Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233302e3133362e302f32342d3234203d3e2033333230.roa
File:                     3138352e3233302e3133362e302f32342d3234203d3e2033333230.roa (raw, json)
Hash identifier:          t8pATRnt7lgV5FXQb6ZgJnUawG5YDMy0pAG6nHuLIdI=
Subject key identifier:   B2:4E:25:45:1D:ED:5B:1C:E3:61:DF:BA:18:79:C1:78:B9:11:95:AE
Certificate issuer:       /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial:       37F5F909498C882B856EFBA4F6584992AB965B5A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233302e3133362e302f32342d3234203d3e2033333230.roa
Signing time:             Mon 27 Mar 2023 08:28:49 +0000
ROA not before:           Mon 27 Mar 2023 08:23:49 +0000
ROA not after:            Mon 25 Mar 2024 08:28:49 +0000
asID:                     3320
IP address blocks:        185.230.136.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:f5:f9:09:49:8c:88:2b:85:6e:fb:a4:f6:58:49:92:ab:96:5b:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
        Validity
            Not Before: Mar 27 08:23:49 2023 GMT
            Not After : Mar 25 08:28:49 2024 GMT
        Subject: CN=B24E25451DED5B1CE361DFBA1879C178B91195AE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:04:da:18:18:31:ea:6c:3c:ad:c0:3d:f3:f9:
                    ba:d3:d6:ac:55:9f:b4:42:41:ea:ac:60:ba:1c:e7:
                    25:97:fa:2a:2a:bb:51:b5:3c:f6:af:65:b3:31:25:
                    a6:af:d6:2d:de:57:7c:d4:32:fa:62:9c:cc:c8:9c:
                    b3:cb:48:b8:7e:cb:31:29:cd:c2:40:5e:78:91:02:
                    4d:69:ad:5b:99:7a:8b:df:ff:58:e8:9b:dd:63:7e:
                    1b:40:f0:54:da:54:b6:f9:fc:50:d7:ac:7e:63:eb:
                    23:7b:39:04:cc:be:8b:d4:4a:c4:93:31:29:c6:f2:
                    dc:3a:fc:58:16:c2:b5:0e:35:ea:52:03:90:44:59:
                    f3:29:96:50:2a:a8:0c:f1:25:21:dc:a4:7d:c2:e4:
                    6d:fb:d5:47:a8:b3:3e:0e:47:e2:1e:b4:78:75:c1:
                    ef:41:7e:e3:98:e9:ff:e2:a4:13:6b:23:9f:45:08:
                    4d:0a:78:d5:bd:33:14:af:f5:35:86:69:14:47:55:
                    d0:79:8b:8c:16:08:17:21:1b:da:50:6b:fd:9c:73:
                    30:34:9d:01:21:43:eb:99:5e:31:27:7b:2b:39:9c:
                    d4:f9:4f:46:47:ec:9c:fa:c7:73:43:0c:23:c4:50:
                    41:b0:46:7d:15:6f:4a:73:9a:ce:17:77:93:d9:08:
                    24:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:4E:25:45:1D:ED:5B:1C:E3:61:DF:BA:18:79:C1:78:B9:11:95:AE
            X509v3 Authority Key Identifier:
                keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233302e3133362e302f32342d3234203d3e2033333230.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.230.136.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:5b:59:e3:6b:f0:d9:05:6a:0d:4d:76:31:d3:84:a3:7c:35:
         a3:28:d4:e0:29:41:cd:b1:92:aa:4c:de:6c:be:3a:42:fc:fa:
         cb:9b:83:3d:3a:85:a5:b7:33:94:c4:ac:83:04:0e:77:ca:12:
         42:ac:b1:41:ae:2e:06:7f:c4:98:b1:fb:78:71:0a:7c:90:bc:
         47:ab:ab:d4:27:1f:24:1f:c4:fe:8b:68:1c:1c:dc:b8:57:9b:
         cd:9f:f4:7f:40:3f:cc:c6:30:77:73:3e:28:d3:19:db:79:43:
         d7:2c:12:d4:02:83:0c:65:73:1a:1e:6e:16:6d:6f:3d:a9:51:
         0c:d8:f9:11:4c:88:20:44:8f:a9:17:ff:c8:91:32:0e:c1:3e:
         57:cd:09:e1:30:57:d7:08:23:7e:96:1e:e7:cd:26:97:5c:c8:
         37:9a:eb:69:c5:ad:03:1e:d0:1b:a0:af:56:ac:74:03:bc:2b:
         02:f5:e1:b1:b3:da:21:62:d6:7b:bd:20:26:61:e7:4b:c4:fa:
         c7:26:17:37:f3:22:b6:0d:db:f2:63:a0:ee:34:46:c1:d5:75:
         23:af:71:9c:2f:27:1a:fb:11:9f:65:c2:2c:91:b1:bd:a4:9c:
         d5:02:dc:8e:4e:4d:59:fd:2e:56:d6:f0:63:e9:b1:74:56:3b:
         25:91:29:a3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUN/X5CUmMiCuFbvuk9lhJkquWW1owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzAzMjcwODIzNDlaFw0yNDAzMjUwODI4NDlaMDMxMTAvBgNV
BAMTKEIyNEUyNTQ1MURFRDVCMUNFMzYxREZCQTE4NzlDMTc4QjkxMTk1QUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6BNoYGDHqbDytwD3z+brT1qxV
n7RCQeqsYLoc5yWX+ioqu1G1PPavZbMxJaav1i3eV3zUMvpinMzInLPLSLh+yzEp
zcJAXniRAk1prVuZeovf/1jom91jfhtA8FTaVLb5/FDXrH5j6yN7OQTMvovUSsST
MSnG8tw6/FgWwrUONepSA5BEWfMpllAqqAzxJSHcpH3C5G371Ueosz4OR+IetHh1
we9BfuOY6f/ipBNrI59FCE0KeNW9MxSv9TWGaRRHVdB5i4wWCBchG9pQa/2cczA0
nQEhQ+uZXjEneys5nNT5T0ZH7Jz6x3NDDCPEUEGwRn0Vb0pzms4Xd5PZCCQ3AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUsk4lRR3tWxzjYd+6GHnBeLkRla4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzAyZTMx
MzMzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzMzMjMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ueaIMA0GCSqGSIb3DQEBCwUAA4IBAQBQW1nja/DZBWoNTXYx04SjfDWjKNTgKUHN
sZKqTN5svjpC/PrLm4M9OoWltzOUxKyDBA53yhJCrLFBri4Gf8SYsft4cQp8kLxH
q6vUJx8kH8T+i2gcHNy4V5vNn/R/QD/MxjB3cz4o0xnbeUPXLBLUAoMMZXMaHm4W
bW89qVEM2PkRTIggRI+pF//IkTIOwT5XzQnhMFfXCCN+lh7nzSaXXMg3mutpxa0D
HtAboK9WrHQDvCsC9eGxs9ohYtZ7vSAmYedLxPrHJhc38yK2DdvyY6DuNEbB1XUj
r3GcLyca+xGfZcIskbG9pJzVAtyOTk1Z/S5W1vBj6bF0VjslkSmj
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:12 2024 by rpki-client on console-ams.rpki-client.org