Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/JDzfUvAQPsrFeVI7FATafKJIiV8.roa
File:                     JDzfUvAQPsrFeVI7FATafKJIiV8.roa (raw, json)
Hash identifier:          1quJIesq1wwmzfW9y07Td63ulXXfOAdT+BDJ7hCJiVo=
Subject key identifier:   24:3C:DF:52:F0:10:3E:CA:C5:79:52:3B:14:04:DA:7C:A2:48:89:5F
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       094C1C41
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/JDzfUvAQPsrFeVI7FATafKJIiV8.roa
Signing time:             Tue 24 May 2022 15:53:13 +0000
ROA not before:           Tue 24 May 2022 15:53:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42821
IP address blocks:        77.90.129.0/24 maxlen: 24
                          77.90.128.0/24 maxlen: 24
                          77.90.130.0/24 maxlen: 24
                          77.90.132.0/24 maxlen: 24
                          185.230.13.0/24 maxlen: 24
                          77.90.191.0/24 maxlen: 24
                          77.90.136.0/24 maxlen: 24
                          77.90.135.0/24 maxlen: 24
                          77.90.137.0/24 maxlen: 24
                          77.90.133.0/24 maxlen: 24
                          77.90.134.0/24 maxlen: 24
                          77.90.143.0/24 maxlen: 24
                          77.90.142.0/24 maxlen: 24
                          77.90.145.0/24 maxlen: 24
                          77.90.144.0/24 maxlen: 24
                          77.90.140.0/24 maxlen: 24
                          77.90.150.0/24 maxlen: 24
                          77.90.147.0/24 maxlen: 24
                          77.90.146.0/24 maxlen: 24
                          77.90.148.0/24 maxlen: 24
                          77.90.157.0/24 maxlen: 24
                          77.90.164.0/24 maxlen: 24
                          77.90.178.0/24 maxlen: 24
                          77.90.181.0/24 maxlen: 24
                          213.209.130.0/24 maxlen: 24
                          213.209.133.0/24 maxlen: 24
                          213.209.138.0/24 maxlen: 24
                          213.209.134.0/24 maxlen: 24
                          213.209.136.0/24 maxlen: 24
                          213.209.144.0/24 maxlen: 24
                          213.209.156.0/24 maxlen: 24
                          2a04:29c2::/32 maxlen: 32
                          2a04:29c7::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 155982913 (0x94c1c41)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: May 24 15:53:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=243cdf52f0103ecac579523b1404da7ca248895f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:67:02:04:04:3a:af:6e:25:bb:fd:29:69:20:
                    f3:2c:64:c0:15:96:86:c0:3c:4b:07:f5:18:08:b3:
                    da:45:d6:4e:79:40:98:7a:bb:81:4a:cd:b4:09:66:
                    51:21:27:37:d9:1b:c6:bb:28:14:21:ee:73:2f:95:
                    4e:77:89:ae:d2:b3:53:95:a6:69:87:a9:5c:5f:98:
                    00:f8:95:7f:88:e0:7f:29:cc:0e:84:b2:a7:49:36:
                    38:46:30:e2:25:a1:6e:ac:e1:dd:6e:80:a0:b8:71:
                    72:99:24:bb:db:6b:ca:39:a3:1d:40:c4:e5:e8:87:
                    3e:50:f3:16:5f:44:a3:7a:54:71:4c:9f:29:6b:a5:
                    e7:c2:4a:60:17:e4:2b:3e:55:1a:0c:63:94:7f:7d:
                    40:3c:2a:51:85:84:59:e0:25:59:1c:9a:cb:7d:15:
                    17:6f:ce:dd:bf:81:52:80:69:33:71:e8:79:68:6b:
                    9f:2a:13:90:22:ed:3a:93:a0:4a:88:32:a9:70:07:
                    59:8d:c0:fa:97:84:06:3b:1e:23:b2:60:76:96:ba:
                    52:23:5f:63:dc:52:63:65:3c:db:dc:79:39:84:d7:
                    7f:6b:46:5e:07:b4:40:f0:08:df:29:da:6a:ba:e7:
                    98:60:6e:d6:cc:1d:01:80:29:78:d7:2b:e8:80:93:
                    a0:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:3C:DF:52:F0:10:3E:CA:C5:79:52:3B:14:04:DA:7C:A2:48:89:5F
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/JDzfUvAQPsrFeVI7FATafKJIiV8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.128.0-77.90.130.255
                  77.90.132.0-77.90.137.255
                  77.90.140.0/24
                  77.90.142.0-77.90.148.255
                  77.90.150.0/24
                  77.90.157.0/24
                  77.90.164.0/24
                  77.90.178.0/24
                  77.90.181.0/24
                  77.90.191.0/24
                  185.230.13.0/24
                  213.209.130.0/24
                  213.209.133.0-213.209.134.255
                  213.209.136.0/24
                  213.209.138.0/24
                  213.209.144.0/24
                  213.209.156.0/24
                IPv6:
                  2a04:29c2::/32
                  2a04:29c7::/32

    Signature Algorithm: sha256WithRSAEncryption
         3f:b5:b1:b1:2b:71:b5:c4:a3:7d:d2:a6:90:4c:93:79:8c:45:
         0a:a9:67:a1:45:21:eb:74:47:97:5f:0d:57:58:35:e0:5e:a3:
         cb:68:91:b2:0b:43:a4:53:5d:47:bd:17:93:3c:1a:ca:32:12:
         8c:fe:01:9b:ae:cd:f7:dd:0c:22:72:f5:2c:09:39:0c:69:aa:
         ea:9e:dd:84:2e:10:28:7d:1f:86:f6:d3:bf:e2:09:a2:d0:80:
         9f:93:d7:bd:ce:5c:4c:a9:f7:62:46:06:ea:01:bd:89:8a:ff:
         25:ef:2d:00:bf:97:f0:92:e0:76:35:0b:83:36:b9:70:dd:26:
         c0:25:cd:49:77:36:07:cf:80:b4:9d:22:71:2d:91:e4:45:87:
         5b:46:be:80:d0:ba:cc:e5:f2:60:22:06:3a:dd:bc:1e:2b:41:
         1c:d4:03:06:d1:00:54:83:19:fd:1b:49:79:02:6a:be:77:a5:
         bd:f4:44:08:a6:8d:6e:d0:33:ab:6e:8c:6a:f7:94:cd:a5:90:
         77:d6:1d:88:ff:72:88:6b:e4:77:26:70:f8:a1:e6:f6:9f:0c:
         52:10:37:29:a9:cc:31:b5:1d:c4:3b:42:1e:ac:bc:54:b8:9e:
         77:a5:4b:e8:7d:f7:50:38:99:88:26:f1:f9:84:4d:3d:25:5e:
         cb:2f:3e:71
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIECUwcQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDUy
NDE1NTMxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjQzY2RmNTJmMDEw
M2VjYWM1Nzk1MjNiMTQwNGRhN2NhMjQ4ODk1ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAItnAgQEOq9uJbv9KWkg8yxkwBWWhsA8Swf1GAiz2kXWTnlA
mHq7gUrNtAlmUSEnN9kbxrsoFCHucy+VTneJrtKzU5WmaYepXF+YAPiVf4jgfynM
DoSyp0k2OEYw4iWhbqzh3W6AoLhxcpkku9tryjmjHUDE5eiHPlDzFl9Eo3pUcUyf
KWul58JKYBfkKz5VGgxjlH99QDwqUYWEWeAlWRyay30VF2/O3b+BUoBpM3HoeWhr
nyoTkCLtOpOgSogyqXAHWY3A+peEBjseI7Jgdpa6UiNfY9xSY2U829x5OYTXf2tG
Xge0QPAI3ynaarrnmGBu1swdAYApeNcr6ICToGUCAwEAAaOCAqQwggKgMB0GA1Ud
DgQWBBQkPN9S8BA+ysV5UjsUBNp8okiJXzAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L0pEemZVdkFRUHNyRmVWSTdGQVRhZktKSWlWOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
uQYIKwYBBQUHAQcBAf8EgakwgaYwgY0EAgABMIGGMAwDBAdNWoADBABNWoIwDAME
Ak1ahAMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqUAwQATVqWAwQATVqdAwQATVqk
AwQATVqyAwQATVq1AwQATVq/AwQAueYNAwQA1dGCMAwDBADV0YUDBADV0YYDBADV
0YgDBADV0YoDBADV0ZADBADV0ZwwFAQCAAIwDgMFACoEKcIDBQAqBCnHMA0GCSqG
SIb3DQEBCwUAA4IBAQA/tbGxK3G1xKN90qaQTJN5jEUKqWehRSHrdEeXXw1XWDXg
XqPLaJGyC0OkU11HvReTPBrKMhKM/gGbrs333QwicvUsCTkMaarqnt2ELhAofR+G
9tO/4gmi0ICfk9e9zlxMqfdiRgbqAb2Jiv8l7y0Av5fwkuB2NQuDNrlw3SbAJc1J
dzYHz4C0nSJxLZHkRYdbRr6A0LrM5fJgIgY63bweK0Ec1AMG0QBUgxn9G0l5Amq+
d6W99EQIpo1u0DOrboxq95TNpZB31h2I/3KIa+R3JnD4oeb2nwxSEDcpqcwxtR3E
O0IerLxUuJ53pUvoffdQOJmIJvH5hE09JV7LLz5x
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org