Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39372e302f32342d3234203d3e203631333137.roa
File:                     34352e3133372e39372e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier:          +C/xb3KMbhZSymIxIUu13O4yHu10m3KzET/xEbhDsD8=
Subject key identifier:   99:8A:EA:C3:A1:98:68:8C:CD:9C:10:54:F6:A0:CC:9F:EB:99:38:E2
Certificate issuer:       /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial:       76E317B1CEBCCAEBDDEE38A75F4A1F7872B86668
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39372e302f32342d3234203d3e203631333137.roa
Signing time:             Wed 22 Mar 2023 18:12:02 +0000
ROA not before:           Wed 22 Mar 2023 18:07:02 +0000
ROA not after:            Wed 20 Mar 2024 18:12:02 +0000
asID:                     61317
IP address blocks:        45.137.97.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:e3:17:b1:ce:bc:ca:eb:dd:ee:38:a7:5f:4a:1f:78:72:b8:66:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
        Validity
            Not Before: Mar 22 18:07:02 2023 GMT
            Not After : Mar 20 18:12:02 2024 GMT
        Subject: CN=998AEAC3A198688CCD9C1054F6A0CC9FEB9938E2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:3e:c1:b0:77:f8:ea:cb:fe:d8:f1:2a:7d:5b:
                    11:25:a4:94:d5:cb:f5:00:5a:3c:2a:1f:1f:99:22:
                    f3:ab:06:df:d2:d4:cc:f8:8b:f4:a1:97:69:b4:25:
                    da:b6:28:29:63:bf:50:fb:81:e7:79:d3:8d:ce:23:
                    38:ce:b2:cb:24:92:eb:6a:7a:50:49:5c:1b:9d:38:
                    fa:59:af:89:d7:4b:15:ed:93:01:9c:5e:11:d1:80:
                    6c:91:ba:55:9b:49:02:d7:45:5e:ed:32:a5:e8:33:
                    ff:6f:ff:d7:c2:1b:d1:c4:60:61:17:fa:09:72:47:
                    de:30:32:1b:f0:af:61:0d:bf:73:01:39:df:69:bc:
                    72:c2:d8:10:9e:13:cd:2f:4d:a6:c0:59:66:68:ea:
                    2a:83:e2:2b:66:63:dc:a9:1b:97:56:6d:52:10:fe:
                    50:a0:48:7d:7a:cd:95:b3:1c:63:22:82:ae:4e:fe:
                    d8:fd:97:1b:17:fe:e7:fc:78:77:11:d3:7e:6f:d6:
                    7f:19:7f:9c:e9:8d:4d:ee:65:08:41:3b:e5:85:14:
                    55:12:51:75:a4:16:eb:4d:b6:b5:3d:9a:10:d0:6a:
                    0f:69:d2:14:13:e1:e6:12:75:e0:72:73:7e:11:54:
                    41:7f:9f:c2:61:b3:ab:70:7a:66:e7:64:21:a3:1d:
                    e8:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:8A:EA:C3:A1:98:68:8C:CD:9C:10:54:F6:A0:CC:9F:EB:99:38:E2
            X509v3 Authority Key Identifier:
                keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39372e302f32342d3234203d3e203631333137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.137.97.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:8b:0b:b2:24:7d:76:88:49:a0:cb:98:55:e3:4a:7c:7c:7a:
         53:5e:e8:e7:17:8a:f4:eb:18:f9:ee:21:df:ce:84:61:93:13:
         9d:70:00:ac:40:a0:f0:ff:59:f3:a2:6e:5a:e5:3c:59:8e:b8:
         75:bb:12:6a:2a:7b:40:e5:0f:52:1a:e5:12:0b:83:87:98:79:
         d4:a0:38:ad:ca:5b:9d:9e:12:b3:92:44:d7:84:3e:3b:0d:e5:
         0f:c2:86:2a:76:db:3d:2d:d8:be:30:1d:7a:46:40:16:a9:79:
         1d:3a:b4:ba:5a:4f:45:50:02:2d:7d:e4:19:65:26:ca:36:d0:
         34:71:00:a4:69:dd:39:74:7a:0b:f0:53:9f:3f:18:8a:7a:c3:
         49:fd:1e:86:bf:17:e9:ee:11:ff:5e:62:43:67:21:e9:f4:32:
         da:3a:57:74:47:54:b3:74:e1:cf:db:38:2a:8c:12:c9:a2:d1:
         a9:28:5a:bb:1c:8e:c7:98:87:6d:dc:83:f9:b4:11:64:52:50:
         d0:35:04:c8:16:85:e7:ea:f1:11:b0:da:aa:73:ec:a1:42:a5:
         72:bb:45:25:e2:2b:85:44:7d:55:ff:9a:f9:73:e9:77:d3:13:
         2f:15:98:88:6b:47:f3:a1:6d:8b:15:50:42:9c:27:8c:c6:25:
         44:3b:48:5b
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUduMXsc68yuvd7jinX0ofeHK4ZmgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzAzMjIxODA3MDJaFw0yNDAzMjAxODEyMDJaMDMxMTAvBgNV
BAMTKDk5OEFFQUMzQTE5ODY4OENDRDlDMTA1NEY2QTBDQzlGRUI5OTM4RTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFPsGwd/jqy/7Y8Sp9WxElpJTV
y/UAWjwqHx+ZIvOrBt/S1Mz4i/Shl2m0Jdq2KCljv1D7ged5043OIzjOssskkutq
elBJXBudOPpZr4nXSxXtkwGcXhHRgGyRulWbSQLXRV7tMqXoM/9v/9fCG9HEYGEX
+glyR94wMhvwr2ENv3MBOd9pvHLC2BCeE80vTabAWWZo6iqD4itmY9ypG5dWbVIQ
/lCgSH16zZWzHGMigq5O/tj9lxsX/uf8eHcR035v1n8Zf5zpjU3uZQhBO+WFFFUS
UXWkFutNtrU9mhDQag9p0hQT4eYSdeByc34RVEF/n8Jhs6twembnZCGjHegFAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUmYrqw6GYaIzNnBBU9qDMn+uZOOIwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMzM3MmUzOTM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMTMzMzEzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2J
YTANBgkqhkiG9w0BAQsFAAOCAQEAZ4sLsiR9dohJoMuYVeNKfHx6U17o5xeK9OsY
+e4h386EYZMTnXAArECg8P9Z86JuWuU8WY64dbsSaip7QOUPUhrlEguDh5h51KA4
rcpbnZ4Ss5JE14Q+Ow3lD8KGKnbbPS3YvjAdekZAFql5HTq0ulpPRVACLX3kGWUm
yjbQNHEApGndOXR6C/BTnz8YinrDSf0ehr8X6e4R/15iQ2ch6fQy2jpXdEdUs3Th
z9s4KowSyaLRqShauxyOx5iHbdyD+bQRZFJQ0DUEyBaF5+rxEbDaqnPsoUKlcrtF
JeIrhUR9Vf+a+XPpd9MTLxWYiGtH86FtixVQQpwnjMYlRDtIWw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:17 2024 by rpki-client on console-fra.rpki-client.org