Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230322e302f32342d3234203d3e2033333536.roa
File:                     3138352e3232392e3230322e302f32342d3234203d3e2033333536.roa (raw, json)
Hash identifier:          n02JveapbFNsi78gcHWZ5BaZcPQ3jGJWXUChpB+OrVU=
Subject key identifier:   1E:39:18:62:7C:A5:B6:BF:E4:3C:04:84:59:CF:B0:DC:D8:C7:47:DB
Certificate issuer:       /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial:       301018269E514FC4DBB250E9785C94FE488413BD
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230322e302f32342d3234203d3e2033333536.roa
Signing time:             Tue 03 Jan 2023 16:08:34 +0000
ROA not before:           Tue 03 Jan 2023 16:03:34 +0000
ROA not after:            Tue 02 Jan 2024 16:08:34 +0000
asID:                     3356
IP address blocks:        185.229.202.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:10:18:26:9e:51:4f:c4:db:b2:50:e9:78:5c:94:fe:48:84:13:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
        Validity
            Not Before: Jan  3 16:03:34 2023 GMT
            Not After : Jan  2 16:08:34 2024 GMT
        Subject: CN=1E3918627CA5B6BFE43C048459CFB0DCD8C747DB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:b5:db:99:fe:5b:4c:1c:6c:e4:0a:c8:dc:43:
                    3e:45:65:9a:37:65:a2:bb:f6:66:73:a6:5f:c5:7e:
                    fd:3c:05:62:93:03:d8:7c:6e:91:dc:bb:9e:55:80:
                    06:59:64:15:e6:93:64:b5:d7:c2:eb:69:58:e1:81:
                    31:c5:ca:86:9f:fb:a7:f1:8a:de:0f:12:18:09:96:
                    27:d5:03:b8:2a:71:b3:8b:85:70:e8:f3:e6:9d:d4:
                    34:f9:9d:44:14:5c:37:37:46:07:5f:eb:67:95:9d:
                    9e:26:10:06:af:b8:b7:4a:17:12:94:7b:7c:e4:b7:
                    b5:33:91:dd:53:b0:63:ac:99:dd:91:21:4f:6f:12:
                    98:06:76:31:2e:f4:4b:37:57:6a:fe:a7:72:87:85:
                    47:df:41:87:63:dc:02:7f:4a:4b:54:63:76:03:d6:
                    50:8b:8e:4e:a5:a1:8f:e1:8b:56:5e:ae:ef:ce:6b:
                    e3:9a:95:76:6c:82:cf:28:b6:97:9b:98:b0:a2:bc:
                    9f:2d:92:17:0c:1f:68:53:52:28:46:a3:60:10:bd:
                    1f:a2:7b:5f:80:5f:db:ba:27:a2:66:58:17:c2:b5:
                    b1:74:6a:7e:9b:ea:d2:a1:7e:36:d1:92:d5:37:96:
                    a8:85:d5:21:5b:b7:04:6b:88:72:71:80:bc:06:dc:
                    72:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:39:18:62:7C:A5:B6:BF:E4:3C:04:84:59:CF:B0:DC:D8:C7:47:DB
            X509v3 Authority Key Identifier:
                keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230322e302f32342d3234203d3e2033333536.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.229.202.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:33:b4:46:4e:cf:ba:89:19:11:5a:3f:39:4b:48:eb:74:bb:
         e6:13:a0:5b:77:f3:f6:b4:74:21:c8:80:ef:c8:05:f6:a1:eb:
         bb:2e:cf:00:6a:3f:7f:b5:a4:14:b6:06:f5:4f:8f:db:2b:86:
         7d:78:1f:4b:a5:21:03:f7:95:a8:3a:72:eb:a9:4b:0d:bb:03:
         63:2f:8d:b8:78:fe:fe:1c:fb:2c:88:96:c5:05:50:e4:f5:11:
         a0:e3:cc:d2:7d:ca:dc:b2:fb:e3:04:18:8e:60:4a:97:c1:95:
         d1:cc:7b:5f:ed:03:3e:ee:ad:48:31:c5:4a:1c:cb:24:11:2b:
         ee:62:32:f8:d7:72:ad:57:88:89:2b:9c:fe:6d:44:d9:f2:40:
         12:df:9a:6d:70:2b:df:9f:d1:45:eb:9f:ba:19:b2:a7:18:d0:
         79:63:29:1f:71:71:26:af:3a:6d:6f:1e:8c:79:5c:13:b8:cd:
         7a:e3:31:53:ff:7e:e4:20:1b:23:a6:dd:e1:dc:cd:14:eb:4f:
         ef:57:3c:c5:ac:94:5c:00:3d:c0:25:fd:15:8f:b6:73:96:b6:
         d3:61:1d:33:5c:cf:a3:23:a6:d4:5c:3d:77:6d:9a:46:fe:e4:
         4f:7a:0f:2b:1a:0b:e2:5d:28:d9:67:64:e9:0a:51:b0:df:06:
         67:fd:95:5c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUMBAYJp5RT8TbslDpeFyU/kiEE70wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yMzAxMDMxNjAzMzRaFw0yNDAxMDIxNjA4MzRaMDMxMTAvBgNV
BAMTKDFFMzkxODYyN0NBNUI2QkZFNDNDMDQ4NDU5Q0ZCMERDRDhDNzQ3REIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCztduZ/ltMHGzkCsjcQz5FZZo3
ZaK79mZzpl/Ffv08BWKTA9h8bpHcu55VgAZZZBXmk2S118LraVjhgTHFyoaf+6fx
it4PEhgJlifVA7gqcbOLhXDo8+ad1DT5nUQUXDc3Rgdf62eVnZ4mEAavuLdKFxKU
e3zkt7Uzkd1TsGOsmd2RIU9vEpgGdjEu9Es3V2r+p3KHhUffQYdj3AJ/SktUY3YD
1lCLjk6loY/hi1Zeru/Oa+OalXZsgs8otpebmLCivJ8tkhcMH2hTUihGo2AQvR+i
e1+AX9u6J6JmWBfCtbF0an6b6tKhfjbRktU3lqiF1SFbtwRriHJxgLwG3HLhAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUHjkYYnyltr/kPASEWc+w3NjHR9swHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjMyMzkyZTMy
MzAzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzMzNTM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ueXKMA0GCSqGSIb3DQEBCwUAA4IBAQALM7RGTs+6iRkRWj85S0jrdLvmE6Bbd/P2
tHQhyIDvyAX2oeu7Ls8Aaj9/taQUtgb1T4/bK4Z9eB9LpSED95WoOnLrqUsNuwNj
L424eP7+HPssiJbFBVDk9RGg48zSfcrcsvvjBBiOYEqXwZXRzHtf7QM+7q1IMcVK
HMskESvuYjL413KtV4iJK5z+bUTZ8kAS35ptcCvfn9FF65+6GbKnGNB5YykfcXEm
rzptbx6MeVwTuM164zFT/37kIBsjpt3h3M0U60/vVzzFrJRcAD3AJf0Vj7ZzlrbT
YR0zXM+jI6bUXD13bZpG/uRPeg8rGgviXSjZZ2TpClGw3wZn/ZVc
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:19 2024 by rpki-client on console-fra.rpki-client.org