Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/GGpmae6DkqjnbHEiVXWBVrl3Bkk.roa
File:                     GGpmae6DkqjnbHEiVXWBVrl3Bkk.roa (raw, json)
Hash identifier:          o7Fh/NNQvFjmf2uAj/SwL1LH1P5GNRTGKoGwLxmN84o=
Subject key identifier:   18:6A:66:69:EE:83:92:A8:E7:6C:71:22:55:75:81:56:B9:77:06:49
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       0181F7C11DC5DCABF80151F13FE4C016C5BA
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/GGpmae6DkqjnbHEiVXWBVrl3Bkk.roa
Signing time:             Wed 13 Jul 2022 13:30:37 +0000
ROA not before:           Wed 13 Jul 2022 13:30:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     213296
IP address blocks:        213.209.131.0/24 maxlen: 24
                          77.90.159.0/24 maxlen: 24
                          77.90.177.0/24 maxlen: 24
                          77.90.183.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:f7:c1:1d:c5:dc:ab:f8:01:51:f1:3f:e4:c0:16:c5:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Jul 13 13:30:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=186a6669ee8392a8e76c712255758156b9770649
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:a0:23:78:33:62:33:51:79:73:02:6b:da:6a:
                    98:5a:7d:89:a9:22:94:97:7c:46:c6:7c:8c:17:bd:
                    3d:d7:cb:ee:14:26:f2:1c:bf:b6:d1:3b:16:91:c0:
                    90:c2:66:af:a7:ee:b3:9e:04:4c:8c:d7:77:80:21:
                    15:1b:9a:2f:5c:e6:07:2f:8d:01:23:27:b8:2d:a5:
                    59:35:02:8b:14:20:fa:66:72:a5:f1:ec:12:2e:67:
                    5c:28:05:c8:eb:23:6a:76:00:b6:cc:a5:44:6e:5f:
                    ec:0b:d3:53:ce:fa:65:99:8b:b8:c2:cf:96:6a:59:
                    c7:a0:19:56:10:d1:81:20:ea:2c:aa:e7:ed:b6:82:
                    38:1f:ed:51:16:76:7f:c3:e2:2c:46:4b:2a:a7:81:
                    b1:2d:9c:e1:fc:1a:04:e4:c5:bb:97:3c:a6:e9:b8:
                    33:46:0f:85:49:a6:f8:90:54:53:cf:20:97:ee:15:
                    68:0b:8a:2f:89:52:4c:bf:4f:22:54:b6:01:8b:f4:
                    b6:8e:02:d9:e0:e0:c4:c9:fd:cc:db:e0:4f:50:ea:
                    f9:7f:41:f8:1a:5e:4c:c5:1f:b6:63:ca:77:f7:bd:
                    ee:d4:da:60:85:94:ce:ce:06:18:9a:66:22:65:44:
                    bc:5a:d4:f8:86:b6:02:26:89:11:ae:a7:5f:69:20:
                    b9:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:6A:66:69:EE:83:92:A8:E7:6C:71:22:55:75:81:56:B9:77:06:49
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/GGpmae6DkqjnbHEiVXWBVrl3Bkk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.159.0/24
                  77.90.177.0/24
                  77.90.183.0/24
                  213.209.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:89:c4:31:02:59:f6:0a:6d:e4:9d:a8:d3:c3:13:e2:64:d1:
         87:d2:1a:5d:b2:41:c1:c3:bd:d6:fc:00:fb:a5:34:35:a0:84:
         a5:30:f8:a8:6e:2f:ce:6e:e6:b5:eb:32:ff:cf:86:ac:2e:37:
         ce:53:74:bd:e7:22:5a:8a:41:fb:4e:3e:61:85:b1:b3:56:e2:
         87:dc:af:08:5a:51:7a:fa:64:e3:14:5d:e6:10:04:0d:0e:5d:
         53:8c:fb:9f:77:d1:98:09:80:45:09:c2:6e:0e:e3:49:e0:ae:
         3a:e2:f6:e6:ba:59:2b:94:9a:e8:90:b3:d5:29:1b:e7:0b:e5:
         25:21:a2:50:e1:e7:05:2d:0c:10:56:c8:67:b6:06:61:d7:be:
         b8:04:a7:10:8a:fa:4d:66:ca:e7:c4:69:53:c8:b6:76:49:0a:
         02:dd:c6:5a:f3:33:e4:ce:a1:69:45:00:24:df:a7:d3:2d:a4:
         05:be:9d:df:34:9b:08:7c:53:e9:21:ec:b5:dd:ee:99:b9:b4:
         86:65:d5:98:42:82:df:f8:03:20:ae:f4:7c:4a:42:b0:30:8e:
         ec:7d:81:db:ca:f5:1a:40:75:ee:e8:10:5a:f0:f1:a2:0a:65:
         e7:61:55:5a:ba:92:f9:46:96:d0:d3:a4:5c:cc:d7:8e:c7:f1:
         3a:ec:6d:78
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYH3wR3F3Kv4AVHxP+TAFsW6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIwNzEzMTMzMDM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODZhNjY2OWVlODM5MmE4ZTc2YzcxMjI1NTc1ODE1NmI5NzcwNjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqAjeDNiM1F5cwJr2mqYWn2JqSKU
l3xGxnyMF70918vuFCbyHL+20TsWkcCQwmavp+6zngRMjNd3gCEVG5ovXOYHL40B
Iye4LaVZNQKLFCD6ZnKl8ewSLmdcKAXI6yNqdgC2zKVEbl/sC9NTzvplmYu4ws+W
alnHoBlWENGBIOosqufttoI4H+1RFnZ/w+IsRksqp4GxLZzh/BoE5MW7lzym6bgz
Rg+FSab4kFRTzyCX7hVoC4oviVJMv08iVLYBi/S2jgLZ4ODEyf3M2+BPUOr5f0H4
Gl5MxR+2Y8p3973u1NpghZTOzgYYmmYiZUS8WtT4hrYCJokRrqdfaSC5xQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBhqZmnug5Ko52xxIlV1gVa5dwZJMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvR0dwbWFlNkRrcWpuYkhFaVZYV0JWcmwzQmtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATVqfAwQA
TVqxAwQATVq3AwQA1dGDMA0GCSqGSIb3DQEBCwUAA4IBAQAJicQxAln2Cm3knajT
wxPiZNGH0hpdskHBw73W/AD7pTQ1oISlMPiobi/Obua16zL/z4asLjfOU3S95yJa
ikH7Tj5hhbGzVuKH3K8IWlF6+mTjFF3mEAQNDl1TjPufd9GYCYBFCcJuDuNJ4K46
4vbmulkrlJrokLPVKRvnC+UlIaJQ4ecFLQwQVshntgZh1764BKcQivpNZsrnxGlT
yLZ2SQoC3cZa8zPkzqFpRQAk36fTLaQFvp3fNJsIfFPpIey13e6ZubSGZdWYQoLf
+AMgrvR8SkKwMI7sfYHbyvUaQHXu6BBa8PGiCmXnYVVaupL5RpbQ06RczNeOx/E6
7G14
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org