Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/QDBrO_-WH2X3xdGgclI5Lbfi3OI.roa
File:                     QDBrO_-WH2X3xdGgclI5Lbfi3OI.roa (raw, json)
Hash identifier:          UwYp0K5RS1DU9azTt02O+aJD635RDkk/t3RNrAZY/+8=
Subject key identifier:   40:30:6B:3B:FF:96:1F:65:F7:C5:D1:A0:72:52:39:2D:B7:E2:DC:E2
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       08CB4F83
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/QDBrO_-WH2X3xdGgclI5Lbfi3OI.roa
Signing time:             Sat 23 Apr 2022 12:38:53 +0000
ROA not before:           Sat 23 Apr 2022 12:38:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42821
IP address blocks:        77.90.129.0/24 maxlen: 24
                          77.90.128.0/24 maxlen: 24
                          77.90.130.0/24 maxlen: 24
                          77.90.132.0/24 maxlen: 24
                          185.230.13.0/24 maxlen: 24
                          77.90.191.0/24 maxlen: 24
                          77.90.136.0/24 maxlen: 24
                          77.90.135.0/24 maxlen: 24
                          77.90.138.0/24 maxlen: 24
                          77.90.137.0/24 maxlen: 24
                          77.90.133.0/24 maxlen: 24
                          77.90.134.0/24 maxlen: 24
                          77.90.139.0/24 maxlen: 24
                          77.90.143.0/24 maxlen: 24
                          77.90.142.0/24 maxlen: 24
                          77.90.145.0/24 maxlen: 24
                          77.90.144.0/24 maxlen: 24
                          77.90.140.0/24 maxlen: 24
                          77.90.152.0/24 maxlen: 24
                          77.90.147.0/24 maxlen: 24
                          77.90.146.0/24 maxlen: 24
                          77.90.148.0/24 maxlen: 24
                          77.90.178.0/24 maxlen: 24
                          77.90.180.0/24 maxlen: 24
                          77.90.185.0/24 maxlen: 24
                          213.209.130.0/24 maxlen: 24
                          213.209.138.0/24 maxlen: 24
                          213.209.136.0/24 maxlen: 24
                          213.209.147.0/24 maxlen: 24
                          213.209.146.0/24 maxlen: 24
                          213.209.149.0/24 maxlen: 24
                          213.209.156.0/24 maxlen: 24
                          2a04:29c2::/32 maxlen: 32
                          2a04:29c7::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 147541891 (0x8cb4f83)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Apr 23 12:38:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=40306b3bff961f65f7c5d1a07252392db7e2dce2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:ff:14:a7:d0:59:0f:56:51:da:c8:af:ab:65:
                    cb:c7:b5:d5:af:79:34:97:04:b5:ce:1a:bc:d3:f0:
                    9e:9e:ed:a2:23:fa:95:38:ad:f6:b3:50:27:a7:0d:
                    d6:2a:1e:07:ed:8b:cd:72:a8:11:6f:38:b3:d1:ac:
                    04:de:50:b5:11:16:8e:b1:58:95:69:f1:c8:b5:ad:
                    5c:93:8a:6d:a7:da:e9:c3:4a:96:c3:62:49:48:97:
                    d3:af:ab:65:04:23:c0:89:d2:d8:a5:1c:39:e9:40:
                    9d:90:0a:5a:1d:35:e7:7e:dc:95:42:32:c0:e9:87:
                    80:16:6d:68:5e:f0:56:f7:6f:00:6d:e2:f5:2e:e5:
                    b4:bc:78:f0:bd:db:8a:e0:78:6f:d0:7b:5a:d9:96:
                    ff:96:05:3e:02:f8:a0:64:d5:78:4b:31:61:bc:2f:
                    45:e8:6e:56:cd:f9:a0:b2:b6:07:6e:b9:d3:4e:a7:
                    92:bb:b2:1f:08:02:28:ce:93:98:9e:bd:9b:a8:75:
                    d0:65:a2:32:3b:c8:05:88:c0:11:e8:c8:1e:87:89:
                    1e:bd:19:40:e7:73:16:d9:f9:49:be:9b:48:11:c3:
                    f5:16:95:b3:c3:39:b0:7e:fb:64:8e:2e:86:d9:69:
                    1c:f7:97:03:99:6e:a6:a0:59:62:2c:e9:8c:79:04:
                    f9:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:30:6B:3B:FF:96:1F:65:F7:C5:D1:A0:72:52:39:2D:B7:E2:DC:E2
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/QDBrO_-WH2X3xdGgclI5Lbfi3OI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.128.0-77.90.130.255
                  77.90.132.0-77.90.140.255
                  77.90.142.0-77.90.148.255
                  77.90.152.0/24
                  77.90.178.0/24
                  77.90.180.0/24
                  77.90.185.0/24
                  77.90.191.0/24
                  185.230.13.0/24
                  213.209.130.0/24
                  213.209.136.0/24
                  213.209.138.0/24
                  213.209.146.0/23
                  213.209.149.0/24
                  213.209.156.0/24
                IPv6:
                  2a04:29c2::/32
                  2a04:29c7::/32

    Signature Algorithm: sha256WithRSAEncryption
         36:d3:16:4b:f6:0a:b8:a0:0e:1e:61:29:85:18:e5:f2:1e:f5:
         39:8b:2c:dd:53:1e:ad:81:28:b8:39:d0:d4:07:3c:9d:75:cd:
         34:82:b1:47:72:3a:ca:db:62:bd:68:52:0a:5b:96:7a:a1:72:
         9e:d7:3f:64:e3:f8:26:06:13:f7:98:0a:c7:6a:09:53:6f:99:
         dc:bc:c6:1a:45:cd:25:25:c0:fc:0c:8d:56:65:80:dc:09:d6:
         77:3f:09:98:b4:51:b3:3f:f6:4c:09:73:ef:ca:86:57:f8:f1:
         48:c2:9b:0b:2f:38:3e:ef:2c:72:f6:93:0d:55:e7:cb:9c:9e:
         08:a7:6c:fc:e0:0a:ef:52:bc:01:9c:66:62:ce:2e:11:9d:dc:
         18:e4:1c:94:a5:e8:cd:56:f6:22:3d:1f:70:e8:79:a1:d7:ee:
         eb:61:92:6b:a7:d2:ae:4f:48:1b:88:f8:f0:39:56:5f:6c:17:
         51:8a:49:1e:52:08:d2:17:52:f9:81:77:b0:a2:92:56:58:be:
         de:bf:a3:01:43:d3:7b:77:63:b5:d6:6c:50:ab:c2:85:e4:8d:
         39:7c:97:4f:42:a6:bc:96:2f:0b:8c:13:db:37:f8:04:2f:59:
         1f:88:bb:c7:e2:90:f0:15:26:c8:bc:4a:67:80:93:47:ae:53:
         f0:de:c5:ee
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgIECMtPgzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDQy
MzEyMzg1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDAzMDZiM2JmZjk2
MWY2NWY3YzVkMWEwNzI1MjM5MmRiN2UyZGNlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALv/FKfQWQ9WUdrIr6tly8e11a95NJcEtc4avNPwnp7toiP6
lTit9rNQJ6cN1ioeB+2LzXKoEW84s9GsBN5QtREWjrFYlWnxyLWtXJOKbafa6cNK
lsNiSUiX06+rZQQjwInS2KUcOelAnZAKWh01537clUIywOmHgBZtaF7wVvdvAG3i
9S7ltLx48L3biuB4b9B7WtmW/5YFPgL4oGTVeEsxYbwvRehuVs35oLK2B265006n
kruyHwgCKM6TmJ69m6h10GWiMjvIBYjAEejIHoeJHr0ZQOdzFtn5Sb6bSBHD9RaV
s8M5sH77ZI4uhtlpHPeXA5lupqBZYizpjHkE+TkCAwEAAaOCAo4wggKKMB0GA1Ud
DgQWBBRAMGs7/5YfZffF0aByUjktt+Lc4jAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L1FEQnJPXy1XSDJYM3hkR2djbEk1TGJmaTNPSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
owYIKwYBBQUHAQcBAf8EgZMwgZAweAQCAAEwcjAMAwQHTVqAAwQATVqCMAwDBAJN
WoQDBABNWowwDAMEAU1ajgMEAE1alAMEAE1amAMEAE1asgMEAE1atAMEAE1auQME
AE1avwMEALnmDQMEANXRggMEANXRiAMEANXRigMEAdXRkgMEANXRlQMEANXRnDAU
BAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcNAQELBQADggEBADbTFkv2Crig
Dh5hKYUY5fIe9TmLLN1THq2BKLg50NQHPJ11zTSCsUdyOsrbYr1oUgpblnqhcp7X
P2Tj+CYGE/eYCsdqCVNvmdy8xhpFzSUlwPwMjVZlgNwJ1nc/CZi0UbM/9kwJc+/K
hlf48UjCmwsvOD7vLHL2kw1V58ucnginbPzgCu9SvAGcZmLOLhGd3BjkHJSl6M1W
9iI9H3DoeaHX7uthkmun0q5PSBuI+PA5Vl9sF1GKSR5SCNIXUvmBd7CiklZYvt6/
owFD03t3Y7XWbFCrwoXkjTl8l09CpryWLwuME9s3+AQvWR+Iu8fikPAVJsi8SmeA
k0euU/Dexe4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org