Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/GBgU0ODEOB16ok30f9qU8xWfTy0.roa
File:                     GBgU0ODEOB16ok30f9qU8xWfTy0.roa (raw, json)
Hash identifier:          gOXww0PpSgiSCG9ukQ5bgUrLoQ7QzhKyp4kSqflfC/U=
Subject key identifier:   18:18:14:D0:E0:C4:38:1D:7A:A2:4D:F4:7F:DA:94:F3:15:9F:4F:2D
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       01847C6C5021268BA7EADDAD8AC2BDDD53CD
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/GBgU0ODEOB16ok30f9qU8xWfTy0.roa
Signing time:             Tue 15 Nov 2022 17:53:03 +0000
ROA not before:           Tue 15 Nov 2022 17:53:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42821
IP address blocks:        77.90.129.0/24 maxlen: 24
                          77.90.128.0/24 maxlen: 24
                          77.90.130.0/24 maxlen: 24
                          77.90.132.0/24 maxlen: 24
                          185.230.14.0/24 maxlen: 24
                          77.90.188.0/24 maxlen: 24
                          77.90.136.0/24 maxlen: 24
                          77.90.135.0/24 maxlen: 24
                          77.90.137.0/24 maxlen: 24
                          77.90.133.0/24 maxlen: 24
                          77.90.134.0/24 maxlen: 24
                          77.90.139.0/24 maxlen: 24
                          77.90.143.0/24 maxlen: 24
                          77.90.142.0/24 maxlen: 24
                          77.90.145.0/24 maxlen: 24
                          77.90.144.0/24 maxlen: 24
                          77.90.140.0/24 maxlen: 24
                          77.90.147.0/24 maxlen: 24
                          77.90.146.0/24 maxlen: 24
                          77.90.148.0/24 maxlen: 24
                          77.90.156.0/24 maxlen: 24
                          77.90.153.0/24 maxlen: 24
                          77.90.154.0/24 maxlen: 24
                          77.90.178.0/24 maxlen: 24
                          77.90.185.0/24 maxlen: 24
                          213.209.138.0/24 maxlen: 24
                          213.209.143.0/24 maxlen: 24
                          213.209.149.0/24 maxlen: 24
                          213.209.159.0/24 maxlen: 24
                          213.209.156.0/24 maxlen: 24
                          213.209.157.0/24 maxlen: 24
                          2a04:29c2::/32 maxlen: 32
                          2a04:29c7:1290:24::/64 maxlen: 64
                          2a04:29c7:1371:6027::/64 maxlen: 64
                          2a04:29c7:1280:27::/64 maxlen: 64
                          2a04:29c7:1420::/48 maxlen: 48
                          2a04:29c7::/32 maxlen: 32
                          2a04:29c7:1280:24::/64 maxlen: 64
                          2a04:29c7:1300:24::/64 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:7c:6c:50:21:26:8b:a7:ea:dd:ad:8a:c2:bd:dd:53:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Nov 15 17:53:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=181814d0e0c4381d7aa24df47fda94f3159f4f2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:46:3f:d8:b9:8c:f2:7a:f5:a1:9c:58:5a:4f:
                    e2:e5:fb:97:7c:95:7d:fc:54:36:3f:83:3c:35:34:
                    02:4a:52:ed:e2:17:c0:1f:30:69:03:b8:d6:d3:d7:
                    8b:66:c8:c7:d7:dc:8f:0f:1d:ca:46:91:b6:c5:f6:
                    7f:81:89:8f:6e:5b:10:5a:1e:48:c2:b2:be:46:d0:
                    0d:14:12:ae:ea:08:87:5d:bf:b9:f7:16:65:66:c8:
                    d4:26:62:b7:b2:72:53:d0:5c:1d:f5:c7:7b:63:5e:
                    6f:b0:e7:34:49:7e:58:94:16:6b:55:05:d6:54:e8:
                    ee:ec:c2:65:78:c0:6b:4b:58:8d:94:2c:70:b6:f2:
                    3a:92:4d:6f:12:e7:15:32:eb:58:95:5f:14:92:dd:
                    ff:9c:10:8e:26:aa:5c:df:a7:f9:a1:b8:0c:a0:7b:
                    b7:5e:10:b9:cf:73:79:b6:e1:ef:48:26:ec:9e:46:
                    5d:c5:2d:97:6f:7a:91:7b:28:fe:21:65:01:72:0a:
                    ae:b9:2b:d8:d2:61:2c:8d:50:b3:a6:ee:4e:9c:0d:
                    fa:91:a5:b2:cc:27:2b:4b:57:09:a5:fe:00:c3:1a:
                    d7:97:ac:d3:59:eb:4f:5b:7c:76:6a:9a:52:b9:8a:
                    02:27:50:1f:9c:89:8d:dc:c5:1e:16:18:d8:bc:3b:
                    e1:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:18:14:D0:E0:C4:38:1D:7A:A2:4D:F4:7F:DA:94:F3:15:9F:4F:2D
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/GBgU0ODEOB16ok30f9qU8xWfTy0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.128.0-77.90.130.255
                  77.90.132.0-77.90.137.255
                  77.90.139.0-77.90.140.255
                  77.90.142.0-77.90.148.255
                  77.90.153.0-77.90.154.255
                  77.90.156.0/24
                  77.90.178.0/24
                  77.90.185.0/24
                  77.90.188.0/24
                  185.230.14.0/24
                  213.209.138.0/24
                  213.209.143.0/24
                  213.209.149.0/24
                  213.209.156.0/23
                  213.209.159.0/24
                IPv6:
                  2a04:29c2::/32
                  2a04:29c7::/32

    Signature Algorithm: sha256WithRSAEncryption
         1d:d3:83:12:d2:a3:ce:95:c6:5c:6e:49:6c:39:e8:81:d6:8b:
         e6:46:b7:6e:71:eb:0e:8b:d2:33:62:43:c9:01:e0:75:0d:b8:
         cc:c3:98:10:b5:e1:7c:7a:5a:f9:53:f0:a2:0c:06:2d:23:8e:
         f9:81:10:cf:7f:ff:f8:16:9a:b7:86:9e:aa:c5:d0:16:21:1a:
         3f:33:8b:90:6d:1f:7e:f1:1b:36:76:6f:6b:41:d1:e4:5b:fd:
         3f:91:83:67:82:33:2e:e1:a1:4a:b9:17:22:91:01:a2:80:60:
         7d:59:d2:a3:45:6d:6f:8b:0b:0f:99:5b:6d:a4:3a:5b:94:a5:
         bc:ab:ae:bd:32:94:0b:da:74:8a:32:c0:ff:ec:ee:18:b6:7a:
         a3:dc:7c:d1:78:5f:54:48:ab:8c:00:e0:d9:77:cd:ef:8c:3c:
         5f:79:d4:ff:1e:93:82:8d:40:a5:a9:c5:ac:ec:5a:f7:ca:a5:
         d1:6c:8f:e2:92:59:cb:72:80:d6:97:7b:6d:30:e7:82:bc:a7:
         5f:c1:84:8f:54:f3:d0:70:33:d0:5e:77:ae:77:29:49:bc:fa:
         1b:5e:e8:ba:06:89:87:3f:ab:da:16:9f:2e:21:64:51:45:e7:
         57:3b:79:f5:a1:6c:4a:d6:5a:2e:9e:e5:c5:38:b9:1e:80:c1:
         7f:d3:4a:b9
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYR8bFAhJoun6t2tisK93VPNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIxMTE1MTc1MzAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODE4MTRkMGUwYzQzODFkN2FhMjRkZjQ3ZmRhOTRmMzE1OWY0ZjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUY/2LmM8nr1oZxYWk/i5fuXfJV9
/FQ2P4M8NTQCSlLt4hfAHzBpA7jW09eLZsjH19yPDx3KRpG2xfZ/gYmPblsQWh5I
wrK+RtANFBKu6giHXb+59xZlZsjUJmK3snJT0Fwd9cd7Y15vsOc0SX5YlBZrVQXW
VOju7MJleMBrS1iNlCxwtvI6kk1vEucVMutYlV8Ukt3/nBCOJqpc36f5obgMoHu3
XhC5z3N5tuHvSCbsnkZdxS2Xb3qReyj+IWUBcgquuSvY0mEsjVCzpu5OnA36kaWy
zCcrS1cJpf4AwxrXl6zTWetPW3x2appSuYoCJ1AfnImN3MUeFhjYvDvhOwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFBgYFNDgxDgdeqJN9H/alPMVn08tMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvR0JnVTBPREVPQjE2b2szMGY5cVU4eFdmVHkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBiQQCAAEwgYIwDAME
B01agAMEAE1agjAMAwQCTVqEAwQBTVqIMAwDBABNWosDBABNWowwDAMEAU1ajgME
AE1alDAMAwQATVqZAwQATVqaAwQATVqcAwQATVqyAwQATVq5AwQATVq8AwQAueYO
AwQA1dGKAwQA1dGPAwQA1dGVAwQB1dGcAwQA1dGfMBQEAgACMA4DBQAqBCnCAwUA
KgQpxzANBgkqhkiG9w0BAQsFAAOCAQEAHdODEtKjzpXGXG5JbDnogdaL5ka3bnHr
DovSM2JDyQHgdQ24zMOYELXhfHpa+VPwogwGLSOO+YEQz3//+Baat4aeqsXQFiEa
PzOLkG0ffvEbNnZva0HR5Fv9P5GDZ4IzLuGhSrkXIpEBooBgfVnSo0Vtb4sLD5lb
baQ6W5SlvKuuvTKUC9p0ijLA/+zuGLZ6o9x80XhfVEirjADg2XfN74w8X3nU/x6T
go1ApanFrOxa98ql0WyP4pJZy3KA1pd7bTDngrynX8GEj1Tz0HAz0F53rncpSbz6
G17ougaJhz+r2hafLiFkUUXnVzt59aFsStZaLp7lxTi5HoDBf9NKuQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org