Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/3eU_D8VVgIFm83jRw7vw03Oq4WU.roa
File:                     3eU_D8VVgIFm83jRw7vw03Oq4WU.roa (raw, json)
Hash identifier:          wlVRKKEGGTSaxmruasFGnMO0x4u3dj3nDanxz5jYOYE=
Subject key identifier:   DD:E5:3F:0F:C5:55:80:81:66:F3:78:D1:C3:BB:F0:D3:73:AA:E1:65
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       09C07303
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/3eU_D8VVgIFm83jRw7vw03Oq4WU.roa
Signing time:             Tue 21 Jun 2022 10:21:45 +0000
ROA not before:           Tue 21 Jun 2022 10:21:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208485
IP address blocks:        213.209.129.0/24 maxlen: 24
                          213.209.144.0/24 maxlen: 24
                          213.209.146.0/24 maxlen: 24
                          213.209.156.0/24 maxlen: 24
                          77.90.150.0/24 maxlen: 24
                          185.230.13.0/24 maxlen: 24
                          185.230.14.0/24 maxlen: 24
                          77.90.178.0/24 maxlen: 24
                          77.90.185.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 163607299 (0x9c07303)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Jun 21 10:21:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dde53f0fc555808166f378d1c3bbf0d373aae165
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:ba:cb:98:88:fe:40:30:4d:fe:11:72:32:c8:
                    8d:96:a6:36:63:ed:9f:eb:e5:bc:76:cf:f1:f0:64:
                    3a:be:a3:29:d7:7a:8f:ad:c0:7f:83:5b:15:41:0a:
                    79:0c:08:16:c4:70:50:c3:99:e4:b5:4b:ad:b5:79:
                    89:7c:47:8e:a1:bd:cb:e0:c6:d7:d0:60:03:7a:70:
                    02:18:3a:39:c4:0b:8f:fe:e8:b6:a2:61:08:d5:a9:
                    1e:8c:8e:54:6f:d3:72:1c:85:93:cc:f1:c3:bb:57:
                    5a:88:70:ae:ef:d8:8e:f1:ba:71:89:42:76:10:57:
                    40:70:79:40:a5:d2:cf:0a:43:a0:eb:ef:c2:10:9b:
                    21:20:6e:78:52:6d:14:03:ba:00:ec:7d:08:cc:26:
                    5d:bc:5c:29:66:30:b0:92:9e:92:0b:99:44:e0:6d:
                    79:30:cb:f0:da:49:46:c6:ad:10:3a:49:7e:ea:b1:
                    fe:66:63:10:c2:b6:dc:6f:ad:db:aa:df:46:a3:4f:
                    58:00:55:4d:ec:ca:30:15:36:e7:e2:32:e2:11:c9:
                    55:ab:fd:92:ee:56:84:ef:42:96:ea:f0:4f:69:bd:
                    ac:a9:fb:04:ee:cd:3f:71:5f:6d:ec:3f:16:7c:53:
                    94:81:c3:43:e9:99:df:44:5b:26:7a:cf:9f:7b:dd:
                    1b:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:E5:3F:0F:C5:55:80:81:66:F3:78:D1:C3:BB:F0:D3:73:AA:E1:65
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/3eU_D8VVgIFm83jRw7vw03Oq4WU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.150.0/24
                  77.90.178.0/24
                  77.90.185.0/24
                  185.230.13.0-185.230.14.255
                  213.209.129.0/24
                  213.209.144.0/24
                  213.209.146.0/24
                  213.209.156.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:d7:45:44:1d:f4:e8:4e:ca:8e:43:c8:44:79:0e:bb:df:61:
         c9:0d:8b:5e:71:b7:44:71:d2:b3:5b:78:8c:6d:ad:9f:c8:fe:
         97:8b:c0:89:c9:11:81:7e:5f:be:e3:d3:34:79:6d:88:c3:08:
         be:d7:c5:2b:cc:82:9d:97:6e:24:ca:2c:46:eb:4b:17:6d:85:
         14:ca:04:b9:e8:ea:46:4f:c7:00:8a:66:8a:c7:7e:b0:ab:b5:
         99:d6:a5:3f:bf:7e:c2:15:1f:0d:d8:10:77:f8:d0:08:80:cb:
         4c:13:f0:7e:73:fd:97:34:4c:2d:92:04:26:22:38:a6:d4:48:
         b5:8a:a8:aa:86:3c:92:ff:96:68:bb:f8:e3:67:0f:75:f7:83:
         6c:ed:e5:92:93:96:24:9f:65:f4:5b:56:8f:e6:cc:24:3e:50:
         ec:be:cc:a4:56:18:a7:98:64:f7:5a:43:f3:36:e4:34:b0:2b:
         ef:74:f4:20:a2:2f:97:6a:f4:d3:eb:dc:4d:ce:6e:a0:89:b9:
         92:01:b7:9a:05:be:51:4b:bb:03:07:7e:2e:c5:28:c4:3d:c2:
         15:09:c9:c3:53:9c:78:b1:ed:45:13:f3:a9:81:d8:5e:5e:8a:
         6e:60:54:82:28:be:01:18:fb:42:6a:c2:89:e4:37:45:af:35:
         06:1f:c2:89
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIECcBzAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDYy
MTEwMjE0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGRlNTNmMGZjNTU1
ODA4MTY2ZjM3OGQxYzNiYmYwZDM3M2FhZTE2NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL66y5iI/kAwTf4RcjLIjZamNmPtn+vlvHbP8fBkOr6jKdd6
j63Af4NbFUEKeQwIFsRwUMOZ5LVLrbV5iXxHjqG9y+DG19BgA3pwAhg6OcQLj/7o
tqJhCNWpHoyOVG/TchyFk8zxw7tXWohwru/YjvG6cYlCdhBXQHB5QKXSzwpDoOvv
whCbISBueFJtFAO6AOx9CMwmXbxcKWYwsJKekguZROBteTDL8NpJRsatEDpJfuqx
/mZjEMK23G+t26rfRqNPWABVTezKMBU25+Iy4hHJVav9ku5WhO9ClurwT2m9rKn7
BO7NP3Ffbew/FnxTlIHDQ+mZ30RbJnrPn3vdG7UCAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBTd5T8PxVWAgWbzeNHDu/DTc6rhZTAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
LzNlVV9EOFZWZ0lGbTgzalJ3N3Z3MDNPcTRXVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwPgQCAAEwOAMEAE1algMEAE1asgMEAE1auTAMAwQA
ueYNAwQAueYOAwQA1dGBAwQA1dGQAwQA1dGSAwQA1dGcMA0GCSqGSIb3DQEBCwUA
A4IBAQCE10VEHfToTsqOQ8hEeQ6732HJDYtecbdEcdKzW3iMba2fyP6Xi8CJyRGB
fl++49M0eW2Iwwi+18UrzIKdl24kyixG60sXbYUUygS56OpGT8cAimaKx36wq7WZ
1qU/v37CFR8N2BB3+NAIgMtME/B+c/2XNEwtkgQmIjim1Ei1iqiqhjyS/5Zou/jj
Zw9194Ns7eWSk5Ykn2X0W1aP5swkPlDsvsykVhinmGT3WkPzNuQ0sCvvdPQgoi+X
avTT69xNzm6gibmSAbeaBb5RS7sDB34uxSjEPcIVCcnDU5x4se1FE/OpgdheXopu
YFSCKL4BGPtCasKJ5DdFrzUGH8KJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:24 2024 by rpki-client on console-ams.rpki-client.org