Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3133302e36332e302f32342d3234203d3e203433323630.roa
File:                     3138352e3133302e36332e302f32342d3234203d3e203433323630.roa (raw, json)
Hash identifier:          FYMl6ZixhqztMvppkNtJXys3AyjuivogFPIrVIyg/kg=
Subject key identifier:   E2:77:E8:98:37:D3:81:A5:A7:FF:DF:34:89:EE:B1:E5:69:3D:AA:50
Certificate issuer:       /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial:       14BF6FB19A0C354113D2520279FA5E67E4C80CE0
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3133302e36332e302f32342d3234203d3e203433323630.roa
Signing time:             Wed 19 Apr 2023 13:29:18 +0000
ROA not before:           Wed 19 Apr 2023 13:24:18 +0000
ROA not after:            Wed 17 Apr 2024 13:29:18 +0000
asID:                     43260
IP address blocks:        185.130.63.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:bf:6f:b1:9a:0c:35:41:13:d2:52:02:79:fa:5e:67:e4:c8:0c:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
        Validity
            Not Before: Apr 19 13:24:18 2023 GMT
            Not After : Apr 17 13:29:18 2024 GMT
        Subject: CN=E277E89837D381A5A7FFDF3489EEB1E5693DAA50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:25:c5:9f:e4:e7:3c:9f:93:c8:bc:d1:36:cc:
                    63:92:9b:91:65:64:82:ec:f3:19:9d:21:f3:10:73:
                    fb:1d:06:79:e2:24:35:4d:eb:7e:5f:c7:78:bd:10:
                    50:43:52:97:9e:c0:54:e1:b3:82:b3:af:54:1e:16:
                    52:f1:04:a8:0e:68:aa:60:cf:13:f4:ae:f2:02:6b:
                    9f:ac:80:80:0b:63:54:5a:76:a2:cd:f5:83:54:16:
                    c1:e6:cd:19:6a:69:60:ca:a1:64:1e:3b:99:ff:3c:
                    ff:64:50:9b:5c:0a:7e:0b:1c:f9:43:b5:6b:2b:59:
                    39:f5:ff:28:9a:1d:1d:c9:40:c4:ba:1f:f9:be:ea:
                    ca:18:86:90:ad:b1:a5:23:3c:da:af:f8:b0:5f:91:
                    39:bf:9f:10:7a:65:ad:41:82:93:33:54:94:ed:e1:
                    98:82:f2:cd:dd:cf:15:2f:04:85:f7:49:b7:22:4a:
                    1f:9a:6b:2e:42:1b:af:8f:12:6d:14:4d:da:75:92:
                    66:e2:2d:4c:bf:3f:6b:0d:2a:a5:94:6f:e1:d4:51:
                    3e:14:18:04:6d:ea:9e:32:01:4b:e5:2e:e5:b6:9c:
                    e2:8c:9f:40:e7:9b:09:29:7b:1d:e9:39:d5:5e:d3:
                    9c:18:d4:cc:5d:23:c8:55:76:7b:75:0c:42:10:8a:
                    c9:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:77:E8:98:37:D3:81:A5:A7:FF:DF:34:89:EE:B1:E5:69:3D:AA:50
            X509v3 Authority Key Identifier:
                keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3133302e36332e302f32342d3234203d3e203433323630.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.130.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         06:70:75:1d:b6:c5:42:7b:20:1c:8a:70:33:3e:2e:39:54:9e:
         8c:64:b7:75:96:42:f2:35:e2:90:db:b8:99:a8:05:86:36:3a:
         fa:ae:6c:42:95:e1:89:51:72:d9:6b:40:fd:24:e9:c7:38:87:
         4e:00:db:32:0c:c9:69:ba:92:09:36:91:5d:9c:78:b9:d1:85:
         95:e0:0f:69:a8:06:3a:47:f4:78:dc:1f:c7:14:ef:61:63:55:
         c1:ec:2c:41:1d:96:3d:39:16:ec:62:aa:1f:88:4c:f7:b8:7f:
         8e:39:5b:44:17:70:4c:94:b7:01:8f:60:c4:40:db:71:79:68:
         df:7f:e9:9d:23:8c:2f:bb:d7:ce:82:9e:84:15:1e:05:38:43:
         ee:92:da:92:ee:95:65:e4:13:04:ff:10:c3:56:af:f9:46:95:
         e1:0c:71:17:38:85:82:58:33:dc:d9:67:c0:86:bf:09:1f:59:
         88:71:31:6f:27:53:59:57:42:53:9d:20:f6:50:a0:f9:03:a4:
         4d:e5:9c:d7:95:d6:6d:b4:31:93:1f:b7:ea:67:c1:f6:c1:33:
         b0:c5:55:26:91:f0:65:db:c0:81:e4:01:60:ff:d5:a7:cb:ab:
         29:0d:b3:9a:a7:32:15:4c:26:ae:68:0e:7c:a1:ea:2b:93:dc:
         79:76:19:20
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUFL9vsZoMNUET0lICefpeZ+TIDOAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yMzA0MTkxMzI0MThaFw0yNDA0MTcxMzI5MThaMDMxMTAvBgNV
BAMTKEUyNzdFODk4MzdEMzgxQTVBN0ZGREYzNDg5RUVCMUU1NjkzREFBNTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDyJcWf5Oc8n5PIvNE2zGOSm5Fl
ZILs8xmdIfMQc/sdBnniJDVN635fx3i9EFBDUpeewFThs4Kzr1QeFlLxBKgOaKpg
zxP0rvICa5+sgIALY1RadqLN9YNUFsHmzRlqaWDKoWQeO5n/PP9kUJtcCn4LHPlD
tWsrWTn1/yiaHR3JQMS6H/m+6soYhpCtsaUjPNqv+LBfkTm/nxB6Za1BgpMzVJTt
4ZiC8s3dzxUvBIX3SbciSh+aay5CG6+PEm0UTdp1kmbiLUy/P2sNKqWUb+HUUT4U
GARt6p4yAUvlLuW2nOKMn0Dnmwkpex3pOdVe05wY1MxdI8hVdnt1DEIQisk5AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU4nfomDfTgaWn/980ie6x5Wk9qlAwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMTMzMzAyZTM2
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMzMzIzNjMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uYI/MA0GCSqGSIb3DQEBCwUAA4IBAQAGcHUdtsVCeyAcinAzPi45VJ6MZLd1lkLy
NeKQ27iZqAWGNjr6rmxCleGJUXLZa0D9JOnHOIdOANsyDMlpupIJNpFdnHi50YWV
4A9pqAY6R/R43B/HFO9hY1XB7CxBHZY9ORbsYqofiEz3uH+OOVtEF3BMlLcBj2DE
QNtxeWjff+mdI4wvu9fOgp6EFR4FOEPuktqS7pVl5BME/xDDVq/5RpXhDHEXOIWC
WDPc2WfAhr8JH1mIcTFvJ1NZV0JTnSD2UKD5A6RN5ZzXldZttDGTH7fqZ8H2wTOw
xVUmkfBl28CB5AFg/9Wny6spDbOapzIVTCauaA58oeork9x5dhkg
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:19 2024 by rpki-client on console-fra.rpki-client.org