Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/LPNaGTbyVHQmaGA7bHNyFTIMq5k.roa
File:                     LPNaGTbyVHQmaGA7bHNyFTIMq5k.roa (raw, json)
Hash identifier:          /hP3U8gE7g8bvUxca78kFfKyXh+uadgjgr7cCH1yoeA=
Subject key identifier:   2C:F3:5A:19:36:F2:54:74:26:68:60:3B:6C:73:72:15:32:0C:AB:99
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       09B2D47A
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/LPNaGTbyVHQmaGA7bHNyFTIMq5k.roa
Signing time:             Fri 17 Jun 2022 15:30:44 +0000
ROA not before:           Fri 17 Jun 2022 15:30:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42821
IP address blocks:        77.90.129.0/24 maxlen: 24
                          77.90.128.0/24 maxlen: 24
                          77.90.130.0/24 maxlen: 24
                          77.90.132.0/24 maxlen: 24
                          185.230.15.0/24 maxlen: 24
                          77.90.191.0/24 maxlen: 24
                          77.90.188.0/24 maxlen: 24
                          77.90.136.0/24 maxlen: 24
                          77.90.135.0/24 maxlen: 24
                          77.90.138.0/24 maxlen: 24
                          77.90.137.0/24 maxlen: 24
                          77.90.133.0/24 maxlen: 24
                          77.90.134.0/24 maxlen: 24
                          77.90.143.0/24 maxlen: 24
                          77.90.142.0/24 maxlen: 24
                          77.90.144.0/24 maxlen: 24
                          77.90.140.0/24 maxlen: 24
                          77.90.149.0/24 maxlen: 24
                          77.90.147.0/24 maxlen: 24
                          77.90.146.0/24 maxlen: 24
                          77.90.148.0/24 maxlen: 24
                          77.90.153.0/24 maxlen: 24
                          77.90.164.0/24 maxlen: 24
                          77.90.179.0/24 maxlen: 24
                          77.90.181.0/24 maxlen: 24
                          213.209.130.0/24 maxlen: 24
                          213.209.138.0/24 maxlen: 24
                          213.209.136.0/24 maxlen: 24
                          213.209.144.0/24 maxlen: 24
                          213.209.143.0/24 maxlen: 24
                          213.209.147.0/24 maxlen: 24
                          213.209.159.0/24 maxlen: 24
                          213.209.158.0/24 maxlen: 24
                          2a04:29c2::/32 maxlen: 32
                          2a04:29c7:1290:24::/64 maxlen: 64
                          2a04:29c7:1371:6027::/64 maxlen: 64
                          2a04:29c7:1280:27::/64 maxlen: 64
                          2a04:29c7:1420::/48 maxlen: 48
                          2a04:29c7::/32 maxlen: 32
                          2a04:29c7:1280:24::/64 maxlen: 64
                          2a04:29c7:1300:24::/64 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 162714746 (0x9b2d47a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Jun 17 15:30:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2cf35a1936f254742668603b6c737215320cab99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:5d:d5:50:67:5f:a0:b3:44:92:22:0c:e9:a5:
                    4f:9d:c9:82:22:2a:a9:d2:a9:28:e2:fd:06:ee:47:
                    10:da:d3:e8:75:bd:9c:4a:bf:22:9d:fe:6a:9a:39:
                    93:ed:0b:62:7b:37:5e:53:a5:84:38:34:2d:5d:26:
                    e8:84:8f:fb:93:49:33:c2:9b:af:9c:79:e8:95:d3:
                    ec:37:16:7d:a2:f8:11:c9:b3:b1:68:7e:c6:0b:af:
                    dc:d1:17:bd:9c:4c:a0:e5:d2:f6:8d:83:73:77:8f:
                    88:96:0c:16:18:bb:ff:85:0f:ef:10:b7:5b:68:6a:
                    f7:be:a6:f1:25:42:9b:97:17:0c:45:c3:4a:87:f2:
                    c4:c4:97:f3:ed:ee:c2:ef:65:3e:c8:33:3c:3c:3a:
                    e4:99:84:17:3b:49:0b:f8:ce:2e:1e:29:56:9d:70:
                    1a:8c:df:78:3e:c8:81:29:eb:1f:03:b2:14:01:a2:
                    93:ff:b9:fa:fd:e1:c9:1c:29:d3:a8:fc:d2:0b:84:
                    50:47:0b:4a:86:42:54:31:d7:f3:d9:92:76:f3:1f:
                    82:13:0f:2f:61:4a:76:70:56:aa:45:46:90:8a:f9:
                    f6:cb:30:0f:e1:12:52:0e:fd:1e:01:28:67:6b:aa:
                    07:73:87:9b:7e:5e:8c:58:38:3d:3e:46:cb:33:66:
                    ef:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:F3:5A:19:36:F2:54:74:26:68:60:3B:6C:73:72:15:32:0C:AB:99
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/LPNaGTbyVHQmaGA7bHNyFTIMq5k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.128.0-77.90.130.255
                  77.90.132.0-77.90.138.255
                  77.90.140.0/24
                  77.90.142.0-77.90.144.255
                  77.90.146.0-77.90.149.255
                  77.90.153.0/24
                  77.90.164.0/24
                  77.90.179.0/24
                  77.90.181.0/24
                  77.90.188.0/24
                  77.90.191.0/24
                  185.230.15.0/24
                  213.209.130.0/24
                  213.209.136.0/24
                  213.209.138.0/24
                  213.209.143.0-213.209.144.255
                  213.209.147.0/24
                  213.209.158.0/23
                IPv6:
                  2a04:29c2::/32
                  2a04:29c7::/32

    Signature Algorithm: sha256WithRSAEncryption
         68:d0:e8:4e:7c:aa:52:13:7f:3f:37:1a:1a:7b:3a:79:3a:e1:
         49:c2:1d:09:b1:6b:a2:54:17:63:d9:3b:6e:0b:41:32:16:13:
         3e:f9:d6:c5:be:9e:76:c8:ec:4f:4b:22:ab:8d:c2:87:e3:ce:
         63:5d:5d:41:66:cb:1a:42:a0:29:55:96:5f:da:2a:d2:6d:92:
         91:55:ac:56:e2:78:95:c5:28:d8:2b:35:87:6b:32:d2:e3:4a:
         ab:4d:56:59:81:89:b0:d2:35:0d:fa:eb:74:00:65:ab:22:0d:
         7b:1c:58:80:c5:08:17:2b:b4:8f:32:36:fc:71:40:27:11:7a:
         f3:ab:54:61:5c:4c:f0:6b:79:d0:53:3d:58:d4:e6:7d:ff:6d:
         36:36:a2:0c:0d:06:22:57:79:07:3d:e7:76:5c:fb:9e:fc:34:
         d7:06:3e:b1:e6:43:3a:61:ec:ee:6f:a5:2a:d4:a9:f7:ad:03:
         20:82:ec:99:ac:6d:10:1e:bd:ba:f0:38:d2:be:f7:2c:c7:28:
         88:ed:2a:90:45:06:ff:f6:af:02:3a:c3:1d:86:76:5d:ad:52:
         ed:03:32:83:aa:3c:db:9d:5b:52:46:87:fb:08:c3:ab:f0:b2:
         97:55:d6:71:f7:cd:55:95:fe:9e:76:64:a1:c9:94:98:c1:95:
         c0:16:0c:68
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIECbLUejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDYx
NzE1MzA0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmNmMzVhMTkzNmYy
NTQ3NDI2Njg2MDNiNmM3MzcyMTUzMjBjYWI5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPRd1VBnX6CzRJIiDOmlT53JgiIqqdKpKOL9Bu5HENrT6HW9
nEq/Ip3+apo5k+0LYns3XlOlhDg0LV0m6ISP+5NJM8Kbr5x56JXT7DcWfaL4Ecmz
sWh+xguv3NEXvZxMoOXS9o2Dc3ePiJYMFhi7/4UP7xC3W2hq976m8SVCm5cXDEXD
SofyxMSX8+3uwu9lPsgzPDw65JmEFztJC/jOLh4pVp1wGozfeD7IgSnrHwOyFAGi
k/+5+v3hyRwp06j80guEUEcLSoZCVDHX89mSdvMfghMPL2FKdnBWqkVGkIr59ssw
D+ESUg79HgEoZ2uqB3OHm35ejFg4PT5GyzNm7+kCAwEAAaOCArIwggKuMB0GA1Ud
DgQWBBQs81oZNvJUdCZoYDtsc3IVMgyrmTAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L0xQTmFHVGJ5VkhRbWFHQTdiSE55RlRJTXE1ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
xwYIKwYBBQUHAQcBAf8EgbcwgbQwgZsEAgABMIGUMAwDBAdNWoADBABNWoIwDAME
Ak1ahAMEAE1aigMEAE1ajDAMAwQBTVqOAwQATVqQMAwDBAFNWpIDBAFNWpQDBABN
WpkDBABNWqQDBABNWrMDBABNWrUDBABNWrwDBABNWr8DBAC55g8DBADV0YIDBADV
0YgDBADV0YowDAMEANXRjwMEANXRkAMEANXRkwMEAdXRnjAUBAIAAjAOAwUAKgQp
wgMFACoEKccwDQYJKoZIhvcNAQELBQADggEBAGjQ6E58qlITfz83Ghp7Onk64UnC
HQmxa6JUF2PZO24LQTIWEz751sW+nnbI7E9LIquNwofjzmNdXUFmyxpCoClVll/a
KtJtkpFVrFbieJXFKNgrNYdrMtLjSqtNVlmBibDSNQ3663QAZasiDXscWIDFCBcr
tI8yNvxxQCcRevOrVGFcTPBredBTPVjU5n3/bTY2ogwNBiJXeQc953Zc+578NNcG
PrHmQzph7O5vpSrUqfetAyCC7JmsbRAevbrwONK+9yzHKIjtKpBFBv/2rwI6wx2G
dl2tUu0DMoOqPNudW1JGh/sIw6vwspdV1nH3zVWV/p52ZKHJlJjBlcAWDGg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org