Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e39302e302f32342d3234203d3e203432333636.roa
File:                     3135362e36372e39302e302f32342d3234203d3e203432333636.roa (raw, json)
Hash identifier:          OZVkPOuGSX/wO5eaf+VJzuFpIiUXKmPP2MCoUnHgS+Q=
Subject key identifier:   2F:D5:33:F8:98:70:74:6E:D4:CD:98:1C:2D:3E:23:EA:FA:4A:66:D4
Certificate issuer:       /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial:       4F1D7FDB3B5875DC93EAC57BE17F2EFA4CC4BB15
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e39302e302f32342d3234203d3e203432333636.roa
Signing time:             Tue 25 Apr 2023 17:58:20 +0000
ROA not before:           Tue 25 Apr 2023 17:53:20 +0000
ROA not after:            Tue 23 Apr 2024 17:58:20 +0000
asID:                     42366
IP address blocks:        156.67.90.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:1d:7f:db:3b:58:75:dc:93:ea:c5:7b:e1:7f:2e:fa:4c:c4:bb:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
        Validity
            Not Before: Apr 25 17:53:20 2023 GMT
            Not After : Apr 23 17:58:20 2024 GMT
        Subject: CN=2FD533F89870746ED4CD981C2D3E23EAFA4A66D4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:7f:e2:2f:4e:5f:d2:07:a7:74:c6:b4:db:7f:
                    8c:00:cd:1b:51:c7:21:bc:14:d5:30:0f:99:5c:7d:
                    b6:37:0c:b0:d1:9b:85:e0:5c:21:3b:a0:91:3d:70:
                    5a:48:4f:2a:2f:21:c4:d0:39:6a:f6:e7:ba:16:d2:
                    2e:cc:2d:52:ec:3a:a1:95:af:ee:49:be:a0:53:75:
                    87:41:75:9b:62:99:f8:fa:7d:1f:64:3d:39:89:c1:
                    b2:8a:73:6b:76:84:c8:08:44:e5:83:6c:5a:11:fa:
                    ac:fd:b5:46:a4:66:d7:2e:2e:f8:f7:23:c3:b3:82:
                    1b:e7:b9:55:65:00:ab:c4:b7:a0:fd:1f:14:fb:01:
                    5d:19:02:1b:56:e4:09:16:80:77:d7:be:26:5e:81:
                    44:ac:39:aa:af:15:40:d8:65:cf:ee:96:90:ad:96:
                    f3:42:42:3f:b5:41:cb:dd:b8:5d:e9:37:9d:53:f7:
                    78:06:67:c9:79:d1:a1:93:a1:75:6d:9d:a5:b1:2d:
                    64:e7:97:f3:df:01:70:99:4e:6e:e4:d1:79:cc:58:
                    98:3c:bf:b5:78:2d:b2:ae:25:8d:3f:ee:2f:66:a9:
                    69:8f:d5:98:5d:0d:6d:e3:da:2d:2c:87:10:a4:a5:
                    8d:bd:0c:17:c7:63:91:16:ac:67:9d:cc:ee:cb:a5:
                    ea:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:D5:33:F8:98:70:74:6E:D4:CD:98:1C:2D:3E:23:EA:FA:4A:66:D4
            X509v3 Authority Key Identifier:
                keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e39302e302f32342d3234203d3e203432333636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.67.90.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:51:2f:f2:bf:de:63:69:ef:a0:8a:3e:25:93:e7:39:71:79:
         1a:a3:a2:22:29:1f:7c:4d:95:6f:96:a1:1c:ce:c9:fb:82:40:
         27:99:d0:d9:05:53:86:35:d6:97:b5:bd:48:0a:1f:39:3d:0d:
         ac:18:04:39:c0:07:6e:c8:63:78:73:12:0e:db:88:37:ee:98:
         cb:18:ec:73:f0:91:97:0b:97:f3:b9:6d:aa:57:21:08:3d:20:
         3c:16:34:82:b7:b5:0f:dd:c1:dd:cf:f1:34:49:69:e0:dd:4a:
         a3:b3:63:d7:b1:fb:35:5f:9f:72:3f:a0:7b:31:37:5d:23:9d:
         81:ec:50:dc:fe:9c:ba:57:31:8a:60:cd:3c:28:43:f9:26:4d:
         94:cf:3a:1f:2b:6b:96:c3:f0:f9:43:69:ad:e7:c5:86:74:ab:
         b7:6f:f7:a2:d7:75:4f:a0:49:bb:15:e1:d0:c8:38:ab:3a:4c:
         86:ab:2f:e2:67:b7:a0:bb:d5:e2:1f:7a:e8:93:a8:73:76:3e:
         91:95:c9:42:f5:1f:ad:51:f5:41:67:c4:5c:54:22:73:e6:74:
         e0:3d:d6:b2:48:72:ee:4f:05:fc:4f:7f:8d:43:b6:0e:cb:bc:
         e6:90:91:36:5a:92:29:36:3b:1d:eb:6a:1c:13:be:ff:a7:40:
         f8:58:92:58
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUTx1/2ztYddyT6sV74X8u+kzEuxUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA0MjUxNzUzMjBaFw0yNDA0MjMxNzU4MjBaMDMxMTAvBgNV
BAMTKDJGRDUzM0Y4OTg3MDc0NkVENENEOTgxQzJEM0UyM0VBRkE0QTY2RDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8f+IvTl/SB6d0xrTbf4wAzRtR
xyG8FNUwD5lcfbY3DLDRm4XgXCE7oJE9cFpITyovIcTQOWr257oW0i7MLVLsOqGV
r+5JvqBTdYdBdZtimfj6fR9kPTmJwbKKc2t2hMgIROWDbFoR+qz9tUakZtcuLvj3
I8OzghvnuVVlAKvEt6D9HxT7AV0ZAhtW5AkWgHfXviZegUSsOaqvFUDYZc/ulpCt
lvNCQj+1QcvduF3pN51T93gGZ8l50aGToXVtnaWxLWTnl/PfAXCZTm7k0XnMWJg8
v7V4LbKuJY0/7i9mqWmP1ZhdDW3j2i0shxCkpY29DBfHY5EWrGedzO7LpeodAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUL9Uz+JhwdG7UzZgcLT4j6vpKZtQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzOTMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMjMzMzYzNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJxD
WjANBgkqhkiG9w0BAQsFAAOCAQEAHVEv8r/eY2nvoIo+JZPnOXF5GqOiIikffE2V
b5ahHM7J+4JAJ5nQ2QVThjXWl7W9SAofOT0NrBgEOcAHbshjeHMSDtuIN+6Yyxjs
c/CRlwuX87ltqlchCD0gPBY0gre1D93B3c/xNElp4N1Ko7Nj17H7NV+fcj+gezE3
XSOdgexQ3P6culcximDNPChD+SZNlM86HytrlsPw+UNprefFhnSrt2/3otd1T6BJ
uxXh0Mg4qzpMhqsv4me3oLvV4h966JOoc3Y+kZXJQvUfrVH1QWfEXFQic+Z04D3W
skhy7k8F/E9/jUO2Dsu85pCRNlqSKTY7HetqHBO+/6dA+FiSWA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-fra.rpki-client.org