Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e3134312e32312e302f32342d3234203d3e20323132323938.roa
File:                     34352e3134312e32312e302f32342d3234203d3e20323132323938.roa (raw, json)
Hash identifier:          g0uSE3JbTPTbu8OwsxjfqQKuhLDSH4xghZ7e3rDpzy8=
Subject key identifier:   29:54:E0:3A:F6:55:42:9A:AF:08:17:89:29:60:47:C7:28:18:2B:73
Certificate issuer:       /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial:       0A0CA059C153DE22A68AFC9E4E6E4E3056CB4E61
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e3134312e32312e302f32342d3234203d3e20323132323938.roa
Signing time:             Mon 27 Mar 2023 08:27:34 +0000
ROA not before:           Mon 27 Mar 2023 08:22:34 +0000
ROA not after:            Mon 25 Mar 2024 08:27:34 +0000
asID:                     212298
IP address blocks:        45.141.21.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:0c:a0:59:c1:53:de:22:a6:8a:fc:9e:4e:6e:4e:30:56:cb:4e:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
        Validity
            Not Before: Mar 27 08:22:34 2023 GMT
            Not After : Mar 25 08:27:34 2024 GMT
        Subject: CN=2954E03AF655429AAF081789296047C728182B73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:83:db:69:6d:49:f8:da:ff:c9:e5:79:94:a3:
                    04:eb:ba:69:e9:da:4d:e2:10:da:5c:2b:3a:0a:72:
                    a7:10:74:fa:4c:9f:91:37:b4:38:2d:37:25:b7:a7:
                    c8:f6:c2:e8:51:08:56:fa:e5:17:ec:cf:5e:3f:18:
                    53:d4:48:fe:6c:8c:b2:bc:59:7d:ac:5d:48:6a:49:
                    d2:d7:7c:08:9a:2e:3a:2e:6d:f1:8f:f5:0e:24:db:
                    ce:c2:ff:c2:b9:55:c4:54:33:6c:40:fc:3c:c3:27:
                    b0:7b:da:13:02:18:2c:16:62:58:fc:7d:9b:9f:4b:
                    ab:2a:b5:e6:3d:04:35:55:c7:e6:26:36:00:33:dd:
                    2b:89:5f:2f:82:de:a7:45:c9:28:3f:7e:61:ff:f1:
                    d6:18:e0:26:53:aa:2b:1d:ac:4b:96:30:7c:87:6f:
                    f7:14:e4:50:de:1d:b7:7b:31:c3:f9:82:c8:23:65:
                    66:67:79:f8:7f:09:e5:c2:63:9d:68:d7:85:7b:b1:
                    0f:37:61:7d:f3:c7:77:c4:8f:1d:ef:1c:c8:77:46:
                    e7:9a:63:6a:4d:a6:a0:89:b9:98:2b:4a:da:cb:2c:
                    21:69:f3:9a:29:8d:3a:3e:b6:c8:f2:77:84:90:0b:
                    e8:99:9f:f5:60:02:54:be:11:be:aa:4b:2c:06:6e:
                    34:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:54:E0:3A:F6:55:42:9A:AF:08:17:89:29:60:47:C7:28:18:2B:73
            X509v3 Authority Key Identifier:
                keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e3134312e32312e302f32342d3234203d3e20323132323938.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.141.21.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:43:6f:37:d8:f3:e2:a3:dd:40:82:7d:38:13:0a:05:e2:05:
         aa:5e:e4:14:c6:29:65:c1:ee:19:b4:be:14:90:78:26:be:5b:
         19:12:13:b6:8e:a5:7c:2d:40:42:79:ae:3e:46:35:d7:72:39:
         1a:ec:61:15:f7:a6:76:1f:72:7d:2d:3a:fb:5d:f8:a0:9a:80:
         b6:00:e7:de:1f:66:a9:4e:25:ab:24:eb:23:0a:c0:ac:5d:7e:
         7e:5a:44:db:39:17:57:01:9a:4c:d8:50:53:2a:7b:79:47:9a:
         94:2e:7f:a5:a9:7a:cb:f7:62:8d:44:88:df:97:4c:f5:36:cf:
         37:dd:13:cc:81:47:30:16:30:32:fc:52:51:65:fa:70:4c:37:
         df:60:54:e7:31:1d:40:b5:14:3e:8c:9b:cd:13:64:62:19:8e:
         11:f7:3c:40:93:95:30:52:65:8b:c7:8a:a2:f2:d2:5c:8e:94:
         61:6e:18:98:eb:af:6e:ee:28:b9:07:d7:63:5f:e1:f1:c2:59:
         dc:b4:00:fa:63:56:12:96:db:d1:16:4b:3d:35:9d:e3:46:1d:
         29:1d:2f:c9:24:2c:17:0d:f1:89:e0:bd:e8:4a:09:ef:dc:98:
         f8:d0:e4:36:05:01:8f:6c:bd:95:9d:d2:24:aa:d1:23:fd:0a:
         41:0f:72:d6
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUCgygWcFT3iKmivyeTm5OMFbLTmEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yMzAzMjcwODIyMzRaFw0yNDAzMjUwODI3MzRaMDMxMTAvBgNV
BAMTKDI5NTRFMDNBRjY1NTQyOUFBRjA4MTc4OTI5NjA0N0M3MjgxODJCNzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDng9tpbUn42v/J5XmUowTrumnp
2k3iENpcKzoKcqcQdPpMn5E3tDgtNyW3p8j2wuhRCFb65Rfsz14/GFPUSP5sjLK8
WX2sXUhqSdLXfAiaLjoubfGP9Q4k287C/8K5VcRUM2xA/DzDJ7B72hMCGCwWYlj8
fZufS6sqteY9BDVVx+YmNgAz3SuJXy+C3qdFySg/fmH/8dYY4CZTqisdrEuWMHyH
b/cU5FDeHbd7McP5gsgjZWZnefh/CeXCY51o14V7sQ83YX3zx3fEjx3vHMh3Ruea
Y2pNpqCJuZgrStrLLCFp85opjTo+tsjyd4SQC+iZn/VgAlS+Eb6qSywGbjSpAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUKVTgOvZVQpqvCBeJKWBHxygYK3MwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzQzNTJlMzEzNDMxMmUzMjMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzIzOTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LY0VMA0GCSqGSIb3DQEBCwUAA4IBAQCBQ2832PPio91Agn04EwoF4gWqXuQUxill
we4ZtL4UkHgmvlsZEhO2jqV8LUBCea4+RjXXcjka7GEV96Z2H3J9LTr7XfigmoC2
AOfeH2apTiWrJOsjCsCsXX5+WkTbORdXAZpM2FBTKnt5R5qULn+lqXrL92KNRIjf
l0z1Ns833RPMgUcwFjAy/FJRZfpwTDffYFTnMR1AtRQ+jJvNE2RiGY4R9zxAk5Uw
UmWLx4qi8tJcjpRhbhiY669u7ii5B9djX+HxwlnctAD6Y1YSltvRFks9NZ3jRh0p
HS/JJCwXDfGJ4L3oSgnv3Jj40OQ2BQGPbL2VndIkqtEj/QpBD3LW
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-fra.rpki-client.org