Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/39322e3234322e3138382e302f32322d3234203d3e203432333636.roa
File:                     39322e3234322e3138382e302f32322d3234203d3e203432333636.roa (raw, json)
Hash identifier:          /spuCDPxq5TUI2pW8pHwY9Wjon+XRzL9EvrUSJfPyZw=
Subject key identifier:   68:98:E4:99:F6:3E:DF:57:64:8D:10:39:CD:5B:4B:80:45:DA:BE:8F
Certificate issuer:       /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial:       3CD165F214A3064419D9CA1FBE9CA2995B40BDBB
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/39322e3234322e3138382e302f32322d3234203d3e203432333636.roa
Signing time:             Mon 17 Apr 2023 11:23:01 +0000
ROA not before:           Mon 17 Apr 2023 11:18:01 +0000
ROA not after:            Mon 15 Apr 2024 11:23:01 +0000
asID:                     42366
IP address blocks:        92.242.188.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:d1:65:f2:14:a3:06:44:19:d9:ca:1f:be:9c:a2:99:5b:40:bd:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
        Validity
            Not Before: Apr 17 11:18:01 2023 GMT
            Not After : Apr 15 11:23:01 2024 GMT
        Subject: CN=6898E499F63EDF57648D1039CD5B4B8045DABE8F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:eb:be:97:11:06:2f:44:6c:a6:25:56:8c:5f:
                    82:c7:89:b7:63:bc:71:dd:5e:c9:cb:4b:6a:11:c4:
                    d8:88:b9:b4:e4:2e:04:1c:48:44:6a:55:87:a1:a2:
                    4c:a2:8b:5b:e0:30:b8:78:34:d1:cd:80:5d:3d:f4:
                    ed:c5:2e:bc:17:d7:63:42:00:2f:2b:38:ca:c8:93:
                    34:e8:12:01:82:76:5d:8b:15:dd:4e:db:0b:20:03:
                    10:36:f7:a7:1c:1d:3e:3b:96:a1:4b:99:98:7b:41:
                    51:c7:d4:30:7f:54:5f:a8:b2:9a:bb:17:d5:74:8a:
                    a2:ed:57:e0:98:16:31:9f:78:eb:ae:ac:49:70:78:
                    31:32:4b:48:10:4a:78:fc:87:0d:a9:07:fe:43:58:
                    6f:56:62:9d:29:b1:62:60:f7:d0:48:ea:1f:f4:4c:
                    1d:aa:5c:39:71:35:61:a1:12:18:3f:60:8d:b4:bf:
                    0a:a6:dd:84:65:22:5f:74:c9:a9:44:7f:3a:3e:04:
                    00:0f:c1:91:f4:a0:63:5f:d4:95:6c:8e:6b:90:8e:
                    1d:5c:13:2b:d7:70:be:32:6b:17:a5:0a:92:02:e2:
                    9f:be:7a:a7:63:e4:e4:7c:ce:16:04:8a:e5:8e:2c:
                    e1:40:f0:f7:22:29:5b:bd:82:cd:ae:de:16:52:fd:
                    a5:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:98:E4:99:F6:3E:DF:57:64:8D:10:39:CD:5B:4B:80:45:DA:BE:8F
            X509v3 Authority Key Identifier:
                keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/39322e3234322e3138382e302f32322d3234203d3e203432333636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.242.188.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3a:07:2a:d7:9c:fc:2e:3d:eb:69:64:0a:69:ca:6e:23:62:42:
         98:c2:5d:c5:ea:55:74:44:b8:cc:9e:11:d6:c7:f1:6f:00:d7:
         40:6b:c0:eb:81:88:e5:21:4e:44:a5:5f:f6:a1:bc:6d:c2:0a:
         f3:56:8f:30:2a:39:a7:bc:ce:97:29:0b:73:ae:5b:bc:13:e5:
         1b:77:63:87:11:88:9c:cf:bb:0b:03:0c:58:9b:a0:56:e5:78:
         4c:ea:b7:4c:0c:8e:0d:04:e3:a8:0d:cc:80:08:7b:78:65:25:
         29:21:01:e9:de:b2:48:3f:b2:a2:2e:31:28:4c:83:03:7a:8d:
         0f:fa:cc:54:8a:ed:8c:ed:01:55:23:ba:50:31:44:33:63:90:
         ba:e3:a3:b3:81:20:9c:5f:10:da:82:c5:b8:13:99:0a:b3:bc:
         e8:00:4c:1e:08:3f:fa:07:da:94:12:19:f7:ba:02:44:9e:e3:
         5e:f2:b9:23:a4:50:3c:28:56:71:dd:73:2b:a3:19:ef:89:be:
         6c:58:65:26:e1:c6:97:5d:28:85:70:98:66:15:63:41:df:11:
         0e:eb:75:ed:03:6e:ca:5d:ac:4f:a1:80:c8:53:e5:26:bc:8a:
         b6:de:6e:4c:8a:d6:4f:3e:1c:9c:83:36:45:7a:60:fa:38:d2:
         35:0c:58:84
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUPNFl8hSjBkQZ2cofvpyimVtAvbswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yMzA0MTcxMTE4MDFaFw0yNDA0MTUxMTIzMDFaMDMxMTAvBgNV
BAMTKDY4OThFNDk5RjYzRURGNTc2NDhEMTAzOUNENUI0QjgwNDVEQUJFOEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/676XEQYvRGymJVaMX4LHibdj
vHHdXsnLS2oRxNiIubTkLgQcSERqVYehokyii1vgMLh4NNHNgF099O3FLrwX12NC
AC8rOMrIkzToEgGCdl2LFd1O2wsgAxA296ccHT47lqFLmZh7QVHH1DB/VF+ospq7
F9V0iqLtV+CYFjGfeOuurElweDEyS0gQSnj8hw2pB/5DWG9WYp0psWJg99BI6h/0
TB2qXDlxNWGhEhg/YI20vwqm3YRlIl90yalEfzo+BAAPwZH0oGNf1JVsjmuQjh1c
EyvXcL4yaxelCpIC4p++eqdj5OR8zhYEiuWOLOFA8PciKVu9gs2u3hZS/aVzAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUaJjkmfY+31dkjRA5zVtLgEXavo8wHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzkzMjJlMzIzNDMyMmUzMTM4
MzgyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNDMyMzMzNjM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
XPK8MA0GCSqGSIb3DQEBCwUAA4IBAQA6ByrXnPwuPetpZAppym4jYkKYwl3F6lV0
RLjMnhHWx/FvANdAa8DrgYjlIU5EpV/2obxtwgrzVo8wKjmnvM6XKQtzrlu8E+Ub
d2OHEYicz7sLAwxYm6BW5XhM6rdMDI4NBOOoDcyACHt4ZSUpIQHp3rJIP7KiLjEo
TIMDeo0P+sxUiu2M7QFVI7pQMUQzY5C646OzgSCcXxDagsW4E5kKs7zoAEweCD/6
B9qUEhn3ugJEnuNe8rkjpFA8KFZx3XMroxnvib5sWGUm4caXXSiFcJhmFWNB3xEO
63XtA27KXaxPoYDIU+UmvIq23m5MitZPPhycgzZFemD6ONI1DFiE
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-fra.rpki-client.org