Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233302e3133362e302f32342d3234203d3e20323132323938.roa
File:                     3138352e3233302e3133362e302f32342d3234203d3e20323132323938.roa (raw, json)
Hash identifier:          2mFVlPoP68a66LvQ1/FK6iv8PXT+/Hb/Z7CpQRSCFMs=
Subject key identifier:   86:D6:C7:42:4F:3D:16:76:A7:40:0B:52:32:2A:ED:6C:6A:35:BE:E9
Certificate issuer:       /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial:       6507D4391DC0256D71B1AADF5ED0665230F08C14
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233302e3133362e302f32342d3234203d3e20323132323938.roa
Signing time:             Mon 27 Mar 2023 08:28:17 +0000
ROA not before:           Mon 27 Mar 2023 08:23:17 +0000
ROA not after:            Mon 25 Mar 2024 08:28:17 +0000
asID:                     212298
IP address blocks:        185.230.136.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:07:d4:39:1d:c0:25:6d:71:b1:aa:df:5e:d0:66:52:30:f0:8c:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
        Validity
            Not Before: Mar 27 08:23:17 2023 GMT
            Not After : Mar 25 08:28:17 2024 GMT
        Subject: CN=86D6C7424F3D1676A7400B52322AED6C6A35BEE9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:d7:e5:3c:60:09:c5:d8:48:44:44:7b:fa:ea:
                    5f:99:9c:68:b7:43:01:47:0b:f0:89:36:92:1c:08:
                    3f:d7:d3:be:da:6b:f8:42:d6:fd:5c:35:0e:96:35:
                    41:42:7e:5b:d8:a3:d1:d0:95:e5:ef:b0:57:fc:1a:
                    a4:2f:79:a3:d0:06:30:78:3c:50:7c:25:8c:49:87:
                    5e:8d:c3:bd:fe:07:c8:63:50:c4:f2:0f:41:ad:5d:
                    81:a9:30:b3:3f:89:08:2d:c7:2b:54:fd:5d:02:4f:
                    10:21:82:f8:a1:42:67:b6:6c:2b:17:de:0d:54:fd:
                    1c:b7:61:c0:92:c3:c4:90:4c:55:63:e0:e0:be:2a:
                    45:28:3c:b8:1b:ad:c8:3f:eb:bf:81:79:87:ec:cc:
                    fd:11:6c:98:94:75:1c:a8:92:d6:10:ba:5e:4b:9b:
                    0d:9f:e0:d8:0b:68:4e:b1:1c:16:e5:6f:57:20:34:
                    a3:40:76:ed:ca:57:f4:09:d8:df:98:97:8d:4e:c5:
                    a3:8f:a9:3e:06:5f:14:96:d9:d1:21:a7:c9:e9:a8:
                    bc:95:45:f9:04:5a:49:3e:92:94:9a:13:ad:0c:ef:
                    bd:13:ad:8f:25:08:af:27:01:28:bd:97:fd:bf:3c:
                    23:03:b2:b0:71:3f:9a:2e:1c:ef:d8:0a:e3:68:4f:
                    97:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:D6:C7:42:4F:3D:16:76:A7:40:0B:52:32:2A:ED:6C:6A:35:BE:E9
            X509v3 Authority Key Identifier:
                keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233302e3133362e302f32342d3234203d3e20323132323938.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.230.136.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:95:1f:b3:4c:c1:fb:ee:fd:dd:b4:c0:2c:8b:3d:ee:2a:0a:
         5d:37:bc:18:c5:66:f1:83:68:c8:01:b9:f9:35:88:5e:97:b4:
         d1:13:d8:0e:f5:02:c4:05:d6:85:2a:9e:81:6a:2e:98:86:83:
         1b:ae:de:7a:84:93:15:80:a5:c3:03:1d:d3:b4:51:18:59:32:
         af:50:f1:d3:41:57:29:9c:bc:46:8d:76:8b:4f:74:b4:59:58:
         f9:2c:48:a7:a2:50:bf:cd:7d:87:59:08:53:b5:7e:ad:30:94:
         0d:0c:fe:cc:db:9f:4a:70:bc:23:47:5a:a6:60:8a:c8:92:75:
         de:34:e7:b1:2d:65:ff:4b:f9:b8:4b:f7:33:c8:38:36:ca:a6:
         bc:18:c5:1e:e8:c8:d1:90:41:aa:75:7c:b0:59:30:f7:8f:13:
         61:8a:cf:11:dd:26:fc:bc:26:bc:ee:02:62:86:c1:a9:42:a2:
         e5:eb:a9:90:05:c8:78:1c:fc:c3:9c:41:36:26:ac:c3:4b:47:
         6c:fd:5f:08:6e:83:c3:62:0e:2e:64:54:b9:5e:70:0b:f0:79:
         bd:1f:cf:f4:0c:c0:53:ed:a1:c2:44:a0:79:95:dc:50:59:a5:
         26:36:01:88:0d:af:3e:7d:98:63:da:98:52:d6:6d:3b:47:02:
         3d:94:bd:83
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUZQfUOR3AJW1xsarfXtBmUjDwjBQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzAzMjcwODIzMTdaFw0yNDAzMjUwODI4MTdaMDMxMTAvBgNV
BAMTKDg2RDZDNzQyNEYzRDE2NzZBNzQwMEI1MjMyMkFFRDZDNkEzNUJFRTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM1+U8YAnF2EhERHv66l+ZnGi3
QwFHC/CJNpIcCD/X077aa/hC1v1cNQ6WNUFCflvYo9HQleXvsFf8GqQveaPQBjB4
PFB8JYxJh16Nw73+B8hjUMTyD0GtXYGpMLM/iQgtxytU/V0CTxAhgvihQme2bCsX
3g1U/Ry3YcCSw8SQTFVj4OC+KkUoPLgbrcg/67+BeYfszP0RbJiUdRyoktYQul5L
mw2f4NgLaE6xHBblb1cgNKNAdu3KV/QJ2N+Yl41OxaOPqT4GXxSW2dEhp8npqLyV
RfkEWkk+kpSaE60M770TrY8lCK8nASi9l/2/PCMDsrBxP5ouHO/YCuNoT5cHAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUhtbHQk89FnanQAtSMirtbGo1vukwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzAyZTMx
MzMzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMyMzkzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnmiDANBgkqhkiG9w0BAQsFAAOCAQEAG5Ufs0zB++793bTALIs97ioKXTe8
GMVm8YNoyAG5+TWIXpe00RPYDvUCxAXWhSqegWoumIaDG67eeoSTFYClwwMd07RR
GFkyr1Dx00FXKZy8Ro12i090tFlY+SxIp6JQv819h1kIU7V+rTCUDQz+zNufSnC8
I0dapmCKyJJ13jTnsS1l/0v5uEv3M8g4NsqmvBjFHujI0ZBBqnV8sFkw948TYYrP
Ed0m/LwmvO4CYobBqUKi5eupkAXIeBz8w5xBNiasw0tHbP1fCG6Dw2IOLmRUuV5w
C/B5vR/P9AzAU+2hwkSgeZXcUFmlJjYBiA2vPn2YY9qYUtZtO0cCPZS9gw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-fra.rpki-client.org