Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/BXGdABJ2I8Al-ZP6YIDW3i_B9vg.roa
File:                     BXGdABJ2I8Al-ZP6YIDW3i_B9vg.roa (raw, json)
Hash identifier:          yk5r27V2tpCGFj/bD6WbUKNbvQpbj7pG24A4qGeIy0s=
Subject key identifier:   05:71:9D:00:12:76:23:C0:25:F9:93:FA:60:80:D6:DE:2F:C1:F6:F8
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       06E45C49
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/BXGdABJ2I8Al-ZP6YIDW3i_B9vg.roa
Signing time:             Sat 01 Jan 2022 07:00:17 +0000
ROA not before:           Sat 01 Jan 2022 07:00:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     9009
IP address blocks:        213.209.135.0/24 maxlen: 24
                          213.209.141.0/24 maxlen: 24
                          213.209.153.0/24 maxlen: 24
                          213.209.154.0/24 maxlen: 24
                          77.90.167.0/24 maxlen: 24
                          77.90.168.0/24 maxlen: 24
                          77.90.174.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 115629129 (0x6e45c49)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Jan  1 07:00:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=05719d00127623c025f993fa6080d6de2fc1f6f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:98:17:82:1d:c8:70:72:4a:e2:c6:0f:bf:02:
                    23:d6:3b:b5:4f:c4:41:1a:8b:1f:51:95:e7:61:07:
                    00:90:25:82:d2:44:34:cf:d9:00:d8:a8:d2:2f:39:
                    c4:b7:bc:c5:b7:b4:9c:42:71:00:4f:18:61:fe:a0:
                    89:ee:4f:cc:a6:dc:68:9d:f1:5a:e1:71:b2:f2:c5:
                    ad:56:0b:2c:75:8f:f1:d0:a2:e0:d5:06:2d:c4:db:
                    08:69:40:80:08:c5:83:03:f3:87:bf:52:0d:c1:e1:
                    f2:1f:52:1a:c7:bb:a0:e5:54:ae:0e:e3:11:9a:54:
                    03:65:e2:02:4e:9d:5f:20:da:18:25:ab:fc:0f:0c:
                    59:36:f5:ea:a3:40:d2:c7:cb:6a:1e:52:88:80:a3:
                    c3:7c:4d:7e:6d:1c:57:f3:8a:e3:d8:51:23:ef:b7:
                    7e:4a:ae:4f:44:1d:20:17:3d:94:da:d7:f8:26:08:
                    d8:8d:0f:19:28:ec:7e:69:a9:7f:d7:12:28:ae:71:
                    b1:0c:d9:fd:4b:c3:59:41:62:27:86:44:fb:a9:ba:
                    7f:94:6c:71:0d:1b:1b:c8:c7:02:5c:20:7e:6a:1d:
                    32:16:42:a3:dd:d7:8f:14:46:8a:30:d4:4c:1b:e4:
                    81:92:a0:04:6e:c4:20:f1:41:2d:d1:72:e2:9a:fc:
                    89:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:71:9D:00:12:76:23:C0:25:F9:93:FA:60:80:D6:DE:2F:C1:F6:F8
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/BXGdABJ2I8Al-ZP6YIDW3i_B9vg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.167.0-77.90.168.255
                  77.90.174.0/24
                  213.209.135.0/24
                  213.209.141.0/24
                  213.209.153.0-213.209.154.255

    Signature Algorithm: sha256WithRSAEncryption
         1e:e0:20:86:95:a9:81:57:0f:11:06:3f:c1:80:96:b7:39:ac:
         9c:6f:7a:d9:cd:14:cf:d7:4d:45:ca:8c:57:1d:33:02:54:3b:
         2e:99:23:c3:f3:19:ce:23:c1:bd:0d:ed:78:22:2e:17:6c:60:
         62:39:a5:86:8e:e6:1c:18:09:f6:81:0e:87:d1:de:21:2e:7e:
         93:a6:96:01:83:0f:06:cb:b9:74:81:33:c0:ab:90:fb:c7:bc:
         ef:26:48:a5:36:c8:97:48:a0:77:f8:41:ae:81:9f:8b:5c:86:
         d1:36:3f:81:d5:9b:ca:75:dc:e4:a0:28:dd:e9:a2:7c:31:ab:
         28:ef:9a:da:56:3c:b8:a3:22:f8:65:31:40:fc:32:6c:13:24:
         38:4d:c2:73:0a:de:80:d3:ae:35:17:01:33:f0:96:48:96:77:
         dd:98:9f:c4:ac:ee:05:b1:6c:28:bf:a5:4f:32:d9:a3:4f:53:
         48:12:36:45:3c:22:a4:45:00:4e:b7:02:aa:be:ea:9e:00:c9:
         ed:3f:d4:83:10:ff:a5:c3:3b:94:ca:e8:6f:e3:3a:ed:e6:e1:
         b6:95:67:cc:f5:0b:52:1d:18:08:0f:e3:13:1f:1a:13:44:61:
         ae:dd:3e:ce:7b:7b:de:57:63:01:5d:48:d2:10:d5:f8:91:8f:
         e1:3c:85:e0
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIEBuRcSTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDEw
MTA3MDAxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDU3MTlkMDAxMjc2
MjNjMDI1Zjk5M2ZhNjA4MGQ2ZGUyZmMxZjZmODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMmYF4IdyHBySuLGD78CI9Y7tU/EQRqLH1GV52EHAJAlgtJE
NM/ZANio0i85xLe8xbe0nEJxAE8YYf6gie5PzKbcaJ3xWuFxsvLFrVYLLHWP8dCi
4NUGLcTbCGlAgAjFgwPzh79SDcHh8h9SGse7oOVUrg7jEZpUA2XiAk6dXyDaGCWr
/A8MWTb16qNA0sfLah5SiICjw3xNfm0cV/OK49hRI++3fkquT0QdIBc9lNrX+CYI
2I0PGSjsfmmpf9cSKK5xsQzZ/UvDWUFiJ4ZE+6m6f5RscQ0bG8jHAlwgfmodMhZC
o93XjxRGijDUTBvkgZKgBG7EIPFBLdFy4pr8iR8CAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBQFcZ0AEnYjwCX5k/pggNbeL8H2+DAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L0JYR2RBQkoySThBbC1aUDZZSURXM2lfQjl2Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwNAQCAAEwLjAMAwQATVqnAwQATVqoAwQATVquAwQA
1dGHAwQA1dGNMAwDBADV0ZkDBADV0ZowDQYJKoZIhvcNAQELBQADggEBAB7gIIaV
qYFXDxEGP8GAlrc5rJxvetnNFM/XTUXKjFcdMwJUOy6ZI8PzGc4jwb0N7XgiLhds
YGI5pYaO5hwYCfaBDofR3iEufpOmlgGDDwbLuXSBM8CrkPvHvO8mSKU2yJdIoHf4
Qa6Bn4tchtE2P4HVm8p13OSgKN3ponwxqyjvmtpWPLijIvhlMUD8MmwTJDhNwnMK
3oDTrjUXATPwlkiWd92Yn8Ss7gWxbCi/pU8y2aNPU0gSNkU8IqRFAE63Aqq+6p4A
ye0/1IMQ/6XDO5TK6G/jOu3m4baVZ8z1C1IdGAgP4xMfGhNEYa7dPs57e95XYwFd
SNIQ1fiRj+E8heA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:24 2024 by rpki-client on console-ams.rpki-client.org