Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3139332e33392e31302e302f32342d3234203d3e203433323630.roa
File:                     3139332e33392e31302e302f32342d3234203d3e203433323630.roa (raw, json)
Hash identifier:          KXl05Jifkfj2ltSFu065Khggjv0A7d6ugOiwg0IR1Rg=
Subject key identifier:   6C:6D:50:C9:4B:65:C3:7E:1D:08:02:F8:28:D3:0D:86:C1:E9:34:3D
Certificate issuer:       /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial:       2D5E87C7C8EF8736E16D4610DF2572F537DF3464
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3139332e33392e31302e302f32342d3234203d3e203433323630.roa
Signing time:             Wed 22 Mar 2023 18:08:12 +0000
ROA not before:           Wed 22 Mar 2023 18:03:12 +0000
ROA not after:            Wed 20 Mar 2024 18:08:12 +0000
asID:                     43260
IP address blocks:        193.39.10.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:5e:87:c7:c8:ef:87:36:e1:6d:46:10:df:25:72:f5:37:df:34:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
        Validity
            Not Before: Mar 22 18:03:12 2023 GMT
            Not After : Mar 20 18:08:12 2024 GMT
        Subject: CN=6C6D50C94B65C37E1D0802F828D30D86C1E9343D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:5b:d7:69:be:e0:a5:72:1f:07:51:27:dc:09:
                    a7:17:4c:b9:c4:0e:59:ee:3a:c6:72:19:29:ff:78:
                    a6:d8:d7:ec:ef:d9:7b:a1:15:6e:0a:44:6b:58:14:
                    5f:c8:06:83:80:1b:95:6d:63:44:e1:dc:ed:16:a9:
                    97:96:72:ec:b4:8c:67:e4:c9:b5:bd:c9:6e:c9:a4:
                    ac:44:b3:33:14:80:80:a1:b2:2a:14:76:44:c4:ea:
                    bb:0c:d5:d0:44:ed:ba:06:e1:0e:38:1c:e2:11:51:
                    46:49:91:0a:30:c4:1a:da:de:f3:20:84:13:e3:f5:
                    16:e7:20:cb:11:5d:fc:a0:f2:43:8c:ab:3e:93:f7:
                    7b:4a:e0:2a:0f:84:3c:e6:44:a5:7e:3c:81:1e:2b:
                    f5:9b:c8:88:25:61:15:3f:19:9e:7f:52:d5:29:59:
                    f2:67:df:56:07:da:95:c6:aa:97:49:2c:f2:1f:de:
                    81:12:44:a8:00:a5:67:b3:eb:70:dd:7e:e1:cb:50:
                    46:40:79:72:1c:2c:4d:05:26:5b:cc:e7:63:ba:94:
                    86:fa:2f:d6:21:56:33:71:ac:cd:1c:37:3f:f5:f0:
                    b4:2c:22:b9:b4:ed:d9:8d:ac:56:2c:52:08:aa:bf:
                    23:90:9d:80:8a:8b:6c:75:e3:ca:a5:c4:a7:39:f8:
                    1b:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:6D:50:C9:4B:65:C3:7E:1D:08:02:F8:28:D3:0D:86:C1:E9:34:3D
            X509v3 Authority Key Identifier:
                keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3139332e33392e31302e302f32342d3234203d3e203433323630.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.39.10.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:66:73:92:4b:68:ac:2b:ce:82:55:76:17:1a:5b:a2:d5:7e:
         df:fc:3e:84:39:17:80:74:68:97:69:96:eb:45:0b:02:9a:8c:
         fb:c9:7a:a2:b2:15:10:ad:4c:c9:1a:01:f1:2e:2c:f3:e5:d6:
         5a:bc:03:1b:fc:27:ba:85:00:71:62:07:0a:3f:cb:bd:e7:c2:
         4c:64:0d:a3:c5:63:a7:28:f2:0a:15:a8:65:49:3d:d7:ed:9c:
         81:6e:bc:ae:52:2f:17:52:85:06:89:08:f5:92:40:55:c6:9d:
         71:a2:3d:32:20:61:b0:30:cb:ee:ec:07:21:d6:9f:41:0e:8a:
         bd:c6:d9:eb:35:23:87:6c:d2:3d:72:03:80:45:93:1d:54:76:
         46:fd:6b:cd:01:4f:58:af:bf:82:0e:de:00:f5:85:2b:4f:07:
         6c:0e:17:4b:a8:07:87:80:ed:03:67:2f:ae:d6:68:6a:26:31:
         dd:29:a1:94:b4:e2:5f:80:45:cd:55:de:9b:0c:51:34:7a:0e:
         08:66:3b:48:91:19:6b:ee:2e:8d:c4:4c:91:ad:de:fe:13:22:
         9a:28:d2:53:94:1f:19:65:39:23:a2:f0:cd:85:88:f2:e2:e0:
         31:df:95:de:1b:5a:6d:d4:05:ed:51:70:83:01:e8:65:bb:04:
         c8:71:5e:c7
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIULV6Hx8jvhzbhbUYQ3yVy9TffNGQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzAzMjIxODAzMTJaFw0yNDAzMjAxODA4MTJaMDMxMTAvBgNV
BAMTKDZDNkQ1MEM5NEI2NUMzN0UxRDA4MDJGODI4RDMwRDg2QzFFOTM0M0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMW9dpvuClch8HUSfcCacXTLnE
DlnuOsZyGSn/eKbY1+zv2XuhFW4KRGtYFF/IBoOAG5VtY0Th3O0WqZeWcuy0jGfk
ybW9yW7JpKxEszMUgIChsioUdkTE6rsM1dBE7boG4Q44HOIRUUZJkQowxBra3vMg
hBPj9RbnIMsRXfyg8kOMqz6T93tK4CoPhDzmRKV+PIEeK/WbyIglYRU/GZ5/UtUp
WfJn31YH2pXGqpdJLPIf3oESRKgApWez63DdfuHLUEZAeXIcLE0FJlvM52O6lIb6
L9YhVjNxrM0cNz/18LQsIrm07dmNrFYsUgiqvyOQnYCKi2x148qlxKc5+BsnAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUbG1QyUtlw34dCAL4KNMNhsHpND0wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzOTMzMmUzMzM5MmUzMTMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMzMyMzYzMC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEn
CjANBgkqhkiG9w0BAQsFAAOCAQEAkGZzkktorCvOglV2FxpbotV+3/w+hDkXgHRo
l2mW60ULApqM+8l6orIVEK1MyRoB8S4s8+XWWrwDG/wnuoUAcWIHCj/LvefCTGQN
o8VjpyjyChWoZUk91+2cgW68rlIvF1KFBokI9ZJAVcadcaI9MiBhsDDL7uwHIdaf
QQ6KvcbZ6zUjh2zSPXIDgEWTHVR2Rv1rzQFPWK+/gg7eAPWFK08HbA4XS6gHh4Dt
A2cvrtZoaiYx3SmhlLTiX4BFzVXemwxRNHoOCGY7SJEZa+4ujcRMka3e/hMimijS
U5QfGWU5I6LwzYWI8uLgMd+V3htabdQF7VFwgwHoZbsEyHFexw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:17 2024 by rpki-client on console-fra.rpki-client.org