Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e33352e31342e302f32332d3234203d3e203432333636.roa
File:                     3139342e33352e31342e302f32332d3234203d3e203432333636.roa (raw, json)
Hash identifier:          e4wirrb9zY4EHJB+d6XlkGHeyNAXEe9edeTYGmw7C2M=
Subject key identifier:   8E:2F:78:66:F3:A5:A3:D2:FF:BF:23:0B:5B:A1:DC:94:31:60:BE:49
Certificate issuer:       /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial:       6648A177D428E726D919E29910B5F60A248E9F48
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e33352e31342e302f32332d3234203d3e203432333636.roa
Signing time:             Mon 17 Apr 2023 11:22:14 +0000
ROA not before:           Mon 17 Apr 2023 11:17:14 +0000
ROA not after:            Mon 15 Apr 2024 11:22:14 +0000
asID:                     42366
IP address blocks:        194.35.14.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:48:a1:77:d4:28:e7:26:d9:19:e2:99:10:b5:f6:0a:24:8e:9f:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
        Validity
            Not Before: Apr 17 11:17:14 2023 GMT
            Not After : Apr 15 11:22:14 2024 GMT
        Subject: CN=8E2F7866F3A5A3D2FFBF230B5BA1DC943160BE49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:5e:ca:ea:36:83:0e:ff:64:a3:ac:91:1a:47:
                    d6:d0:90:e0:f0:a7:b5:77:42:ec:c3:55:ab:37:ce:
                    8d:89:4b:30:d9:9d:2c:d4:12:08:34:e1:02:1b:f1:
                    96:60:3d:c1:5b:63:c4:31:74:46:b9:48:d2:07:e1:
                    e0:d3:7b:2f:82:e1:f5:d9:f0:22:9f:25:d0:ad:bf:
                    2b:03:42:01:c7:25:22:da:af:df:f7:70:ee:4c:3b:
                    4b:56:e2:fb:90:9b:1e:d4:11:3b:99:6f:a8:28:23:
                    1f:d8:45:34:5d:2a:83:f0:28:cb:8e:38:8c:51:03:
                    49:ed:51:e1:d5:fa:23:fa:2f:d2:ad:fd:a7:09:2c:
                    10:2d:c2:73:4c:80:df:93:b8:ab:9e:2d:2f:e6:4d:
                    34:c8:90:36:d6:01:7c:7c:a6:51:fb:fd:bf:85:f7:
                    9f:0e:21:3b:9f:46:54:c5:8a:6a:44:77:5c:8f:22:
                    62:9e:7d:5d:92:9e:dc:1a:0e:2f:fe:29:94:ff:cc:
                    07:3e:e5:02:fd:64:f4:b2:7e:8c:45:9d:83:85:ab:
                    51:4c:56:6b:17:e8:e9:72:82:bb:b5:9b:99:8d:f6:
                    80:9a:f3:f4:0f:d4:05:b4:75:4a:b8:67:95:fb:c2:
                    a0:42:30:cc:b4:da:e3:27:b1:69:bc:16:c5:a2:18:
                    d5:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:2F:78:66:F3:A5:A3:D2:FF:BF:23:0B:5B:A1:DC:94:31:60:BE:49
            X509v3 Authority Key Identifier:
                keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e33352e31342e302f32332d3234203d3e203432333636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.35.14.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8b:0c:fd:0e:38:1d:56:7b:8d:af:30:00:42:fb:8a:e5:fe:51:
         1c:a5:83:56:9e:30:58:19:de:c1:34:db:8e:7b:5a:14:db:e5:
         12:ad:c8:15:28:84:e5:46:bf:9c:e2:7b:22:95:fb:48:9f:2f:
         ac:ac:eb:f7:28:aa:36:1e:18:da:ac:15:da:f5:f2:fe:96:25:
         7a:a4:9a:da:db:0a:82:d2:1d:20:ed:d0:05:57:91:8b:f3:9c:
         3a:3e:07:96:ff:93:0a:d4:8a:d9:ad:4b:00:5c:3d:32:e6:f6:
         95:c8:cc:0a:68:84:15:fe:d2:c0:49:e7:36:59:4f:a8:a5:97:
         02:67:42:8d:e4:b2:26:71:6b:b0:dd:6e:ff:10:73:64:94:60:
         21:66:2e:34:ba:53:79:e7:be:3f:04:b4:92:55:38:66:d5:49:
         22:a5:3c:f0:17:c3:fb:d4:96:ff:63:bb:ed:d3:90:92:81:f5:
         18:b9:f6:34:c6:46:e0:47:d6:ec:ef:85:39:e0:32:fa:b8:4b:
         a3:53:cd:03:cb:d0:06:b4:0f:bd:4e:93:a7:08:04:cc:ba:0f:
         3c:8b:e8:a4:16:0f:fa:72:8f:05:be:89:85:01:ed:94:89:11:
         7f:1c:4e:7e:71:ed:13:e4:b4:d6:a4:66:b9:c6:ac:75:98:05:
         92:b9:a9:35
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUZkihd9Qo5ybZGeKZELX2CiSOn0gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yMzA0MTcxMTE3MTRaFw0yNDA0MTUxMTIyMTRaMDMxMTAvBgNV
BAMTKDhFMkY3ODY2RjNBNUEzRDJGRkJGMjMwQjVCQTFEQzk0MzE2MEJFNDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJXsrqNoMO/2SjrJEaR9bQkODw
p7V3QuzDVas3zo2JSzDZnSzUEgg04QIb8ZZgPcFbY8QxdEa5SNIH4eDTey+C4fXZ
8CKfJdCtvysDQgHHJSLar9/3cO5MO0tW4vuQmx7UETuZb6goIx/YRTRdKoPwKMuO
OIxRA0ntUeHV+iP6L9Kt/acJLBAtwnNMgN+TuKueLS/mTTTIkDbWAXx8plH7/b+F
958OITufRlTFimpEd1yPImKefV2SntwaDi/+KZT/zAc+5QL9ZPSyfoxFnYOFq1FM
VmsX6Olygru1m5mN9oCa8/QP1AW0dUq4Z5X7wqBCMMy02uMnsWm8FsWiGNUDAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUji94ZvOlo9L/vyMLW6HclDFgvkkwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTM0MmUzMzM1MmUzMTM0
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzQzMjMzMzYzNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcIj
DjANBgkqhkiG9w0BAQsFAAOCAQEAiwz9DjgdVnuNrzAAQvuK5f5RHKWDVp4wWBne
wTTbjntaFNvlEq3IFSiE5Ua/nOJ7IpX7SJ8vrKzr9yiqNh4Y2qwV2vXy/pYleqSa
2tsKgtIdIO3QBVeRi/OcOj4Hlv+TCtSK2a1LAFw9Mub2lcjMCmiEFf7SwEnnNllP
qKWXAmdCjeSyJnFrsN1u/xBzZJRgIWYuNLpTeee+PwS0klU4ZtVJIqU88BfD+9SW
/2O77dOQkoH1GLn2NMZG4EfW7O+FOeAy+rhLo1PNA8vQBrQPvU6TpwgEzLoPPIvo
pBYP+nKPBb6JhQHtlIkRfxxOfnHtE+S01qRmucasdZgFkrmpNQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-fra.rpki-client.org