Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132332e302f32342d3234203d3e203432333636.roa
File:                     34352e3134312e3132332e302f32342d3234203d3e203432333636.roa (raw, json)
Hash identifier:          RHIZV7Pco3h2sqFADOdWsDN+kttaZSAdPbi8+MBHxM4=
Subject key identifier:   88:6C:EA:2A:FC:2E:B4:F5:41:29:57:1B:E0:84:C8:CC:D2:EC:1C:53
Certificate issuer:       /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial:       7F9843AA1BAE344149C093C71BD8F8AF2A8B7F1D
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132332e302f32342d3234203d3e203432333636.roa
Signing time:             Mon 10 Apr 2023 08:18:22 +0000
ROA not before:           Mon 10 Apr 2023 08:13:22 +0000
ROA not after:            Mon 08 Apr 2024 08:18:22 +0000
asID:                     42366
IP address blocks:        45.141.123.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:98:43:aa:1b:ae:34:41:49:c0:93:c7:1b:d8:f8:af:2a:8b:7f:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
        Validity
            Not Before: Apr 10 08:13:22 2023 GMT
            Not After : Apr  8 08:18:22 2024 GMT
        Subject: CN=886CEA2AFC2EB4F54129571BE084C8CCD2EC1C53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:00:1d:5a:2f:e5:aa:c3:0b:e8:98:21:29:6f:
                    f4:7d:83:78:04:7f:70:af:cd:6c:0f:1f:a0:15:e8:
                    f8:95:90:5e:9b:43:1d:9a:42:a9:21:b1:5f:61:07:
                    28:27:11:7b:0f:44:bc:80:f6:1d:31:f8:ca:0f:64:
                    be:4d:5a:e2:9e:56:14:c0:b8:32:a7:83:bf:c1:b1:
                    2e:fb:fa:dc:69:ba:aa:f5:33:b5:5c:53:56:e8:7a:
                    60:70:d0:68:f8:36:37:a4:cf:3c:73:d5:3c:51:c5:
                    8a:00:7e:77:76:2b:9d:dd:f2:97:aa:30:a0:05:df:
                    3e:87:95:1d:7c:6f:f3:91:b4:40:cb:5f:62:9a:4e:
                    bd:e2:9c:4b:bb:ec:15:ec:7f:96:97:9d:7a:1a:a0:
                    f1:a0:2a:3f:73:1b:f1:d4:0e:2c:57:7d:1d:ab:63:
                    b2:eb:4b:86:a6:d0:e9:dc:20:5d:14:2d:f0:0a:b6:
                    c6:b9:e8:cd:8b:b3:60:62:de:4d:44:75:b7:e2:71:
                    e8:a6:b7:21:b4:b9:e6:2f:ba:2c:44:68:9a:e9:88:
                    bb:07:ef:11:8f:69:20:04:8d:1a:40:0d:20:4d:d3:
                    ce:ca:a1:76:37:a5:f9:60:eb:24:a2:5c:58:c2:29:
                    89:be:f6:17:3e:81:88:62:63:5c:11:1a:c7:9b:65:
                    e7:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:6C:EA:2A:FC:2E:B4:F5:41:29:57:1B:E0:84:C8:CC:D2:EC:1C:53
            X509v3 Authority Key Identifier:
                keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132332e302f32342d3234203d3e203432333636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.141.123.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:14:03:68:a6:88:57:e4:db:0a:42:94:92:38:c2:51:fe:65:
         2f:5f:b9:6e:37:cb:7a:6d:86:2e:4a:6f:1d:08:a5:d0:09:85:
         a1:c2:68:83:b9:88:af:5d:66:ea:8f:ee:fe:f9:a8:a5:db:b2:
         6c:6e:a6:fd:8d:df:7a:65:d8:dd:45:88:ce:b5:82:52:06:e2:
         2e:61:38:51:5f:07:e8:f4:fc:fe:1d:a6:5a:90:32:25:f7:c3:
         52:60:9b:2d:be:b1:aa:8d:26:3d:96:e3:04:96:d2:a5:dd:3f:
         f1:bf:d4:b3:aa:da:ec:66:7a:58:09:0d:c0:f9:41:bc:46:c2:
         23:a7:04:e0:9a:cb:d9:bc:02:01:14:5a:17:7e:db:2e:62:1d:
         aa:60:00:08:15:47:00:17:04:f5:09:d8:d9:ae:25:eb:21:e0:
         43:3e:10:e6:17:9c:32:cf:b4:2f:6d:8a:54:27:43:7e:c6:8f:
         8c:ce:b5:89:a6:0b:cd:c7:75:1b:13:b8:b3:78:b3:d5:3b:a5:
         d3:c3:00:56:61:2b:65:c9:e0:95:97:79:f1:82:1a:92:88:7f:
         f4:48:b3:82:8b:6e:42:93:68:ff:e1:b7:b5:06:37:0e:db:84:
         03:de:06:06:25:7c:8d:35:05:fa:ba:c0:89:a9:4c:9a:fc:df:
         1f:13:99:41
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUf5hDqhuuNEFJwJPHG9j4ryqLfx0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yMzA0MTAwODEzMjJaFw0yNDA0MDgwODE4MjJaMDMxMTAvBgNV
BAMTKDg4NkNFQTJBRkMyRUI0RjU0MTI5NTcxQkUwODRDOENDRDJFQzFDNTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkAB1aL+WqwwvomCEpb/R9g3gE
f3CvzWwPH6AV6PiVkF6bQx2aQqkhsV9hBygnEXsPRLyA9h0x+MoPZL5NWuKeVhTA
uDKng7/BsS77+txpuqr1M7VcU1boemBw0Gj4Njekzzxz1TxRxYoAfnd2K53d8peq
MKAF3z6HlR18b/ORtEDLX2KaTr3inEu77BXsf5aXnXoaoPGgKj9zG/HUDixXfR2r
Y7LrS4am0OncIF0ULfAKtsa56M2Ls2Bi3k1EdbficeimtyG0ueYvuixEaJrpiLsH
7xGPaSAEjRpADSBN087KoXY3pflg6ySiXFjCKYm+9hc+gYhiY1wRGsebZeeFAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUiGzqKvwutPVBKVcb4ITIzNLsHFMwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzNDMxMmUzMTMy
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMyMzMzNjM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LY17MA0GCSqGSIb3DQEBCwUAA4IBAQB2FANopohX5NsKQpSSOMJR/mUvX7luN8t6
bYYuSm8dCKXQCYWhwmiDuYivXWbqj+7++ail27Jsbqb9jd96ZdjdRYjOtYJSBuIu
YThRXwfo9Pz+HaZakDIl98NSYJstvrGqjSY9luMEltKl3T/xv9SzqtrsZnpYCQ3A
+UG8RsIjpwTgmsvZvAIBFFoXftsuYh2qYAAIFUcAFwT1CdjZriXrIeBDPhDmF5wy
z7QvbYpUJ0N+xo+MzrWJpgvNx3UbE7izeLPVO6XTwwBWYStlyeCVl3nxghqSiH/0
SLOCi25Ck2j/4be1BjcO24QD3gYGJXyNNQX6usCJqUya/N8fE5lB
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:12 2024 by rpki-client on console-ams.rpki-client.org