Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a646561643a3a2f34382d3438203d3e20323033303639.roa
File:                     326130353a646663353a646561643a3a2f34382d3438203d3e20323033303639.roa (raw, json)
Hash identifier:          Dzb/fAR84pxFHdZRHJT8ygI7S/frfowd6hNhI8B3ZZQ=
Subject key identifier:   F0:97:5D:EE:49:C3:55:DF:EB:17:8E:46:0A:06:1F:8B:59:A8:50:7F
Certificate issuer:       /CN=847138B5401830B89B52403C777718BB40B2B6B5
Certificate serial:       4BF9344A2C9475C93FE1AE6F6280B0B00D2C0608
Authority key identifier: 84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a646561643a3a2f34382d3438203d3e20323033303639.roa
Signing time:             Sat 08 Apr 2023 14:38:03 +0000
ROA not before:           Sat 08 Apr 2023 14:33:03 +0000
ROA not after:            Sat 06 Apr 2024 14:38:03 +0000
asID:                     203069
IP address blocks:        2a05:dfc5:dead::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:f9:34:4a:2c:94:75:c9:3f:e1:ae:6f:62:80:b0:b0:0d:2c:06:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=847138B5401830B89B52403C777718BB40B2B6B5
        Validity
            Not Before: Apr  8 14:33:03 2023 GMT
            Not After : Apr  6 14:38:03 2024 GMT
        Subject: CN=F0975DEE49C355DFEB178E460A061F8B59A8507F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:67:61:e5:31:08:06:c0:45:7f:9b:d3:f7:83:
                    14:d1:4e:83:5e:b0:dd:b9:43:f9:dc:2b:ee:1d:06:
                    c9:40:62:47:3f:6e:a2:47:d0:dd:69:ee:cc:f6:74:
                    32:6e:e9:fe:32:3a:aa:95:f8:d4:99:4d:21:9b:b0:
                    1a:75:a5:52:1c:2b:59:09:c3:e5:76:db:f1:99:22:
                    99:d7:aa:6b:f9:b9:8b:5b:af:5b:fc:b9:fb:fe:b7:
                    17:2b:30:bb:ab:6d:2c:ce:c2:a4:9c:d7:46:59:9c:
                    e5:69:63:13:d4:09:6c:d4:8d:8a:60:35:6e:26:fb:
                    d0:e0:0c:2a:48:07:c9:21:de:6b:f4:5b:a9:b2:74:
                    2c:59:d2:81:46:94:8e:11:32:94:1d:08:96:7c:30:
                    b2:bd:d3:79:3b:2d:d4:37:39:4a:15:82:c8:d0:bf:
                    42:a3:b1:e9:81:21:6b:0f:1d:d4:b6:48:df:2a:17:
                    6f:13:ec:f8:20:cc:a7:15:f1:73:fa:5f:99:6b:1a:
                    8c:fb:63:92:ab:47:60:4f:26:69:0d:34:b6:7e:20:
                    a0:18:e2:6c:1a:b7:b3:f5:be:6f:dd:f1:a9:7f:3b:
                    61:77:ca:9d:5d:c7:69:fd:d2:1f:0a:a7:6f:ba:57:
                    f3:29:a0:15:79:5a:f2:1c:dc:50:9c:af:55:d1:a1:
                    a6:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:97:5D:EE:49:C3:55:DF:EB:17:8E:46:0A:06:1F:8B:59:A8:50:7F
            X509v3 Authority Key Identifier:
                keyid:84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/847138B5401830B89B52403C777718BB40B2B6B5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a646561643a3a2f34382d3438203d3e20323033303639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc5:dead::/48

    Signature Algorithm: sha256WithRSAEncryption
         71:ea:39:d5:d7:15:fc:28:14:4e:7f:6b:23:b0:aa:c5:8a:44:
         1b:71:a6:fe:e4:9b:a2:9d:8d:31:83:74:d7:b1:c8:00:dc:0f:
         1f:cd:95:82:43:f4:44:25:66:69:fa:ff:44:c7:a0:18:dd:8e:
         08:2e:17:f8:57:3b:60:c3:8e:bb:ae:60:13:a8:cc:90:f7:52:
         e5:75:1f:55:4e:07:63:29:ac:93:fb:ad:81:99:59:5b:89:c7:
         a3:ad:48:b5:93:23:46:44:d2:73:c9:72:8a:f7:28:c5:84:5d:
         4a:31:89:dd:b2:d8:8d:9e:5d:57:85:b5:42:0d:a5:58:e0:f8:
         7f:18:6c:ff:12:a9:85:9b:de:69:5e:07:fc:13:ab:8e:4b:25:
         cd:6f:c9:67:82:e3:68:c8:48:d2:32:01:06:68:6c:79:45:ff:
         2c:e9:33:00:a2:9c:2b:a8:5e:48:03:85:8c:b2:4b:8d:05:b7:
         af:de:c6:39:c3:03:38:4f:4c:0b:df:65:f6:7f:9c:6c:32:56:
         4c:52:63:c0:14:06:67:84:e8:f3:ed:30:0d:17:79:95:b3:e3:
         63:e5:05:6a:ec:85:91:d8:fc:5b:d1:bc:83:18:43:fc:1f:d4:
         cc:9b:43:81:67:43:d9:11:e8:e8:b9:cc:5c:c6:1d:89:86:67:
         6a:04:96:e9
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIUS/k0SiyUdck/4a5vYoCwsA0sBggwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0
MEIyQjZCNTAeFw0yMzA0MDgxNDMzMDNaFw0yNDA0MDYxNDM4MDNaMDMxMTAvBgNV
BAMTKEYwOTc1REVFNDlDMzU1REZFQjE3OEU0NjBBMDYxRjhCNTlBODUwN0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2Z2HlMQgGwEV/m9P3gxTRToNe
sN25Q/ncK+4dBslAYkc/bqJH0N1p7sz2dDJu6f4yOqqV+NSZTSGbsBp1pVIcK1kJ
w+V22/GZIpnXqmv5uYtbr1v8ufv+txcrMLurbSzOwqSc10ZZnOVpYxPUCWzUjYpg
NW4m+9DgDCpIB8kh3mv0W6mydCxZ0oFGlI4RMpQdCJZ8MLK903k7LdQ3OUoVgsjQ
v0KjsemBIWsPHdS2SN8qF28T7PggzKcV8XP6X5lrGoz7Y5KrR2BPJmkNNLZ+IKAY
4mwat7P1vm/d8al/O2F3yp1dx2n90h8Kp2+6V/MpoBV5WvIc3FCcr1XRoaa1AgMB
AAGjggJ6MIICdjAdBgNVHQ4EFgQU8Jdd7knDVd/rF45GCgYfi1moUH8wHwYDVR0j
BBgwFoAUhHE4tUAYMLibUkA8d3cYu0CytrUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJmOGU5NzctNzI3OC00NmNmLWFiZDEtOTljZDFmZDJi
ZTRlLzQvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIyQjZCNS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIy
QjZCNS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWJmOGU5Nzct
NzI3OC00NmNmLWFiZDEtOTljZDFmZDJiZTRlLzQvMzI2MTMwMzUzYTY0NjY2MzM1
M2E2NDY1NjE2NDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzMzMwMzYzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoF38XerTANBgkqhkiG9w0BAQsFAAOCAQEAceo51dcV/CgUTn9r
I7CqxYpEG3Gm/uSbop2NMYN017HIANwPH82VgkP0RCVmafr/RMegGN2OCC4X+Fc7
YMOOu65gE6jMkPdS5XUfVU4HYymsk/utgZlZW4nHo61ItZMjRkTSc8lyivcoxYRd
SjGJ3bLYjZ5dV4W1Qg2lWOD4fxhs/xKphZveaV4H/BOrjkslzW/JZ4LjaMhI0jIB
BmhseUX/LOkzAKKcK6heSAOFjLJLjQW3r97GOcMDOE9MC99l9n+cbDJWTFJjwBQG
Z4To8+0wDRd5lbPjY+UFauyFkdj8W9G8gxhD/B/UzJtDgWdD2RHo6LnMXMYdiYZn
agSW6Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-fra.rpki-client.org