Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/37372e3234332e38362e302f32332d3234203d3e203432333636.roa
File:                     37372e3234332e38362e302f32332d3234203d3e203432333636.roa (raw, json)
Hash identifier:          d6fWopY7QbhQd/JZxWpyPzsYnXee93VnY9oY8zZtgkE=
Subject key identifier:   9C:09:BB:E2:85:E9:70:DF:7A:50:A7:68:FB:37:C6:62:89:46:89:33
Certificate issuer:       /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial:       67C074C25C986C4F5576A43D7A86CEAF722980CD
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/37372e3234332e38362e302f32332d3234203d3e203432333636.roa
Signing time:             Mon 17 Apr 2023 11:22:55 +0000
ROA not before:           Mon 17 Apr 2023 11:17:55 +0000
ROA not after:            Mon 15 Apr 2024 11:22:55 +0000
asID:                     42366
IP address blocks:        77.243.86.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:c0:74:c2:5c:98:6c:4f:55:76:a4:3d:7a:86:ce:af:72:29:80:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
        Validity
            Not Before: Apr 17 11:17:55 2023 GMT
            Not After : Apr 15 11:22:55 2024 GMT
        Subject: CN=9C09BBE285E970DF7A50A768FB37C66289468933
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:a4:b5:6b:50:53:2d:b9:63:b3:66:cb:4f:39:
                    0a:58:58:87:54:68:83:ca:63:f2:18:6a:9c:85:45:
                    3b:ef:8a:63:c3:da:1b:6c:d7:53:8b:21:e1:fe:4a:
                    20:27:05:43:84:86:6d:69:06:ab:3c:f7:b9:37:2f:
                    77:c4:90:41:23:3f:87:38:9d:32:30:a4:23:2c:1f:
                    94:ed:e6:67:31:1d:9f:56:de:59:37:03:1f:a4:15:
                    47:bd:cc:28:72:d1:9b:e2:95:d6:bc:2c:f8:f5:a0:
                    9b:ec:33:4f:c2:a7:f7:c8:67:17:35:2c:36:bb:b6:
                    a4:0a:2f:62:5f:27:f4:16:4a:f7:46:8a:87:8a:ea:
                    9c:2a:b9:da:20:35:01:f7:ee:f5:d4:d0:65:5b:c8:
                    6b:88:e1:fa:9d:92:d6:3e:68:43:d4:ee:c8:6e:51:
                    11:a1:30:52:76:c0:07:9a:7a:16:b6:82:8a:14:98:
                    4a:3b:58:ed:84:f3:d0:7a:9d:9c:19:9c:88:ba:8b:
                    c4:a0:b6:53:f2:1d:94:d0:3e:b7:a3:97:9e:85:08:
                    a7:3b:04:3e:27:0d:ba:d5:b6:35:ec:93:b0:1b:af:
                    da:4a:09:3f:f5:83:0f:95:7a:1f:86:18:4f:60:78:
                    a9:ec:07:21:77:07:4d:b8:b9:e9:c7:c1:cc:ec:64:
                    67:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:09:BB:E2:85:E9:70:DF:7A:50:A7:68:FB:37:C6:62:89:46:89:33
            X509v3 Authority Key Identifier:
                keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/37372e3234332e38362e302f32332d3234203d3e203432333636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.243.86.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7a:d5:9f:f8:02:88:04:18:2a:cd:e3:37:3e:c7:2c:8d:de:99:
         a0:81:13:d3:73:9b:d6:0e:ed:0c:ca:ca:44:22:ec:37:dc:f0:
         13:16:ad:92:76:8e:91:eb:69:31:9b:fb:e2:c7:52:e6:a0:d8:
         8a:0c:c4:01:dd:95:09:99:5a:cd:18:f1:28:01:c6:22:91:1f:
         da:aa:71:8f:6a:7d:8d:5f:8c:9b:cb:13:13:74:b1:7c:ba:67:
         ab:8b:b1:27:b5:47:28:86:4b:4d:bb:50:ff:06:5b:01:77:e8:
         ea:33:8f:f8:1f:ea:70:bf:7a:6d:29:6a:3a:cb:4a:b7:da:98:
         9e:5e:03:ec:b8:03:4f:b4:9e:82:ba:12:d1:82:cf:f6:17:f5:
         a2:75:6f:97:f2:c6:17:60:ec:03:c4:f1:cd:6f:b2:39:a3:76:
         a7:66:e5:9e:96:2d:e1:1b:e6:48:72:92:e5:3c:13:ce:72:39:
         9d:4c:78:dd:98:ce:f0:da:97:65:57:44:70:8a:77:6e:a6:7f:
         9c:12:a6:94:c8:3e:b7:a9:b2:3d:d9:58:f4:5c:b6:7a:b7:3e:
         07:fa:9a:77:8c:e4:95:4b:a3:59:67:3a:45:23:12:75:30:12:
         6b:a2:2f:ee:bd:d8:91:04:c7:02:18:6d:05:5c:ef:f9:d5:2b:
         54:54:1a:fb
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUZ8B0wlyYbE9VdqQ9eobOr3IpgM0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yMzA0MTcxMTE3NTVaFw0yNDA0MTUxMTIyNTVaMDMxMTAvBgNV
BAMTKDlDMDlCQkUyODVFOTcwREY3QTUwQTc2OEZCMzdDNjYyODk0Njg5MzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwpLVrUFMtuWOzZstPOQpYWIdU
aIPKY/IYapyFRTvvimPD2hts11OLIeH+SiAnBUOEhm1pBqs897k3L3fEkEEjP4c4
nTIwpCMsH5Tt5mcxHZ9W3lk3Ax+kFUe9zChy0Zvilda8LPj1oJvsM0/Cp/fIZxc1
LDa7tqQKL2JfJ/QWSvdGioeK6pwqudogNQH37vXU0GVbyGuI4fqdktY+aEPU7shu
URGhMFJ2wAeaeha2gooUmEo7WO2E89B6nZwZnIi6i8SgtlPyHZTQPrejl56FCKc7
BD4nDbrVtjXsk7Abr9pKCT/1gw+Veh+GGE9geKnsByF3B024uenHwczsZGf3AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUnAm74oXpcN96UKdo+zfGYolGiTMwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzczNzJlMzIzNDMzMmUzODM2
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzQzMjMzMzYzNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAU3z
VjANBgkqhkiG9w0BAQsFAAOCAQEAetWf+AKIBBgqzeM3Pscsjd6ZoIET03Ob1g7t
DMrKRCLsN9zwExatknaOketpMZv74sdS5qDYigzEAd2VCZlazRjxKAHGIpEf2qpx
j2p9jV+Mm8sTE3SxfLpnq4uxJ7VHKIZLTbtQ/wZbAXfo6jOP+B/qcL96bSlqOstK
t9qYnl4D7LgDT7SegroS0YLP9hf1onVvl/LGF2DsA8TxzW+yOaN2p2blnpYt4Rvm
SHKS5TwTznI5nUx43ZjO8NqXZVdEcIp3bqZ/nBKmlMg+t6myPdlY9Fy2erc+B/qa
d4zklUujWWc6RSMSdTASa6Iv7r3YkQTHAhhtBVzv+dUrVFQa+w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:11 2024 by rpki-client on console-ams.rpki-client.org