Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e31352e3130382e302f32342d3234203d3e2030.roa
File:                     3139342e31352e3130382e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier:          RUnCC+rpXCG1mp8brgwe8480RFtTylwLtk3WbyXVSjA=
Subject key identifier:   B3:2F:8C:4A:F6:50:56:0B:A2:3C:2A:A0:BE:D6:F8:B1:F7:4C:09:A5
Certificate issuer:       /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial:       3D214F84D6542AF8FEB38E2CB972AF321B9A2003
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e31352e3130382e302f32342d3234203d3e2030.roa
Signing time:             Mon 27 Mar 2023 08:27:50 +0000
ROA not before:           Mon 27 Mar 2023 08:22:50 +0000
ROA not after:            Mon 25 Mar 2024 08:27:50 +0000
asID:                     0
IP address blocks:        194.15.108.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:21:4f:84:d6:54:2a:f8:fe:b3:8e:2c:b9:72:af:32:1b:9a:20:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
        Validity
            Not Before: Mar 27 08:22:50 2023 GMT
            Not After : Mar 25 08:27:50 2024 GMT
        Subject: CN=B32F8C4AF650560BA23C2AA0BED6F8B1F74C09A5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:14:f8:06:62:02:15:f5:ed:3c:a7:c0:3c:82:
                    6f:f3:1b:50:75:73:7e:b2:1a:80:6e:a7:eb:dd:ec:
                    f9:c8:c5:c8:53:b7:a1:3c:69:ff:03:ed:c5:d4:e5:
                    c9:67:57:24:8f:32:17:af:dc:b9:98:a9:3f:b1:c6:
                    c1:e1:21:a0:0b:88:04:c6:6d:9a:bc:80:d9:cb:10:
                    44:cb:b4:da:91:76:b8:b5:c1:74:e1:a6:e5:92:26:
                    10:a2:7e:a8:79:4b:f6:88:a8:fb:07:88:ca:a9:94:
                    f4:97:7e:63:56:16:d5:33:50:8e:d1:29:fe:77:71:
                    f5:b6:5c:66:cc:55:57:41:ab:b9:32:8f:85:27:04:
                    57:63:ce:60:12:ad:6d:e5:81:e7:13:40:65:b0:3c:
                    f5:d3:8a:3d:e2:74:c9:2f:fc:cc:70:3f:83:3a:a6:
                    68:5c:32:46:d7:2d:93:0f:f8:4f:fb:b1:41:36:fc:
                    b2:0f:6f:a9:3a:de:44:68:da:aa:dc:a7:ac:88:25:
                    73:a9:ca:0c:14:6c:69:bd:6d:09:ad:a1:9d:af:4b:
                    ea:6e:b0:57:e0:88:c2:c3:a1:85:35:a1:9d:5d:02:
                    9b:e2:12:18:60:1a:f5:86:a1:c8:fa:a6:5e:e4:47:
                    d2:99:28:9f:30:c5:4e:38:48:d1:69:c0:2b:44:b1:
                    2b:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:2F:8C:4A:F6:50:56:0B:A2:3C:2A:A0:BE:D6:F8:B1:F7:4C:09:A5
            X509v3 Authority Key Identifier:
                keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e31352e3130382e302f32342d3234203d3e2030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.15.108.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:a9:cc:fa:dc:79:dc:4c:d2:6f:97:6c:58:18:39:eb:62:1b:
         0f:14:6f:25:a3:69:38:5c:5a:4c:18:cb:f0:2e:ef:b5:68:ee:
         4f:4a:31:10:1f:35:f6:42:57:32:6e:b2:67:b1:4c:8d:08:62:
         b4:6a:65:4f:0e:8d:e4:bd:fa:2c:a1:c8:de:88:33:2b:b2:f3:
         87:68:48:29:b8:7a:47:75:eb:ea:60:96:a1:37:d1:99:ea:22:
         1b:ed:d4:6e:38:21:77:12:0e:13:4c:bc:50:52:3e:88:da:af:
         71:c1:f2:36:a9:34:46:70:48:72:63:6f:26:68:c3:06:54:75:
         0a:e0:a6:24:07:2c:ed:8c:bc:f3:9f:58:66:94:59:cf:4c:f2:
         61:2d:21:ba:f6:d4:99:fc:36:79:04:66:b0:db:3a:4a:ff:ff:
         f5:52:73:d7:a1:d3:cd:5d:b3:c4:49:02:da:3f:b8:f9:89:a3:
         e2:55:23:b7:4d:c9:d1:04:59:8d:ef:b6:6c:7f:de:e0:ab:58:
         c8:3b:c8:79:d2:ed:53:d8:b0:96:e5:68:a6:03:04:36:01:83:
         da:eb:62:b2:8e:7f:a0:7b:4a:56:31:b5:e8:28:ad:fc:ca:41:
         16:c3:60:36:c0:87:e2:de:15:54:e5:ba:35:21:18:16:be:3e:
         2c:6f:67:83
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUPSFPhNZUKvj+s44suXKvMhuaIAMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzAzMjcwODIyNTBaFw0yNDAzMjUwODI3NTBaMDMxMTAvBgNV
BAMTKEIzMkY4QzRBRjY1MDU2MEJBMjNDMkFBMEJFRDZGOEIxRjc0QzA5QTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCFPgGYgIV9e08p8A8gm/zG1B1
c36yGoBup+vd7PnIxchTt6E8af8D7cXU5clnVySPMhev3LmYqT+xxsHhIaALiATG
bZq8gNnLEETLtNqRdri1wXThpuWSJhCifqh5S/aIqPsHiMqplPSXfmNWFtUzUI7R
Kf53cfW2XGbMVVdBq7kyj4UnBFdjzmASrW3lgecTQGWwPPXTij3idMkv/MxwP4M6
pmhcMkbXLZMP+E/7sUE2/LIPb6k63kRo2qrcp6yIJXOpygwUbGm9bQmtoZ2vS+pu
sFfgiMLDoYU1oZ1dApviEhhgGvWGocj6pl7kR9KZKJ8wxU44SNFpwCtEsSsjAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUsy+MSvZQVguiPCqgvtb4sfdMCaUwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzOTM0MmUzMTM1MmUzMTMw
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIPbDANBgkq
hkiG9w0BAQsFAAOCAQEAT6nM+tx53EzSb5dsWBg562IbDxRvJaNpOFxaTBjL8C7v
tWjuT0oxEB819kJXMm6yZ7FMjQhitGplTw6N5L36LKHI3ogzK7Lzh2hIKbh6R3Xr
6mCWoTfRmeoiG+3UbjghdxIOE0y8UFI+iNqvccHyNqk0RnBIcmNvJmjDBlR1CuCm
JAcs7Yy8859YZpRZz0zyYS0huvbUmfw2eQRmsNs6Sv//9VJz16HTzV2zxEkC2j+4
+Ymj4lUjt03J0QRZje+2bH/e4KtYyDvIedLtU9iwluVopgMENgGD2utiso5/oHtK
VjG16Cit/MpBFsNgNsCH4t4VVOW6NSEYFr4+LG9ngw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-fra.rpki-client.org