Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133392e302f32342d3234203d3e20383334.roa
File:                     34352e39312e3133392e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier:          izYdktMLpaMAeHWHWg1L3c8aV2p3Qdm2ldJpc8G+qF4=
Subject key identifier:   D0:F3:D4:84:3A:77:C7:35:74:4E:C6:70:C1:FF:1A:38:CC:BD:BF:94
Certificate issuer:       /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial:       102676A676027B2866003DD0A79CE4F8A65722E9
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133392e302f32342d3234203d3e20383334.roa
Signing time:             Wed 31 May 2023 11:00:04 +0000
ROA not before:           Wed 31 May 2023 10:55:04 +0000
ROA not after:            Wed 29 May 2024 11:00:04 +0000
asID:                     834
IP address blocks:        45.91.139.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:26:76:a6:76:02:7b:28:66:00:3d:d0:a7:9c:e4:f8:a6:57:22:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
        Validity
            Not Before: May 31 10:55:04 2023 GMT
            Not After : May 29 11:00:04 2024 GMT
        Subject: CN=D0F3D4843A77C735744EC670C1FF1A38CCBDBF94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:5d:aa:9e:9a:8e:a2:51:52:a3:1e:86:1b:35:
                    b7:c6:59:b5:64:7c:72:99:f3:70:7e:bb:8a:8c:45:
                    07:2f:f2:da:de:a0:df:e1:4d:73:f7:36:26:7f:ea:
                    c1:5a:4b:7c:50:47:ae:53:bc:cd:87:c0:2d:4b:1a:
                    60:41:0f:3f:f9:ac:71:d7:00:7f:42:c7:17:f9:84:
                    25:09:ac:fa:13:5b:72:cd:ce:83:e0:9c:13:b4:f7:
                    3b:78:5b:2a:2c:b0:c5:e8:02:2c:2f:f0:ba:71:83:
                    d0:4f:67:1d:7a:eb:97:54:f2:1f:99:4d:76:bd:67:
                    b6:cd:31:6a:3c:73:41:fa:37:4a:8a:11:58:c0:e6:
                    b7:43:45:d0:83:b1:ea:41:ca:f5:02:68:50:41:aa:
                    e0:34:6d:8c:6d:24:d2:d3:17:7a:5b:5a:29:20:44:
                    b5:c9:89:dc:1a:37:f0:92:e2:bb:bd:12:37:f5:88:
                    88:5b:4b:5a:c2:75:99:20:01:7e:45:e0:f5:76:10:
                    28:67:ea:75:f6:1a:19:80:44:16:a4:d8:ec:ad:8a:
                    db:4a:f1:19:84:f2:f8:8c:8a:32:f3:c6:13:e3:55:
                    55:8b:ef:cd:ac:8d:eb:f5:c2:5d:49:94:22:2b:6e:
                    11:e1:f6:50:55:22:bc:06:5f:f0:b5:5e:4d:6d:3e:
                    d1:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:F3:D4:84:3A:77:C7:35:74:4E:C6:70:C1:FF:1A:38:CC:BD:BF:94
            X509v3 Authority Key Identifier:
                keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133392e302f32342d3234203d3e20383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.91.139.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:fe:43:38:f9:a3:f4:e3:7a:0e:bc:85:45:f4:17:da:20:54:
         b1:36:02:df:4e:a9:db:5c:95:d0:55:21:a7:bb:74:1c:71:e9:
         b3:2b:30:95:b9:76:2c:52:82:64:73:35:cc:b2:27:94:8a:f3:
         5a:d8:49:ea:02:53:2a:1c:69:65:91:5c:fb:84:51:c4:58:c4:
         57:a4:48:b8:59:f3:40:22:34:4c:2e:15:fb:4f:9e:b2:6d:81:
         ce:15:80:09:f2:e8:83:a3:72:1b:20:51:0c:9a:05:ca:bc:50:
         57:82:6e:41:37:1b:bc:e4:4b:30:d8:51:99:b4:46:14:53:5d:
         3e:69:1b:40:3b:2f:6d:b7:f7:48:19:66:2f:fc:af:55:07:5f:
         27:27:d7:1d:bc:e7:f3:63:b8:4d:b5:7b:32:52:82:a3:16:04:
         bd:c3:04:e5:5c:cd:bb:b4:df:e8:45:90:c2:27:85:2e:86:dd:
         8c:63:f5:db:dd:53:1b:79:a3:ba:a7:b2:6f:21:3b:72:57:7d:
         bf:9c:3f:f5:07:c4:54:39:4e:1a:0f:4d:57:8d:f6:fb:51:5b:
         6f:46:cf:fb:af:21:4e:da:82:d1:d4:d1:a0:a0:c4:7e:7f:4e:
         30:10:45:2e:72:6d:6b:5a:3e:f9:61:2f:9a:4e:ee:52:62:e2:
         33:c5:8b:7a
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUECZ2pnYCeyhmAD3Qp5zk+KZXIukwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzA1MzExMDU1MDRaFw0yNDA1MjkxMTAwMDRaMDMxMTAvBgNV
BAMTKEQwRjNENDg0M0E3N0M3MzU3NDRFQzY3MEMxRkYxQTM4Q0NCREJGOTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnXaqemo6iUVKjHoYbNbfGWbVk
fHKZ83B+u4qMRQcv8treoN/hTXP3NiZ/6sFaS3xQR65TvM2HwC1LGmBBDz/5rHHX
AH9Cxxf5hCUJrPoTW3LNzoPgnBO09zt4WyossMXoAiwv8Lpxg9BPZx1665dU8h+Z
TXa9Z7bNMWo8c0H6N0qKEVjA5rdDRdCDsepByvUCaFBBquA0bYxtJNLTF3pbWikg
RLXJidwaN/CS4ru9Ejf1iIhbS1rCdZkgAX5F4PV2EChn6nX2GhmARBak2OytittK
8RmE8viMijLzxhPjVVWL782sjev1wl1JlCIrbhHh9lBVIrwGX/C1Xk1tPtHdAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQU0PPUhDp3xzV0TsZwwf8aOMy9v5QwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzkzMTJlMzEzMzM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVuLMA0G
CSqGSIb3DQEBCwUAA4IBAQAP/kM4+aP043oOvIVF9BfaIFSxNgLfTqnbXJXQVSGn
u3QccemzKzCVuXYsUoJkczXMsieUivNa2EnqAlMqHGllkVz7hFHEWMRXpEi4WfNA
IjRMLhX7T56ybYHOFYAJ8uiDo3IbIFEMmgXKvFBXgm5BNxu85Esw2FGZtEYUU10+
aRtAOy9tt/dIGWYv/K9VB18nJ9cdvOfzY7hNtXsyUoKjFgS9wwTlXM27tN/oRZDC
J4Uuht2MY/Xb3VMbeaO6p7JvITtyV32/nD/1B8RUOU4aD01Xjfb7UVtvRs/7ryFO
2oLR1NGgoMR+f04wEEUucm1rWj75YS+aTu5SYuIzxYt6
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:17 2024 by rpki-client on console-fra.rpki-client.org