Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230312e302f32342d3234203d3e20383334.roa
File:                     3138352e3232392e3230312e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier:          +mn0+mvMVvRX6EKcqNiBkwFRjht7XG7OU9A/9+FC540=
Subject key identifier:   99:C2:33:66:05:D8:A6:71:E6:36:C8:C0:1A:E0:78:E8:02:8C:E9:0D
Certificate issuer:       /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial:       3A5C6E7D3AC5FB0842B496A363DE274CA4CC3893
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230312e302f32342d3234203d3e20383334.roa
Signing time:             Wed 03 May 2023 10:00:04 +0000
ROA not before:           Wed 03 May 2023 09:55:04 +0000
ROA not after:            Wed 01 May 2024 10:00:04 +0000
asID:                     834
IP address blocks:        185.229.201.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:5c:6e:7d:3a:c5:fb:08:42:b4:96:a3:63:de:27:4c:a4:cc:38:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
        Validity
            Not Before: May  3 09:55:04 2023 GMT
            Not After : May  1 10:00:04 2024 GMT
        Subject: CN=99C2336605D8A671E636C8C01AE078E8028CE90D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:e6:a5:71:18:dd:14:b3:2b:8b:7b:dd:19:25:
                    af:01:52:57:43:34:2e:41:3e:f5:1c:6a:32:c8:a8:
                    f7:00:d6:42:3e:95:2f:74:8a:8d:c1:c8:9f:cd:ba:
                    59:ef:7e:1d:6f:01:27:77:58:16:47:1e:9f:ed:1a:
                    4a:9b:e1:7f:b5:09:95:4e:57:d1:53:12:d1:6e:e1:
                    51:98:a2:b5:f5:e5:a9:9d:99:04:ad:b5:f5:c2:cf:
                    74:16:bf:b3:5e:65:be:c5:bd:16:56:ff:15:96:a9:
                    c4:b8:04:bc:93:b7:a2:60:65:07:4d:62:4a:54:aa:
                    ae:a8:68:b2:2d:33:f0:90:76:2b:b5:63:84:83:d2:
                    f6:e2:81:ab:db:05:00:cc:46:05:41:88:01:fe:46:
                    44:6d:6c:1c:1a:56:24:7d:3f:d1:32:d9:d4:dc:02:
                    bc:ef:10:25:23:8c:65:ae:26:7c:60:44:c9:0f:81:
                    64:81:58:ff:ea:ab:74:c6:70:a4:85:34:1d:f5:06:
                    22:9f:37:42:06:76:f4:f1:dc:bb:e1:0f:5d:1f:ea:
                    f1:7c:47:14:8b:33:8a:ba:09:5f:68:b5:bb:db:76:
                    8f:95:73:49:55:24:d5:14:28:32:7d:f1:37:fc:d0:
                    74:cc:2a:7d:b5:44:55:c8:56:3e:0f:98:f1:0b:ac:
                    a4:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:C2:33:66:05:D8:A6:71:E6:36:C8:C0:1A:E0:78:E8:02:8C:E9:0D
            X509v3 Authority Key Identifier:
                keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230312e302f32342d3234203d3e20383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.229.201.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ab:20:4f:2a:d9:e7:3d:df:bc:9d:6b:37:f7:9f:a4:33:d3:ab:
         dc:0a:e4:63:10:fa:d5:a8:ed:ab:14:2e:7a:f8:01:af:bc:11:
         aa:d0:98:ac:3d:2b:cf:b4:f8:76:c2:3a:36:31:0c:d0:df:32:
         71:2a:29:60:bc:9c:7e:24:48:23:a6:4b:ae:d9:0e:fa:55:11:
         61:23:61:60:27:8b:34:75:7e:ee:08:c3:93:e2:24:c6:20:59:
         21:8c:21:63:d9:6b:42:71:f9:5c:3d:5b:7b:80:ca:24:52:b9:
         12:9e:fa:00:8f:c2:0b:4d:5d:04:93:39:28:da:e8:2c:e0:4c:
         00:8e:82:32:8b:9a:92:90:05:01:28:e6:9f:1a:9c:3a:d0:53:
         16:e6:bc:22:df:09:59:04:90:06:a1:8c:02:71:25:a8:3b:96:
         f9:cb:c4:72:0e:1d:e7:f3:73:47:d8:4c:76:3a:8e:02:f8:25:
         62:30:28:d2:af:aa:18:a0:3d:48:8b:a8:f4:5f:ab:7b:3c:5c:
         30:2a:00:2e:0a:b1:9e:83:f5:f5:b7:36:59:4a:65:2e:23:a6:
         a3:1f:f3:c9:e0:de:b6:34:98:fb:93:9d:2d:69:5a:c5:5f:21:
         0e:08:e1:e4:54:ca:49:27:30:5a:ed:48:36:62:82:48:7b:5a:
         ab:d0:08:b3
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUOlxufTrF+whCtJajY94nTKTMOJMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yMzA1MDMwOTU1MDRaFw0yNDA1MDExMDAwMDRaMDMxMTAvBgNV
BAMTKDk5QzIzMzY2MDVEOEE2NzFFNjM2QzhDMDFBRTA3OEU4MDI4Q0U5MEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv5qVxGN0UsyuLe90ZJa8BUldD
NC5BPvUcajLIqPcA1kI+lS90io3ByJ/Nulnvfh1vASd3WBZHHp/tGkqb4X+1CZVO
V9FTEtFu4VGYorX15amdmQSttfXCz3QWv7NeZb7FvRZW/xWWqcS4BLyTt6JgZQdN
YkpUqq6oaLItM/CQdiu1Y4SD0vbigavbBQDMRgVBiAH+RkRtbBwaViR9P9Ey2dTc
ArzvECUjjGWuJnxgRMkPgWSBWP/qq3TGcKSFNB31BiKfN0IGdvTx3LvhD10f6vF8
RxSLM4q6CV9otbvbdo+Vc0lVJNUUKDJ98Tf80HTMKn21RFXIVj4PmPELrKTHAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUmcIzZgXYpnHmNsjAGuB46AKM6Q0wHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjMyMzkyZTMy
MzAzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnl
yTANBgkqhkiG9w0BAQsFAAOCAQEAqyBPKtnnPd+8nWs395+kM9Or3ArkYxD61ajt
qxQuevgBr7wRqtCYrD0rz7T4dsI6NjEM0N8ycSopYLycfiRII6ZLrtkO+lURYSNh
YCeLNHV+7gjDk+IkxiBZIYwhY9lrQnH5XD1be4DKJFK5Ep76AI/CC01dBJM5KNro
LOBMAI6CMouakpAFASjmnxqcOtBTFua8It8JWQSQBqGMAnElqDuW+cvEcg4d5/Nz
R9hMdjqOAvglYjAo0q+qGKA9SIuo9F+rezxcMCoALgqxnoP19bc2WUplLiOmox/z
yeDetjSY+5OdLWlaxV8hDgjh5FTKSScwWu1INmKCSHtaq9AIsw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:19 2024 by rpki-client on console-fra.rpki-client.org