Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139362e302f32332d3234203d3e20313334313433.roa
File:                     3139342e33312e3139362e302f32332d3234203d3e20313334313433.roa (raw, json)
Hash identifier:          lvr45F75hPEJvjkW5Hp5pNYQeXM+G7OfG3sUMWjPetk=
Subject key identifier:   54:7D:0B:F2:C5:85:F1:F5:8F:88:6C:1D:EE:F9:3D:BE:66:18:CC:E4
Certificate issuer:       /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial:       289ED15BB61FD55F0E7877A20887A3D4A8FE58D5
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139362e302f32332d3234203d3e20313334313433.roa
Signing time:             Mon 06 Feb 2023 03:20:00 +0000
ROA not before:           Mon 06 Feb 2023 03:15:00 +0000
ROA not after:            Mon 05 Feb 2024 03:20:00 +0000
asID:                     134143
IP address blocks:        194.31.196.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:9e:d1:5b:b6:1f:d5:5f:0e:78:77:a2:08:87:a3:d4:a8:fe:58:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
        Validity
            Not Before: Feb  6 03:15:00 2023 GMT
            Not After : Feb  5 03:20:00 2024 GMT
        Subject: CN=547D0BF2C585F1F58F886C1DEEF93DBE6618CCE4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:c4:73:43:91:00:a7:e1:13:9d:9c:6f:29:98:
                    84:15:1f:ec:41:d6:8a:3b:4e:e4:d0:8a:fc:e0:3c:
                    7a:e4:d4:7c:d6:83:39:97:ce:d4:6d:fe:28:4c:0b:
                    e4:24:8e:97:db:5e:c1:22:30:69:7f:40:ad:84:bc:
                    6a:d8:4b:94:10:80:17:97:b0:8d:f8:d5:fb:03:2e:
                    85:b8:67:2f:24:8d:2e:a2:9b:52:d6:e9:26:b6:fd:
                    24:c9:fa:d6:f7:b5:5b:b0:2e:38:3f:b3:03:17:6b:
                    cc:b3:7f:42:06:be:71:36:d1:58:79:61:11:8f:8d:
                    1f:0d:55:a0:df:d4:30:ab:86:25:2e:8e:c7:86:5e:
                    48:f1:38:67:a7:cd:f8:48:73:12:27:f2:db:cb:e7:
                    a5:c6:b5:67:0c:47:99:62:ed:30:d4:b7:7e:f4:3f:
                    01:9a:f3:16:5c:d4:fd:8a:5f:f6:95:d9:1c:65:87:
                    95:c9:c2:34:11:ba:d8:52:f7:a1:e0:e9:d7:33:52:
                    6d:74:a6:f2:f2:65:5b:fe:ed:30:6e:53:68:38:b2:
                    83:b2:da:76:7a:e3:cf:c9:f4:5b:86:c0:57:d2:c4:
                    4b:9c:65:63:be:69:93:19:c5:e0:08:5b:c9:79:85:
                    0a:af:f8:a7:2a:9d:c0:c7:d8:50:0e:38:33:64:cb:
                    1b:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:7D:0B:F2:C5:85:F1:F5:8F:88:6C:1D:EE:F9:3D:BE:66:18:CC:E4
            X509v3 Authority Key Identifier:
                keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139362e302f32332d3234203d3e20313334313433.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.31.196.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5c:5f:d1:9b:fa:1d:34:69:dc:7d:06:3a:8a:8e:67:df:60:6a:
         e9:51:fe:00:89:73:12:47:61:d8:a3:c6:a9:4d:cf:74:dc:c4:
         7c:28:ce:f2:a4:d6:71:ab:bf:86:d6:8b:ad:22:19:77:7f:4a:
         51:b6:53:f3:17:a8:39:fc:53:95:5c:fb:e3:b8:7e:36:67:1f:
         d8:ad:17:aa:1e:2f:1e:d3:8b:3a:76:5f:43:fc:2d:b3:04:e5:
         83:61:20:1a:7b:c4:df:4c:51:de:97:a7:ea:b1:f5:f1:2c:28:
         8a:eb:61:b1:68:05:45:26:cc:08:fc:f4:e0:ba:45:a6:9c:cb:
         16:f8:6f:9d:51:6c:3e:54:c2:83:98:6b:d9:a3:ef:74:12:27:
         4f:17:a3:6d:c4:c9:9a:26:6e:0c:94:6d:22:9d:e1:fa:c2:ed:
         25:34:0d:df:8b:cd:98:cb:d3:f8:9c:0c:09:aa:fc:00:cb:d9:
         cc:29:4f:39:7a:a1:2e:4c:59:8c:5a:7e:49:e5:02:37:e8:8a:
         a8:e5:03:5c:2f:23:7f:50:5d:4b:12:b0:88:53:a0:3a:87:cb:
         d2:c0:9f:7f:e1:23:02:b6:6b:a7:fc:69:ee:00:da:49:20:a6:
         c6:c1:d9:66:c9:fe:5a:7d:0f:c6:dc:92:30:0d:4f:ce:76:de:
         18:f1:4c:bf
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUKJ7RW7Yf1V8OeHeiCIej1Kj+WNUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzAyMDYwMzE1MDBaFw0yNDAyMDUwMzIwMDBaMDMxMTAvBgNV
BAMTKDU0N0QwQkYyQzU4NUYxRjU4Rjg4NkMxREVFRjkzREJFNjYxOENDRTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3xHNDkQCn4ROdnG8pmIQVH+xB
1oo7TuTQivzgPHrk1HzWgzmXztRt/ihMC+QkjpfbXsEiMGl/QK2EvGrYS5QQgBeX
sI341fsDLoW4Zy8kjS6im1LW6Sa2/STJ+tb3tVuwLjg/swMXa8yzf0IGvnE20Vh5
YRGPjR8NVaDf1DCrhiUujseGXkjxOGenzfhIcxIn8tvL56XGtWcMR5li7TDUt370
PwGa8xZc1P2KX/aV2Rxlh5XJwjQRuthS96Hg6dczUm10pvLyZVv+7TBuU2g4soOy
2nZ648/J9FuGwFfSxEucZWO+aZMZxeAIW8l5hQqv+KcqncDH2FAOODNkyxuxAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUVH0L8sWF8fWPiGwd7vk9vmYYzOQwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzEzOTM0MmUzMzMxMmUzMTM5
MzYyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMTMzMzQzMTM0MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAHCH8QwDQYJKoZIhvcNAQELBQADggEBAFxf0Zv6HTRp3H0GOoqOZ99gaulR/gCJ
cxJHYdijxqlNz3TcxHwozvKk1nGrv4bWi60iGXd/SlG2U/MXqDn8U5Vc++O4fjZn
H9itF6oeLx7Tizp2X0P8LbME5YNhIBp7xN9MUd6Xp+qx9fEsKIrrYbFoBUUmzAj8
9OC6Raacyxb4b51RbD5UwoOYa9mj73QSJ08Xo23EyZombgyUbSKd4frC7SU0Dd+L
zZjL0/icDAmq/ADL2cwpTzl6oS5MWYxafknlAjfoiqjlA1wvI39QXUsSsIhToDqH
y9LAn3/hIwK2a6f8ae4A2kkgpsbB2WbJ/lp9D8bckjANT8523hjxTL8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:56 2024 by rpki-client on console-ams.rpki-client.org