Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e34322e39382e302f32332d3234203d3e203432333636.roa
File:                     3139332e34322e39382e302f32332d3234203d3e203432333636.roa (raw, json)
Hash identifier:          F4EJaTPjHNyMCVHn20H6L2AFiArnIsWC3tYYlSFuDck=
Subject key identifier:   DD:03:F1:A7:08:C8:C7:FC:B5:49:66:39:96:B5:0F:50:A9:9D:FE:D3
Certificate issuer:       /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial:       7E99987C6F262D4FF24584F4B781D263058E401E
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e34322e39382e302f32332d3234203d3e203432333636.roa
Signing time:             Mon 17 Apr 2023 11:23:13 +0000
ROA not before:           Mon 17 Apr 2023 11:18:13 +0000
ROA not after:            Mon 15 Apr 2024 11:23:13 +0000
asID:                     42366
IP address blocks:        193.42.98.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:99:98:7c:6f:26:2d:4f:f2:45:84:f4:b7:81:d2:63:05:8e:40:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
        Validity
            Not Before: Apr 17 11:18:13 2023 GMT
            Not After : Apr 15 11:23:13 2024 GMT
        Subject: CN=DD03F1A708C8C7FCB549663996B50F50A99DFED3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:be:4d:d3:6d:a3:5c:66:1b:4d:e0:bc:f9:2b:
                    90:49:86:19:4c:ce:67:23:9e:57:b5:21:ff:74:68:
                    fc:9e:0f:70:75:3c:3b:09:30:6d:36:14:18:51:f4:
                    48:7f:7c:1f:aa:b8:4e:1a:b7:0d:6c:f7:d1:ca:ca:
                    78:e8:9f:bc:f3:91:55:23:58:00:79:07:38:3a:74:
                    c7:70:90:69:3d:4d:df:f4:a1:46:6f:47:46:75:f2:
                    53:fb:65:5b:09:0c:15:14:aa:ed:5c:30:e2:d9:9d:
                    a4:5d:0c:94:8d:56:4f:ef:5c:47:a0:1b:1f:4c:d2:
                    2d:75:4c:fe:f6:a5:c5:ac:58:15:88:5c:29:fa:c1:
                    89:d8:3f:18:4f:6c:c9:b2:76:42:c4:3f:2b:8c:be:
                    9a:94:6d:4e:80:e8:59:1f:b0:fd:9a:cd:0b:e6:c2:
                    92:05:58:1c:07:03:a9:87:b8:ba:dc:2c:de:bb:85:
                    ff:0b:ae:67:9a:2a:f2:79:38:6f:13:5d:ae:5b:d8:
                    76:38:ef:bc:35:c5:d7:1b:23:61:12:33:b8:89:44:
                    fb:f2:5a:e6:5a:5a:fc:7d:5e:2b:e0:6e:7d:74:fd:
                    59:f6:7f:6c:ac:a0:96:f8:29:93:5c:41:e6:fc:9b:
                    ce:36:c9:83:13:45:5e:36:35:85:6d:e6:2b:5a:cd:
                    8c:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:03:F1:A7:08:C8:C7:FC:B5:49:66:39:96:B5:0F:50:A9:9D:FE:D3
            X509v3 Authority Key Identifier:
                keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e34322e39382e302f32332d3234203d3e203432333636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.42.98.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0f:10:d8:b8:18:58:d6:67:98:5c:e1:fa:34:e9:20:a8:00:c4:
         2e:14:fb:49:3f:86:56:d0:be:15:c0:59:87:58:bd:c4:c0:35:
         6f:b5:c5:89:f0:0d:52:d0:57:38:e9:33:dd:c2:0e:4b:0b:6a:
         3c:69:67:c3:c6:d2:06:1e:5e:b7:e3:c9:ba:32:21:c0:2a:d8:
         30:fd:57:92:18:43:10:21:5a:7f:3c:2a:f1:85:8b:5c:34:5e:
         f2:1b:b5:05:0e:6e:9b:9e:e7:46:bc:fa:a0:43:37:9d:4f:47:
         9b:06:04:d8:15:3f:fb:60:e4:d3:1b:e6:8f:d9:98:b6:13:7e:
         04:4b:a4:8d:87:c4:9f:40:9c:7d:96:04:59:32:ba:06:e2:b8:
         a3:47:bd:48:51:c1:5c:6b:30:f9:aa:74:91:c9:92:b7:d4:d4:
         5e:3e:29:34:db:c4:82:de:42:21:a4:f6:c1:a7:89:e7:95:50:
         0b:65:50:08:4d:dd:04:93:78:09:ac:2e:06:bf:be:e6:d8:02:
         7c:33:4e:e6:ba:41:a5:8c:2d:a8:14:b1:88:fd:88:2b:85:ce:
         be:28:8b:1c:78:50:e8:ac:ee:5e:b8:99:18:01:67:d9:75:65:
         34:91:6d:6e:42:43:b2:12:de:2c:53:c5:04:1d:b3:e8:80:40:
         79:ed:e8:a3
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUfpmYfG8mLU/yRYT0t4HSYwWOQB4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yMzA0MTcxMTE4MTNaFw0yNDA0MTUxMTIzMTNaMDMxMTAvBgNV
BAMTKEREMDNGMUE3MDhDOEM3RkNCNTQ5NjYzOTk2QjUwRjUwQTk5REZFRDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0vk3TbaNcZhtN4Lz5K5BJhhlM
zmcjnle1If90aPyeD3B1PDsJMG02FBhR9Eh/fB+quE4atw1s99HKynjon7zzkVUj
WAB5Bzg6dMdwkGk9Td/0oUZvR0Z18lP7ZVsJDBUUqu1cMOLZnaRdDJSNVk/vXEeg
Gx9M0i11TP72pcWsWBWIXCn6wYnYPxhPbMmydkLEPyuMvpqUbU6A6FkfsP2azQvm
wpIFWBwHA6mHuLrcLN67hf8LrmeaKvJ5OG8TXa5b2HY477w1xdcbI2ESM7iJRPvy
WuZaWvx9Xivgbn10/Vn2f2ysoJb4KZNcQeb8m842yYMTRV42NYVt5itazYzNAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU3QPxpwjIx/y1SWY5lrUPUKmd/tMwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTMzMmUzNDMyMmUzOTM4
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzQzMjMzMzYzNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcEq
YjANBgkqhkiG9w0BAQsFAAOCAQEADxDYuBhY1meYXOH6NOkgqADELhT7ST+GVtC+
FcBZh1i9xMA1b7XFifANUtBXOOkz3cIOSwtqPGlnw8bSBh5et+PJujIhwCrYMP1X
khhDECFafzwq8YWLXDRe8hu1BQ5um57nRrz6oEM3nU9HmwYE2BU/+2Dk0xvmj9mY
thN+BEukjYfEn0CcfZYEWTK6BuK4o0e9SFHBXGsw+ap0kcmSt9TUXj4pNNvEgt5C
IaT2waeJ55VQC2VQCE3dBJN4CawuBr++5tgCfDNO5rpBpYwtqBSxiP2IK4XOviiL
HHhQ6KzuXriZGAFn2XVlNJFtbkJDshLeLFPFBB2z6IBAee3oow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-fra.rpki-client.org