Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/JG3ZH7lMy2H7drpiZ_rI6DDY2jY.roa
File:                     JG3ZH7lMy2H7drpiZ_rI6DDY2jY.roa (raw, json)
Hash identifier:          1sTYuLxPAJi3P1KkuJzW7Vd0FCVTgcsOncU0QuTk4gs=
Subject key identifier:   24:6D:D9:1F:B9:4C:CB:61:FB:76:BA:62:67:FA:C8:E8:30:D8:DA:36
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       083BF5A1
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/JG3ZH7lMy2H7drpiZ_rI6DDY2jY.roa
Signing time:             Tue 22 Mar 2022 09:01:14 +0000
ROA not before:           Tue 22 Mar 2022 09:01:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     49870
IP address blocks:        213.209.146.0/24 maxlen: 24
                          77.90.164.0/24 maxlen: 24
                          77.90.181.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 138147233 (0x83bf5a1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Mar 22 09:01:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=246dd91fb94ccb61fb76ba6267fac8e830d8da36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:35:19:99:73:63:1d:52:5f:48:12:60:44:36:
                    71:a3:5a:b7:82:e9:88:6d:fd:43:15:aa:6b:57:66:
                    aa:01:39:d8:9b:dd:1a:61:9e:e1:62:b9:45:05:75:
                    51:51:80:7b:fb:31:5b:d9:06:c6:e2:5a:8e:6e:e5:
                    dc:b2:68:99:bd:62:de:64:67:b0:d5:63:84:bc:fe:
                    10:f4:b1:74:05:82:ec:6f:c4:08:d9:90:cf:86:bb:
                    6b:dd:04:d6:50:68:bd:0b:3f:9b:16:94:3c:8e:9c:
                    93:45:17:88:39:ef:d7:b0:14:b1:a3:c1:cc:c2:a1:
                    83:92:71:9b:34:53:7f:8a:9b:f8:c3:56:35:ec:81:
                    f7:c5:03:ce:7b:36:2a:1d:8d:d4:e6:2d:32:5d:f4:
                    78:74:c6:ac:81:e7:52:9a:91:6d:a1:aa:86:fd:07:
                    d0:89:9f:b0:3a:09:04:b6:6a:5a:ab:5c:17:3d:70:
                    23:81:98:db:60:ab:54:d7:c4:e0:52:98:93:75:6f:
                    cf:59:75:dd:9b:01:e1:77:be:7e:71:54:00:c7:89:
                    f0:c9:6f:15:d0:5e:71:71:95:53:3b:db:51:81:4b:
                    c0:a7:1d:59:ea:a4:1c:cb:2a:a2:03:21:ba:31:dc:
                    e4:cb:1a:73:a1:69:d8:75:98:26:5f:4b:74:35:4b:
                    c8:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:6D:D9:1F:B9:4C:CB:61:FB:76:BA:62:67:FA:C8:E8:30:D8:DA:36
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/JG3ZH7lMy2H7drpiZ_rI6DDY2jY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.164.0/24
                  77.90.181.0/24
                  213.209.146.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:6d:3a:cb:de:d8:59:54:b4:bd:78:a3:69:31:12:b2:a3:57:
         e0:19:b0:8f:a0:b7:43:f4:fb:74:28:7f:c9:fd:3e:f3:a2:25:
         9d:a5:4d:e9:dc:7c:90:25:8c:41:b5:70:a8:48:e2:6c:78:6d:
         52:ed:a6:81:72:a7:76:a7:b2:96:e3:f4:1f:12:bc:51:4c:99:
         50:dc:a6:37:82:da:fe:3e:a0:84:23:89:3a:5d:9b:1d:73:ad:
         f2:19:de:ba:88:13:6d:89:9a:99:26:d2:b1:b4:09:43:68:c2:
         06:63:66:a6:1c:17:62:3e:9a:59:32:1b:67:51:66:80:7b:0a:
         90:e5:25:14:78:30:8b:bb:f7:4a:56:a5:6b:0b:b7:96:3b:7c:
         e3:56:ee:ec:59:06:e8:46:15:05:fa:af:22:67:17:f6:7e:24:
         37:fc:1c:12:88:2d:39:c9:a2:e3:c3:7e:0f:2b:56:8b:07:2a:
         72:ba:bf:e9:70:49:5a:ce:26:fe:cf:f4:7d:fb:d0:c4:55:fd:
         c5:53:d2:52:b2:33:d4:89:b0:9b:c0:3e:02:dd:53:e6:33:b4:
         1f:27:f0:d6:4f:cf:a5:99:32:65:1f:8d:31:bd:79:f3:f3:a1:
         dd:6a:b3:6f:12:67:5e:c9:dd:e6:a4:e8:8d:6f:eb:0f:8c:85:
         cf:dd:e4:73
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECDv1oTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDMy
MjA5MDExNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjQ2ZGQ5MWZiOTRj
Y2I2MWZiNzZiYTYyNjdmYWM4ZTgzMGQ4ZGEzNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALs1GZlzYx1SX0gSYEQ2caNat4LpiG39QxWqa1dmqgE52Jvd
GmGe4WK5RQV1UVGAe/sxW9kGxuJajm7l3LJomb1i3mRnsNVjhLz+EPSxdAWC7G/E
CNmQz4a7a90E1lBovQs/mxaUPI6ck0UXiDnv17AUsaPBzMKhg5JxmzRTf4qb+MNW
NeyB98UDzns2Kh2N1OYtMl30eHTGrIHnUpqRbaGqhv0H0ImfsDoJBLZqWqtcFz1w
I4GY22CrVNfE4FKYk3Vvz1l13ZsB4Xe+fnFUAMeJ8MlvFdBecXGVUzvbUYFLwKcd
WeqkHMsqogMhujHc5Msac6Fp2HWYJl9LdDVLyJcCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQkbdkfuUzLYft2umJn+sjoMNjaNjAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L0pHM1pIN2xNeTJIN2RycGlaX3JJNkREWTJqWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAE1apAMEAE1atQMEANXRkjANBgkq
hkiG9w0BAQsFAAOCAQEAXG06y97YWVS0vXijaTESsqNX4Bmwj6C3Q/T7dCh/yf0+
86IlnaVN6dx8kCWMQbVwqEjibHhtUu2mgXKndqeyluP0HxK8UUyZUNymN4La/j6g
hCOJOl2bHXOt8hneuogTbYmamSbSsbQJQ2jCBmNmphwXYj6aWTIbZ1FmgHsKkOUl
FHgwi7v3Slalawu3ljt841bu7FkG6EYVBfqvImcX9n4kN/wcEogtOcmi48N+DytW
iwcqcrq/6XBJWs4m/s/0ffvQxFX9xVPSUrIz1Imwm8A+At1T5jO0Hyfw1k/PpZky
ZR+NMb158/Oh3WqzbxJnXsnd5qTojW/rD4yFz93kcw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org