Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133362e31372e302f32342d3234203d3e203333363936.roa
File:                     34352e3133362e31372e302f32342d3234203d3e203333363936.roa (raw, json)
Hash identifier:          N1OT/U+9B/jcAKMc4OlCgc2DoH2CT5lt6Z6EAQyorm4=
Subject key identifier:   14:0B:8A:67:CF:BD:02:B7:1B:85:3C:57:EB:95:37:1A:3E:62:F4:9D
Certificate issuer:       /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial:       464FADD936F7A9B74095C170644B853E2306AB92
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133362e31372e302f32342d3234203d3e203333363936.roa
Signing time:             Mon 27 Mar 2023 08:28:58 +0000
ROA not before:           Mon 27 Mar 2023 08:23:58 +0000
ROA not after:            Mon 25 Mar 2024 08:28:58 +0000
asID:                     33696
IP address blocks:        45.136.17.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:4f:ad:d9:36:f7:a9:b7:40:95:c1:70:64:4b:85:3e:23:06:ab:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
        Validity
            Not Before: Mar 27 08:23:58 2023 GMT
            Not After : Mar 25 08:28:58 2024 GMT
        Subject: CN=140B8A67CFBD02B71B853C57EB95371A3E62F49D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:ea:41:ec:18:58:34:93:ca:bf:2f:92:99:a5:
                    19:03:53:83:8b:06:42:be:f1:e5:14:3b:44:cc:f7:
                    66:e2:a7:1c:a5:da:e6:0f:22:2f:02:7a:e4:ec:4f:
                    6c:83:62:22:40:e9:b0:aa:1c:e5:e9:12:e6:5d:12:
                    f7:3d:2f:c0:2e:e6:c6:f1:52:f9:c3:3b:bb:1d:0b:
                    a6:a4:51:88:ce:fa:7d:27:0c:e4:af:e3:1d:56:fc:
                    ec:2d:02:7a:47:59:51:73:17:cf:1b:88:a8:40:1f:
                    7b:86:8d:e0:03:e4:5c:7a:75:25:db:60:48:41:dc:
                    40:cf:ab:0d:5b:52:2d:ec:f7:ba:c0:dc:e7:40:e4:
                    a7:cb:8f:1e:46:1a:7d:b1:7d:a2:56:25:4e:84:47:
                    34:cb:e1:26:43:b3:3f:64:c3:cf:30:7d:4f:2a:ce:
                    c6:62:2a:73:c1:7f:fe:41:64:51:c5:86:66:9f:65:
                    6b:69:7f:f0:65:32:80:15:d0:ae:10:79:ea:9b:0a:
                    cd:1a:7d:78:b2:f9:5b:93:3f:cf:0f:7b:e5:75:60:
                    cc:a6:b8:39:e6:23:ad:db:c2:f6:3d:8b:e5:70:70:
                    63:74:53:b6:36:72:ac:0d:88:42:46:30:89:a6:c3:
                    94:eb:10:d1:52:15:9f:f4:16:9c:a7:bf:f3:88:52:
                    f3:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:0B:8A:67:CF:BD:02:B7:1B:85:3C:57:EB:95:37:1A:3E:62:F4:9D
            X509v3 Authority Key Identifier:
                keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133362e31372e302f32342d3234203d3e203333363936.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.136.17.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:8b:a8:23:bd:7d:d6:6f:c7:19:87:82:5d:85:c9:b8:da:35:
         5f:15:7e:7a:b3:dd:5f:83:8b:1e:55:eb:6b:b3:5c:fa:a4:8c:
         f6:ca:a7:1f:36:3b:cf:6d:a9:fa:11:75:34:6b:13:8e:48:9e:
         e2:35:c1:7c:73:bd:ca:5d:1f:80:7e:4c:d8:a0:8c:e6:a2:25:
         74:69:db:90:e5:32:af:f1:57:c6:a6:1f:2d:f0:a7:e9:09:14:
         b6:51:ab:2c:82:af:16:42:fd:d0:46:d6:52:56:4c:58:73:88:
         7b:5a:9c:05:a2:2d:4d:04:aa:04:32:ca:1b:c7:f7:1f:cf:24:
         c3:16:c5:76:45:21:89:1a:52:25:4d:b6:fa:d2:bc:52:4f:b3:
         9b:8a:18:15:67:bc:b4:e2:da:32:90:6a:f3:97:d8:cd:1f:8a:
         e5:78:d5:7d:bd:b9:3e:cd:b1:d0:01:19:c5:10:54:b7:08:f3:
         92:4b:fb:9d:bd:13:a8:a8:09:a5:a1:09:8d:10:6b:f2:81:fe:
         c1:59:b2:70:65:f5:65:97:22:a5:b0:84:2a:72:42:aa:0d:97:
         b4:da:36:e6:c3:6e:0b:79:a9:9f:9d:30:0a:15:ee:e0:7c:4f:
         ff:9b:d6:87:74:25:e4:a1:68:b7:e2:cc:c0:a7:1f:d8:2d:fa:
         15:3b:42:eb
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIURk+t2Tb3qbdAlcFwZEuFPiMGq5IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzAzMjcwODIzNThaFw0yNDAzMjUwODI4NThaMDMxMTAvBgNV
BAMTKDE0MEI4QTY3Q0ZCRDAyQjcxQjg1M0M1N0VCOTUzNzFBM0U2MkY0OUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDx6kHsGFg0k8q/L5KZpRkDU4OL
BkK+8eUUO0TM92bipxyl2uYPIi8CeuTsT2yDYiJA6bCqHOXpEuZdEvc9L8Au5sbx
UvnDO7sdC6akUYjO+n0nDOSv4x1W/OwtAnpHWVFzF88biKhAH3uGjeAD5Fx6dSXb
YEhB3EDPqw1bUi3s97rA3OdA5KfLjx5GGn2xfaJWJU6ERzTL4SZDsz9kw88wfU8q
zsZiKnPBf/5BZFHFhmafZWtpf/BlMoAV0K4QeeqbCs0afXiy+VuTP88Pe+V1YMym
uDnmI63bwvY9i+VwcGN0U7Y2cqwNiEJGMImmw5TrENFSFZ/0Fpynv/OIUvONAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUFAuKZ8+9ArcbhTxX65U3Gj5i9J0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzEzMzM2MmUzMTM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzMzM2MzkzNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2I
ETANBgkqhkiG9w0BAQsFAAOCAQEAeYuoI7191m/HGYeCXYXJuNo1XxV+erPdX4OL
HlXra7Nc+qSM9sqnHzY7z22p+hF1NGsTjkie4jXBfHO9yl0fgH5M2KCM5qIldGnb
kOUyr/FXxqYfLfCn6QkUtlGrLIKvFkL90EbWUlZMWHOIe1qcBaItTQSqBDLKG8f3
H88kwxbFdkUhiRpSJU22+tK8Uk+zm4oYFWe8tOLaMpBq85fYzR+K5XjVfb25Ps2x
0AEZxRBUtwjzkkv7nb0TqKgJpaEJjRBr8oH+wVmycGX1ZZcipbCEKnJCqg2XtNo2
5sNuC3mpn50wChXu4HxP/5vWh3Ql5KFot+LMwKcf2C36FTtC6w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-fra.rpki-client.org