Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/IpNDlVNkjQkpyWI89rDvo4ewrpk.roa
File:                     IpNDlVNkjQkpyWI89rDvo4ewrpk.roa (raw, json)
Hash identifier:          PceKUDf+J1vS1QOp1806k2NKQZqoTr5xwRSwn4BZSH8=
Subject key identifier:   22:93:43:95:53:64:8D:09:29:C9:62:3C:F6:B0:EF:A3:87:B0:AE:99
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       0181FB7C82CF8BE012C6BB475119E540D8A0
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/IpNDlVNkjQkpyWI89rDvo4ewrpk.roa
Signing time:             Thu 14 Jul 2022 06:54:10 +0000
ROA not before:           Thu 14 Jul 2022 06:54:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43260
IP address blocks:        185.230.12.0/24 maxlen: 24
                          77.90.191.0/24 maxlen: 24
                          213.209.129.0/24 maxlen: 24
                          213.209.134.0/24 maxlen: 24
                          213.209.133.0/24 maxlen: 24
                          213.209.149.0/24 maxlen: 24
                          213.209.147.0/24 maxlen: 24
                          213.209.151.0/24 maxlen: 24
                          213.209.159.0/24 maxlen: 24
                          213.209.158.0/24 maxlen: 24
                          77.90.139.0/24 maxlen: 24
                          77.90.138.0/24 maxlen: 24
                          77.90.145.0/24 maxlen: 24
                          77.90.153.0/24 maxlen: 24
                          77.90.154.0/24 maxlen: 24
                          77.90.157.0/24 maxlen: 24
                          77.90.155.0/24 maxlen: 24
                          77.90.173.0/24 maxlen: 24
                          77.90.179.0/24 maxlen: 24
                          77.90.184.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:fb:7c:82:cf:8b:e0:12:c6:bb:47:51:19:e5:40:d8:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Jul 14 06:54:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2293439553648d0929c9623cf6b0efa387b0ae99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:05:6c:74:22:0a:76:91:a1:62:9c:6c:8f:cf:
                    a2:c9:4c:f6:83:14:fa:8d:44:c6:34:6d:98:c2:07:
                    f7:4b:86:15:e2:30:cf:f3:fa:dc:b0:ef:84:7d:f2:
                    d3:27:54:ec:df:b2:58:c9:d2:a8:d2:f0:4b:99:84:
                    37:f3:e0:8d:2c:f7:6b:05:2d:6d:54:4c:a6:87:30:
                    fd:d7:7c:28:eb:ef:44:2a:82:a3:ed:86:a6:d8:2b:
                    30:ac:28:bb:cf:ca:32:af:f8:a8:30:cb:35:47:ac:
                    ed:a5:3e:56:e5:81:c9:f5:15:e1:04:10:de:5a:43:
                    21:f6:05:78:5b:c9:df:cc:2e:b8:0f:51:d6:84:17:
                    1a:21:0f:09:90:7c:e2:9c:4f:d0:77:61:b5:e6:68:
                    46:22:d5:53:54:a7:ee:c8:a7:8e:bc:43:6c:0b:e8:
                    a3:07:c6:47:26:91:2c:55:3c:83:b0:6f:ad:e7:85:
                    3e:f8:73:de:b0:c7:1c:15:3c:05:8b:1f:48:53:71:
                    cb:7d:7a:e2:7a:47:cb:9d:6f:f4:1f:30:c0:b1:f5:
                    d6:4d:1f:65:03:36:03:a1:b7:ac:f9:94:fb:d0:f2:
                    d9:2e:7d:1b:ff:af:40:84:8c:36:43:1a:20:34:97:
                    3b:0a:fb:d0:5b:57:66:f2:ab:33:31:b0:94:23:11:
                    21:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:93:43:95:53:64:8D:09:29:C9:62:3C:F6:B0:EF:A3:87:B0:AE:99
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/IpNDlVNkjQkpyWI89rDvo4ewrpk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.138.0/23
                  77.90.145.0/24
                  77.90.153.0-77.90.155.255
                  77.90.157.0/24
                  77.90.173.0/24
                  77.90.179.0/24
                  77.90.184.0/24
                  77.90.191.0/24
                  185.230.12.0/24
                  213.209.129.0/24
                  213.209.133.0-213.209.134.255
                  213.209.147.0/24
                  213.209.149.0/24
                  213.209.151.0/24
                  213.209.158.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7a:ca:f2:5c:75:29:f9:e2:e0:33:6e:63:d4:77:00:4c:6f:5b:
         a5:e8:a5:e1:79:47:31:d7:dd:df:4c:7b:fe:65:ae:44:f9:ce:
         82:a5:e8:a4:52:65:1a:92:db:86:c6:a9:c9:11:26:c3:a7:a6:
         f7:dc:03:0a:d6:27:c2:e3:33:49:04:6a:1a:b8:8f:86:99:e8:
         65:5a:b4:28:e8:39:ea:8e:da:37:bd:5d:55:75:d9:5b:dc:f0:
         f7:b4:aa:2e:69:29:55:79:a0:60:8a:60:9f:47:3e:bf:d7:77:
         42:1c:74:38:7d:e1:1e:cf:51:95:70:16:6d:12:ef:fa:8e:f1:
         ff:f0:5d:55:99:53:79:ec:a6:d0:86:4d:ee:d8:53:d3:ca:bb:
         a8:df:f2:0b:fa:83:63:22:b2:c7:4b:78:46:d1:8c:9d:ae:93:
         d2:ee:b0:21:ec:7a:82:24:ba:61:18:6e:4e:cf:f6:dc:3d:a5:
         63:ee:2a:98:62:5d:c7:86:ca:88:d1:cc:ce:2f:97:78:8d:e9:
         0b:6c:f6:2f:31:73:f4:94:96:39:ac:8f:db:9b:43:d0:08:be:
         c9:3a:8c:7b:95:9b:bd:c4:82:d7:8d:5c:8f:08:72:f0:a5:4f:
         07:76:4d:3b:76:b5:f9:5d:5a:78:86:e7:49:49:09:92:aa:2f:
         d8:30:9c:6b
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYH7fILPi+ASxrtHURnlQNigMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIwNzE0MDY1NDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjkzNDM5NTUzNjQ4ZDA5MjljOTYyM2NmNmIwZWZhMzg3YjBhZTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgVsdCIKdpGhYpxsj8+iyUz2gxT6
jUTGNG2Ywgf3S4YV4jDP8/rcsO+EffLTJ1Ts37JYydKo0vBLmYQ38+CNLPdrBS1t
VEymhzD913wo6+9EKoKj7Yam2CswrCi7z8oyr/ioMMs1R6ztpT5W5YHJ9RXhBBDe
WkMh9gV4W8nfzC64D1HWhBcaIQ8JkHzinE/Qd2G15mhGItVTVKfuyKeOvENsC+ij
B8ZHJpEsVTyDsG+t54U++HPesMccFTwFix9IU3HLfXriekfLnW/0HzDAsfXWTR9l
AzYDobes+ZT70PLZLn0b/69AhIw2QxogNJc7CvvQW1dm8qszMbCUIxEh7wIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFCKTQ5VTZI0JKcliPPaw76OHsK6ZMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvSXBORGxWTmtqUWtweVdJODlyRHZvNGV3cnBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAU1aigME
AE1akTAMAwQATVqZAwQCTVqYAwQATVqdAwQATVqtAwQATVqzAwQATVq4AwQATVq/
AwQAueYMAwQA1dGBMAwDBADV0YUDBADV0YYDBADV0ZMDBADV0ZUDBADV0ZcDBAHV
0Z4wDQYJKoZIhvcNAQELBQADggEBAHrK8lx1Kfni4DNuY9R3AExvW6XopeF5RzHX
3d9Me/5lrkT5zoKl6KRSZRqS24bGqckRJsOnpvfcAwrWJ8LjM0kEahq4j4aZ6GVa
tCjoOeqO2je9XVV12Vvc8Pe0qi5pKVV5oGCKYJ9HPr/Xd0IcdDh94R7PUZVwFm0S
7/qO8f/wXVWZU3nsptCGTe7YU9PKu6jf8gv6g2MissdLeEbRjJ2uk9LusCHseoIk
umEYbk7P9tw9pWPuKphiXceGyojRzM4vl3iN6Qts9i8xc/SUljmsj9ubQ9AIvsk6
jHuVm73EgteNXI8IcvClTwd2TTt2tfldWniG50lJCZKqL9gwnGs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org