Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/9w33mZDWNDs_ViUQzmfY7PwCgYs.roa
File:                     9w33mZDWNDs_ViUQzmfY7PwCgYs.roa (raw, json)
Hash identifier:          TleKlpuaiDb8jD2G4664OzcHQfIGy7Aszpq8ni86w5g=
Subject key identifier:   F7:0D:F7:99:90:D6:34:3B:3F:56:25:10:CE:67:D8:EC:FC:02:81:8B
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       09CB2439
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/9w33mZDWNDs_ViUQzmfY7PwCgYs.roa
Signing time:             Wed 22 Jun 2022 13:03:32 +0000
ROA not before:           Wed 22 Jun 2022 13:03:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42821
IP address blocks:        77.90.129.0/24 maxlen: 24
                          77.90.128.0/24 maxlen: 24
                          77.90.130.0/24 maxlen: 24
                          77.90.132.0/24 maxlen: 24
                          77.90.191.0/24 maxlen: 24
                          77.90.188.0/24 maxlen: 24
                          77.90.136.0/24 maxlen: 24
                          77.90.135.0/24 maxlen: 24
                          77.90.138.0/24 maxlen: 24
                          77.90.137.0/24 maxlen: 24
                          77.90.133.0/24 maxlen: 24
                          77.90.134.0/24 maxlen: 24
                          77.90.143.0/24 maxlen: 24
                          77.90.142.0/24 maxlen: 24
                          77.90.144.0/24 maxlen: 24
                          77.90.140.0/24 maxlen: 24
                          77.90.149.0/24 maxlen: 24
                          77.90.147.0/24 maxlen: 24
                          77.90.146.0/24 maxlen: 24
                          77.90.148.0/24 maxlen: 24
                          77.90.153.0/24 maxlen: 24
                          77.90.154.0/24 maxlen: 24
                          77.90.164.0/24 maxlen: 24
                          77.90.179.0/24 maxlen: 24
                          77.90.181.0/24 maxlen: 24
                          213.209.130.0/24 maxlen: 24
                          213.209.138.0/24 maxlen: 24
                          213.209.145.0/24 maxlen: 24
                          213.209.147.0/24 maxlen: 24
                          213.209.159.0/24 maxlen: 24
                          213.209.158.0/24 maxlen: 24
                          2a04:29c2::/32 maxlen: 32
                          2a04:29c7:1290:24::/64 maxlen: 64
                          2a04:29c7:1371:6027::/64 maxlen: 64
                          2a04:29c7:1280:27::/64 maxlen: 64
                          2a04:29c7:1420::/48 maxlen: 48
                          2a04:29c7::/32 maxlen: 32
                          2a04:29c7:1300:24::/64 maxlen: 64
                          2a04:29c7:1280:24::/64 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 164308025 (0x9cb2439)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Jun 22 13:03:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f70df79990d6343b3f562510ce67d8ecfc02818b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:2b:73:81:b8:97:fb:81:aa:18:c6:98:e8:32:
                    98:e0:f1:5c:14:01:36:1a:c5:89:1a:eb:98:e2:96:
                    8c:b8:a1:ed:4f:1b:55:bc:6e:b2:b8:ea:f0:52:02:
                    76:70:9e:9f:1d:50:7d:b1:56:fa:ee:9a:38:28:5d:
                    a7:24:d2:59:af:ce:06:62:d5:cc:3a:c8:d7:10:95:
                    a5:29:8a:d0:8d:9d:87:0d:44:f4:8f:eb:6a:2c:65:
                    ed:43:32:1d:af:3f:19:51:2e:bf:28:20:ae:0e:ed:
                    2d:40:1f:1f:11:24:fb:32:e0:79:fa:4b:d9:2f:cd:
                    c5:6a:94:ed:56:1c:1e:e4:65:a0:8e:34:9a:f8:08:
                    47:33:4a:d3:68:3d:dd:b8:d9:4d:bf:18:8f:fe:73:
                    0b:a0:d3:1a:60:a7:69:f9:3b:a9:b5:ed:40:53:40:
                    b2:91:4f:b7:fd:99:4c:f1:d9:c3:bb:66:56:ac:28:
                    f9:79:e3:59:e7:56:8f:72:ac:4c:ab:e1:09:c4:5b:
                    2a:69:66:19:49:1b:50:9f:a7:85:65:8f:26:fd:e4:
                    64:e0:dd:75:53:9c:2d:84:8c:0a:62:a0:89:ac:26:
                    13:7d:40:ba:09:dc:fc:1f:8f:66:97:9b:c2:4e:10:
                    7f:63:77:9b:4e:72:80:58:65:12:eb:b3:3f:59:1a:
                    ed:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:0D:F7:99:90:D6:34:3B:3F:56:25:10:CE:67:D8:EC:FC:02:81:8B
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/9w33mZDWNDs_ViUQzmfY7PwCgYs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.128.0-77.90.130.255
                  77.90.132.0-77.90.138.255
                  77.90.140.0/24
                  77.90.142.0-77.90.144.255
                  77.90.146.0-77.90.149.255
                  77.90.153.0-77.90.154.255
                  77.90.164.0/24
                  77.90.179.0/24
                  77.90.181.0/24
                  77.90.188.0/24
                  77.90.191.0/24
                  213.209.130.0/24
                  213.209.138.0/24
                  213.209.145.0/24
                  213.209.147.0/24
                  213.209.158.0/23
                IPv6:
                  2a04:29c2::/32
                  2a04:29c7::/32

    Signature Algorithm: sha256WithRSAEncryption
         9e:7e:0f:50:bf:03:8b:48:0e:56:d0:ba:af:c6:ce:2b:63:c3:
         41:4d:06:8f:62:76:1a:42:c7:b3:14:39:7d:97:f7:2a:10:3a:
         b0:05:42:c8:d5:82:82:34:84:c5:9c:51:98:4c:59:ac:fa:56:
         ce:43:09:bd:d2:88:7e:2d:75:72:f9:bf:50:ff:ea:95:a9:79:
         03:a7:09:46:2b:37:bf:ae:b7:b7:0f:3f:2e:4d:e6:a4:a5:03:
         07:de:f2:1c:fc:89:29:2b:92:e6:5e:87:36:db:4f:d7:83:aa:
         dd:96:18:5a:36:40:12:1d:61:5d:a3:31:8b:75:41:2a:f4:4d:
         87:9c:28:44:ec:ee:ec:db:b8:db:8d:0d:13:c3:09:9e:93:21:
         50:b7:8f:94:ae:0f:58:07:64:92:53:f3:17:a3:89:2b:aa:59:
         3e:0e:7e:7e:e3:08:cd:a6:2e:43:08:c4:81:e6:5c:f2:33:b7:
         0c:a7:2b:41:93:c1:28:82:7a:f5:cd:d8:09:be:4b:c0:45:4e:
         23:27:4c:eb:6a:f0:4c:c8:4d:44:90:3b:f8:94:b3:54:fd:ec:
         80:ef:cf:d5:11:3a:0b:37:d6:73:0d:b1:66:f4:f9:ce:6e:f7:
         19:96:0e:99:f9:ee:97:6c:87:52:b5:a7:16:e7:eb:2a:48:7c:
         d9:9a:87:c3
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIECcskOTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDYy
MjEzMDMzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjcwZGY3OTk5MGQ2
MzQzYjNmNTYyNTEwY2U2N2Q4ZWNmYzAyODE4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMErc4G4l/uBqhjGmOgymODxXBQBNhrFiRrrmOKWjLih7U8b
Vbxusrjq8FICdnCenx1QfbFW+u6aOChdpyTSWa/OBmLVzDrI1xCVpSmK0I2dhw1E
9I/raixl7UMyHa8/GVEuvyggrg7tLUAfHxEk+zLgefpL2S/NxWqU7VYcHuRloI40
mvgIRzNK02g93bjZTb8Yj/5zC6DTGmCnafk7qbXtQFNAspFPt/2ZTPHZw7tmVqwo
+XnjWedWj3KsTKvhCcRbKmlmGUkbUJ+nhWWPJv3kZODddVOcLYSMCmKgiawmE31A
ugnc/B+PZpebwk4Qf2N3m05ygFhlEuuzP1ka7RUCAwEAAaOCAqYwggKiMB0GA1Ud
DgQWBBT3DfeZkNY0Oz9WJRDOZ9js/AKBizAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
Lzl3MzNtWkRXTkRzX1ZpVVF6bWZZN1B3Q2dZcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
uwYIKwYBBQUHAQcBAf8EgaswgagwgY8EAgABMIGIMAwDBAdNWoADBABNWoIwDAME
Ak1ahAMEAE1aigMEAE1ajDAMAwQBTVqOAwQATVqQMAwDBAFNWpIDBAFNWpQwDAME
AE1amQMEAE1amgMEAE1apAMEAE1aswMEAE1atQMEAE1avAMEAE1avwMEANXRggME
ANXRigMEANXRkQMEANXRkwMEAdXRnjAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJ
KoZIhvcNAQELBQADggEBAJ5+D1C/A4tIDlbQuq/Gzitjw0FNBo9idhpCx7MUOX2X
9yoQOrAFQsjVgoI0hMWcUZhMWaz6Vs5DCb3SiH4tdXL5v1D/6pWpeQOnCUYrN7+u
t7cPPy5N5qSlAwfe8hz8iSkrkuZehzbbT9eDqt2WGFo2QBIdYV2jMYt1QSr0TYec
KETs7uzbuNuNDRPDCZ6TIVC3j5SuD1gHZJJT8xejiSuqWT4Ofn7jCM2mLkMIxIHm
XPIztwynK0GTwSiCevXN2Am+S8BFTiMnTOtq8EzITUSQO/iUs1T97IDvz9UROgs3
1nMNsWb0+c5u9xmWDpn57pdsh1K1pxbn6ypIfNmah8M=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org