Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS209371.roa
File:                     AS209371.roa (raw, json)
Hash identifier:          hW84scTHfCWp6VhuX68H0ctJaZ8TH6ADosRA2pypIvQ=
Subject key identifier:   B7:31:B8:86:51:B4:70:4E:DC:F6:0D:61:44:26:28:31:D9:5A:8B:11
Certificate issuer:       /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial:       2F150D94CAC13BC729E48658A48FD1B815867663
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS209371.roa
Signing time:             Thu 04 May 2023 13:40:11 +0000
ROA not before:           Thu 04 May 2023 13:35:11 +0000
ROA not after:            Thu 02 May 2024 13:40:11 +0000
asID:                     209371
IP address blocks:        5.252.74.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:15:0d:94:ca:c1:3b:c7:29:e4:86:58:a4:8f:d1:b8:15:86:76:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
        Validity
            Not Before: May  4 13:35:11 2023 GMT
            Not After : May  2 13:40:11 2024 GMT
        Subject: CN=B731B88651B4704EDCF60D6144262831D95A8B11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:12:80:9b:7f:0f:53:8a:aa:fb:d4:83:ea:a6:
                    44:c6:14:50:05:87:49:7d:ac:22:3f:36:fa:29:03:
                    64:53:ce:4e:68:e5:a3:33:27:f3:5a:f0:03:75:2a:
                    22:82:76:46:3b:84:51:1c:73:d4:84:54:3c:f3:60:
                    e7:02:55:c1:55:fa:97:d5:50:e7:f2:ca:78:28:43:
                    30:e4:c2:13:f7:77:e8:ae:8a:e4:3b:a6:10:1d:64:
                    9f:2f:85:f8:d1:20:5e:8e:a4:90:f6:73:9e:a1:72:
                    9d:ef:cb:69:cc:0f:2d:38:c5:a2:62:c9:0c:45:d7:
                    ad:53:b8:30:81:f6:c7:7d:e2:3b:8c:b7:9f:ee:0f:
                    04:d8:0f:4a:59:00:0e:b0:d4:eb:90:b7:49:57:53:
                    e3:27:aa:91:a3:f1:f1:98:ce:26:46:af:73:a7:77:
                    54:33:7e:37:f3:87:d4:c9:c7:39:82:c1:41:e2:9e:
                    fe:d6:70:05:2b:87:8c:06:9b:0a:7a:2f:52:5a:f1:
                    dc:b2:6b:a4:05:ec:87:cc:0a:b5:3a:99:f3:8b:aa:
                    2a:9a:31:2e:0c:a9:7d:33:0c:43:74:4c:1a:4d:4d:
                    ec:05:80:93:dd:bc:d2:05:19:87:cd:4e:36:0e:f9:
                    77:7d:ea:70:51:c9:94:50:ed:78:98:ea:12:ca:d2:
                    64:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:31:B8:86:51:B4:70:4E:DC:F6:0D:61:44:26:28:31:D9:5A:8B:11
            X509v3 Authority Key Identifier:
                keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS209371.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.252.74.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:b3:c0:de:80:cf:fe:01:d6:f4:3d:74:5a:8e:ef:35:d6:99:
         eb:7a:91:2f:8a:44:f6:39:34:31:3d:d4:0c:f7:ef:68:7f:71:
         70:89:86:cc:7e:6e:c0:96:de:16:a4:d3:65:f4:ac:f2:2b:c3:
         98:f8:5f:d4:52:40:99:7c:82:07:92:9e:ba:a3:e5:91:b6:ec:
         d9:55:04:f0:c2:63:7d:37:d0:5f:c0:8a:e5:bc:c4:bc:da:00:
         55:82:fb:7d:86:8d:9e:bc:02:bf:97:7d:1f:e4:b3:2b:2c:0a:
         66:c5:2a:55:41:2a:e4:9a:6f:1c:3c:f8:ea:f5:15:0e:5a:25:
         05:39:34:61:1b:1d:51:60:2d:7b:31:27:69:81:c6:85:5b:41:
         f9:86:b7:d8:29:f0:20:6e:f9:67:60:c5:b3:18:08:8e:09:2b:
         f5:60:e5:e3:16:c7:15:df:ec:44:03:df:fa:03:77:f3:e1:72:
         71:a0:56:a2:31:1a:15:2d:d7:dc:0b:4d:4b:ee:22:a4:a9:60:
         4a:cb:99:19:1f:61:70:e8:e3:62:a5:9f:5d:08:85:d9:db:ae:
         be:07:ed:33:9a:63:14:0b:23:f4:b0:ad:44:01:6c:a8:4a:2e:
         39:1a:b6:65:27:ce:9b:c3:7a:08:c0:6a:a4:0a:f8:c6:c8:ee:
         1c:7e:0d:b5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIULxUNlMrBO8cp5IZYpI/RuBWGdmMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzA1MDQxMzM1MTFaFw0yNDA1MDIxMzQwMTFaMDMxMTAvBgNV
BAMTKEI3MzFCODg2NTFCNDcwNEVEQ0Y2MEQ2MTQ0MjYyODMxRDk1QThCMTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaEoCbfw9Tiqr71IPqpkTGFFAF
h0l9rCI/NvopA2RTzk5o5aMzJ/Na8AN1KiKCdkY7hFEcc9SEVDzzYOcCVcFV+pfV
UOfyyngoQzDkwhP3d+iuiuQ7phAdZJ8vhfjRIF6OpJD2c56hcp3vy2nMDy04xaJi
yQxF161TuDCB9sd94juMt5/uDwTYD0pZAA6w1OuQt0lXU+MnqpGj8fGYziZGr3On
d1Qzfjfzh9TJxzmCwUHinv7WcAUrh4wGmwp6L1Ja8dyya6QF7IfMCrU6mfOLqiqa
MS4MqX0zDEN0TBpNTewFgJPdvNIFGYfNTjYO+Xd96nBRyZRQ7XiY6hLK0mRBAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUtzG4hlG0cE7c9g1hRCYoMdlaixEwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjA5MzcxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABfxK
MA0GCSqGSIb3DQEBCwUAA4IBAQBIs8DegM/+Adb0PXRaju811pnrepEvikT2OTQx
PdQM9+9of3FwiYbMfm7Alt4WpNNl9KzyK8OY+F/UUkCZfIIHkp66o+WRtuzZVQTw
wmN9N9BfwIrlvMS82gBVgvt9ho2evAK/l30f5LMrLApmxSpVQSrkmm8cPPjq9RUO
WiUFOTRhGx1RYC17MSdpgcaFW0H5hrfYKfAgbvlnYMWzGAiOCSv1YOXjFscV3+xE
A9/6A3fz4XJxoFaiMRoVLdfcC01L7iKkqWBKy5kZH2Fw6ONipZ9dCIXZ266+B+0z
mmMUCyP0sK1EAWyoSi45GrZlJ86bw3oIwGqkCvjGyO4cfg21
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:14 2024 by rpki-client on console-fra.rpki-client.org