Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/A0nAoDGLpP0BRy_XsrlyP13Qm_o.roa
File:                     A0nAoDGLpP0BRy_XsrlyP13Qm_o.roa (raw, json)
Hash identifier:          r7AEtBXpsUt5GJDgqc/tzM2Ai0KkSsodQz3Y4FIM5b0=
Subject key identifier:   03:49:C0:A0:31:8B:A4:FD:01:47:2F:D7:B2:B9:72:3F:5D:D0:9B:FA
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       096D3955
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/A0nAoDGLpP0BRy_XsrlyP13Qm_o.roa
Signing time:             Fri 03 Jun 2022 16:24:20 +0000
ROA not before:           Fri 03 Jun 2022 16:24:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43260
IP address blocks:        77.90.188.0/24 maxlen: 24
                          213.209.134.0/24 maxlen: 24
                          213.209.133.0/24 maxlen: 24
                          213.209.149.0/24 maxlen: 24
                          213.209.157.0/24 maxlen: 24
                          77.90.145.0/24 maxlen: 24
                          77.90.155.0/24 maxlen: 24
                          77.90.156.0/24 maxlen: 24
                          77.90.173.0/24 maxlen: 24
                          185.230.12.0/24 maxlen: 24
                          185.230.15.0/24 maxlen: 24
                          77.90.184.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 158153045 (0x96d3955)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Jun  3 16:24:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0349c0a0318ba4fd01472fd7b2b9723f5dd09bfa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:8c:43:69:20:89:e9:ce:45:e0:8a:0f:54:e9:
                    5e:86:d2:9e:01:f5:8b:82:5e:d1:59:f6:19:53:af:
                    85:b6:25:36:1e:69:22:e0:82:35:54:d9:b5:7d:db:
                    6b:65:7f:b3:9c:1a:be:20:82:d1:aa:4e:28:04:e2:
                    98:09:ba:84:00:78:fe:da:17:44:b7:27:99:30:ce:
                    e7:d4:8c:be:70:a2:c7:fe:cd:f6:8f:7c:f7:7b:be:
                    ff:e6:28:5d:69:76:0f:64:9c:82:cf:4e:32:1d:a2:
                    38:66:b7:73:a8:40:47:64:03:e5:46:4a:87:fb:97:
                    c6:bd:6a:cc:6e:65:20:ab:e2:b5:09:bd:f8:87:c1:
                    23:64:dc:94:8f:dc:ca:05:fc:6c:fd:d3:a7:e4:6a:
                    f6:62:1f:c8:0d:43:06:1d:7c:85:8e:07:d7:b8:9a:
                    43:e5:c2:01:4b:2a:73:01:6a:8e:30:da:65:83:1a:
                    72:aa:24:1e:18:ef:d6:2a:01:11:2f:cd:9b:fd:c4:
                    e1:eb:cc:3c:34:44:85:1e:bd:80:af:22:64:07:de:
                    a8:4a:14:70:4a:52:20:3c:db:14:0d:e2:05:ce:f9:
                    9b:a0:94:ce:f1:ed:2e:c1:7f:9b:af:b0:ea:20:10:
                    cf:5d:91:6a:a1:f2:22:ec:ef:60:76:2a:bb:05:e0:
                    07:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:49:C0:A0:31:8B:A4:FD:01:47:2F:D7:B2:B9:72:3F:5D:D0:9B:FA
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/A0nAoDGLpP0BRy_XsrlyP13Qm_o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.145.0/24
                  77.90.155.0-77.90.156.255
                  77.90.173.0/24
                  77.90.184.0/24
                  77.90.188.0/24
                  185.230.12.0/24
                  185.230.15.0/24
                  213.209.133.0-213.209.134.255
                  213.209.149.0/24
                  213.209.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:ee:cb:71:40:78:a1:c4:c3:55:66:22:cc:1b:3a:42:6f:d0:
         c0:ee:38:6b:00:d9:8d:66:b1:04:9f:c2:62:49:56:ad:41:d9:
         67:db:13:e4:0e:16:79:6d:79:55:92:b5:3b:b4:77:c6:31:7d:
         15:d0:fa:a9:3a:24:e6:1d:d4:19:93:2f:3c:c5:d6:54:b9:de:
         04:73:b2:df:25:d2:8d:8a:09:e2:a1:1b:d9:54:26:85:b0:05:
         e0:79:b7:53:d8:b5:d9:2a:fe:84:8c:01:d6:eb:9b:c6:9f:1c:
         a5:93:ec:b5:3e:0d:17:af:48:82:36:29:2b:9b:a3:9d:c7:b2:
         19:e5:e6:28:0a:d9:42:a5:5a:1c:a1:eb:92:a3:6d:85:80:33:
         a7:ce:a6:af:31:3c:d5:96:24:76:67:aa:fd:bc:08:2e:60:41:
         13:d9:24:99:d9:42:5e:8e:61:d5:6d:ec:d1:fd:dc:6d:16:e7:
         92:15:f3:b3:88:99:bc:6d:33:09:b4:72:b9:e6:43:1c:72:f2:
         fc:35:e4:23:c8:53:e5:06:19:90:b9:b3:39:26:87:08:65:4c:
         e5:28:3e:5c:fe:d4:21:26:04:29:26:87:6a:2b:73:5c:0e:9c:
         8e:c8:11:20:33:fe:c1:98:56:02:14:a4:2e:d9:d8:cd:73:4d:
         f6:dd:a8:db
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIECW05VTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDYw
MzE2MjQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDM0OWMwYTAzMThi
YTRmZDAxNDcyZmQ3YjJiOTcyM2Y1ZGQwOWJmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI6MQ2kgienOReCKD1TpXobSngH1i4Je0Vn2GVOvhbYlNh5p
IuCCNVTZtX3ba2V/s5waviCC0apOKATimAm6hAB4/toXRLcnmTDO59SMvnCix/7N
9o9893u+/+YoXWl2D2Scgs9OMh2iOGa3c6hAR2QD5UZKh/uXxr1qzG5lIKvitQm9
+IfBI2TclI/cygX8bP3Tp+Rq9mIfyA1DBh18hY4H17iaQ+XCAUsqcwFqjjDaZYMa
cqokHhjv1ioBES/Nm/3E4evMPDREhR69gK8iZAfeqEoUcEpSIDzbFA3iBc75m6CU
zvHtLsF/m6+w6iAQz12RaqHyIuzvYHYquwXgB6sCAwEAAaOCAk8wggJLMB0GA1Ud
DgQWBBQDScCgMYuk/QFHL9eyuXI/XdCb+jAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L0EwbkFvREdMcFAwQlJ5X1hzcmx5UDEzUW1fby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBl
BggrBgEFBQcBBwEB/wRWMFQwUgQCAAEwTAMEAE1akTAMAwQATVqbAwQATVqcAwQA
TVqtAwQATVq4AwQATVq8AwQAueYMAwQAueYPMAwDBADV0YUDBADV0YYDBADV0ZUD
BADV0Z0wDQYJKoZIhvcNAQELBQADggEBABDuy3FAeKHEw1VmIswbOkJv0MDuOGsA
2Y1msQSfwmJJVq1B2WfbE+QOFnlteVWStTu0d8YxfRXQ+qk6JOYd1BmTLzzF1lS5
3gRzst8l0o2KCeKhG9lUJoWwBeB5t1PYtdkq/oSMAdbrm8afHKWT7LU+DRevSII2
KSubo53Hshnl5igK2UKlWhyh65KjbYWAM6fOpq8xPNWWJHZnqv28CC5gQRPZJJnZ
Ql6OYdVt7NH93G0W55IV87OImbxtMwm0crnmQxxy8vw15CPIU+UGGZC5szkmhwhl
TOUoPlz+1CEmBCkmh2orc1wOnI7IESAz/sGYVgIUpC7Z2M1zTfbdqNs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org