Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e31332e3233322e302f32322d3234203d3e203432333636.roa
File:                     34352e31332e3233322e302f32322d3234203d3e203432333636.roa (raw, json)
Hash identifier:          QzshBxU2QjUPyesN/cav6n6qwnOew0kPYWQ9Z1Waghw=
Subject key identifier:   A2:68:55:0E:D7:20:13:FB:CD:31:3E:6E:CE:C5:01:FC:10:BD:74:7D
Certificate issuer:       /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial:       5DC69558322AE74A451608CB039DE0D04B5A389C
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e31332e3233322e302f32322d3234203d3e203432333636.roa
Signing time:             Mon 10 Apr 2023 08:20:35 +0000
ROA not before:           Mon 10 Apr 2023 08:15:35 +0000
ROA not after:            Mon 08 Apr 2024 08:20:35 +0000
asID:                     42366
IP address blocks:        45.13.232.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:c6:95:58:32:2a:e7:4a:45:16:08:cb:03:9d:e0:d0:4b:5a:38:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
        Validity
            Not Before: Apr 10 08:15:35 2023 GMT
            Not After : Apr  8 08:20:35 2024 GMT
        Subject: CN=A268550ED72013FBCD313E6ECEC501FC10BD747D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:f5:e7:ec:f8:ce:72:6e:04:68:d2:d1:95:9e:
                    ad:b1:37:c0:50:20:8a:74:3b:52:c1:f5:2b:a8:51:
                    7e:02:11:78:ff:8f:c0:0e:f8:ce:9c:7b:80:af:bf:
                    61:e5:8b:a6:1a:e3:0a:a4:d8:e8:a5:c4:40:73:d2:
                    a1:4f:70:b4:3f:3f:49:ce:28:82:82:29:54:ae:18:
                    57:c1:3b:9c:9e:2e:0b:a6:1d:ed:2e:8a:cc:eb:eb:
                    bd:03:0b:ad:34:5e:ba:1c:64:1b:c5:ff:7b:34:b4:
                    44:a4:bb:e3:21:eb:13:5e:b7:53:6c:0a:8d:32:fe:
                    70:4f:0e:81:4d:3e:53:8c:56:02:12:57:d9:f4:d8:
                    a3:99:89:52:91:ae:2f:7b:95:53:1c:e9:5e:5b:04:
                    01:9e:ef:7c:02:65:f9:0d:56:2c:04:68:d0:c2:a4:
                    6d:5c:84:70:04:29:35:10:e1:96:bd:75:00:03:b6:
                    d2:1c:d0:e3:e1:1e:4e:f0:8b:03:d0:32:bd:33:3d:
                    b7:93:4e:48:49:6f:14:a8:b5:36:39:ed:31:07:69:
                    8a:37:55:91:35:44:35:f3:26:11:e4:ce:30:b9:39:
                    fc:c5:ef:28:3e:56:19:39:e5:86:83:ac:78:0c:af:
                    b1:9f:33:a9:5d:df:91:5a:65:ae:4f:e1:36:02:30:
                    72:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:68:55:0E:D7:20:13:FB:CD:31:3E:6E:CE:C5:01:FC:10:BD:74:7D
            X509v3 Authority Key Identifier:
                keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e31332e3233322e302f32322d3234203d3e203432333636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.13.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         64:fd:2f:72:f6:2b:14:da:53:cf:3a:ec:48:31:ab:a2:a2:a4:
         c5:19:8a:27:38:3f:25:75:d4:3e:4c:eb:98:31:17:01:21:b9:
         c7:8f:73:9b:be:40:05:f4:92:6a:da:b8:37:aa:aa:9b:9f:52:
         aa:e2:0b:52:ee:9e:c5:2e:58:ee:c8:9b:29:f9:ed:5b:70:72:
         70:28:1e:92:8c:1a:f1:ab:c0:c0:4b:cf:7c:87:c3:c8:09:75:
         5b:3b:3f:ed:46:66:cf:88:59:04:8e:cf:a0:7f:a1:8a:81:23:
         60:a1:fa:9a:e9:74:a7:d8:1e:12:03:16:78:7c:86:0d:e9:b1:
         f7:3d:07:69:c1:b2:98:93:ce:c5:b9:02:12:5e:72:63:1e:d1:
         76:12:8b:ab:ae:bf:28:86:a7:c5:9d:56:ab:cb:af:98:c8:b2:
         b1:5d:7e:e9:1e:c2:2c:e3:24:5a:77:1e:8b:3a:06:e7:1f:53:
         1a:4d:c0:06:76:6b:6a:88:90:98:1a:ef:9d:a1:66:7e:a3:43:
         b2:fb:ce:5c:f9:e9:c4:da:0e:7d:ef:99:f6:1f:49:98:3b:84:
         c4:0e:88:4e:35:27:90:9a:8e:bc:e6:25:1e:e3:8a:fe:04:54:
         10:9e:63:70:e7:d3:a4:cc:f0:74:80:4d:c1:c4:6e:46:5d:4d:
         23:27:c2:5b
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUXcaVWDIq50pFFgjLA53g0EtaOJwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yMzA0MTAwODE1MzVaFw0yNDA0MDgwODIwMzVaMDMxMTAvBgNV
BAMTKEEyNjg1NTBFRDcyMDEzRkJDRDMxM0U2RUNFQzUwMUZDMTBCRDc0N0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDl9efs+M5ybgRo0tGVnq2xN8BQ
IIp0O1LB9SuoUX4CEXj/j8AO+M6ce4Cvv2Hli6Ya4wqk2OilxEBz0qFPcLQ/P0nO
KIKCKVSuGFfBO5yeLgumHe0uiszr670DC600XrocZBvF/3s0tESku+Mh6xNet1Ns
Co0y/nBPDoFNPlOMVgISV9n02KOZiVKRri97lVMc6V5bBAGe73wCZfkNViwEaNDC
pG1chHAEKTUQ4Za9dQADttIc0OPhHk7wiwPQMr0zPbeTTkhJbxSotTY57TEHaYo3
VZE1RDXzJhHkzjC5OfzF7yg+Vhk55YaDrHgMr7GfM6ld35FaZa5P4TYCMHLLAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUomhVDtcgE/vNMT5uzsUB/BC9dH0wHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzQzNTJlMzEzMzJlMzIzMzMy
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzQzMjMzMzYzNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi0N
6DANBgkqhkiG9w0BAQsFAAOCAQEAZP0vcvYrFNpTzzrsSDGroqKkxRmKJzg/JXXU
PkzrmDEXASG5x49zm75ABfSSatq4N6qqm59SquILUu6exS5Y7sibKfntW3BycCge
kowa8avAwEvPfIfDyAl1Wzs/7UZmz4hZBI7PoH+hioEjYKH6mul0p9geEgMWeHyG
Demx9z0HacGymJPOxbkCEl5yYx7RdhKLq66/KIanxZ1Wq8uvmMiysV1+6R7CLOMk
WnceizoG5x9TGk3ABnZraoiQmBrvnaFmfqNDsvvOXPnpxNoOfe+Z9h9JmDuExA6I
TjUnkJqOvOYlHuOK/gRUEJ5jcOfTpMzwdIBNwcRuRl1NIyfCWw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-fra.rpki-client.org