Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/51AMMKkPu06klBDyJ4Ma09hHPFs.roa
File:                     51AMMKkPu06klBDyJ4Ma09hHPFs.roa (raw, json)
Hash identifier:          acUdZelFWyGIIhZL0lWZtTSjbNU9ZGbN8Q8SeUpkM1c=
Subject key identifier:   E7:50:0C:30:A9:0F:BB:4E:A4:94:10:F2:27:83:1A:D3:D8:47:3C:5B
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       01826E274400639D3227FF807C680CCD7C8F
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/51AMMKkPu06klBDyJ4Ma09hHPFs.roa
Signing time:             Fri 05 Aug 2022 13:17:23 +0000
ROA not before:           Fri 05 Aug 2022 13:17:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42821
IP address blocks:        77.90.129.0/24 maxlen: 24
                          77.90.128.0/24 maxlen: 24
                          77.90.130.0/24 maxlen: 24
                          77.90.132.0/24 maxlen: 24
                          185.230.12.0/24 maxlen: 24
                          77.90.191.0/24 maxlen: 24
                          77.90.188.0/24 maxlen: 24
                          77.90.190.0/24 maxlen: 24
                          77.90.136.0/24 maxlen: 24
                          77.90.135.0/24 maxlen: 24
                          77.90.137.0/24 maxlen: 24
                          77.90.133.0/24 maxlen: 24
                          77.90.134.0/24 maxlen: 24
                          77.90.143.0/24 maxlen: 24
                          77.90.142.0/24 maxlen: 24
                          77.90.144.0/24 maxlen: 24
                          77.90.140.0/24 maxlen: 24
                          77.90.149.0/24 maxlen: 24
                          77.90.152.0/24 maxlen: 24
                          77.90.147.0/24 maxlen: 24
                          77.90.146.0/24 maxlen: 24
                          77.90.148.0/24 maxlen: 24
                          77.90.157.0/24 maxlen: 24
                          77.90.154.0/24 maxlen: 24
                          77.90.164.0/24 maxlen: 24
                          77.90.166.0/24 maxlen: 24
                          77.90.173.0/24 maxlen: 24
                          213.209.130.0/24 maxlen: 24
                          213.209.133.0/24 maxlen: 24
                          213.209.138.0/24 maxlen: 24
                          213.209.145.0/24 maxlen: 24
                          213.209.144.0/24 maxlen: 24
                          213.209.159.0/24 maxlen: 24
                          213.209.158.0/24 maxlen: 24
                          213.209.157.0/24 maxlen: 24
                          2a04:29c2::/32 maxlen: 32
                          2a04:29c7:1290:24::/64 maxlen: 64
                          2a04:29c7:1371:6027::/64 maxlen: 64
                          2a04:29c7:1280:27::/64 maxlen: 64
                          2a04:29c7:1420::/48 maxlen: 48
                          2a04:29c7::/32 maxlen: 32
                          2a04:29c7:1280:24::/64 maxlen: 64
                          2a04:29c7:1300:24::/64 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:6e:27:44:00:63:9d:32:27:ff:80:7c:68:0c:cd:7c:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Aug  5 13:17:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e7500c30a90fbb4ea49410f227831ad3d8473c5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:31:fb:05:29:9d:27:63:2c:1b:7b:44:22:5e:
                    66:f1:10:95:6e:d5:34:fe:7f:42:e0:bb:89:3a:ed:
                    39:5a:7c:3e:c9:de:9e:27:44:ec:52:50:d5:95:83:
                    23:c2:a3:9d:23:4a:5d:0b:87:53:71:b2:e2:69:3b:
                    36:1f:2b:2d:52:90:f2:fb:8c:5f:65:84:d4:36:6e:
                    0b:f4:83:6c:7c:89:5d:26:2f:c0:58:1e:b6:19:aa:
                    20:cb:9f:dc:98:fc:fe:b3:8f:cc:fc:07:a5:6e:da:
                    44:4b:5d:2b:92:fa:5b:32:7e:a0:58:6a:53:bf:d6:
                    3d:23:d8:20:81:25:e2:c7:e4:28:be:3e:25:46:07:
                    81:a5:93:5a:77:ac:eb:74:f7:a2:40:98:37:c6:f4:
                    57:ad:18:66:57:e4:84:c9:2d:0a:ef:c0:87:d6:cd:
                    49:76:f8:08:7b:b2:93:da:4d:7f:0b:60:d1:52:c8:
                    eb:3b:60:88:c7:06:b7:f7:34:90:9a:12:41:f8:c9:
                    9c:86:c3:b4:34:59:93:cd:bc:a2:9b:7f:2e:1c:ed:
                    fe:8a:fd:2a:29:4e:c5:5e:49:bf:39:03:a3:34:03:
                    28:e2:65:b4:d6:6a:eb:72:39:b4:42:92:0a:7d:c1:
                    f0:e4:f2:63:c0:72:7b:5f:c8:4e:94:bd:db:ef:ee:
                    35:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:50:0C:30:A9:0F:BB:4E:A4:94:10:F2:27:83:1A:D3:D8:47:3C:5B
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/51AMMKkPu06klBDyJ4Ma09hHPFs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.128.0-77.90.130.255
                  77.90.132.0-77.90.137.255
                  77.90.140.0/24
                  77.90.142.0-77.90.144.255
                  77.90.146.0-77.90.149.255
                  77.90.152.0/24
                  77.90.154.0/24
                  77.90.157.0/24
                  77.90.164.0/24
                  77.90.166.0/24
                  77.90.173.0/24
                  77.90.188.0/24
                  77.90.190.0/23
                  185.230.12.0/24
                  213.209.130.0/24
                  213.209.133.0/24
                  213.209.138.0/24
                  213.209.144.0/23
                  213.209.157.0-213.209.159.255
                IPv6:
                  2a04:29c2::/32
                  2a04:29c7::/32

    Signature Algorithm: sha256WithRSAEncryption
         03:b8:28:c1:f0:9d:9e:bb:e2:a5:3d:c5:1e:5b:3c:ff:7c:f8:
         b0:ed:c4:2d:be:01:8d:59:7d:f0:a2:01:3a:27:53:c7:7e:69:
         00:93:12:c5:6f:8d:06:1b:2d:9d:d0:72:9b:08:83:02:de:34:
         87:8d:34:87:fe:8b:8e:35:e1:1a:51:ae:e4:77:f1:07:7d:5d:
         bc:a4:eb:46:8d:0b:19:45:56:9a:89:f1:86:54:a1:db:38:b0:
         5f:85:46:80:a0:ce:66:40:9f:88:1b:a0:ab:d7:18:ac:13:86:
         6b:d5:ba:15:b7:eb:a1:8e:b3:bc:ea:35:0d:dc:8d:d6:91:29:
         96:64:d4:61:01:f5:64:ac:08:85:a8:cb:2c:a7:60:4a:f7:7a:
         1c:46:b7:dd:98:c1:24:aa:1c:a1:2b:e0:f8:e9:b5:f0:6b:7f:
         61:19:3b:d2:47:f3:aa:d3:0a:7f:e2:6d:b2:28:33:71:8b:a7:
         5a:e1:f6:e5:17:49:7d:37:3d:dc:47:3a:6d:4d:f0:eb:bd:f4:
         1a:1b:38:a7:9d:6d:78:ea:33:fd:73:fa:d5:4b:11:9d:ec:e1:
         eb:4f:f3:10:69:a7:0c:89:cd:ca:c1:6e:06:2a:7c:cd:91:dc:
         04:50:08:49:27:b5:21:18:68:54:89:d8:2a:b5:44:13:41:fd:
         04:71:e2:c2
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAYJuJ0QAY50yJ/+AfGgMzXyPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIwODA1MTMxNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzUwMGMzMGE5MGZiYjRlYTQ5NDEwZjIyNzgzMWFkM2Q4NDczYzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDH7BSmdJ2MsG3tEIl5m8RCVbtU0
/n9C4LuJOu05Wnw+yd6eJ0TsUlDVlYMjwqOdI0pdC4dTcbLiaTs2HystUpDy+4xf
ZYTUNm4L9INsfIldJi/AWB62Gaogy5/cmPz+s4/M/AelbtpES10rkvpbMn6gWGpT
v9Y9I9gggSXix+Qovj4lRgeBpZNad6zrdPeiQJg3xvRXrRhmV+SEyS0K78CH1s1J
dvgIe7KT2k1/C2DRUsjrO2CIxwa39zSQmhJB+MmchsO0NFmTzbyim38uHO3+iv0q
KU7FXkm/OQOjNAMo4mW01mrrcjm0QpIKfcHw5PJjwHJ7X8hOlL3b7+41qQIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFOdQDDCpD7tOpJQQ8ieDGtPYRzxbMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvNTFBTU1La1B1MDZrbEJEeUo0TWEwOWhIUEZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBoQQCAAEwgZowDAME
B01agAMEAE1agjAMAwQCTVqEAwQBTVqIAwQATVqMMAwDBAFNWo4DBABNWpAwDAME
AU1akgMEAU1alAMEAE1amAMEAE1amgMEAE1anQMEAE1apAMEAE1apgMEAE1arQME
AE1avAMEAU1avgMEALnmDAMEANXRggMEANXRhQMEANXRigMEAdXRkDAMAwQA1dGd
AwQF1dGAMBQEAgACMA4DBQAqBCnCAwUAKgQpxzANBgkqhkiG9w0BAQsFAAOCAQEA
A7gowfCdnrvipT3FHls8/3z4sO3ELb4BjVl98KIBOidTx35pAJMSxW+NBhstndBy
mwiDAt40h400h/6LjjXhGlGu5HfxB31dvKTrRo0LGUVWmonxhlSh2ziwX4VGgKDO
ZkCfiBugq9cYrBOGa9W6FbfroY6zvOo1DdyN1pEplmTUYQH1ZKwIhajLLKdgSvd6
HEa33ZjBJKocoSvg+Om18Gt/YRk70kfzqtMKf+JtsigzcYunWuH25RdJfTc93Ec6
bU3w6730Ghs4p51teOoz/XP61UsRnezh60/zEGmnDInNysFuBip8zZHcBFAISSe1
IRhoVInYKrVEE0H9BHHiwg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org