Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/TYTXjobmFAItPwbNRSfK78XDZ0k.roa
File:                     TYTXjobmFAItPwbNRSfK78XDZ0k.roa (raw, json)
Hash identifier:          xbBJ1azO8YAPu9pKlB8J4M5NXKvDcYovtXvdmY8OoaM=
Subject key identifier:   4D:84:D7:8E:86:E6:14:02:2D:3F:06:CD:45:27:CA:EF:C5:C3:67:49
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       0A032D72
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/TYTXjobmFAItPwbNRSfK78XDZ0k.roa
Signing time:             Mon 04 Jul 2022 12:36:27 +0000
ROA not before:           Mon 04 Jul 2022 12:36:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42821
IP address blocks:        77.90.129.0/24 maxlen: 24
                          77.90.128.0/24 maxlen: 24
                          77.90.130.0/24 maxlen: 24
                          77.90.132.0/24 maxlen: 24
                          77.90.191.0/24 maxlen: 24
                          77.90.136.0/24 maxlen: 24
                          77.90.135.0/24 maxlen: 24
                          77.90.138.0/24 maxlen: 24
                          77.90.137.0/24 maxlen: 24
                          77.90.133.0/24 maxlen: 24
                          77.90.134.0/24 maxlen: 24
                          77.90.139.0/24 maxlen: 24
                          77.90.143.0/24 maxlen: 24
                          77.90.142.0/24 maxlen: 24
                          77.90.144.0/24 maxlen: 24
                          77.90.140.0/24 maxlen: 24
                          77.90.150.0/24 maxlen: 24
                          77.90.147.0/24 maxlen: 24
                          77.90.146.0/24 maxlen: 24
                          77.90.148.0/24 maxlen: 24
                          77.90.157.0/24 maxlen: 24
                          77.90.153.0/24 maxlen: 24
                          77.90.154.0/24 maxlen: 24
                          77.90.179.0/24 maxlen: 24
                          77.90.181.0/24 maxlen: 24
                          213.209.130.0/24 maxlen: 24
                          213.209.138.0/24 maxlen: 24
                          213.209.147.0/24 maxlen: 24
                          213.209.151.0/24 maxlen: 24
                          213.209.149.0/24 maxlen: 24
                          213.209.158.0/24 maxlen: 24
                          2a04:29c2::/32 maxlen: 32
                          2a04:29c7:1290:24::/64 maxlen: 64
                          2a04:29c7:1371:6027::/64 maxlen: 64
                          2a04:29c7:1280:27::/64 maxlen: 64
                          2a04:29c7:1420::/48 maxlen: 48
                          2a04:29c7::/32 maxlen: 32
                          2a04:29c7:1300:24::/64 maxlen: 64
                          2a04:29c7:1280:24::/64 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 167980402 (0xa032d72)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Jul  4 12:36:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4d84d78e86e614022d3f06cd4527caefc5c36749
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:e2:45:4f:89:12:c3:4e:9c:19:fa:b0:78:87:
                    43:bf:55:26:5f:5d:e8:8b:f5:16:7d:cb:1a:d7:e7:
                    9d:86:81:da:9b:09:ac:ef:99:8c:87:b7:8a:54:55:
                    e5:33:20:d9:9e:1c:f9:57:77:48:66:34:a6:8b:d4:
                    8a:7f:d8:e7:1c:f4:84:ae:f2:28:26:36:d1:fc:7d:
                    10:4e:c6:a7:b1:f3:35:93:63:9f:55:ef:9f:fc:b8:
                    5b:6d:95:95:dc:00:99:5f:5a:fe:8c:cb:92:ee:30:
                    2d:bd:f3:32:6b:d7:e7:bd:22:31:1b:8d:b6:46:bb:
                    83:8c:ab:36:51:b2:fe:d9:15:89:fd:37:4c:6b:c4:
                    f6:d0:92:cb:af:fb:53:e3:01:fb:77:9a:8d:f6:23:
                    c8:9b:23:ba:af:08:27:f1:49:af:45:ba:ef:32:93:
                    e7:3f:e2:a5:69:fa:f2:06:13:97:12:67:52:39:ff:
                    78:1c:e1:ce:e2:8a:9f:2f:74:57:32:66:0f:04:94:
                    f7:2b:bc:4d:8b:58:6f:b6:c6:16:dd:7e:d6:a4:49:
                    d4:68:29:ff:6f:e1:37:f7:b4:bd:85:fa:aa:d2:84:
                    cf:17:e3:e2:fa:db:b4:47:8a:f2:5e:e1:cd:0c:f0:
                    5e:d7:69:20:98:de:e2:7c:21:5c:00:8d:6d:14:f1:
                    e6:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:84:D7:8E:86:E6:14:02:2D:3F:06:CD:45:27:CA:EF:C5:C3:67:49
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/TYTXjobmFAItPwbNRSfK78XDZ0k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.128.0-77.90.130.255
                  77.90.132.0-77.90.140.255
                  77.90.142.0-77.90.144.255
                  77.90.146.0-77.90.148.255
                  77.90.150.0/24
                  77.90.153.0-77.90.154.255
                  77.90.157.0/24
                  77.90.179.0/24
                  77.90.181.0/24
                  77.90.191.0/24
                  213.209.130.0/24
                  213.209.138.0/24
                  213.209.147.0/24
                  213.209.149.0/24
                  213.209.151.0/24
                  213.209.158.0/24
                IPv6:
                  2a04:29c2::/32
                  2a04:29c7::/32

    Signature Algorithm: sha256WithRSAEncryption
         32:e1:7e:87:c2:a7:dd:7f:a0:45:64:14:12:8e:0c:3a:a1:91:
         1c:5e:55:88:6a:40:ba:f7:29:fd:ad:e7:3c:8d:dc:5c:01:a9:
         fa:96:af:4f:5d:11:ea:6a:c9:cb:8c:5d:02:7f:8c:c5:1a:ee:
         83:43:85:7e:05:65:11:a3:d6:dc:00:74:0c:da:5e:cc:0e:2c:
         16:98:5f:bc:db:5d:cc:31:ca:13:78:32:84:60:58:cf:55:89:
         fc:63:76:e9:26:eb:ec:49:ea:78:86:16:8a:4c:40:bd:c0:79:
         08:be:ee:a2:ce:ac:0f:8b:df:76:3c:f6:37:d2:1d:8f:5d:79:
         5e:7e:5a:93:d4:91:86:c4:f2:46:21:4b:e4:94:e0:c9:f0:b7:
         c3:b7:14:4d:d5:1f:b5:18:f6:34:1f:a6:10:1e:02:90:cf:8d:
         54:81:08:26:14:79:44:34:f6:00:d2:e5:39:b8:6c:50:0e:97:
         4f:b1:b8:06:53:9c:c2:0b:28:4d:bf:4c:b0:b8:f6:82:8b:db:
         ee:d1:7a:57:0d:5c:6d:81:61:c8:66:80:48:a5:84:c7:1a:b2:
         90:b9:9c:1f:3f:49:16:f4:26:f7:0a:0d:c6:e3:6d:49:ff:09:
         5d:50:7e:dc:0a:ae:d1:78:3d:e8:f5:8d:66:6e:a7:20:30:70:
         7e:f1:0e:58
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIECgMtcjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDcw
NDEyMzYyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGQ4NGQ3OGU4NmU2
MTQwMjJkM2YwNmNkNDUyN2NhZWZjNWMzNjc0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPiRU+JEsNOnBn6sHiHQ79VJl9d6Iv1Fn3LGtfnnYaB2psJ
rO+ZjIe3ilRV5TMg2Z4c+Vd3SGY0povUin/Y5xz0hK7yKCY20fx9EE7Gp7HzNZNj
n1Xvn/y4W22VldwAmV9a/ozLku4wLb3zMmvX570iMRuNtka7g4yrNlGy/tkVif03
TGvE9tCSy6/7U+MB+3eajfYjyJsjuq8IJ/FJr0W67zKT5z/ipWn68gYTlxJnUjn/
eBzhzuKKny90VzJmDwSU9yu8TYtYb7bGFt1+1qRJ1Ggp/2/hN/e0vYX6qtKEzxfj
4vrbtEeK8l7hzQzwXtdpIJje4nwhXACNbRTx5h0CAwEAAaOCAqYwggKiMB0GA1Ud
DgQWBBRNhNeOhuYUAi0/Bs1FJ8rvxcNnSTAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L1RZVFhqb2JtRkFJdFB3Yk5SU2ZLNzhYRFoway5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
uwYIKwYBBQUHAQcBAf8EgaswgagwgY8EAgABMIGIMAwDBAdNWoADBABNWoIwDAME
Ak1ahAMEAE1ajDAMAwQBTVqOAwQATVqQMAwDBAFNWpIDBABNWpQDBABNWpYwDAME
AE1amQMEAE1amgMEAE1anQMEAE1aswMEAE1atQMEAE1avwMEANXRggMEANXRigME
ANXRkwMEANXRlQMEANXRlwMEANXRnjAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJ
KoZIhvcNAQELBQADggEBADLhfofCp91/oEVkFBKODDqhkRxeVYhqQLr3Kf2t5zyN
3FwBqfqWr09dEepqycuMXQJ/jMUa7oNDhX4FZRGj1twAdAzaXswOLBaYX7zbXcwx
yhN4MoRgWM9Vifxjdukm6+xJ6niGFopMQL3AeQi+7qLOrA+L33Y89jfSHY9deV5+
WpPUkYbE8kYhS+SU4Mnwt8O3FE3VH7UY9jQfphAeApDPjVSBCCYUeUQ09gDS5Tm4
bFAOl0+xuAZTnMILKE2/TLC49oKL2+7RelcNXG2BYchmgEilhMcaspC5nB8/SRb0
JvcKDcbjbUn/CV1QftwKrtF4Pej1jWZupyAwcH7xDlg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org