Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/F6Z_Ylmv99ikIWTDto3RkVrzhZg.roa
File:                     F6Z_Ylmv99ikIWTDto3RkVrzhZg.roa (raw, json)
Hash identifier:          ZE0jg80GoFqUycb9fHP+0dJ8jrFtWvmuMQAETtjElCs=
Subject key identifier:   17:A6:7F:62:59:AF:F7:D8:A4:21:64:C3:B6:8D:D1:91:5A:F3:85:98
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       08766FD3
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/F6Z_Ylmv99ikIWTDto3RkVrzhZg.roa
Signing time:             Wed 06 Apr 2022 15:32:36 +0000
ROA not before:           Wed 06 Apr 2022 15:32:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208485
IP address blocks:        77.90.191.0/24 maxlen: 24
                          213.209.134.0/24 maxlen: 24
                          213.209.145.0/24 maxlen: 24
                          213.209.143.0/24 maxlen: 24
                          213.209.149.0/24 maxlen: 24
                          213.209.156.0/24 maxlen: 24
                          213.209.157.0/24 maxlen: 24
                          77.90.152.0/24 maxlen: 24
                          77.90.149.0/24 maxlen: 24
                          77.90.179.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 141979603 (0x8766fd3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Apr  6 15:32:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=17a67f6259aff7d8a42164c3b68dd1915af38598
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:21:43:b6:d9:36:4c:53:c7:a7:5b:d1:49:00:
                    ab:cf:38:55:79:8c:2f:cc:e5:da:19:fb:df:52:5a:
                    83:72:1b:8f:cf:69:15:45:89:6c:06:f8:9b:81:e1:
                    20:1f:ac:57:c6:8b:b6:64:2f:e0:89:06:ac:00:d6:
                    ce:c0:75:0b:a9:21:6a:7f:5d:34:18:62:27:a2:4a:
                    86:5a:05:df:00:ee:8c:e5:3e:3f:a1:32:c8:0a:64:
                    f5:51:0d:ef:30:5d:8d:2b:50:a2:96:89:31:f0:c1:
                    dd:5e:e7:7f:3c:69:2f:70:e4:29:e3:87:b0:c4:91:
                    f7:ce:1e:89:ad:f1:f3:54:01:54:3c:d3:bd:f3:8d:
                    81:90:58:d1:05:e9:d4:62:d8:9a:c9:8c:f0:b0:8a:
                    e0:f0:2b:29:3c:09:a3:e9:a5:56:72:c4:90:e9:95:
                    8c:62:2c:f8:17:98:56:75:e6:ab:10:0f:51:8f:e3:
                    6a:42:57:e9:db:0e:e1:3b:2d:5c:9f:3f:e4:b7:9f:
                    87:23:4e:20:f7:4a:14:3e:1b:1a:27:09:e7:26:2a:
                    30:80:d8:32:53:9b:ec:19:15:9f:b8:9e:4a:85:42:
                    cf:d5:df:21:d2:62:9e:04:e7:59:e9:0d:a2:fc:4f:
                    e4:a4:22:76:0a:e5:1e:a3:c3:3f:4a:42:70:a2:4e:
                    37:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:A6:7F:62:59:AF:F7:D8:A4:21:64:C3:B6:8D:D1:91:5A:F3:85:98
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/F6Z_Ylmv99ikIWTDto3RkVrzhZg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.149.0/24
                  77.90.152.0/24
                  77.90.179.0/24
                  77.90.191.0/24
                  213.209.134.0/24
                  213.209.143.0/24
                  213.209.145.0/24
                  213.209.149.0/24
                  213.209.156.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b0:f2:a2:3d:53:05:3a:bc:7c:7c:51:85:aa:7d:fc:33:2a:a5:
         43:f3:48:e5:f4:36:0b:dc:d0:ef:fb:8f:bc:f3:6e:3c:9b:b2:
         74:8e:7d:1d:52:1d:2c:92:8e:4d:af:10:3d:9b:57:95:1a:7d:
         40:f8:9e:c0:4f:d9:f1:a6:ca:db:cd:d3:12:39:ed:70:e2:45:
         f5:6f:97:53:9f:c4:d2:7d:80:a5:49:63:2e:be:6d:3e:fe:01:
         39:85:52:09:dd:1d:81:93:a6:be:0b:cf:11:73:cc:74:c3:e0:
         13:3c:b1:b4:6f:1a:8c:ee:2b:f2:be:39:72:aa:4a:0f:84:71:
         9a:ab:c3:3e:6d:c4:e2:7b:fa:30:4d:ea:8e:b9:78:35:13:3c:
         05:7c:7d:2e:d9:4e:0a:f2:8b:84:bb:0a:b2:31:61:c9:ee:eb:
         bb:32:7e:8f:ff:98:ee:91:a5:d8:12:3d:e4:7b:18:69:8d:c5:
         46:4d:5d:b2:41:06:ef:23:88:24:20:41:3b:35:1a:50:97:d5:
         df:e4:0f:41:25:be:48:e7:97:81:dc:20:7e:9b:8d:ec:85:3a:
         dd:4d:d1:7e:af:58:d0:c5:b5:99:aa:4b:91:cf:1f:19:6b:ba:
         9e:08:00:77:0f:c6:fa:89:79:80:3d:a1:f2:53:60:75:ab:01:
         c8:2e:54:04
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIECHZv0zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDQw
NjE1MzIzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTdhNjdmNjI1OWFm
ZjdkOGE0MjE2NGMzYjY4ZGQxOTE1YWYzODU5ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK8hQ7bZNkxTx6db0UkAq884VXmML8zl2hn731Jag3Ibj89p
FUWJbAb4m4HhIB+sV8aLtmQv4IkGrADWzsB1C6khan9dNBhiJ6JKhloF3wDujOU+
P6EyyApk9VEN7zBdjStQopaJMfDB3V7nfzxpL3DkKeOHsMSR984eia3x81QBVDzT
vfONgZBY0QXp1GLYmsmM8LCK4PArKTwJo+mlVnLEkOmVjGIs+BeYVnXmqxAPUY/j
akJX6dsO4TstXJ8/5LefhyNOIPdKFD4bGicJ5yYqMIDYMlOb7BkVn7ieSoVCz9Xf
IdJingTnWekNovxP5KQidgrlHqPDP0pCcKJON/cCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBQXpn9iWa/32KQhZMO2jdGRWvOFmDAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L0Y2Wl9ZbG12OTlpa0lXVER0bzNSa1ZyemhaZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAE1alQMEAE1amAMEAE1aswMEAE1a
vwMEANXRhgMEANXRjwMEANXRkQMEANXRlQMEAdXRnDANBgkqhkiG9w0BAQsFAAOC
AQEAsPKiPVMFOrx8fFGFqn38MyqlQ/NI5fQ2C9zQ7/uPvPNuPJuydI59HVIdLJKO
Ta8QPZtXlRp9QPiewE/Z8abK283TEjntcOJF9W+XU5/E0n2ApUljLr5tPv4BOYVS
Cd0dgZOmvgvPEXPMdMPgEzyxtG8ajO4r8r45cqpKD4RxmqvDPm3E4nv6ME3qjrl4
NRM8BXx9LtlOCvKLhLsKsjFhye7ruzJ+j/+Y7pGl2BI95HsYaY3FRk1dskEG7yOI
JCBBOzUaUJfV3+QPQSW+SOeXgdwgfpuN7IU63U3Rfq9Y0MW1mapLkc8fGWu6nggA
dw/G+ol5gD2h8lNgdasByC5UBA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org