Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/GL8hltG1JlXlw584Xcvqm9CVOrg.roa
File:                     GL8hltG1JlXlw584Xcvqm9CVOrg.roa (raw, json)
Hash identifier:          p1KzdH7vVStVnX4U0teNMnttoK1Zuv+hOuM3pxu0AkQ=
Subject key identifier:   18:BF:21:96:D1:B5:26:55:E5:C3:9F:38:5D:CB:EA:9B:D0:95:3A:B8
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       09147A6C
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/GL8hltG1JlXlw584Xcvqm9CVOrg.roa
Signing time:             Thu 12 May 2022 07:47:02 +0000
ROA not before:           Thu 12 May 2022 07:47:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42821
IP address blocks:        77.90.129.0/24 maxlen: 24
                          77.90.128.0/24 maxlen: 24
                          77.90.130.0/24 maxlen: 24
                          77.90.132.0/24 maxlen: 24
                          185.230.13.0/24 maxlen: 24
                          185.230.12.0/24 maxlen: 24
                          77.90.191.0/24 maxlen: 24
                          77.90.136.0/24 maxlen: 24
                          77.90.135.0/24 maxlen: 24
                          77.90.138.0/24 maxlen: 24
                          77.90.137.0/24 maxlen: 24
                          77.90.133.0/24 maxlen: 24
                          77.90.134.0/24 maxlen: 24
                          77.90.143.0/24 maxlen: 24
                          77.90.142.0/24 maxlen: 24
                          77.90.145.0/24 maxlen: 24
                          77.90.144.0/24 maxlen: 24
                          77.90.140.0/24 maxlen: 24
                          77.90.152.0/24 maxlen: 24
                          77.90.147.0/24 maxlen: 24
                          77.90.146.0/24 maxlen: 24
                          77.90.148.0/24 maxlen: 24
                          77.90.155.0/24 maxlen: 24
                          77.90.154.0/24 maxlen: 24
                          77.90.164.0/24 maxlen: 24
                          77.90.178.0/24 maxlen: 24
                          77.90.180.0/24 maxlen: 24
                          77.90.185.0/24 maxlen: 24
                          77.90.181.0/24 maxlen: 24
                          213.209.130.0/24 maxlen: 24
                          213.209.133.0/24 maxlen: 24
                          213.209.138.0/24 maxlen: 24
                          213.209.136.0/24 maxlen: 24
                          213.209.144.0/24 maxlen: 24
                          213.209.147.0/24 maxlen: 24
                          213.209.146.0/24 maxlen: 24
                          213.209.156.0/24 maxlen: 24
                          2a04:29c2::/32 maxlen: 32
                          2a04:29c7::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 152337004 (0x9147a6c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: May 12 07:47:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=18bf2196d1b52655e5c39f385dcbea9bd0953ab8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:b1:c0:d2:9a:1e:f1:42:d4:73:f1:7b:97:96:
                    c4:ca:a0:07:01:78:e9:02:9b:05:97:1d:2a:2b:41:
                    42:46:cc:37:93:bf:59:26:47:ab:3b:2e:49:99:ce:
                    7f:4b:ed:f8:52:5a:13:6a:20:45:e0:47:e8:83:e0:
                    8a:00:f4:1e:3c:bd:e1:b5:aa:e5:8e:e0:28:8b:ca:
                    24:f0:1c:aa:31:dc:78:d0:07:75:b1:ab:82:22:e3:
                    ab:f2:f8:8a:0f:8e:61:a4:04:52:38:be:83:ba:e4:
                    41:8b:f8:3b:cb:08:6e:66:75:1d:c4:ba:a0:0e:18:
                    74:09:c5:33:13:8e:82:65:77:8f:f7:f6:02:36:09:
                    6f:34:0e:75:e8:97:0e:1d:b3:22:0a:e4:6b:1f:e4:
                    4e:de:a5:ff:c7:11:ec:21:8a:d9:74:ba:17:1e:1d:
                    9f:60:83:50:bd:f7:9d:61:2c:ec:cc:15:fb:56:35:
                    2e:cc:58:1c:28:2d:cc:a6:0d:f3:f4:11:f3:63:72:
                    ea:7e:05:b1:33:f6:58:04:62:d3:55:30:48:63:d4:
                    e2:87:f7:5a:ec:e7:8f:ae:01:d9:ae:3b:69:dd:39:
                    83:fb:83:1e:a3:a8:55:ba:a5:5d:31:74:8d:37:5c:
                    66:cc:ae:fa:11:04:2d:cf:3f:a0:e5:ad:3d:28:1e:
                    c5:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:BF:21:96:D1:B5:26:55:E5:C3:9F:38:5D:CB:EA:9B:D0:95:3A:B8
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/GL8hltG1JlXlw584Xcvqm9CVOrg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.128.0-77.90.130.255
                  77.90.132.0-77.90.138.255
                  77.90.140.0/24
                  77.90.142.0-77.90.148.255
                  77.90.152.0/24
                  77.90.154.0/23
                  77.90.164.0/24
                  77.90.178.0/24
                  77.90.180.0/23
                  77.90.185.0/24
                  77.90.191.0/24
                  185.230.12.0/23
                  213.209.130.0/24
                  213.209.133.0/24
                  213.209.136.0/24
                  213.209.138.0/24
                  213.209.144.0/24
                  213.209.146.0/23
                  213.209.156.0/24
                IPv6:
                  2a04:29c2::/32
                  2a04:29c7::/32

    Signature Algorithm: sha256WithRSAEncryption
         4a:fb:0b:97:86:3c:1e:4e:dd:b4:f5:0c:38:35:d2:bf:f6:4f:
         6a:42:7c:f6:0d:ab:f3:b5:c4:19:a8:5c:e1:1e:5d:34:3e:6a:
         6e:6e:c7:5a:fd:bd:77:1a:e9:89:e9:5d:35:73:38:b2:d6:96:
         f3:5b:4e:e0:d7:8e:79:29:75:87:58:5e:db:7a:c5:db:ea:07:
         38:ce:40:bb:64:4d:c1:d0:86:01:e0:50:f5:bd:d6:f2:7c:e5:
         74:68:6b:3e:df:fd:06:8f:c0:7b:60:41:61:1b:cc:3c:0b:6f:
         80:46:15:36:ab:a3:85:97:0f:93:14:cf:7c:72:5a:48:c7:73:
         32:8a:19:c8:d3:8f:49:1b:31:61:f9:ad:19:b1:94:26:87:13:
         7d:39:10:c7:1f:54:97:03:57:aa:c8:89:a3:43:d1:0f:2c:24:
         8c:d2:17:b0:86:5f:80:1c:ac:20:58:f0:6f:9f:ae:4f:bb:25:
         a9:cc:32:60:be:a1:16:90:54:ec:a9:42:f4:a8:6a:e5:6e:a7:
         95:dc:74:7c:6b:e2:d2:01:18:78:cc:73:10:8f:7c:79:83:b1:
         d1:eb:b6:f8:65:5a:ab:47:e4:29:35:4b:f8:6e:a0:3a:fb:2a:
         eb:22:fb:8e:0a:e9:f6:93:37:c3:4e:c9:1e:b7:8c:c1:07:64:
         e0:10:88:8b
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgIECRR6bDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDUx
MjA3NDcwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMThiZjIxOTZkMWI1
MjY1NWU1YzM5ZjM4NWRjYmVhOWJkMDk1M2FiODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOexwNKaHvFC1HPxe5eWxMqgBwF46QKbBZcdKitBQkbMN5O/
WSZHqzsuSZnOf0vt+FJaE2ogReBH6IPgigD0Hjy94bWq5Y7gKIvKJPAcqjHceNAH
dbGrgiLjq/L4ig+OYaQEUji+g7rkQYv4O8sIbmZ1HcS6oA4YdAnFMxOOgmV3j/f2
AjYJbzQOdeiXDh2zIgrkax/kTt6l/8cR7CGK2XS6Fx4dn2CDUL33nWEs7MwV+1Y1
LsxYHCgtzKYN8/QR82Ny6n4FsTP2WARi01UwSGPU4of3Wuznj64B2a47ad05g/uD
HqOoVbqlXTF0jTdcZsyu+hEELc8/oOWtPSgexSMCAwEAAaOCAqgwggKkMB0GA1Ud
DgQWBBQYvyGW0bUmVeXDnzhdy+qb0JU6uDAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L0dMOGhsdEcxSmxYbHc1ODRYY3ZxbTlDVk9yZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
vQYIKwYBBQUHAQcBAf8Ega0wgaowgZEEAgABMIGKMAwDBAdNWoADBABNWoIwDAME
Ak1ahAMEAE1aigMEAE1ajDAMAwQBTVqOAwQATVqUAwQATVqYAwQBTVqaAwQATVqk
AwQATVqyAwQBTVq0AwQATVq5AwQATVq/AwQBueYMAwQA1dGCAwQA1dGFAwQA1dGI
AwQA1dGKAwQA1dGQAwQB1dGSAwQA1dGcMBQEAgACMA4DBQAqBCnCAwUAKgQpxzAN
BgkqhkiG9w0BAQsFAAOCAQEASvsLl4Y8Hk7dtPUMODXSv/ZPakJ89g2r87XEGahc
4R5dND5qbm7HWv29dxrpieldNXM4staW81tO4NeOeSl1h1he23rF2+oHOM5Au2RN
wdCGAeBQ9b3W8nzldGhrPt/9Bo/Ae2BBYRvMPAtvgEYVNqujhZcPkxTPfHJaSMdz
MooZyNOPSRsxYfmtGbGUJocTfTkQxx9UlwNXqsiJo0PRDywkjNIXsIZfgBysIFjw
b5+uT7slqcwyYL6hFpBU7KlC9Khq5W6nldx0fGvi0gEYeMxzEI98eYOx0eu2+GVa
q0fkKTVL+G6gOvsq6yL7jgrp9pM3w07JHreMwQdk4BCIiw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:23 2023 by rpki-client on console-fra.rpki-client.org