Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/8Li6WSMVrKksNU6MknG6B46iqcM.roa
File:                     8Li6WSMVrKksNU6MknG6B46iqcM.roa (raw, json)
Hash identifier:          Xb/1n8nRB5abvco0LArOHqvPHtUYMal48lUNnZb2AqU=
Subject key identifier:   F0:B8:BA:59:23:15:AC:A9:2C:35:4E:8C:92:71:BA:07:8E:A2:A9:C3
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       0181FB7C8265FEC3D4922C1D70C96681BE77
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/8Li6WSMVrKksNU6MknG6B46iqcM.roa
Signing time:             Thu 14 Jul 2022 06:54:09 +0000
ROA not before:           Thu 14 Jul 2022 06:54:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42821
IP address blocks:        77.90.129.0/24 maxlen: 24
                          77.90.128.0/24 maxlen: 24
                          77.90.130.0/24 maxlen: 24
                          77.90.132.0/24 maxlen: 24
                          77.90.191.0/24 maxlen: 24
                          77.90.136.0/24 maxlen: 24
                          77.90.135.0/24 maxlen: 24
                          77.90.138.0/24 maxlen: 24
                          77.90.137.0/24 maxlen: 24
                          77.90.133.0/24 maxlen: 24
                          77.90.134.0/24 maxlen: 24
                          77.90.139.0/24 maxlen: 24
                          77.90.143.0/24 maxlen: 24
                          77.90.142.0/24 maxlen: 24
                          77.90.145.0/24 maxlen: 24
                          77.90.144.0/24 maxlen: 24
                          77.90.140.0/24 maxlen: 24
                          77.90.147.0/24 maxlen: 24
                          77.90.146.0/24 maxlen: 24
                          77.90.148.0/24 maxlen: 24
                          77.90.157.0/24 maxlen: 24
                          77.90.153.0/24 maxlen: 24
                          77.90.154.0/24 maxlen: 24
                          77.90.173.0/24 maxlen: 24
                          77.90.179.0/24 maxlen: 24
                          213.209.130.0/24 maxlen: 24
                          213.209.129.0/24 maxlen: 24
                          213.209.133.0/24 maxlen: 24
                          213.209.138.0/24 maxlen: 24
                          213.209.134.0/24 maxlen: 24
                          213.209.147.0/24 maxlen: 24
                          213.209.151.0/24 maxlen: 24
                          213.209.149.0/24 maxlen: 24
                          213.209.158.0/24 maxlen: 24
                          2a04:29c2::/32 maxlen: 32
                          2a04:29c7:1290:24::/64 maxlen: 64
                          2a04:29c7:1371:6027::/64 maxlen: 64
                          2a04:29c7:1280:27::/64 maxlen: 64
                          2a04:29c7:1420::/48 maxlen: 48
                          2a04:29c7::/32 maxlen: 32
                          2a04:29c7:1280:24::/64 maxlen: 64
                          2a04:29c7:1300:24::/64 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:fb:7c:82:65:fe:c3:d4:92:2c:1d:70:c9:66:81:be:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Jul 14 06:54:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f0b8ba592315aca92c354e8c9271ba078ea2a9c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:7b:ed:3d:89:bd:e0:99:9a:ef:97:78:09:2e:
                    74:2c:a0:a7:11:7c:a3:8d:3a:05:f3:d9:35:63:d9:
                    fa:d2:25:ab:b4:c5:0e:8e:54:71:6b:0e:f4:37:19:
                    17:c9:9e:62:2a:72:12:c5:74:d7:73:2c:5d:b0:37:
                    66:9a:61:09:dd:33:34:7f:8f:48:e0:99:20:f6:d4:
                    3d:d9:2a:47:77:59:36:63:7c:e2:7a:96:09:6b:70:
                    4c:11:2e:8a:e7:22:41:ce:fd:01:bb:6e:48:05:33:
                    30:19:d5:b9:e1:c7:e2:e4:d3:f3:49:00:f9:74:8a:
                    72:60:de:b0:3c:89:74:37:59:0e:c6:c3:55:d9:f1:
                    ec:1b:c9:a7:5c:72:e2:77:57:ee:fa:14:91:e7:f5:
                    6e:11:ba:2e:15:2f:73:0a:be:d1:7e:63:62:28:c5:
                    50:a1:53:ae:c6:25:85:66:cc:dd:08:14:cb:e7:35:
                    07:76:10:9d:86:1f:4c:69:90:00:73:67:53:28:04:
                    11:ea:d9:2f:68:69:79:04:f4:09:1d:99:22:68:9e:
                    9a:b1:aa:b3:a8:56:3e:b1:f4:3b:95:68:47:2e:44:
                    e3:8e:87:a1:55:01:fa:98:01:55:40:33:5f:e1:40:
                    9f:04:2b:e8:23:cb:db:40:3a:7b:29:44:d9:42:98:
                    85:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:B8:BA:59:23:15:AC:A9:2C:35:4E:8C:92:71:BA:07:8E:A2:A9:C3
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/8Li6WSMVrKksNU6MknG6B46iqcM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.128.0-77.90.130.255
                  77.90.132.0-77.90.140.255
                  77.90.142.0-77.90.148.255
                  77.90.153.0-77.90.154.255
                  77.90.157.0/24
                  77.90.173.0/24
                  77.90.179.0/24
                  77.90.191.0/24
                  213.209.129.0-213.209.130.255
                  213.209.133.0-213.209.134.255
                  213.209.138.0/24
                  213.209.147.0/24
                  213.209.149.0/24
                  213.209.151.0/24
                  213.209.158.0/24
                IPv6:
                  2a04:29c2::/32
                  2a04:29c7::/32

    Signature Algorithm: sha256WithRSAEncryption
         89:2e:c8:af:f8:9b:90:f0:0e:9b:20:99:d5:21:0c:09:7d:8d:
         76:d2:f1:1b:d3:93:1b:15:75:63:28:3e:50:00:f5:3e:ae:00:
         00:4e:df:06:cd:b6:57:e5:a7:34:a0:5c:de:ce:c2:0d:61:0d:
         68:93:bd:e3:19:72:63:ce:b6:23:2d:62:9a:d5:ad:7f:e1:91:
         fe:e1:32:69:04:a0:24:41:f3:67:ed:9e:c8:58:f7:3e:38:94:
         97:bf:49:12:19:70:1a:9c:40:13:b9:fb:94:1b:6e:c4:91:8f:
         cf:3e:a9:7b:c9:e9:06:2a:1e:b3:1d:c3:cf:20:87:72:5b:21:
         df:41:87:0b:a5:51:c5:39:05:b7:7d:f9:7c:b2:5b:6d:92:b0:
         dc:7d:57:48:41:66:4c:05:61:da:d7:9a:22:72:ed:9a:fd:b2:
         5a:92:bc:ff:e8:0e:11:b4:5b:33:6b:c8:36:01:07:bd:3e:05:
         c1:51:6f:7a:a3:98:b3:46:c0:e3:26:6b:fa:37:a2:0b:52:61:
         c0:b2:9e:17:8b:21:92:93:91:6e:1a:90:ea:09:c0:50:6f:8d:
         7d:8d:41:42:cb:8b:25:f1:cd:74:76:8c:be:64:2e:3c:ae:bc:
         1c:39:3b:d9:b8:df:8d:52:aa:d5:35:3f:49:55:be:b4:2e:9e:
         6b:56:eb:97
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYH7fIJl/sPUkiwdcMlmgb53MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIwNzE0MDY1NDA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGI4YmE1OTIzMTVhY2E5MmMzNTRlOGM5MjcxYmEwNzhlYTJhOWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHvtPYm94Jma75d4CS50LKCnEXyj
jToF89k1Y9n60iWrtMUOjlRxaw70NxkXyZ5iKnISxXTXcyxdsDdmmmEJ3TM0f49I
4Jkg9tQ92SpHd1k2Y3ziepYJa3BMES6K5yJBzv0Bu25IBTMwGdW54cfi5NPzSQD5
dIpyYN6wPIl0N1kOxsNV2fHsG8mnXHLid1fu+hSR5/VuEbouFS9zCr7RfmNiKMVQ
oVOuxiWFZszdCBTL5zUHdhCdhh9MaZAAc2dTKAQR6tkvaGl5BPQJHZkiaJ6asaqz
qFY+sfQ7lWhHLkTjjoehVQH6mAFVQDNf4UCfBCvoI8vbQDp7KUTZQpiFiwIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFPC4ulkjFaypLDVOjJJxugeOoqnDMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvOExpNldTTVZyS2tzTlU2TWtuRzZCNDZpcWNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBkQQCAAEwgYowDAME
B01agAMEAE1agjAMAwQCTVqEAwQATVqMMAwDBAFNWo4DBABNWpQwDAMEAE1amQME
AE1amgMEAE1anQMEAE1arQMEAE1aswMEAE1avzAMAwQA1dGBAwQA1dGCMAwDBADV
0YUDBADV0YYDBADV0YoDBADV0ZMDBADV0ZUDBADV0ZcDBADV0Z4wFAQCAAIwDgMF
ACoEKcIDBQAqBCnHMA0GCSqGSIb3DQEBCwUAA4IBAQCJLsiv+JuQ8A6bIJnVIQwJ
fY120vEb05MbFXVjKD5QAPU+rgAATt8GzbZX5ac0oFzezsINYQ1ok73jGXJjzrYj
LWKa1a1/4ZH+4TJpBKAkQfNn7Z7IWPc+OJSXv0kSGXAanEATufuUG27EkY/PPql7
yekGKh6zHcPPIIdyWyHfQYcLpVHFOQW3ffl8slttkrDcfVdIQWZMBWHa15oicu2a
/bJakrz/6A4RtFsza8g2AQe9PgXBUW96o5izRsDjJmv6N6ILUmHAsp4XiyGSk5Fu
GpDqCcBQb419jUFCy4sl8c10doy+ZC48rrwcOTvZuN+NUqrVNT9JVb60Lp5rVuuX
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org