Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134392e3230342e302f32322d3234203d3e2030.roa
File:                     34352e3134392e3230342e302f32322d3234203d3e2030.roa (raw, json)
Hash identifier:          fqXn2m+4RgvlsKz8BinpTWLiNss9qLrX3W8zcAwYZPo=
Subject key identifier:   5B:49:F1:BE:A9:B8:63:DA:63:6E:02:D9:F6:63:32:C9:D8:7C:8C:DF
Certificate issuer:       /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial:       4116284F00BE896B8E161CFCC70D9EC723E06944
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134392e3230342e302f32322d3234203d3e2030.roa
Signing time:             Mon 27 Mar 2023 08:27:02 +0000
ROA not before:           Mon 27 Mar 2023 08:22:02 +0000
ROA not after:            Mon 25 Mar 2024 08:27:02 +0000
asID:                     0
IP address blocks:        45.149.204.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:16:28:4f:00:be:89:6b:8e:16:1c:fc:c7:0d:9e:c7:23:e0:69:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
        Validity
            Not Before: Mar 27 08:22:02 2023 GMT
            Not After : Mar 25 08:27:02 2024 GMT
        Subject: CN=5B49F1BEA9B863DA636E02D9F66332C9D87C8CDF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:31:0f:86:44:60:d5:7e:1b:7e:9d:44:48:a5:
                    cf:54:39:e8:f9:13:69:30:59:d8:aa:84:06:61:c2:
                    b7:4c:90:32:73:61:20:29:24:36:f5:0f:ab:a6:64:
                    21:43:f1:6c:84:77:19:68:bf:18:ce:44:57:2e:42:
                    40:9f:f2:3c:e7:d6:8a:0f:91:b0:25:67:44:76:6e:
                    3f:7e:a0:8e:fa:90:63:10:7d:1c:54:e3:06:66:5f:
                    bf:5e:96:b8:84:85:99:f9:8b:79:e4:db:81:94:97:
                    a7:61:2d:fa:a3:2b:14:8c:9c:da:6f:74:01:3e:43:
                    c1:a3:00:f1:66:ea:28:fa:a7:0f:5d:d8:f8:2f:2b:
                    0c:51:fe:fe:04:bf:eb:ab:0d:be:2b:41:0a:51:45:
                    d8:5e:29:40:26:64:91:ba:48:d9:ca:eb:22:a8:a2:
                    3b:d0:e2:67:70:12:6e:b5:f9:2d:0d:35:3b:0e:7b:
                    ee:d4:f3:be:26:d2:1c:4e:d1:ac:ae:61:b3:86:62:
                    c1:d2:d4:6c:47:b5:83:22:b4:9a:9d:1e:05:c8:41:
                    a9:82:0f:f3:ea:dd:d4:d0:f2:19:7b:56:2d:2e:a1:
                    45:3d:56:84:8c:b5:f7:ef:8f:53:e1:c9:89:31:25:
                    a3:96:2e:30:a5:6a:af:e8:08:3c:c6:47:ad:25:a6:
                    e8:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:49:F1:BE:A9:B8:63:DA:63:6E:02:D9:F6:63:32:C9:D8:7C:8C:DF
            X509v3 Authority Key Identifier:
                keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134392e3230342e302f32322d3234203d3e2030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.149.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6c:ff:02:a7:4e:33:fb:75:45:51:02:7b:29:08:42:ff:b1:12:
         4f:00:21:2b:3f:fa:b9:60:45:f3:e7:65:c1:b5:7e:ac:5d:70:
         75:c0:b5:16:45:3e:e0:94:1d:89:25:6d:6c:72:c7:5f:df:cd:
         84:ed:57:32:46:e1:cc:25:0b:22:b9:cd:97:35:78:f9:5f:43:
         79:ea:ff:b7:40:b7:b0:8e:e3:32:a4:51:ed:f3:69:02:0d:99:
         f6:c4:c0:5a:de:2f:c6:96:59:35:fd:ea:73:6e:83:f6:31:23:
         c7:25:db:1f:fc:17:0a:04:b4:c7:ec:2e:41:e5:20:0d:9c:0d:
         8d:d7:14:16:a0:b8:2e:fa:94:43:5c:59:b4:53:2c:9d:70:33:
         65:47:09:c1:23:c4:ed:b3:2e:95:e4:c3:71:78:fb:17:5f:37:
         d9:c4:23:9d:0b:46:94:f5:1d:15:6b:ab:f1:9c:a9:e9:ff:11:
         d4:de:3f:a2:b8:b6:88:f0:9f:56:8a:52:8c:2d:20:55:be:07:
         9e:8e:a4:fe:d9:64:90:96:73:db:f9:c4:5c:66:44:f8:39:9f:
         48:4a:66:b0:38:db:15:6f:55:93:b7:7f:62:e9:a3:e7:1e:0a:
         f3:3b:3b:bd:0f:6e:a6:ee:7d:04:6b:b3:d8:b4:06:79:35:35:
         05:f5:d2:ee
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUQRYoTwC+iWuOFhz8xw2exyPgaUQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yMzAzMjcwODIyMDJaFw0yNDAzMjUwODI3MDJaMDMxMTAvBgNV
BAMTKDVCNDlGMUJFQTlCODYzREE2MzZFMDJEOUY2NjMzMkM5RDg3QzhDREYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/MQ+GRGDVfht+nURIpc9UOej5
E2kwWdiqhAZhwrdMkDJzYSApJDb1D6umZCFD8WyEdxlovxjORFcuQkCf8jzn1ooP
kbAlZ0R2bj9+oI76kGMQfRxU4wZmX79elriEhZn5i3nk24GUl6dhLfqjKxSMnNpv
dAE+Q8GjAPFm6ij6pw9d2PgvKwxR/v4Ev+urDb4rQQpRRdheKUAmZJG6SNnK6yKo
ojvQ4mdwEm61+S0NNTsOe+7U874m0hxO0ayuYbOGYsHS1GxHtYMitJqdHgXIQamC
D/Pq3dTQ8hl7Vi0uoUU9VoSMtffvj1PhyYkxJaOWLjClaq/oCDzGR60lpuilAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUW0nxvqm4Y9pjbgLZ9mMyydh8jN8wHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzNDM5MmUzMjMw
MzQyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2VzDANBgkq
hkiG9w0BAQsFAAOCAQEAbP8Cp04z+3VFUQJ7KQhC/7ESTwAhKz/6uWBF8+dlwbV+
rF1wdcC1FkU+4JQdiSVtbHLHX9/NhO1XMkbhzCULIrnNlzV4+V9Deer/t0C3sI7j
MqRR7fNpAg2Z9sTAWt4vxpZZNf3qc26D9jEjxyXbH/wXCgS0x+wuQeUgDZwNjdcU
FqC4LvqUQ1xZtFMsnXAzZUcJwSPE7bMuleTDcXj7F1832cQjnQtGlPUdFWur8Zyp
6f8R1N4/ori2iPCfVopSjC0gVb4Hno6k/tlkkJZz2/nEXGZE+DmfSEpmsDjbFW9V
k7d/Yumj5x4K8zs7vQ9upu59BGuz2LQGeTU1BfXS7g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-fra.rpki-client.org