Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/34352e38312e35372e302f32342d3234203d3e20383334.roa
File:                     34352e38312e35372e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier:          KRgt8OCLUPfp1sUoTN0grfhk77Z+KB6CIAvRblUwArE=
Subject key identifier:   8B:48:92:9C:59:EC:75:04:75:B1:FE:7E:9B:C7:FB:9E:C0:08:52:A1
Certificate issuer:       /CN=5da3215abfa4621d57709f838a92801f2e90ddfe
Certificate serial:       074B77E2631822195C776BBF48380E5279C9C08F
Authority key identifier: 5D:A3:21:5A:BF:A4:62:1D:57:70:9F:83:8A:92:80:1F:2E:90:DD:FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XaMhWr-kYh1XcJ-DipKAHy6Q3f4.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/34352e38312e35372e302f32342d3234203d3e20383334.roa
Signing time:             Mon 10 Apr 2023 15:30:03 +0000
ROA not before:           Mon 10 Apr 2023 15:25:03 +0000
ROA not after:            Mon 08 Apr 2024 15:30:03 +0000
asID:                     834
IP address blocks:        45.81.57.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:4b:77:e2:63:18:22:19:5c:77:6b:bf:48:38:0e:52:79:c9:c0:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5da3215abfa4621d57709f838a92801f2e90ddfe
        Validity
            Not Before: Apr 10 15:25:03 2023 GMT
            Not After : Apr  8 15:30:03 2024 GMT
        Subject: CN=8B48929C59EC750475B1FE7E9BC7FB9EC00852A1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:b3:28:e3:7e:25:7d:3f:a3:79:71:65:99:ae:
                    d6:3c:5d:ad:b0:33:3f:6c:9f:27:ab:bb:ab:fe:36:
                    5a:f2:5b:d4:eb:80:d8:01:b2:9a:ce:b1:70:5a:a5:
                    5a:18:26:6f:df:f1:ee:ea:47:a6:b3:77:2f:bf:bd:
                    4e:a2:6e:03:d8:25:40:f6:35:46:79:e0:fd:94:c2:
                    e0:d5:c1:07:8d:bf:2f:2e:b3:54:f7:96:e0:17:2d:
                    60:8a:29:24:c1:0e:4d:a9:4c:53:22:f2:cd:70:bf:
                    19:eb:75:8c:16:24:c7:28:a9:c9:a4:d7:99:26:a5:
                    b5:2e:0f:22:49:de:6b:8b:55:30:7d:e1:41:e9:c6:
                    33:fb:32:a0:4a:4a:f8:79:04:f6:2c:69:45:20:22:
                    10:fc:df:66:9c:e7:24:85:9c:f4:d9:69:43:fd:60:
                    1a:b7:8b:3c:61:03:12:da:66:24:f7:88:2b:fe:9f:
                    53:66:91:63:8e:70:5c:48:d6:9b:5f:80:17:7a:a8:
                    46:9e:5b:82:96:49:91:d4:c8:e7:c1:c9:07:f9:bb:
                    b9:bd:50:dc:2e:9c:18:71:04:2d:23:42:07:7d:22:
                    f0:42:01:27:0c:97:e7:d9:ce:d5:dc:84:ad:a2:25:
                    7f:9a:0a:d8:39:de:40:80:a0:c0:6a:cf:cf:0e:b4:
                    b0:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:48:92:9C:59:EC:75:04:75:B1:FE:7E:9B:C7:FB:9E:C0:08:52:A1
            X509v3 Authority Key Identifier:
                keyid:5D:A3:21:5A:BF:A4:62:1D:57:70:9F:83:8A:92:80:1F:2E:90:DD:FE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaMhWr-kYh1XcJ-DipKAHy6Q3f4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/34352e38312e35372e302f32342d3234203d3e20383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.81.57.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:cb:8b:70:52:ec:8b:cb:9f:2d:20:cd:5d:36:38:4e:41:d5:
         6b:a8:ee:6f:cb:54:6c:76:5f:ce:1c:aa:06:de:38:de:8c:58:
         43:eb:6b:f5:88:cb:3f:87:63:e3:00:ed:cb:64:72:89:10:07:
         08:20:5b:24:14:8b:16:ce:45:ce:53:50:8d:2c:db:ea:39:ec:
         94:6f:6f:d6:77:21:48:57:3c:0e:18:23:3d:88:a9:d3:4d:e6:
         fd:1a:0f:d2:30:02:14:7d:a9:78:0f:90:30:c0:be:8b:08:a3:
         44:e9:be:d5:e7:ae:62:f3:1b:5b:46:cd:42:7c:7f:49:02:96:
         bb:44:68:be:bc:03:32:10:1d:c4:e1:f2:f2:01:e6:ee:46:dc:
         9e:b8:97:bd:1e:c2:b2:e5:e0:5c:e9:ff:df:39:f0:8c:29:6c:
         83:5c:89:4c:5e:c2:1e:8a:a2:60:d9:af:36:aa:6a:24:d8:7b:
         ba:33:98:f9:03:8d:6e:86:66:db:d2:ac:58:fe:48:62:bc:03:
         a6:2f:56:79:83:74:46:2c:6f:1a:37:8f:29:f2:8f:8e:a6:29:
         04:f7:93:f1:66:e9:b9:c0:49:57:dd:e1:03:da:e2:5a:2c:2d:
         59:b0:07:52:cc:e5:56:19:45:b6:a8:44:be:31:e6:5b:2e:29:
         e8:32:8c:91
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUB0t34mMYIhlcd2u/SDgOUnnJwI8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWRhMzIxNWFiZmE0NjIxZDU3NzA5ZjgzOGE5MjgwMWYy
ZTkwZGRmZTAeFw0yMzA0MTAxNTI1MDNaFw0yNDA0MDgxNTMwMDNaMDMxMTAvBgNV
BAMTKDhCNDg5MjlDNTlFQzc1MDQ3NUIxRkU3RTlCQzdGQjlFQzAwODUyQTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgsyjjfiV9P6N5cWWZrtY8Xa2w
Mz9snyeru6v+NlryW9TrgNgBsprOsXBapVoYJm/f8e7qR6azdy+/vU6ibgPYJUD2
NUZ54P2UwuDVwQeNvy8us1T3luAXLWCKKSTBDk2pTFMi8s1wvxnrdYwWJMcoqcmk
15kmpbUuDyJJ3muLVTB94UHpxjP7MqBKSvh5BPYsaUUgIhD832ac5ySFnPTZaUP9
YBq3izxhAxLaZiT3iCv+n1NmkWOOcFxI1ptfgBd6qEaeW4KWSZHUyOfByQf5u7m9
UNwunBhxBC0jQgd9IvBCAScMl+fZztXchK2iJX+aCtg53kCAoMBqz88OtLDLAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUi0iSnFnsdQR1sf5+m8f7nsAIUqEwHwYDVR0j
BBgwFoAUXaMhWr+kYh1XcJ+DipKAHy6Q3f4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmYyNDU2N2ItN2E3NC00YzFmLWFhODUtZGQyNGFmNzNj
Y2JiLzAvNURBMzIxNUFCRkE0NjIxRDU3NzA5RjgzOEE5MjgwMUYyRTkwRERGRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hhTWhXci1rWWgxWGNKLURpcEtBSHk2
UTNmNC5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmYyNDU2N2It
N2E3NC00YzFmLWFhODUtZGQyNGFmNzNjY2JiLzAvMzQzNTJlMzgzMTJlMzUzNzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1ROTANBgkq
hkiG9w0BAQsFAAOCAQEAdMuLcFLsi8ufLSDNXTY4TkHVa6jub8tUbHZfzhyqBt44
3oxYQ+tr9YjLP4dj4wDty2RyiRAHCCBbJBSLFs5FzlNQjSzb6jnslG9v1nchSFc8
DhgjPYip003m/RoP0jACFH2peA+QMMC+iwijROm+1eeuYvMbW0bNQnx/SQKWu0Ro
vrwDMhAdxOHy8gHm7kbcnriXvR7CsuXgXOn/3znwjClsg1yJTF7CHoqiYNmvNqpq
JNh7ujOY+QONboZm29KsWP5IYrwDpi9WeYN0RixvGjePKfKPjqYpBPeT8WbpucBJ
V93hA9riWiwtWbAHUszlVhlFtqhEvjHmWy4p6DKMkQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:18 2024 by rpki-client on console-fra.rpki-client.org