Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/LTxDhV5uPOl3p77kRKYREvYb3zQ.roa
File:                     LTxDhV5uPOl3p77kRKYREvYb3zQ.roa (raw, json)
Hash identifier:          2M/JCUzlwkw2iiKmHGFbUJxsnmkXzXqkw9aGXqSpyYQ=
Subject key identifier:   2D:3C:43:85:5E:6E:3C:E9:77:A7:BE:E4:44:A6:11:12:F6:1B:DF:34
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       09C1F1AC
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/LTxDhV5uPOl3p77kRKYREvYb3zQ.roa
Signing time:             Tue 21 Jun 2022 12:17:45 +0000
ROA not before:           Tue 21 Jun 2022 12:17:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42821
IP address blocks:        77.90.129.0/24 maxlen: 24
                          77.90.128.0/24 maxlen: 24
                          77.90.130.0/24 maxlen: 24
                          77.90.132.0/24 maxlen: 24
                          185.230.15.0/24 maxlen: 24
                          77.90.191.0/24 maxlen: 24
                          77.90.188.0/24 maxlen: 24
                          77.90.136.0/24 maxlen: 24
                          77.90.135.0/24 maxlen: 24
                          77.90.138.0/24 maxlen: 24
                          77.90.137.0/24 maxlen: 24
                          77.90.133.0/24 maxlen: 24
                          77.90.134.0/24 maxlen: 24
                          77.90.143.0/24 maxlen: 24
                          77.90.142.0/24 maxlen: 24
                          77.90.144.0/24 maxlen: 24
                          77.90.140.0/24 maxlen: 24
                          77.90.149.0/24 maxlen: 24
                          77.90.147.0/24 maxlen: 24
                          77.90.146.0/24 maxlen: 24
                          77.90.148.0/24 maxlen: 24
                          77.90.153.0/24 maxlen: 24
                          77.90.154.0/24 maxlen: 24
                          77.90.164.0/24 maxlen: 24
                          77.90.179.0/24 maxlen: 24
                          77.90.181.0/24 maxlen: 24
                          213.209.130.0/24 maxlen: 24
                          213.209.138.0/24 maxlen: 24
                          213.209.136.0/24 maxlen: 24
                          213.209.145.0/24 maxlen: 24
                          213.209.143.0/24 maxlen: 24
                          213.209.147.0/24 maxlen: 24
                          213.209.159.0/24 maxlen: 24
                          213.209.158.0/24 maxlen: 24
                          2a04:29c2::/32 maxlen: 32
                          2a04:29c7:1290:24::/64 maxlen: 64
                          2a04:29c7:1371:6027::/64 maxlen: 64
                          2a04:29c7:1280:27::/64 maxlen: 64
                          2a04:29c7:1420::/48 maxlen: 48
                          2a04:29c7::/32 maxlen: 32
                          2a04:29c7:1280:24::/64 maxlen: 64
                          2a04:29c7:1300:24::/64 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 163705260 (0x9c1f1ac)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Jun 21 12:17:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2d3c43855e6e3ce977a7bee444a61112f61bdf34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:8d:35:d2:8b:6a:3e:fe:3e:fd:9a:9a:03:2e:
                    12:c1:61:81:a0:e1:24:a1:72:3c:02:f8:71:f9:7f:
                    8e:ef:c0:7b:56:8c:11:89:74:ad:c4:f7:4c:e1:8a:
                    6e:fe:30:e6:45:89:e2:22:5b:38:ed:02:a1:d9:99:
                    72:69:22:28:59:44:08:17:6b:97:2f:a6:3f:fd:15:
                    20:d4:ed:76:98:5e:05:5c:7f:fd:81:05:f0:81:48:
                    1b:e4:7e:10:70:cb:61:fc:f6:e9:29:c3:f5:9d:5a:
                    d2:f8:f4:85:a0:aa:25:57:a8:5f:bb:b1:da:cb:63:
                    72:0e:bb:95:a1:7c:3a:d6:7d:e4:1a:7c:c2:5b:b5:
                    4d:cb:31:2e:6a:55:cd:f4:60:f2:8a:2f:34:d3:42:
                    82:08:66:62:d6:9b:3b:82:8c:53:ba:14:08:ac:7a:
                    ec:45:36:31:19:3c:b0:4e:aa:84:79:cc:39:14:63:
                    fe:98:23:da:60:84:0e:ff:0d:2e:57:4a:e1:ba:51:
                    f1:0e:fb:ef:da:05:96:d4:24:d1:bc:4b:c8:12:cb:
                    bc:5c:78:94:05:dc:9d:d8:f5:03:30:e3:73:cf:07:
                    cd:c8:bd:9e:ae:f0:02:fb:37:3b:89:d1:5d:16:07:
                    9f:75:2f:eb:8f:6c:18:73:42:bd:65:14:3d:80:e2:
                    76:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:3C:43:85:5E:6E:3C:E9:77:A7:BE:E4:44:A6:11:12:F6:1B:DF:34
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/LTxDhV5uPOl3p77kRKYREvYb3zQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.128.0-77.90.130.255
                  77.90.132.0-77.90.138.255
                  77.90.140.0/24
                  77.90.142.0-77.90.144.255
                  77.90.146.0-77.90.149.255
                  77.90.153.0-77.90.154.255
                  77.90.164.0/24
                  77.90.179.0/24
                  77.90.181.0/24
                  77.90.188.0/24
                  77.90.191.0/24
                  185.230.15.0/24
                  213.209.130.0/24
                  213.209.136.0/24
                  213.209.138.0/24
                  213.209.143.0/24
                  213.209.145.0/24
                  213.209.147.0/24
                  213.209.158.0/23
                IPv6:
                  2a04:29c2::/32
                  2a04:29c7::/32

    Signature Algorithm: sha256WithRSAEncryption
         1a:e3:9d:6f:44:cb:12:8a:1b:5e:1f:42:bf:4a:14:49:95:ca:
         ed:8b:9a:78:4d:fa:04:95:e7:54:32:62:3a:49:b8:d2:18:d6:
         f2:2f:bf:59:76:68:85:83:20:16:52:0d:86:7b:91:00:d2:70:
         78:29:a2:44:49:50:93:30:32:eb:7d:1d:75:46:f6:6c:b1:0d:
         32:35:b8:7f:09:30:e3:da:a9:16:a7:87:8d:cd:21:2e:52:b2:
         79:9c:e4:54:8b:54:08:4a:cb:eb:f3:2b:13:6c:33:c0:52:1b:
         2c:1d:e0:c2:cc:14:f4:fb:a1:03:8f:56:45:c2:04:ce:1e:bc:
         42:24:dc:22:dd:b0:e3:21:8b:b3:40:15:6d:03:0e:f7:14:6f:
         8d:44:1f:74:59:25:d2:87:cc:8e:36:e7:df:39:19:e1:6e:25:
         1d:a7:05:5c:42:63:71:9a:07:69:5b:86:0c:47:0b:99:ef:7a:
         75:25:3b:99:a0:7d:b1:08:01:6c:59:c4:e0:da:9a:67:48:bc:
         eb:39:1f:16:54:54:e7:70:55:b2:d7:b7:5c:eb:54:a3:92:2c:
         90:2c:1f:af:2f:91:4a:b8:c2:e3:6a:24:0f:94:94:c3:97:d1:
         94:29:8a:84:01:1c:cb:55:21:2b:67:ee:71:05:54:fe:a2:01:
         12:fe:7a:9a
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIECcHxrDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDYy
MTEyMTc0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmQzYzQzODU1ZTZl
M2NlOTc3YTdiZWU0NDRhNjExMTJmNjFiZGYzNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALiNNdKLaj7+Pv2amgMuEsFhgaDhJKFyPAL4cfl/ju/Ae1aM
EYl0rcT3TOGKbv4w5kWJ4iJbOO0CodmZcmkiKFlECBdrly+mP/0VINTtdpheBVx/
/YEF8IFIG+R+EHDLYfz26SnD9Z1a0vj0haCqJVeoX7ux2stjcg67laF8OtZ95Bp8
wlu1TcsxLmpVzfRg8oovNNNCgghmYtabO4KMU7oUCKx67EU2MRk8sE6qhHnMORRj
/pgj2mCEDv8NLldK4bpR8Q7779oFltQk0bxLyBLLvFx4lAXcndj1AzDjc88Hzci9
nq7wAvs3O4nRXRYHn3Uv649sGHNCvWUUPYDidrUCAwEAAaOCArgwggK0MB0GA1Ud
DgQWBBQtPEOFXm486XenvuREphES9hvfNDAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L0xUeERoVjV1UE9sM3A3N2tSS1lSRXZZYjN6US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
zQYIKwYBBQUHAQcBAf8Egb0wgbowgaEEAgABMIGaMAwDBAdNWoADBABNWoIwDAME
Ak1ahAMEAE1aigMEAE1ajDAMAwQBTVqOAwQATVqQMAwDBAFNWpIDBAFNWpQwDAME
AE1amQMEAE1amgMEAE1apAMEAE1aswMEAE1atQMEAE1avAMEAE1avwMEALnmDwME
ANXRggMEANXRiAMEANXRigMEANXRjwMEANXRkQMEANXRkwMEAdXRnjAUBAIAAjAO
AwUAKgQpwgMFACoEKccwDQYJKoZIhvcNAQELBQADggEBABrjnW9EyxKKG14fQr9K
FEmVyu2LmnhN+gSV51QyYjpJuNIY1vIvv1l2aIWDIBZSDYZ7kQDScHgpokRJUJMw
Mut9HXVG9myxDTI1uH8JMOPaqRanh43NIS5Ssnmc5FSLVAhKy+vzKxNsM8BSGywd
4MLMFPT7oQOPVkXCBM4evEIk3CLdsOMhi7NAFW0DDvcUb41EH3RZJdKHzI425985
GeFuJR2nBVxCY3GaB2lbhgxHC5nvenUlO5mgfbEIAWxZxODammdIvOs5HxZUVOdw
VbLXt1zrVKOSLJAsH68vkUq4wuNqJA+UlMOX0ZQpioQBHMtVIStn7nEFVP6iARL+
epo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org