Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/_gJPaTqaG2D12fqZOGclml0Rnnk.roa
File:                     _gJPaTqaG2D12fqZOGclml0Rnnk.roa (raw, json)
Hash identifier:          jKr2J2UQMAvN7zCQYfm3l+c+MA8wCVaAedy6fYYXy4g=
Subject key identifier:   FE:02:4F:69:3A:9A:1B:60:F5:D9:FA:99:38:67:25:9A:5D:11:9E:79
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       0826D626
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/_gJPaTqaG2D12fqZOGclml0Rnnk.roa
Signing time:             Wed 16 Mar 2022 10:49:29 +0000
ROA not before:           Wed 16 Mar 2022 10:49:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43260
IP address blocks:        77.90.188.0/24 maxlen: 24
                          213.209.147.0/24 maxlen: 24
                          213.209.151.0/24 maxlen: 24
                          213.209.158.0/24 maxlen: 24
                          77.90.153.0/24 maxlen: 24
                          77.90.173.0/24 maxlen: 24
                          185.230.15.0/24 maxlen: 24
                          77.90.184.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 136762918 (0x826d626)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Mar 16 10:49:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fe024f693a9a1b60f5d9fa993867259a5d119e79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:c3:66:c3:2a:ac:9a:17:3c:18:11:8f:0d:0e:
                    c9:50:14:b4:33:b1:73:45:a8:d7:66:ab:a7:71:14:
                    35:28:eb:15:82:26:20:dd:7a:4b:67:84:0a:0a:41:
                    5f:76:a1:da:de:ad:e8:f1:56:79:08:72:69:78:28:
                    d8:3b:14:d0:2a:d8:d4:b2:43:9c:2e:1d:0e:24:65:
                    1f:4f:e4:5a:cd:58:04:4d:26:f8:1a:2d:c6:06:4c:
                    8c:ce:d9:b2:56:0c:1c:dc:2d:d4:3b:91:fe:a4:3c:
                    8f:5c:ab:5c:19:97:c1:58:fa:e2:b8:14:3e:31:bc:
                    9c:01:d3:f6:4b:1e:63:2a:61:ca:57:37:c7:34:d4:
                    bf:d2:eb:21:3c:f9:ae:7c:59:b6:74:97:df:19:7d:
                    12:34:1c:85:dc:f8:80:05:aa:23:94:21:77:ec:80:
                    b7:b1:71:0a:aa:f4:71:95:ca:ea:ea:f1:83:8f:99:
                    09:74:a8:40:e7:36:48:09:b6:72:d5:3e:61:1a:11:
                    5c:1a:e5:34:9a:83:d8:1e:d6:22:19:2d:41:7b:ff:
                    23:dd:79:fc:2e:c3:82:be:f7:5e:3f:ae:d5:0f:de:
                    d4:36:83:5f:b9:d3:c1:fd:91:d6:11:13:8d:8d:11:
                    9d:36:12:9a:d7:33:ea:b5:a6:fe:ea:bd:bd:1f:1a:
                    74:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:02:4F:69:3A:9A:1B:60:F5:D9:FA:99:38:67:25:9A:5D:11:9E:79
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/_gJPaTqaG2D12fqZOGclml0Rnnk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.153.0/24
                  77.90.173.0/24
                  77.90.184.0/24
                  77.90.188.0/24
                  185.230.15.0/24
                  213.209.147.0/24
                  213.209.151.0/24
                  213.209.158.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:3f:20:34:c2:b9:28:94:69:a4:df:88:a3:2f:59:6f:d0:56:
         80:84:a1:e7:7b:52:f8:aa:b2:7d:c3:8f:5b:18:9f:0f:20:31:
         6d:e4:29:6f:25:1e:cf:9e:a1:2f:82:c3:f8:8c:34:29:4b:32:
         6e:e3:16:75:0e:2e:e3:dd:63:2a:85:5a:d1:18:95:f8:c8:6c:
         38:4d:30:e0:fe:ac:8e:32:04:9d:2b:a9:a0:75:2d:b0:0d:fc:
         02:5d:5a:3b:da:db:af:c7:94:43:12:2c:09:4e:99:03:dd:b8:
         bf:c5:f5:60:30:83:d4:64:00:04:80:cc:5e:1c:e9:a8:c4:f9:
         f9:8a:a4:37:d7:42:93:47:69:aa:f0:77:77:26:04:ba:f2:a3:
         a8:ab:2d:f9:6b:dd:ad:84:a8:43:b1:b0:fe:6c:c2:49:72:2f:
         8d:98:46:aa:0c:ba:ae:83:ad:3f:7f:30:8d:fa:6d:7c:be:fb:
         b5:2e:e8:ce:2c:2f:88:fe:70:86:36:67:c6:d9:f4:c2:3f:3e:
         cb:ff:54:03:1c:1c:bb:84:27:c8:59:58:18:9d:91:33:12:8b:
         7a:af:84:82:d7:9d:f4:93:b6:7f:d4:83:d2:6a:79:ae:aa:03:
         b9:f1:81:21:d9:b8:ad:10:51:58:1d:85:fa:3e:63:4d:b3:0b:
         2e:6f:fa:e0
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIECCbWJjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDMx
NjEwNDkyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmUwMjRmNjkzYTlh
MWI2MGY1ZDlmYTk5Mzg2NzI1OWE1ZDExOWU3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMvDZsMqrJoXPBgRjw0OyVAUtDOxc0Wo12arp3EUNSjrFYIm
IN16S2eECgpBX3ah2t6t6PFWeQhyaXgo2DsU0CrY1LJDnC4dDiRlH0/kWs1YBE0m
+BotxgZMjM7ZslYMHNwt1DuR/qQ8j1yrXBmXwVj64rgUPjG8nAHT9kseYyphylc3
xzTUv9LrITz5rnxZtnSX3xl9EjQchdz4gAWqI5Qhd+yAt7FxCqr0cZXK6urxg4+Z
CXSoQOc2SAm2ctU+YRoRXBrlNJqD2B7WIhktQXv/I915/C7Dgr73Xj+u1Q/e1DaD
X7nTwf2R1hETjY0RnTYSmtcz6rWm/uq9vR8adJcCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBT+Ak9pOpobYPXZ+pk4ZyWaXRGeeTAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L19nSlBhVHFhRzJEMTJmcVpPR2NsbWwwUm5uay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAE1amQMEAE1arQMEAE1auAMEAE1a
vAMEALnmDwMEANXRkwMEANXRlwMEANXRnjANBgkqhkiG9w0BAQsFAAOCAQEATD8g
NMK5KJRppN+Ioy9Zb9BWgISh53tS+KqyfcOPWxifDyAxbeQpbyUez56hL4LD+Iw0
KUsybuMWdQ4u491jKoVa0RiV+MhsOE0w4P6sjjIEnSupoHUtsA38Al1aO9rbr8eU
QxIsCU6ZA924v8X1YDCD1GQABIDMXhzpqMT5+YqkN9dCk0dpqvB3dyYEuvKjqKst
+WvdrYSoQ7Gw/mzCSXIvjZhGqgy6roOtP38wjfptfL77tS7oziwviP5whjZnxtn0
wj8+y/9UAxwcu4QnyFlYGJ2RMxKLeq+Egted9JO2f9SD0mp5rqoDufGBIdm4rRBR
WB2F+j5jTbMLLm/64A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org