Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e31302e3135372e302f32342d3234203d3e20323132323938.roa
File:                     34352e31302e3135372e302f32342d3234203d3e20323132323938.roa (raw, json)
Hash identifier:          oI1Ln8BD1+6C6fw+Y2FhDk6/j737POIlpFeU/G9TS6Y=
Subject key identifier:   83:84:42:AD:1E:AE:2D:01:F8:41:F0:82:00:00:00:AA:22:B6:45:16
Certificate issuer:       /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial:       728E05A7F3B0043B69A46B836C2EF57B0C7EF94F
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e31302e3135372e302f32342d3234203d3e20323132323938.roa
Signing time:             Mon 27 Mar 2023 08:28:16 +0000
ROA not before:           Mon 27 Mar 2023 08:23:16 +0000
ROA not after:            Mon 25 Mar 2024 08:28:16 +0000
asID:                     212298
IP address blocks:        45.10.157.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:8e:05:a7:f3:b0:04:3b:69:a4:6b:83:6c:2e:f5:7b:0c:7e:f9:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
        Validity
            Not Before: Mar 27 08:23:16 2023 GMT
            Not After : Mar 25 08:28:16 2024 GMT
        Subject: CN=838442AD1EAE2D01F841F082000000AA22B64516
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:31:55:49:d0:c2:ea:4d:f6:37:e0:c4:3a:76:
                    ad:b3:a1:78:62:c2:4d:90:d5:cc:f4:37:7e:35:2e:
                    ce:e9:71:a0:e9:2b:1d:fe:d0:a6:56:d8:d0:13:3d:
                    3b:4d:c4:10:e5:7d:76:df:35:1d:a0:28:9d:86:a9:
                    b4:a5:23:aa:ff:67:0a:6e:de:c4:a2:a6:9c:3a:81:
                    a3:c5:f9:c2:9d:4a:9e:3e:cd:3e:51:1e:36:5a:98:
                    e5:d2:c8:64:c3:e0:bb:13:30:a2:8f:17:86:8d:21:
                    76:c6:0a:23:52:d9:72:cb:e3:21:e7:30:53:db:6d:
                    c5:7e:10:f6:28:95:67:81:75:4e:28:6c:f0:80:ad:
                    8f:9a:05:86:06:b3:94:72:d3:5f:c0:ec:33:d0:d9:
                    e7:69:8a:3a:b4:27:53:a2:22:63:0c:e0:0c:a7:b5:
                    d8:f5:e5:63:e9:00:d3:a1:53:21:73:40:2d:da:fb:
                    ed:2f:91:06:a9:9a:95:14:da:e7:98:92:92:57:48:
                    c2:f4:f1:2d:33:dd:1e:cf:78:19:7c:1b:bc:23:c6:
                    16:7c:33:f2:9d:86:6c:23:f3:80:3b:92:81:2b:ae:
                    53:05:98:fd:1b:b9:df:ba:6b:35:22:2d:10:74:04:
                    5e:24:73:74:79:19:c1:88:49:2f:1e:78:5f:a8:48:
                    69:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:84:42:AD:1E:AE:2D:01:F8:41:F0:82:00:00:00:AA:22:B6:45:16
            X509v3 Authority Key Identifier:
                keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e31302e3135372e302f32342d3234203d3e20323132323938.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.10.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         36:77:22:5c:c9:f0:51:d2:0c:ce:31:1b:3a:c6:6a:c9:dc:07:
         b1:2f:be:79:a1:a2:47:f5:35:8d:0e:5f:0a:23:7f:9b:2e:5c:
         8e:74:72:a6:74:31:7d:e2:af:47:11:c3:99:ea:c2:56:c7:f5:
         dc:66:fd:7c:f4:6b:82:22:7d:e2:d2:af:c8:4f:b8:fa:eb:62:
         6b:47:d9:77:ab:e9:cf:2d:1d:e4:ca:27:ad:b8:20:fd:51:6f:
         2d:4e:1b:a7:c8:8e:7f:e2:9c:da:a8:45:c2:f4:0e:15:61:89:
         79:6a:46:f8:2e:ca:d6:7a:be:ae:37:1c:1a:43:92:8f:d7:29:
         0e:04:2e:47:bc:7c:9a:00:7b:1a:ab:bf:56:86:90:49:5b:b7:
         8f:7e:21:f9:b1:5c:14:c9:3e:ec:ed:d0:8d:df:3c:cf:68:f0:
         b2:ce:da:c4:4f:ca:c9:a5:57:4a:25:7f:c7:eb:f0:cb:f5:d6:
         be:45:43:28:39:3e:2e:4f:7d:8b:0d:f7:47:f1:59:ff:7d:7c:
         2d:eb:42:25:9d:d8:16:03:ee:a3:65:f7:7f:ba:3d:de:6d:0d:
         9b:b0:4f:db:2c:c3:73:23:a8:57:fe:a5:1e:43:a7:8b:cb:5f:
         20:6a:2a:f0:43:69:9b:9c:87:cb:bf:f0:64:5a:19:50:54:3a:
         bf:48:0b:47
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUco4Fp/OwBDtppGuDbC71ewx++U8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yMzAzMjcwODIzMTZaFw0yNDAzMjUwODI4MTZaMDMxMTAvBgNV
BAMTKDgzODQ0MkFEMUVBRTJEMDFGODQxRjA4MjAwMDAwMEFBMjJCNjQ1MTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNMVVJ0MLqTfY34MQ6dq2zoXhi
wk2Q1cz0N341Ls7pcaDpKx3+0KZW2NATPTtNxBDlfXbfNR2gKJ2GqbSlI6r/Zwpu
3sSippw6gaPF+cKdSp4+zT5RHjZamOXSyGTD4LsTMKKPF4aNIXbGCiNS2XLL4yHn
MFPbbcV+EPYolWeBdU4obPCArY+aBYYGs5Ry01/A7DPQ2edpijq0J1OiImMM4Ayn
tdj15WPpANOhUyFzQC3a++0vkQapmpUU2ueYkpJXSML08S0z3R7PeBl8G7wjxhZ8
M/Kdhmwj84A7koErrlMFmP0bud+6azUiLRB0BF4kc3R5GcGISS8eeF+oSGn1AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUg4RCrR6uLQH4QfCCAAAAqiK2RRYwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzQzNTJlMzEzMDJlMzEzNTM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzIzOTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LQqdMA0GCSqGSIb3DQEBCwUAA4IBAQA2dyJcyfBR0gzOMRs6xmrJ3AexL755oaJH
9TWNDl8KI3+bLlyOdHKmdDF94q9HEcOZ6sJWx/XcZv189GuCIn3i0q/IT7j662Jr
R9l3q+nPLR3kyietuCD9UW8tThunyI5/4pzaqEXC9A4VYYl5akb4LsrWer6uNxwa
Q5KP1ykOBC5HvHyaAHsaq79WhpBJW7ePfiH5sVwUyT7s7dCN3zzPaPCyztrET8rJ
pVdKJX/H6/DL9da+RUMoOT4uT32LDfdH8Vn/fXwt60IlndgWA+6jZfd/uj3ebQ2b
sE/bLMNzI6hX/qUeQ6eLy18gairwQ2mbnIfLv/BkWhlQVDq/SAtH
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:11 2024 by rpki-client on console-ams.rpki-client.org