Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6c030890-f6e0-410c-bc99-af0921d1c3a4/0/3138382e3136342e3135382e302f32342d3234203d3e20323131353834.roa
File:                     3138382e3136342e3135382e302f32342d3234203d3e20323131353834.roa (raw, json)
Hash identifier:          a+L5REoAVhDI+FhjPwqlnelNyX9swnpb550z3W97UE8=
Subject key identifier:   33:88:F1:1E:D7:34:E1:A5:20:ED:E6:B9:EE:BF:99:F6:48:98:D7:F6
Certificate issuer:       /CN=8b9ba9adde9635777bf586fd493e14cd30f7c4ca
Certificate serial:       2E95E835024ED5BE5C7FFB3339E5C90280721DA7
Authority key identifier: 8B:9B:A9:AD:DE:96:35:77:7B:F5:86:FD:49:3E:14:CD:30:F7:C4:CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i5uprd6WNXd79Yb9ST4UzTD3xMo.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/6c030890-f6e0-410c-bc99-af0921d1c3a4/0/3138382e3136342e3135382e302f32342d3234203d3e20323131353834.roa
Signing time:             Thu 18 May 2023 13:54:32 +0000
ROA not before:           Thu 18 May 2023 13:49:32 +0000
ROA not after:            Thu 16 May 2024 13:54:32 +0000
asID:                     211584
IP address blocks:        188.164.158.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:95:e8:35:02:4e:d5:be:5c:7f:fb:33:39:e5:c9:02:80:72:1d:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8b9ba9adde9635777bf586fd493e14cd30f7c4ca
        Validity
            Not Before: May 18 13:49:32 2023 GMT
            Not After : May 16 13:54:32 2024 GMT
        Subject: CN=3388F11ED734E1A520EDE6B9EEBF99F64898D7F6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:ea:77:b0:63:dd:19:de:e5:c8:bf:b5:37:f4:
                    52:18:66:56:85:18:5f:6d:4d:68:63:21:26:db:38:
                    bc:a5:f5:69:ec:6e:30:86:e0:0c:d8:a5:fe:ec:c2:
                    0f:b4:00:11:71:1c:6a:e3:6b:1a:3f:da:e8:e6:a9:
                    1a:53:75:85:6e:79:98:ce:9c:50:f1:9f:4a:91:bf:
                    3f:53:2a:e8:97:31:c7:83:7d:83:4a:50:04:25:de:
                    30:55:e9:60:4a:63:59:48:a1:a9:20:fb:12:3d:af:
                    f1:4d:cd:78:a4:e9:d8:2c:1a:02:9f:6c:12:50:e9:
                    e1:49:b7:46:51:3a:37:68:72:81:97:b6:39:34:0a:
                    26:ce:88:45:50:5d:5e:27:ef:3b:da:a9:ae:6a:44:
                    0c:98:01:2b:6a:9f:da:83:39:3d:bc:0c:52:12:63:
                    4a:ac:d7:30:2b:38:dc:1e:a4:4a:13:f9:0e:51:25:
                    6f:e0:fc:d9:38:28:6e:d8:a9:63:14:bf:ef:46:60:
                    d7:61:c9:a2:2b:9c:f0:e5:86:55:ac:9a:2d:03:8d:
                    76:3c:59:7e:77:66:24:fa:be:d3:07:72:a6:e7:08:
                    07:0a:e7:30:77:54:78:ef:3c:da:76:ef:ca:71:a1:
                    7d:23:9d:d0:c7:0f:26:27:8f:d3:8d:6d:e5:ea:91:
                    47:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:88:F1:1E:D7:34:E1:A5:20:ED:E6:B9:EE:BF:99:F6:48:98:D7:F6
            X509v3 Authority Key Identifier:
                keyid:8B:9B:A9:AD:DE:96:35:77:7B:F5:86:FD:49:3E:14:CD:30:F7:C4:CA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/6c030890-f6e0-410c-bc99-af0921d1c3a4/0/8B9BA9ADDE9635777BF586FD493E14CD30F7C4CA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i5uprd6WNXd79Yb9ST4UzTD3xMo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6c030890-f6e0-410c-bc99-af0921d1c3a4/0/3138382e3136342e3135382e302f32342d3234203d3e20323131353834.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.164.158.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:11:b7:c6:21:85:34:6d:62:43:41:c3:f7:37:44:6e:06:e8:
         8c:97:8a:d6:55:8c:b4:55:7b:1e:f7:f1:17:0c:5e:9a:87:c6:
         51:c9:66:c2:e2:78:69:19:72:3d:d7:51:74:78:fa:cf:52:3e:
         02:4f:e7:06:d9:d0:a6:13:cc:35:7b:b2:bc:e5:91:1d:a7:2e:
         de:1a:fe:bc:b7:20:16:2d:25:b5:a4:64:19:e2:37:01:2f:70:
         90:84:c1:5f:1a:ea:d1:7b:da:20:f1:7a:64:04:9d:36:66:db:
         79:a9:ec:71:52:95:ae:38:b8:a8:9b:8c:31:95:5c:d9:41:2e:
         7d:14:bc:c3:dd:9c:e5:8d:1a:2f:c8:82:53:b6:00:7a:42:ec:
         9f:b7:13:7e:66:c1:1b:85:0a:2e:40:f1:73:67:a4:02:e5:82:
         65:40:04:eb:57:a6:8d:27:d0:99:dd:93:70:f4:94:b2:f0:d6:
         0a:57:c0:fc:31:cd:9c:78:32:61:91:51:97:45:4a:99:50:b1:
         88:a5:e6:0f:11:55:ea:a6:df:f1:7b:9a:94:fc:e2:d5:f6:83:
         ed:14:64:7e:2e:42:49:c6:c2:d6:02:fe:08:05:34:e1:87:93:
         89:e9:5b:ac:0d:1d:d0:15:d3:4b:61:35:10:cc:49:86:03:6d:
         7b:72:47:11
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIULpXoNQJO1b5cf/szOeXJAoByHacwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI5YmE5YWRkZTk2MzU3NzdiZjU4NmZkNDkzZTE0Y2Qz
MGY3YzRjYTAeFw0yMzA1MTgxMzQ5MzJaFw0yNDA1MTYxMzU0MzJaMDMxMTAvBgNV
BAMTKDMzODhGMTFFRDczNEUxQTUyMEVERTZCOUVFQkY5OUY2NDg5OEQ3RjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk6newY90Z3uXIv7U39FIYZlaF
GF9tTWhjISbbOLyl9WnsbjCG4AzYpf7swg+0ABFxHGrjaxo/2ujmqRpTdYVueZjO
nFDxn0qRvz9TKuiXMceDfYNKUAQl3jBV6WBKY1lIoakg+xI9r/FNzXik6dgsGgKf
bBJQ6eFJt0ZROjdocoGXtjk0CibOiEVQXV4n7zvaqa5qRAyYAStqn9qDOT28DFIS
Y0qs1zArONwepEoT+Q5RJW/g/Nk4KG7YqWMUv+9GYNdhyaIrnPDlhlWsmi0DjXY8
WX53ZiT6vtMHcqbnCAcK5zB3VHjvPNp278pxoX0jndDHDyYnj9ONbeXqkUdPAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUM4jxHtc04aUg7ea57r+Z9kiY1/YwHwYDVR0j
BBgwFoAUi5uprd6WNXd79Yb9ST4UzTD3xMowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmMwMzA4OTAtZjZlMC00MTBjLWJjOTktYWYwOTIxZDFj
M2E0LzAvOEI5QkE5QURERTk2MzU3NzdCRjU4NkZENDkzRTE0Q0QzMEY3QzRDQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2k1dXByZDZXTlhkNzlZYjlTVDRVelRE
M3hNby5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmMwMzA4OTAt
ZjZlMC00MTBjLWJjOTktYWYwOTIxZDFjM2E0LzAvMzEzODM4MmUzMTM2MzQyZTMx
MzUzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMTM1MzgzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALyknjANBgkqhkiG9w0BAQsFAAOCAQEAYxG3xiGFNG1iQ0HD9zdEbgbojJeK
1lWMtFV7HvfxFwxemofGUclmwuJ4aRlyPddRdHj6z1I+Ak/nBtnQphPMNXuyvOWR
Hacu3hr+vLcgFi0ltaRkGeI3AS9wkITBXxrq0XvaIPF6ZASdNmbbeanscVKVrji4
qJuMMZVc2UEufRS8w92c5Y0aL8iCU7YAekLsn7cTfmbBG4UKLkDxc2ekAuWCZUAE
61emjSfQmd2TcPSUsvDWClfA/DHNnHgyYZFRl0VKmVCxiKXmDxFV6qbf8XualPzi
1faD7RRkfi5CScbC1gL+CAU04YeTielbrA0d0BXTS2E1EMxJhgNte3JHEQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:06 2024 by rpki-client on console-ams.rpki-client.org