Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/352e3138312e3137372e302f32342d3234203d3e20323030343832.roa
File:                     352e3138312e3137372e302f32342d3234203d3e20323030343832.roa (raw, json)
Hash identifier:          aeg0X/8u7r+EevV/OG+LNtunwfA2MpyXjoctzsuC/d0=
Subject key identifier:   99:F0:29:A3:E6:61:73:7E:48:5A:B5:35:20:6E:E7:F6:BA:B4:00:C6
Certificate issuer:       /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial:       2F7F3C3FC96D1099B3146C4CAD0B7373AEF5FB35
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/352e3138312e3137372e302f32342d3234203d3e20323030343832.roa
Signing time:             Tue 04 Apr 2023 17:31:29 +0000
ROA not before:           Tue 04 Apr 2023 17:26:29 +0000
ROA not after:            Tue 02 Apr 2024 17:31:29 +0000
asID:                     200482
IP address blocks:        5.181.177.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:7f:3c:3f:c9:6d:10:99:b3:14:6c:4c:ad:0b:73:73:ae:f5:fb:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
        Validity
            Not Before: Apr  4 17:26:29 2023 GMT
            Not After : Apr  2 17:31:29 2024 GMT
        Subject: CN=99F029A3E661737E485AB535206EE7F6BAB400C6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:f4:f8:ce:50:27:8f:57:8e:7b:71:67:ad:0d:
                    68:d3:87:f0:9f:e6:bf:f6:7d:5f:8c:07:2f:00:34:
                    1c:c3:b8:73:8a:94:0b:51:11:66:c3:a1:81:ce:8a:
                    12:f1:d4:f2:07:6d:c0:f2:55:c6:3d:0b:36:fb:f9:
                    af:8b:80:31:f3:1b:5b:b6:f1:a9:7a:58:ab:ec:82:
                    2d:9c:34:b4:cd:dc:e3:0f:6a:3e:58:7a:b5:e7:fb:
                    4b:6e:82:97:49:d6:b7:7b:56:a1:b1:e5:41:fb:50:
                    4b:d3:79:84:48:f6:b5:9e:33:55:2f:bf:1f:0d:4e:
                    ca:d2:a5:86:a0:30:70:84:78:82:f3:5a:4a:ea:56:
                    27:87:68:ba:77:b7:6c:e1:1a:5a:60:8c:72:96:83:
                    05:99:59:54:d7:25:13:31:0d:43:79:65:3e:4e:16:
                    5d:1d:fc:bf:51:14:89:0d:6b:b2:25:42:05:92:e7:
                    b8:75:e9:4d:09:75:26:07:27:c7:13:a2:f3:a7:cf:
                    1b:71:75:4d:ed:04:41:83:20:65:fb:a7:e4:e1:95:
                    42:84:f7:3e:af:20:3f:c2:c7:0f:ec:4d:89:ef:02:
                    ec:08:3a:93:7d:4d:23:f1:c5:76:2e:5f:e0:6a:d5:
                    e8:7b:a1:6d:6f:83:a3:71:bf:27:1f:72:78:cb:4a:
                    7b:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:F0:29:A3:E6:61:73:7E:48:5A:B5:35:20:6E:E7:F6:BA:B4:00:C6
            X509v3 Authority Key Identifier:
                keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/352e3138312e3137372e302f32342d3234203d3e20323030343832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.177.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:6f:19:85:bd:16:fd:cd:5d:40:3a:14:4b:b5:42:29:cd:ca:
         80:31:e6:0f:3e:fb:44:bb:fe:dc:be:02:5e:5a:5e:f2:b4:c3:
         9b:63:58:41:8a:16:46:6a:df:16:61:16:b5:2a:08:b4:96:98:
         51:6c:fc:ec:1c:e8:5e:ba:7b:61:d8:7c:c1:a5:e5:47:b5:75:
         09:0e:a1:f3:c3:52:ae:78:ba:47:c3:ff:75:99:1b:0e:c0:2c:
         ea:13:59:df:f6:ee:d4:23:7f:21:6b:e3:b0:fc:88:d5:45:8e:
         3f:48:2d:b3:21:10:39:9f:08:9a:2f:11:f4:14:8c:05:95:1b:
         aa:50:1a:86:62:cf:e8:f7:c5:86:36:cd:c4:33:b3:e8:21:24:
         61:2f:aa:a0:01:73:94:55:ba:8b:9d:ee:69:aa:8a:77:12:67:
         f6:4d:b9:db:e8:4c:8c:81:15:59:10:89:48:b4:35:61:d5:b1:
         56:f5:07:57:ba:5a:e0:05:8a:94:80:84:f4:cc:97:a4:7d:a0:
         89:07:b5:25:1e:48:6e:74:68:24:de:9c:f5:2e:fe:c0:6f:fe:
         c1:7e:fa:02:9d:eb:b2:ae:26:53:de:70:71:d8:a0:17:8f:69:
         b3:72:12:d6:04:11:3e:99:da:c8:cf:24:b5:ec:f8:04:d9:0f:
         2f:e3:0f:22
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUL388P8ltEJmzFGxMrQtzc671+zUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzA0MDQxNzI2MjlaFw0yNDA0MDIxNzMxMjlaMDMxMTAvBgNV
BAMTKDk5RjAyOUEzRTY2MTczN0U0ODVBQjUzNTIwNkVFN0Y2QkFCNDAwQzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/9PjOUCePV457cWetDWjTh/Cf
5r/2fV+MBy8ANBzDuHOKlAtREWbDoYHOihLx1PIHbcDyVcY9Czb7+a+LgDHzG1u2
8al6WKvsgi2cNLTN3OMPaj5YerXn+0tugpdJ1rd7VqGx5UH7UEvTeYRI9rWeM1Uv
vx8NTsrSpYagMHCEeILzWkrqVieHaLp3t2zhGlpgjHKWgwWZWVTXJRMxDUN5ZT5O
Fl0d/L9RFIkNa7IlQgWS57h16U0JdSYHJ8cTovOnzxtxdU3tBEGDIGX7p+ThlUKE
9z6vID/Cxw/sTYnvAuwIOpN9TSPxxXYuX+Bq1eh7oW1vg6NxvycfcnjLSntPAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUmfApo+Zhc35IWrU1IG7n9rq0AMYwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzUyZTMxMzgzMTJlMzEzNzM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMwMzQzODMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
BbWxMA0GCSqGSIb3DQEBCwUAA4IBAQCCbxmFvRb9zV1AOhRLtUIpzcqAMeYPPvtE
u/7cvgJeWl7ytMObY1hBihZGat8WYRa1Kgi0lphRbPzsHOheunth2HzBpeVHtXUJ
DqHzw1KueLpHw/91mRsOwCzqE1nf9u7UI38ha+Ow/IjVRY4/SC2zIRA5nwiaLxH0
FIwFlRuqUBqGYs/o98WGNs3EM7PoISRhL6qgAXOUVbqLne5pqop3Emf2Tbnb6EyM
gRVZEIlItDVh1bFW9QdXulrgBYqUgIT0zJekfaCJB7UlHkhudGgk3pz1Lv7Ab/7B
fvoCneuyriZT3nBx2KAXj2mzchLWBBE+mdrIzyS17PgE2Q8v4w8i
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:17 2024 by rpki-client on console-fra.rpki-client.org