
         19:3a:8c:67:7a:d6:0a:0f:3c:ef:42:60:db:8e:34:4d:65:38:
         94:f4:98:4f:02:c0:7a:e6:34:cc:c3:a0:58:2c:dc:8c:4b:39:
         51:8d:93:da:42:26:3c:85:eb:f8:99:ef:e1:df:fa:78:63:42:
         a9:d3:d9:f0:66:be:9f:67:9a:ee:9e:02:5e:be:54:f9:2c:0a:
         d1:76:50:89:cb:3b:02:11:4e:b5:df:d5:0f:d3:c6:7b:e3:50:
         ca:9e:33:db:f8:54:ed:97:92:49:72:9d:cd:94:0a:a8:9b:7a:
         13:54:5b:85:b4:08:5b:28:2f:f9:2d:4d:87:b9:2e:45:ec:0e:
         39:16:3a:91:85:7f:8e:0d:d9:ec:20:10:26:17:6b:1d:d1:80:
         f2:81:f3:21
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIUWJUE8cWGsvn122HT/lDop4DmF/QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0
MEIyQjZCNTAeFw0yMzA0MTgwNzU2NTZaFw0yNDA0MTYwODAxNTZaMDMxMTAvBgNV
BAMTKEU5MTUyOTNBMzIyODBEQzA1NUZFNzQwNDczRjcwN0M1NjE3MUQzQjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyj8foxdpyYC8wMW+KBSkrU1do
ix9DGE1WH0cacQHCYllk5i/NkhGgL2MvoTAWjWmjZwwxx2KcZ976vBhmbyPPCwpm
4R4H8cbpgrts0Nul6KYaOLu9v5DNnYYldfCjzY4p8OrkJB8k7UkKgad2D/AyYq2G
HHEwZFeDNDb7uVe2OGHAKwB4LmJcqdC4ST7pzBegMCRYnLFkYSxiot6N7a5Kp74b
XRTJRkjAIzUFNahPCuomyLFwoutrTr2hyjAfEONdHvC1Xsuu/XdAuDD/5B0/qdZ9
5b4Bh2FQ5zruyaVgnvwQHVzStMKmcODb7ItNUU7NtNyVlFyFdCeQoPcHav3PAgMB
AAGjggJ6MIICdjAdBgNVHQ4EFgQU6RUpOjIoDcBV/nQEc/cHxWFx07gwHwYDVR0j
BBgwFoAUhHE4tUAYMLibUkA8d3cYu0CytrUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJmOGU5NzctNzI3OC00NmNmLWFiZDEtOTljZDFmZDJi
ZTRlLzQvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIyQjZCNS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIy
QjZCNS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWJmOGU5Nzct
NzI3OC00NmNmLWFiZDEtOTljZDFmZDJiZTRlLzQvMzI2MTMwMzUzYTY0NjY2MzM1
M2E2MzY0NjU2NjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzMzMwMzYzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoF38XN7zANBgkqhkiG9w0BAQsFAAOCAQEAch8NJJA14d9r569g
RN/DLZcxKyTa7+yPUL2I/Ul9hSGL6SMDnmx1O3YsgNaf+FL4QeVzqBThbY401LhN
oRgTbTX9mBvZNlLWvLHLoxNiNR4mKuhXqO4FUV2Y2zn0jGjCBBFq+MGIHl9grkGw
GTqMZ3rWCg8870Jg2440TWU4lPSYTwLAeuY0zMOgWCzcjEs5UY2T2kImPIXr+Jnv
4d/6eGNCqdPZ8Ga+n2ea7p4CXr5U+SwK0XZQics7AhFOtd/VD9PGe+NQyp4z2/hU
7ZeSSXKdzZQKqJt6E1RbhbQIWygv+S1Nh7kuRewOORY6kYV/jg3Z7CAQJhdrHdGA
8oHzIQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-fra.rpki-client.org