Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138332e38372e302f32342d3234203d3e2030.roa
File:                     3138352e3138332e38372e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier:          rVI/ZJZ8F1n/qoItRXCwqbAKicVQElbwbU9DB5XzyKM=
Subject key identifier:   D5:05:35:71:4A:B0:8A:3B:BB:01:64:DA:12:2F:66:E5:18:26:6E:2C
Certificate issuer:       /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial:       7288646B06DAC007448126D6FAC8BB0E967DDCC2
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138332e38372e302f32342d3234203d3e2030.roa
Signing time:             Mon 27 Mar 2023 08:28:28 +0000
ROA not before:           Mon 27 Mar 2023 08:23:28 +0000
ROA not after:            Mon 25 Mar 2024 08:28:28 +0000
asID:                     0
IP address blocks:        185.183.87.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:88:64:6b:06:da:c0:07:44:81:26:d6:fa:c8:bb:0e:96:7d:dc:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
        Validity
            Not Before: Mar 27 08:23:28 2023 GMT
            Not After : Mar 25 08:28:28 2024 GMT
        Subject: CN=D50535714AB08A3BBB0164DA122F66E518266E2C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:a4:c9:8b:e8:79:c4:51:80:14:49:10:84:67:
                    47:33:ae:32:d8:57:98:31:ea:87:33:38:89:d7:fb:
                    ee:8a:44:a1:56:0d:29:d7:08:51:3c:72:f1:ba:c5:
                    be:59:a1:bf:55:d3:c9:2c:84:0d:82:28:e6:dc:ed:
                    84:45:11:04:8b:bc:ac:50:7f:cb:e9:59:0d:96:22:
                    f6:e2:36:d8:06:2d:c3:7d:7e:be:df:bc:0d:60:f0:
                    55:bd:ba:9f:36:49:1a:50:a2:0f:f3:1f:a4:5b:bc:
                    81:4d:9d:20:a8:de:6d:0c:e8:23:7b:6f:6a:ee:b7:
                    b8:cc:ae:d1:7f:28:17:85:2d:94:54:71:15:bc:75:
                    8c:da:8a:95:a8:ed:82:f8:ed:08:e5:dd:d7:ff:0e:
                    70:5e:1a:e7:bb:04:8d:48:cd:26:bd:1a:d0:de:1c:
                    24:83:78:84:7f:bd:a6:23:7c:45:6f:0b:27:d5:77:
                    57:7c:11:96:bd:3e:f6:b1:ed:7a:b1:b2:fd:88:f4:
                    d9:0a:ca:0b:0a:0b:e4:42:46:a6:fc:74:bc:8a:4f:
                    61:c9:e0:b5:66:15:60:65:7f:e6:ed:1d:4b:4a:36:
                    09:1c:48:23:27:a9:67:0c:ef:f1:07:d2:e3:b5:72:
                    f1:3c:6d:ca:29:57:49:65:d2:76:7a:ff:37:1e:78:
                    3d:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:05:35:71:4A:B0:8A:3B:BB:01:64:DA:12:2F:66:E5:18:26:6E:2C
            X509v3 Authority Key Identifier:
                keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138332e38372e302f32342d3234203d3e2030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.183.87.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:e8:87:ad:7a:38:a2:4d:6b:92:6e:7f:a3:67:9a:d2:b9:a4:
         99:71:a8:66:56:52:49:68:f0:c9:6f:fa:78:9c:64:70:d9:97:
         21:3e:a2:c5:a4:59:4d:a6:0b:ac:4f:6b:4e:b2:a6:91:15:7b:
         8f:62:c1:ce:6f:e7:8e:7e:c6:f5:6a:0f:7c:ab:2b:2d:b8:a2:
         5c:e4:fa:3c:35:96:a5:92:dc:90:65:f2:02:78:95:39:31:32:
         2b:ff:c1:16:b5:89:40:d9:8e:91:c7:b7:1c:e5:9d:c9:4e:8e:
         4a:5c:86:b9:e2:85:7b:71:db:07:fe:f5:04:8c:8e:02:d1:3a:
         9e:54:ef:af:b1:84:98:86:eb:b7:e9:a7:e3:8d:8f:3f:f2:11:
         77:02:b9:78:86:b4:85:83:78:09:5e:9e:bb:67:d9:6d:bd:6c:
         d3:42:1a:7e:99:c8:ab:a0:b6:cc:c1:e3:14:a8:a1:6b:95:04:
         74:24:44:00:2e:ae:15:4a:42:84:00:2e:30:e4:5c:65:3b:f4:
         5f:9c:e5:eb:d8:a8:d3:3d:23:e3:d7:0d:8c:bb:62:bc:0b:7d:
         aa:50:bf:79:ca:46:26:5c:74:92:ba:08:21:6e:71:2d:70:cf:
         83:ef:6d:e3:62:e8:15:8f:78:29:cd:14:46:45:20:ab:6c:9e:
         c5:88:93:3d
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUcohkawbawAdEgSbW+si7DpZ93MIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzAzMjcwODIzMjhaFw0yNDAzMjUwODI4MjhaMDMxMTAvBgNV
BAMTKEQ1MDUzNTcxNEFCMDhBM0JCQjAxNjREQTEyMkY2NkU1MTgyNjZFMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCepMmL6HnEUYAUSRCEZ0czrjLY
V5gx6oczOInX++6KRKFWDSnXCFE8cvG6xb5Zob9V08kshA2CKObc7YRFEQSLvKxQ
f8vpWQ2WIvbiNtgGLcN9fr7fvA1g8FW9up82SRpQog/zH6RbvIFNnSCo3m0M6CN7
b2rut7jMrtF/KBeFLZRUcRW8dYzaipWo7YL47Qjl3df/DnBeGue7BI1IzSa9GtDe
HCSDeIR/vaYjfEVvCyfVd1d8EZa9Pvax7Xqxsv2I9NkKygsKC+RCRqb8dLyKT2HJ
4LVmFWBlf+btHUtKNgkcSCMnqWcM7/EH0uO1cvE8bcopV0ll0nZ6/zceeD0tAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQU1QU1cUqwiju7AWTaEi9m5RgmbiwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM4MzMyZTM4
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALm3VzANBgkq
hkiG9w0BAQsFAAOCAQEAR+iHrXo4ok1rkm5/o2ea0rmkmXGoZlZSSWjwyW/6eJxk
cNmXIT6ixaRZTaYLrE9rTrKmkRV7j2LBzm/njn7G9WoPfKsrLbiiXOT6PDWWpZLc
kGXyAniVOTEyK//BFrWJQNmOkce3HOWdyU6OSlyGueKFe3HbB/71BIyOAtE6nlTv
r7GEmIbrt+mn442PP/IRdwK5eIa0hYN4CV6eu2fZbb1s00IafpnIq6C2zMHjFKih
a5UEdCREAC6uFUpChAAuMORcZTv0X5zl69io0z0j49cNjLtivAt9qlC/ecpGJlx0
kroIIW5xLXDPg+9t42LoFY94Kc0URkUgq2yexYiTPQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-fra.rpki-client.org