Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137322e302f32342d3234203d3e20323039323630.roa
File:                     3138352e3137322e3137322e302f32342d3234203d3e20323039323630.roa (raw, json)
Hash identifier:          ubESS9tgTh0Seov8QIvQfLnj/DwOTArQ+kk8JXIlhsY=
Subject key identifier:   D3:A7:3F:48:65:F8:4A:B4:20:C1:08:FE:4D:84:E5:0E:AF:E7:73:AD
Certificate issuer:       /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial:       57E882ACF4FD65D0CE1ABE907DA31525FEA5FF2B
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137322e302f32342d3234203d3e20323039323630.roa
Signing time:             Wed 22 Mar 2023 18:05:41 +0000
ROA not before:           Wed 22 Mar 2023 18:00:41 +0000
ROA not after:            Wed 20 Mar 2024 18:05:41 +0000
asID:                     209260
IP address blocks:        185.172.172.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:e8:82:ac:f4:fd:65:d0:ce:1a:be:90:7d:a3:15:25:fe:a5:ff:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
        Validity
            Not Before: Mar 22 18:00:41 2023 GMT
            Not After : Mar 20 18:05:41 2024 GMT
        Subject: CN=D3A73F4865F84AB420C108FE4D84E50EAFE773AD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:79:a1:60:79:67:85:3e:bc:05:85:f8:52:b1:
                    1b:10:77:9c:e8:51:46:09:7e:94:36:9a:ee:23:bd:
                    0d:c6:c4:1d:a9:57:7b:e5:c2:43:be:a7:9c:8d:83:
                    f2:2d:45:f5:30:8e:5c:35:9c:7a:95:25:59:a7:c7:
                    5c:22:9c:e6:b5:5e:4d:a5:2b:e9:e8:25:3a:56:67:
                    8e:d6:dd:b1:c5:3c:97:27:de:e8:95:e1:6b:88:3f:
                    a3:4e:a1:4d:61:99:b1:84:45:15:9e:86:53:0c:1e:
                    ab:24:bf:b0:1b:a9:67:b3:08:bf:0a:11:17:80:93:
                    33:7a:9b:3b:cb:06:2c:e1:23:09:ba:ac:47:3e:15:
                    8a:14:34:da:76:e6:41:29:65:ae:e2:a1:4b:6c:17:
                    67:83:2a:34:de:eb:51:3c:cd:a2:62:e7:32:e1:b9:
                    6e:b1:87:1d:9c:02:1c:d3:75:af:51:c1:b3:1e:54:
                    21:b1:33:6c:b9:e4:b9:10:e4:ac:72:98:c7:0b:3e:
                    1a:2f:b1:f2:69:cf:a2:75:18:ba:10:91:0c:8a:8e:
                    b7:b5:82:df:f0:16:0c:d7:38:a0:49:06:df:f5:64:
                    0b:77:83:2f:1c:42:f9:43:c9:7e:af:98:ec:c2:6b:
                    ab:ec:07:33:15:74:93:f6:f8:68:f8:ca:16:69:55:
                    0e:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:A7:3F:48:65:F8:4A:B4:20:C1:08:FE:4D:84:E5:0E:AF:E7:73:AD
            X509v3 Authority Key Identifier:
                keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137322e302f32342d3234203d3e20323039323630.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.172.172.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:03:b3:0a:2b:ef:fd:b5:84:5f:aa:bd:d5:a0:fc:eb:d0:d7:
         b6:f7:81:ac:3f:96:41:f3:22:9a:2b:88:79:27:ac:38:19:5b:
         aa:88:50:c4:35:a3:00:08:1a:75:0d:f7:d0:d8:df:13:0c:2f:
         1c:1b:78:40:d7:e7:d7:e1:d2:61:36:7a:c5:89:d4:a5:8d:78:
         09:7b:d8:65:76:da:70:7b:93:29:d8:9c:82:c1:ce:21:b1:39:
         2d:23:56:84:97:1a:1d:6d:82:70:80:38:58:b2:de:0e:63:d7:
         f7:e5:3c:2b:9e:4c:39:1c:8c:49:b3:9e:9a:5c:9f:dc:8a:47:
         cf:5b:df:8c:26:a3:68:ba:58:6b:b3:a6:9e:65:d0:c6:bf:6c:
         d8:01:d2:11:9f:e3:2c:4d:71:19:e5:7c:81:ea:14:09:b0:24:
         43:0e:51:f6:2e:98:a2:c8:59:ec:e6:54:6a:2a:bb:ee:c2:1d:
         12:1d:2a:f4:75:b0:83:46:8f:41:ac:28:d1:eb:38:06:4c:a2:
         6c:db:45:8d:2f:da:5c:d3:92:a5:fd:1d:c0:77:71:c7:fc:0d:
         80:6f:40:4a:6a:73:e6:6e:bb:fb:c7:b7:47:97:7f:91:e4:63:
         b5:a7:d3:40:db:67:b7:6c:a4:d4:c4:71:b1:96:a6:b5:e9:8b:
         f8:5c:cc:ba
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUV+iCrPT9ZdDOGr6QfaMVJf6l/yswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzAzMjIxODAwNDFaFw0yNDAzMjAxODA1NDFaMDMxMTAvBgNV
BAMTKEQzQTczRjQ4NjVGODRBQjQyMEMxMDhGRTREODRFNTBFQUZFNzczQUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTeaFgeWeFPrwFhfhSsRsQd5zo
UUYJfpQ2mu4jvQ3GxB2pV3vlwkO+p5yNg/ItRfUwjlw1nHqVJVmnx1winOa1Xk2l
K+noJTpWZ47W3bHFPJcn3uiV4WuIP6NOoU1hmbGERRWehlMMHqskv7AbqWezCL8K
EReAkzN6mzvLBizhIwm6rEc+FYoUNNp25kEpZa7ioUtsF2eDKjTe61E8zaJi5zLh
uW6xhx2cAhzTda9RwbMeVCGxM2y55LkQ5KxymMcLPhovsfJpz6J1GLoQkQyKjre1
gt/wFgzXOKBJBt/1ZAt3gy8cQvlDyX6vmOzCa6vsBzMVdJP2+Gj4yhZpVQ67AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU06c/SGX4SrQgwQj+TYTlDq/nc60wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzODM1MmUzMTM3MzIyZTMx
MzczMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzOTMyMzYzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALmsrDANBgkqhkiG9w0BAQsFAAOCAQEAIQOzCivv/bWEX6q91aD869DXtveB
rD+WQfMimiuIeSesOBlbqohQxDWjAAgadQ330NjfEwwvHBt4QNfn1+HSYTZ6xYnU
pY14CXvYZXbacHuTKdicgsHOIbE5LSNWhJcaHW2CcIA4WLLeDmPX9+U8K55MORyM
SbOemlyf3IpHz1vfjCajaLpYa7OmnmXQxr9s2AHSEZ/jLE1xGeV8geoUCbAkQw5R
9i6YoshZ7OZUaiq77sIdEh0q9HWwg0aPQawo0es4BkyibNtFjS/aXNOSpf0dwHdx
x/wNgG9ASmpz5m67+8e3R5d/keRjtafTQNtnt2yk1MRxsZamtemL+FzMug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:17 2024 by rpki-client on console-fra.rpki-client.org