Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/5awuW9FG-Y_ww0NQRC-OWnA5zhY.roa
File:                     5awuW9FG-Y_ww0NQRC-OWnA5zhY.roa (raw, json)
Hash identifier:          ZB564UTNK4864FFtaUVHvjXaoFdBsqER2+m35Mv17vc=
Subject key identifier:   E5:AC:2E:5B:D1:46:F9:8F:F0:C3:43:50:44:2F:8E:5A:70:39:CE:16
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       0184C903CF6B3B5317D50DAF85190E2BDF85
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/5awuW9FG-Y_ww0NQRC-OWnA5zhY.roa
Signing time:             Wed 30 Nov 2022 14:49:40 +0000
ROA not before:           Wed 30 Nov 2022 14:49:40 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42821
IP address blocks:        77.90.129.0/24 maxlen: 24
                          77.90.128.0/24 maxlen: 24
                          77.90.130.0/24 maxlen: 24
                          77.90.132.0/24 maxlen: 24
                          185.230.14.0/24 maxlen: 24
                          77.90.188.0/24 maxlen: 24
                          77.90.136.0/24 maxlen: 24
                          77.90.135.0/24 maxlen: 24
                          77.90.137.0/24 maxlen: 24
                          77.90.133.0/24 maxlen: 24
                          77.90.134.0/24 maxlen: 24
                          77.90.143.0/24 maxlen: 24
                          77.90.142.0/24 maxlen: 24
                          77.90.145.0/24 maxlen: 24
                          77.90.144.0/24 maxlen: 24
                          77.90.140.0/24 maxlen: 24
                          77.90.147.0/24 maxlen: 24
                          77.90.146.0/24 maxlen: 24
                          77.90.148.0/24 maxlen: 24
                          77.90.156.0/24 maxlen: 24
                          77.90.153.0/24 maxlen: 24
                          77.90.154.0/24 maxlen: 24
                          77.90.185.0/24 maxlen: 24
                          77.90.184.0/24 maxlen: 24
                          213.209.138.0/24 maxlen: 24
                          213.209.136.0/24 maxlen: 24
                          213.209.143.0/24 maxlen: 24
                          213.209.146.0/24 maxlen: 24
                          213.209.151.0/24 maxlen: 24
                          213.209.149.0/24 maxlen: 24
                          213.209.150.0/24 maxlen: 24
                          213.209.159.0/24 maxlen: 24
                          213.209.156.0/24 maxlen: 24
                          213.209.157.0/24 maxlen: 24
                          2a04:29c2::/32 maxlen: 32
                          2a04:29c7:1290:24::/64 maxlen: 64
                          2a04:29c7:1371:6027::/64 maxlen: 64
                          2a04:29c7:1280:27::/64 maxlen: 64
                          2a04:29c7:1420::/48 maxlen: 48
                          2a04:29c7::/32 maxlen: 32
                          2a04:29c7:1300:24::/64 maxlen: 64
                          2a04:29c7:1280:24::/64 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:c9:03:cf:6b:3b:53:17:d5:0d:af:85:19:0e:2b:df:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Nov 30 14:49:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e5ac2e5bd146f98ff0c34350442f8e5a7039ce16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:bd:1d:d2:cd:f2:fe:ac:27:51:4f:eb:a4:b3:
                    84:26:8b:b6:51:07:25:5d:00:14:5e:76:2f:01:8a:
                    47:fc:cd:7c:84:1f:e4:68:58:d9:55:96:0d:57:27:
                    7b:cc:53:dd:12:5d:60:3e:80:5f:a3:fe:84:5d:cc:
                    2d:ef:4b:f0:a8:76:7a:22:44:32:e4:3e:07:b3:e0:
                    1e:f6:ef:f7:a4:5c:4c:6d:02:4c:9f:82:ba:03:35:
                    45:c1:11:95:df:ed:f5:08:c5:66:6c:5c:65:ba:b3:
                    1f:22:ae:4f:ca:51:e9:e5:70:8f:45:32:49:f6:93:
                    8c:62:6b:08:60:32:db:ab:cc:2b:6a:26:7d:43:14:
                    0a:61:7c:fc:28:0d:12:d5:60:01:74:73:fe:ac:9b:
                    1d:50:30:f2:6f:83:f2:52:9e:f0:63:82:f6:68:22:
                    9e:7e:f4:5c:3d:ad:7e:9b:a0:5d:42:9e:74:25:a1:
                    d7:fc:07:8f:b5:d6:69:52:45:34:a9:84:b0:a0:10:
                    cc:cc:54:4c:19:4c:d7:74:28:d0:42:a0:40:b4:52:
                    3b:b1:b0:3e:63:0b:cd:29:8d:7c:f8:a8:e9:01:d0:
                    40:96:4b:51:37:b4:32:96:d9:b0:b1:9e:50:59:04:
                    a5:4c:d3:65:02:72:8e:49:8a:58:01:d0:da:92:eb:
                    0b:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:AC:2E:5B:D1:46:F9:8F:F0:C3:43:50:44:2F:8E:5A:70:39:CE:16
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/5awuW9FG-Y_ww0NQRC-OWnA5zhY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.128.0-77.90.130.255
                  77.90.132.0-77.90.137.255
                  77.90.140.0/24
                  77.90.142.0-77.90.148.255
                  77.90.153.0-77.90.154.255
                  77.90.156.0/24
                  77.90.184.0/23
                  77.90.188.0/24
                  185.230.14.0/24
                  213.209.136.0/24
                  213.209.138.0/24
                  213.209.143.0/24
                  213.209.146.0/24
                  213.209.149.0-213.209.151.255
                  213.209.156.0/23
                  213.209.159.0/24
                IPv6:
                  2a04:29c2::/32
                  2a04:29c7::/32

    Signature Algorithm: sha256WithRSAEncryption
         42:f9:08:d4:a9:14:42:f9:b5:ae:6c:f8:97:96:ea:a0:68:87:
         e7:9d:3d:fd:95:1a:ec:a6:9f:dd:5b:10:40:c3:be:1e:65:65:
         88:1e:d7:fb:c1:6a:51:bb:a2:a0:cf:55:af:4d:28:3b:07:35:
         91:46:7d:90:0e:48:90:db:bd:52:63:90:bf:3c:f5:ca:21:76:
         9c:46:5a:e9:c1:64:ba:85:1f:23:ec:1a:23:37:0a:3d:6a:6d:
         87:a3:8d:08:93:3c:40:dd:5f:f8:f7:8a:a8:de:48:be:27:c5:
         0e:17:12:57:8d:e5:08:74:58:bf:5b:dc:15:62:38:6a:9f:57:
         5e:70:9c:ab:9e:61:f9:5e:dd:d9:94:d8:56:11:88:49:0f:01:
         a2:20:85:9b:6f:bd:cc:4c:a8:5c:7e:2e:6a:98:8c:52:93:b9:
         f8:d3:0c:9a:96:1a:0d:76:8b:5f:c2:eb:44:8a:41:e3:ac:b9:
         d7:f9:b0:d9:75:4a:0c:dd:24:dd:91:77:f2:16:db:2d:fe:3c:
         28:98:7c:e9:cb:a4:59:77:f9:e9:a4:6e:8b:6e:d3:c1:fa:4f:
         0f:be:bd:79:be:c1:2a:1a:6b:70:95:58:75:59:34:29:78:7d:
         2a:e2:ae:2b:37:52:dc:62:e5:b0:0b:41:be:5f:0f:d6:75:b5:
         d6:26:d0:aa
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYTJA89rO1MX1Q2vhRkOK9+FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIxMTMwMTQ0OTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWFjMmU1YmQxNDZmOThmZjBjMzQzNTA0NDJmOGU1YTcwMzljZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq70d0s3y/qwnUU/rpLOEJou2UQcl
XQAUXnYvAYpH/M18hB/kaFjZVZYNVyd7zFPdEl1gPoBfo/6EXcwt70vwqHZ6IkQy
5D4Hs+Ae9u/3pFxMbQJMn4K6AzVFwRGV3+31CMVmbFxlurMfIq5PylHp5XCPRTJJ
9pOMYmsIYDLbq8wraiZ9QxQKYXz8KA0S1WABdHP+rJsdUDDyb4PyUp7wY4L2aCKe
fvRcPa1+m6BdQp50JaHX/AePtdZpUkU0qYSwoBDMzFRMGUzXdCjQQqBAtFI7sbA+
YwvNKY18+KjpAdBAlktRN7QyltmwsZ5QWQSlTNNlAnKOSYpYAdDakusLnQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFOWsLlvRRvmP8MNDUEQvjlpwOc4WMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvNWF3dVc5RkctWV93dzBOUVJDLU9XbkE1emhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBjwQCAAEwgYgwDAME
B01agAMEAE1agjAMAwQCTVqEAwQBTVqIAwQATVqMMAwDBAFNWo4DBABNWpQwDAME
AE1amQMEAE1amgMEAE1anAMEAU1auAMEAE1avAMEALnmDgMEANXRiAMEANXRigME
ANXRjwMEANXRkjAMAwQA1dGVAwQD1dGQAwQB1dGcAwQA1dGfMBQEAgACMA4DBQAq
BCnCAwUAKgQpxzANBgkqhkiG9w0BAQsFAAOCAQEAQvkI1KkUQvm1rmz4l5bqoGiH
5509/ZUa7Kaf3VsQQMO+HmVliB7X+8FqUbuioM9Vr00oOwc1kUZ9kA5IkNu9UmOQ
vzz1yiF2nEZa6cFkuoUfI+waIzcKPWpth6ONCJM8QN1f+PeKqN5IvifFDhcSV43l
CHRYv1vcFWI4ap9XXnCcq55h+V7d2ZTYVhGISQ8BoiCFm2+9zEyoXH4uapiMUpO5
+NMMmpYaDXaLX8LrRIpB46y51/mw2XVKDN0k3ZF38hbbLf48KJh86cukWXf56aRu
i27TwfpPD769eb7BKhprcJVYdVk0KXh9KuKuKzdS3GLlsAtBvl8P1nW11ibQqg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:22 2023 by rpki-client on console-fra.rpki-client.org