Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35362e302f32342d3234203d3e20333939373436.roa
File:                     34352e3135382e35362e302f32342d3234203d3e20333939373436.roa (raw, json)
Hash identifier:          tClN2mg2H7ytseJ7bCP9htm9Ae6PmTUrLEOdM1v10PU=
Subject key identifier:   37:25:23:F5:57:72:8D:05:A1:77:FD:FA:E5:C3:98:E1:38:D3:E3:B0
Certificate issuer:       /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial:       71E7973AB93EA7F711730D9034425550F814C8D1
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35362e302f32342d3234203d3e20333939373436.roa
Signing time:             Wed 22 Mar 2023 18:13:09 +0000
ROA not before:           Wed 22 Mar 2023 18:08:09 +0000
ROA not after:            Wed 20 Mar 2024 18:13:09 +0000
asID:                     399746
IP address blocks:        45.158.56.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:e7:97:3a:b9:3e:a7:f7:11:73:0d:90:34:42:55:50:f8:14:c8:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
        Validity
            Not Before: Mar 22 18:08:09 2023 GMT
            Not After : Mar 20 18:13:09 2024 GMT
        Subject: CN=372523F557728D05A177FDFAE5C398E138D3E3B0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:79:5f:d1:6a:47:bc:91:25:f5:79:c6:79:cb:
                    e5:63:c4:61:31:05:ed:05:29:5a:6f:8b:47:c5:ec:
                    31:2a:4d:75:f6:10:79:14:c6:9c:29:68:17:17:2e:
                    03:61:a6:87:6e:a3:90:b4:17:bb:d2:92:49:13:50:
                    48:06:5c:26:65:4f:d6:f0:6e:82:34:ab:19:7c:67:
                    cd:37:13:c0:0d:7b:e5:a8:3b:3c:3e:be:23:49:9e:
                    91:ef:dd:98:b1:96:7a:f3:be:f5:0c:55:bb:25:4d:
                    72:d3:f2:da:2c:c7:0d:d0:49:80:70:d8:67:d9:a5:
                    53:a3:1d:a5:ca:9e:cd:1d:dd:07:d8:4f:14:0b:d6:
                    5b:c3:62:3a:99:1a:6e:09:46:cd:41:63:56:03:c8:
                    8a:9b:56:2b:89:bd:9a:d2:e7:df:77:d8:4f:df:b7:
                    f2:d5:b6:90:61:ec:69:fc:11:5e:ec:ab:50:58:f7:
                    5f:34:41:e5:68:89:c5:ff:75:62:54:0d:f1:74:50:
                    99:d8:50:f1:6f:66:44:f8:60:c2:d8:8b:9a:35:b7:
                    ed:f9:fa:a3:54:04:43:b7:d4:b5:d6:d5:26:05:12:
                    b5:08:97:40:c2:45:0a:c8:3b:79:a1:bd:4a:84:88:
                    d6:71:f1:93:a4:a6:05:20:7a:49:2a:89:4d:c5:ab:
                    02:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:25:23:F5:57:72:8D:05:A1:77:FD:FA:E5:C3:98:E1:38:D3:E3:B0
            X509v3 Authority Key Identifier:
                keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35362e302f32342d3234203d3e20333939373436.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.158.56.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:af:74:9f:a1:45:76:67:0c:da:48:be:97:83:5b:57:b5:b2:
         e7:7e:48:ba:77:e1:06:88:1a:61:24:cf:d9:f1:a1:ff:42:15:
         1d:28:eb:19:5b:6b:19:ea:dd:2b:d9:9b:e5:8c:d1:a8:41:1f:
         fc:d6:2f:1e:6e:91:ad:b8:23:c5:f7:b2:58:03:c6:6f:e0:05:
         c1:8e:5f:8f:ca:59:9e:4f:20:a4:78:1d:fc:8d:f3:12:5f:49:
         4e:29:13:53:df:e9:e1:31:17:52:2a:5e:f0:78:2f:51:ed:f1:
         f2:d8:cf:d3:4c:76:da:77:d8:f1:df:62:7f:ff:cf:39:83:0d:
         18:55:97:cd:b6:fe:96:ec:e5:6c:00:75:32:7a:20:b4:82:96:
         3e:7e:d4:5f:cb:35:4d:96:4e:96:53:f3:56:e1:0f:1d:e5:ce:
         c2:e4:87:4c:db:a2:bb:6d:4f:bd:59:ec:47:f2:23:dd:af:cc:
         a6:3e:b0:23:7d:9d:f8:e2:e2:c2:9d:06:08:74:18:24:64:ae:
         73:5d:d3:0f:12:1d:63:fb:75:e6:be:e5:10:6c:49:7d:74:31:
         95:49:01:db:11:3f:89:c0:21:f1:c5:c6:4e:88:c7:b6:3f:4e:
         07:be:23:b4:04:f2:db:b3:82:fa:5c:4b:9d:53:75:47:27:07:
         85:3e:10:13
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUceeXOrk+p/cRcw2QNEJVUPgUyNEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzAzMjIxODA4MDlaFw0yNDAzMjAxODEzMDlaMDMxMTAvBgNV
BAMTKDM3MjUyM0Y1NTc3MjhEMDVBMTc3RkRGQUU1QzM5OEUxMzhEM0UzQjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAeV/Rake8kSX1ecZ5y+VjxGEx
Be0FKVpvi0fF7DEqTXX2EHkUxpwpaBcXLgNhpoduo5C0F7vSkkkTUEgGXCZlT9bw
boI0qxl8Z803E8ANe+WoOzw+viNJnpHv3ZixlnrzvvUMVbslTXLT8tosxw3QSYBw
2GfZpVOjHaXKns0d3QfYTxQL1lvDYjqZGm4JRs1BY1YDyIqbViuJvZrS59932E/f
t/LVtpBh7Gn8EV7sq1BY9180QeVoicX/dWJUDfF0UJnYUPFvZkT4YMLYi5o1t+35
+qNUBEO31LXW1SYFErUIl0DCRQrIO3mhvUqEiNZx8ZOkpgUgekkqiU3FqwItAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUNyUj9VdyjQWhd/365cOY4TjT47AwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzNTM4MmUzNTM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzOTM5MzczNDM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LZ44MA0GCSqGSIb3DQEBCwUAA4IBAQBEr3SfoUV2ZwzaSL6Xg1tXtbLnfki6d+EG
iBphJM/Z8aH/QhUdKOsZW2sZ6t0r2ZvljNGoQR/81i8ebpGtuCPF97JYA8Zv4AXB
jl+PylmeTyCkeB38jfMSX0lOKRNT3+nhMRdSKl7weC9R7fHy2M/TTHbad9jx32J/
/885gw0YVZfNtv6W7OVsAHUyeiC0gpY+ftRfyzVNlk6WU/NW4Q8d5c7C5IdM26K7
bU+9WexH8iPdr8ymPrAjfZ344uLCnQYIdBgkZK5zXdMPEh1j+3XmvuUQbEl9dDGV
SQHbET+JwCHxxcZOiMe2P04HviO0BPLbs4L6XEudU3VHJweFPhAT
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:17 2024 by rpki-client on console-fra.rpki-client.org