Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3134302e3138372e302f32342d3234203d3e203332373830.roa
File:                     34352e3134302e3138372e302f32342d3234203d3e203332373830.roa (raw, json)
Hash identifier:          V19twhb5otQOIqDQRCawSvz/UF374aGFRJO0ObTow3Y=
Subject key identifier:   6F:98:7D:37:F9:4F:94:CE:29:A8:96:31:9A:90:4E:1B:BD:C1:3F:AE
Certificate issuer:       /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial:       090BA06E984E5D99BF094DC112F0D0D566710403
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3134302e3138372e302f32342d3234203d3e203332373830.roa
Signing time:             Mon 27 Mar 2023 08:28:11 +0000
ROA not before:           Mon 27 Mar 2023 08:23:11 +0000
ROA not after:            Mon 25 Mar 2024 08:28:11 +0000
asID:                     32780
IP address blocks:        45.140.187.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:0b:a0:6e:98:4e:5d:99:bf:09:4d:c1:12:f0:d0:d5:66:71:04:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
        Validity
            Not Before: Mar 27 08:23:11 2023 GMT
            Not After : Mar 25 08:28:11 2024 GMT
        Subject: CN=6F987D37F94F94CE29A896319A904E1BBDC13FAE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:c2:f5:67:f9:5d:a7:9d:eb:8b:4a:25:f2:ed:
                    b7:4e:ef:10:b7:72:e6:58:5c:65:b4:48:41:e3:67:
                    bd:67:50:64:3d:16:56:2a:24:5c:22:87:61:08:9a:
                    22:6b:ce:20:56:a2:50:ea:c5:83:6f:38:f9:1c:7c:
                    dd:1c:8f:e1:ec:be:ef:76:09:5c:cf:b4:a5:74:53:
                    db:e8:db:ce:8c:58:c0:98:2d:1a:2d:79:c7:46:83:
                    96:78:d8:8d:f9:b8:bb:f5:1a:55:6f:8b:19:87:d1:
                    c5:9c:6b:6b:e2:60:54:c7:0b:e1:dc:2e:22:4b:3b:
                    86:21:62:b3:b9:77:5e:37:04:bd:f7:d0:1f:a2:19:
                    ae:1c:d8:d2:b5:a5:5a:ee:1e:eb:e4:bc:e0:fd:c2:
                    84:58:9f:ad:f1:3d:6a:9f:6a:90:07:57:64:d4:e1:
                    54:e4:72:95:7c:d5:f6:c4:1a:ab:7c:9b:1b:5a:cb:
                    d5:a1:07:d2:ee:b3:0e:00:55:7a:97:47:8d:0c:ae:
                    00:60:4b:f5:bc:d5:6e:fe:04:30:bd:dd:b9:de:8d:
                    86:31:fd:94:90:f3:84:b6:0d:02:e3:1e:6d:2d:c3:
                    48:86:e9:c0:7a:79:4d:81:89:3c:70:b5:53:28:86:
                    0f:62:c2:a1:db:92:fe:da:7f:e1:c4:d2:47:9b:7e:
                    17:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:98:7D:37:F9:4F:94:CE:29:A8:96:31:9A:90:4E:1B:BD:C1:3F:AE
            X509v3 Authority Key Identifier:
                keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3134302e3138372e302f32342d3234203d3e203332373830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.140.187.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:f8:c0:fc:28:fc:da:3e:97:11:3c:da:d7:a4:1a:59:4f:9e:
         e3:5d:46:cd:c1:da:4f:48:28:8b:54:30:c7:d3:f4:b6:d2:6f:
         6b:0d:27:13:49:a0:bd:3a:09:72:c3:a1:88:ec:57:a2:d3:38:
         c8:33:60:e6:5c:40:59:a8:02:3e:4c:4d:28:e2:38:59:8d:95:
         38:69:68:e3:0c:7d:bf:99:11:0a:b6:45:4a:43:79:fd:21:a1:
         28:17:04:77:df:ba:7c:0e:b4:6d:6a:5e:75:87:f9:91:88:7a:
         15:65:9e:99:67:7e:d2:4c:ac:a1:bc:5b:26:f4:ac:23:e1:54:
         c0:62:73:b6:89:83:59:50:d4:8e:67:39:c5:28:ee:09:4a:cc:
         99:90:ca:c2:26:cf:d6:63:9f:b3:1c:9c:6a:7c:f0:60:57:58:
         df:d6:3e:7f:b2:cd:e4:da:be:ab:91:5d:ef:80:b2:55:06:df:
         e6:56:b8:2d:0f:7a:b8:74:98:02:a8:12:4e:57:1f:bd:53:fe:
         b4:0a:ae:4e:26:9b:ad:6a:63:b8:94:25:8d:37:d2:30:c4:f5:
         25:9b:cd:ef:f2:20:93:5a:0b:27:8e:0f:be:96:5d:63:8a:f6:
         b0:20:39:97:ad:a3:cb:82:2d:ff:f3:cb:fd:d6:18:89:08:63:
         b0:7b:e6:af
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUCQugbphOXZm/CU3BEvDQ1WZxBAMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yMzAzMjcwODIzMTFaFw0yNDAzMjUwODI4MTFaMDMxMTAvBgNV
BAMTKDZGOTg3RDM3Rjk0Rjk0Q0UyOUE4OTYzMTlBOTA0RTFCQkRDMTNGQUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxwvVn+V2nneuLSiXy7bdO7xC3
cuZYXGW0SEHjZ71nUGQ9FlYqJFwih2EImiJrziBWolDqxYNvOPkcfN0cj+Hsvu92
CVzPtKV0U9vo286MWMCYLRotecdGg5Z42I35uLv1GlVvixmH0cWca2viYFTHC+Hc
LiJLO4YhYrO5d143BL330B+iGa4c2NK1pVruHuvkvOD9woRYn63xPWqfapAHV2TU
4VTkcpV81fbEGqt8mxtay9WhB9Lusw4AVXqXR40MrgBgS/W81W7+BDC93bnejYYx
/ZSQ84S2DQLjHm0tw0iG6cB6eU2BiTxwtVMohg9iwqHbkv7af+HE0kebfhfNAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUb5h9N/lPlM4pqJYxmpBOG73BP64wHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzQzNTJlMzEzNDMwMmUzMTM4
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzMyMzczODMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LYy7MA0GCSqGSIb3DQEBCwUAA4IBAQBi+MD8KPzaPpcRPNrXpBpZT57jXUbNwdpP
SCiLVDDH0/S20m9rDScTSaC9Oglyw6GI7Fei0zjIM2DmXEBZqAI+TE0o4jhZjZU4
aWjjDH2/mREKtkVKQ3n9IaEoFwR337p8DrRtal51h/mRiHoVZZ6ZZ37STKyhvFsm
9Kwj4VTAYnO2iYNZUNSOZznFKO4JSsyZkMrCJs/WY5+zHJxqfPBgV1jf1j5/ss3k
2r6rkV3vgLJVBt/mVrgtD3q4dJgCqBJOVx+9U/60Cq5OJputamO4lCWNN9IwxPUl
m83v8iCTWgsnjg++ll1jivawIDmXraPLgi3/88v91hiJCGOwe+av
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-fra.rpki-client.org