Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/39312e3139362e3232322e302f32332d3234203d3e203432333636.roa
File:                     39312e3139362e3232322e302f32332d3234203d3e203432333636.roa (raw, json)
Hash identifier:          dPC7Dos98Z8EacxH+8g2Q4YBz9AGchhFeHFM8AwJgtU=
Subject key identifier:   37:4D:D2:49:C7:87:36:73:55:3C:08:18:5D:79:5A:DA:40:3D:6A:67
Certificate issuer:       /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial:       127531C7C13EDA1780890ED36CDED638921874CB
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/39312e3139362e3232322e302f32332d3234203d3e203432333636.roa
Signing time:             Mon 10 Apr 2023 08:18:41 +0000
ROA not before:           Mon 10 Apr 2023 08:13:41 +0000
ROA not after:            Mon 08 Apr 2024 08:18:41 +0000
asID:                     42366
IP address blocks:        91.196.222.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:75:31:c7:c1:3e:da:17:80:89:0e:d3:6c:de:d6:38:92:18:74:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
        Validity
            Not Before: Apr 10 08:13:41 2023 GMT
            Not After : Apr  8 08:18:41 2024 GMT
        Subject: CN=374DD249C7873673553C08185D795ADA403D6A67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:f9:51:92:7f:14:c1:81:69:6b:f7:33:72:9c:
                    1e:5e:05:8e:0b:23:77:c4:c2:d8:0e:34:a3:01:71:
                    5d:7b:da:e8:d6:64:33:f9:5d:df:53:f4:a4:44:dd:
                    ef:db:5a:1f:cb:4a:26:b2:51:f2:8f:7c:b8:58:11:
                    09:12:d5:b2:85:4d:33:86:d5:9b:ca:5c:84:fe:eb:
                    b7:6d:d9:99:8f:cb:a9:32:23:f1:5e:5f:68:c7:c1:
                    85:cc:55:73:38:0d:fd:f6:a7:59:f6:34:f1:5c:3b:
                    f5:73:e1:95:c5:a5:cf:1f:c9:d6:ce:ba:e2:24:6b:
                    9d:60:61:da:00:ca:99:24:dc:eb:12:a0:b0:00:33:
                    a8:f8:2d:df:cb:8f:0e:28:bb:99:54:e3:ad:40:5a:
                    ba:a6:f4:79:5c:07:da:24:5c:c6:75:85:48:fb:e3:
                    af:70:d9:5c:b5:0d:6c:9d:8b:c1:b5:a4:bb:3b:4a:
                    07:0f:d1:0c:8b:c4:14:6c:0f:fb:f6:02:31:69:a9:
                    40:17:ea:3c:30:fb:bd:e5:3f:6d:e7:fd:fd:be:49:
                    8d:7a:4c:67:c2:a5:c2:35:0a:e8:49:f3:8f:a2:98:
                    c8:e9:fa:98:36:93:4b:64:49:4e:f6:70:00:d4:01:
                    20:a7:5b:9d:67:88:b9:6b:67:0b:18:c7:df:9e:02:
                    7c:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:4D:D2:49:C7:87:36:73:55:3C:08:18:5D:79:5A:DA:40:3D:6A:67
            X509v3 Authority Key Identifier:
                keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/39312e3139362e3232322e302f32332d3234203d3e203432333636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.196.222.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3e:57:e5:3d:f7:14:34:2b:40:77:62:fd:ed:7f:de:c9:6e:8f:
         ae:c5:f7:c6:52:8c:c7:89:29:51:d2:ea:f0:73:91:f2:0b:6e:
         78:6e:22:86:be:26:87:84:dc:86:77:d2:3a:8f:b3:95:7d:b4:
         b0:49:1c:22:8a:9a:ea:39:5d:39:a4:3b:42:49:65:a0:46:37:
         a1:5a:9a:d1:02:f2:43:ba:5b:50:44:8c:b4:3f:68:23:56:d4:
         91:ea:54:da:be:51:54:91:af:26:64:9f:38:04:a8:a5:fe:3a:
         08:b9:bc:15:5a:c4:8c:48:d9:51:47:20:7a:91:32:8c:f3:6c:
         15:85:c1:e9:7f:3e:a9:cd:2f:6f:94:63:4d:57:0b:e9:ed:0e:
         5b:8e:b1:2e:e1:6f:2d:3c:20:a5:53:bf:3f:ad:0b:1c:94:d9:
         8c:89:02:01:a3:4a:49:cf:d2:14:de:af:60:c9:65:e2:e2:0b:
         cd:62:25:15:3e:92:f8:cf:17:83:52:0a:ec:83:48:25:fc:c2:
         ab:8c:80:08:3a:9d:63:8e:35:c9:e9:8b:14:72:75:df:1e:8b:
         2e:a7:43:c9:6c:45:ac:8d:33:76:de:76:a1:72:17:25:fc:4d:
         1e:2e:bd:76:ad:67:79:f3:85:1c:30:e3:5f:85:4f:90:e4:a6:
         8f:96:a3:07
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUEnUxx8E+2heAiQ7TbN7WOJIYdMswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yMzA0MTAwODEzNDFaFw0yNDA0MDgwODE4NDFaMDMxMTAvBgNV
BAMTKDM3NEREMjQ5Qzc4NzM2NzM1NTNDMDgxODVENzk1QURBNDAzRDZBNjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDl+VGSfxTBgWlr9zNynB5eBY4L
I3fEwtgONKMBcV172ujWZDP5Xd9T9KRE3e/bWh/LSiayUfKPfLhYEQkS1bKFTTOG
1ZvKXIT+67dt2ZmPy6kyI/FeX2jHwYXMVXM4Df32p1n2NPFcO/Vz4ZXFpc8fydbO
uuIka51gYdoAypkk3OsSoLAAM6j4Ld/Ljw4ou5lU461AWrqm9HlcB9okXMZ1hUj7
469w2Vy1DWydi8G1pLs7SgcP0QyLxBRsD/v2AjFpqUAX6jww+73lP23n/f2+SY16
TGfCpcI1CuhJ84+imMjp+pg2k0tkSU72cADUASCnW51niLlrZwsYx9+eAnwvAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUN03SSceHNnNVPAgYXXla2kA9amcwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzkzMTJlMzEzOTM2MmUzMjMy
MzIyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzNDMyMzMzNjM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
W8TeMA0GCSqGSIb3DQEBCwUAA4IBAQA+V+U99xQ0K0B3Yv3tf97Jbo+uxffGUozH
iSlR0urwc5HyC254biKGviaHhNyGd9I6j7OVfbSwSRwiiprqOV05pDtCSWWgRjeh
WprRAvJDultQRIy0P2gjVtSR6lTavlFUka8mZJ84BKil/joIubwVWsSMSNlRRyB6
kTKM82wVhcHpfz6pzS9vlGNNVwvp7Q5bjrEu4W8tPCClU78/rQsclNmMiQIBo0pJ
z9IU3q9gyWXi4gvNYiUVPpL4zxeDUgrsg0gl/MKrjIAIOp1jjjXJ6YsUcnXfHosu
p0PJbEWsjTN23nahchcl/E0eLr12rWd584UcMONfhU+Q5KaPlqMH
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-fra.rpki-client.org