Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/DyPBokeNJwKqzkgf6ukaLHUqG7k.roa
File:                     DyPBokeNJwKqzkgf6ukaLHUqG7k.roa (raw, json)
Hash identifier:          DCLdwTHZA5ETbY6luTBDp8onbgCWyEILtCLn59TQBx0=
Subject key identifier:   0F:23:C1:A2:47:8D:27:02:AA:CE:48:1F:EA:E9:1A:2C:75:2A:1B:B9
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       0181EDE2C2A46C83B894DE4F63D018C9E3E0
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/DyPBokeNJwKqzkgf6ukaLHUqG7k.roa
Signing time:             Mon 11 Jul 2022 15:31:10 +0000
ROA not before:           Mon 11 Jul 2022 15:31:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42821
IP address blocks:        77.90.129.0/24 maxlen: 24
                          77.90.128.0/24 maxlen: 24
                          77.90.130.0/24 maxlen: 24
                          77.90.132.0/24 maxlen: 24
                          77.90.191.0/24 maxlen: 24
                          77.90.136.0/24 maxlen: 24
                          77.90.135.0/24 maxlen: 24
                          77.90.138.0/24 maxlen: 24
                          77.90.137.0/24 maxlen: 24
                          77.90.133.0/24 maxlen: 24
                          77.90.134.0/24 maxlen: 24
                          77.90.139.0/24 maxlen: 24
                          77.90.143.0/24 maxlen: 24
                          77.90.142.0/24 maxlen: 24
                          77.90.145.0/24 maxlen: 24
                          77.90.144.0/24 maxlen: 24
                          77.90.140.0/24 maxlen: 24
                          77.90.147.0/24 maxlen: 24
                          77.90.146.0/24 maxlen: 24
                          77.90.148.0/24 maxlen: 24
                          77.90.157.0/24 maxlen: 24
                          77.90.153.0/24 maxlen: 24
                          77.90.154.0/24 maxlen: 24
                          77.90.179.0/24 maxlen: 24
                          77.90.181.0/24 maxlen: 24
                          213.209.130.0/24 maxlen: 24
                          213.209.129.0/24 maxlen: 24
                          213.209.133.0/24 maxlen: 24
                          213.209.138.0/24 maxlen: 24
                          213.209.134.0/24 maxlen: 24
                          213.209.147.0/24 maxlen: 24
                          213.209.151.0/24 maxlen: 24
                          213.209.149.0/24 maxlen: 24
                          213.209.158.0/24 maxlen: 24
                          2a04:29c2::/32 maxlen: 32
                          2a04:29c7:1290:24::/64 maxlen: 64
                          2a04:29c7:1371:6027::/64 maxlen: 64
                          2a04:29c7:1280:27::/64 maxlen: 64
                          2a04:29c7:1420::/48 maxlen: 48
                          2a04:29c7::/32 maxlen: 32
                          2a04:29c7:1280:24::/64 maxlen: 64
                          2a04:29c7:1300:24::/64 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:ed:e2:c2:a4:6c:83:b8:94:de:4f:63:d0:18:c9:e3:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Jul 11 15:31:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0f23c1a2478d2702aace481feae91a2c752a1bb9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:a1:9b:16:54:2c:d8:59:ce:87:20:64:01:21:
                    50:9f:7a:87:21:85:5b:19:de:44:06:a4:dc:f1:33:
                    98:31:81:44:19:a3:64:14:10:be:a5:57:98:56:d7:
                    39:4a:e2:42:5f:ac:c0:fe:04:48:22:70:51:e5:d1:
                    23:84:81:24:f9:b4:eb:8f:ab:32:3a:ae:af:cb:3a:
                    5f:05:9f:76:8a:74:04:fd:2c:b7:4f:c9:db:ef:98:
                    df:19:f3:de:1a:84:45:7e:7f:d3:69:bc:17:2d:18:
                    54:8e:d9:33:20:aa:d5:2d:20:c6:0b:91:a8:50:6d:
                    bf:b2:ba:72:19:75:1f:f7:ff:86:49:a7:e8:eb:c4:
                    84:24:aa:1d:de:57:fc:9f:9f:6b:b5:9c:97:ba:66:
                    ce:a1:59:2f:da:12:08:ac:e5:27:3d:32:95:b9:4b:
                    34:29:d3:c9:f6:11:4d:0a:89:d6:d2:05:52:21:75:
                    f3:0a:fd:4c:7c:25:ef:10:1c:36:03:b2:17:e5:bc:
                    34:b9:c7:9e:d0:7a:aa:21:a2:b7:b3:14:c9:36:8b:
                    4d:a9:d5:e2:9d:30:0f:31:dc:a8:23:04:6c:ea:ba:
                    10:92:0f:2c:9d:63:d6:7f:2e:3b:5a:d7:f0:ee:57:
                    9a:22:07:fe:90:d5:c6:e8:0b:22:80:83:16:9a:ad:
                    4a:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:23:C1:A2:47:8D:27:02:AA:CE:48:1F:EA:E9:1A:2C:75:2A:1B:B9
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/DyPBokeNJwKqzkgf6ukaLHUqG7k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.128.0-77.90.130.255
                  77.90.132.0-77.90.140.255
                  77.90.142.0-77.90.148.255
                  77.90.153.0-77.90.154.255
                  77.90.157.0/24
                  77.90.179.0/24
                  77.90.181.0/24
                  77.90.191.0/24
                  213.209.129.0-213.209.130.255
                  213.209.133.0-213.209.134.255
                  213.209.138.0/24
                  213.209.147.0/24
                  213.209.149.0/24
                  213.209.151.0/24
                  213.209.158.0/24
                IPv6:
                  2a04:29c2::/32
                  2a04:29c7::/32

    Signature Algorithm: sha256WithRSAEncryption
         75:85:ad:07:d3:2c:25:86:23:3d:43:78:76:86:16:a1:8e:60:
         e1:3d:8f:e9:8d:b9:20:04:26:cc:bb:ff:95:98:68:c0:16:25:
         88:2b:30:7e:2c:2d:05:41:41:d1:68:e7:6f:16:c3:1a:1d:2c:
         3c:a0:06:fe:97:dc:fb:7f:fd:aa:c5:34:b4:43:16:fa:56:03:
         03:62:d5:d8:ea:37:71:28:2c:07:78:82:3a:14:71:69:b6:c2:
         4d:25:61:7f:96:b5:26:6e:ed:07:00:3b:d7:01:07:ab:8c:1d:
         38:b0:ad:ca:66:55:83:bf:6c:32:ec:5d:ee:1e:a1:ee:9d:b7:
         d1:5f:67:e9:fc:91:8d:5b:93:86:9a:7d:b8:ca:13:1d:50:30:
         33:77:a0:62:f1:35:4e:af:1f:60:48:48:a0:23:2b:74:0e:17:
         61:6d:7d:1d:02:f7:c0:7c:54:92:66:24:88:e6:0c:e8:d9:25:
         f6:57:d3:63:55:d4:f7:9b:1a:43:41:9c:77:d4:ee:2a:d3:44:
         be:36:6a:6d:84:0f:02:b1:a4:10:b4:36:ad:4e:00:e2:7b:4e:
         e7:c2:9f:a0:d1:8e:5f:b1:e5:1d:74:3c:af:eb:5b:03:d9:76:
         ac:b8:00:9e:0e:72:4f:78:99:51:04:22:58:0e:2e:ee:15:80:
         2d:4e:dd:60
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYHt4sKkbIO4lN5PY9AYyePgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIwNzExMTUzMTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjIzYzFhMjQ3OGQyNzAyYWFjZTQ4MWZlYWU5MWEyYzc1MmExYmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKGbFlQs2FnOhyBkASFQn3qHIYVb
Gd5EBqTc8TOYMYFEGaNkFBC+pVeYVtc5SuJCX6zA/gRIInBR5dEjhIEk+bTrj6sy
Oq6vyzpfBZ92inQE/Sy3T8nb75jfGfPeGoRFfn/TabwXLRhUjtkzIKrVLSDGC5Go
UG2/srpyGXUf9/+GSafo68SEJKod3lf8n59rtZyXumbOoVkv2hIIrOUnPTKVuUs0
KdPJ9hFNConW0gVSIXXzCv1MfCXvEBw2A7IX5bw0ucee0HqqIaK3sxTJNotNqdXi
nTAPMdyoIwRs6roQkg8snWPWfy47Wtfw7leaIgf+kNXG6AsigIMWmq1KiwIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFA8jwaJHjScCqs5IH+rpGix1Khu5MB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvRHlQQm9rZU5Kd0txemtnZjZ1a2FMSFVxRzdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBkQQCAAEwgYowDAME
B01agAMEAE1agjAMAwQCTVqEAwQATVqMMAwDBAFNWo4DBABNWpQwDAMEAE1amQME
AE1amgMEAE1anQMEAE1aswMEAE1atQMEAE1avzAMAwQA1dGBAwQA1dGCMAwDBADV
0YUDBADV0YYDBADV0YoDBADV0ZMDBADV0ZUDBADV0ZcDBADV0Z4wFAQCAAIwDgMF
ACoEKcIDBQAqBCnHMA0GCSqGSIb3DQEBCwUAA4IBAQB1ha0H0ywlhiM9Q3h2hhah
jmDhPY/pjbkgBCbMu/+VmGjAFiWIKzB+LC0FQUHRaOdvFsMaHSw8oAb+l9z7f/2q
xTS0Qxb6VgMDYtXY6jdxKCwHeII6FHFptsJNJWF/lrUmbu0HADvXAQerjB04sK3K
ZlWDv2wy7F3uHqHunbfRX2fp/JGNW5OGmn24yhMdUDAzd6Bi8TVOrx9gSEigIyt0
DhdhbX0dAvfAfFSSZiSI5gzo2SX2V9NjVdT3mxpDQZx31O4q00S+NmpthA8CsaQQ
tDatTgDie07nwp+g0Y5fseUddDyv61sD2XasuACeDnJPeJlRBCJYDi7uFYAtTt1g
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org