Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/d1dBto-zw_G6rhQ-Yuac2rdG8AU.roa
File:                     d1dBto-zw_G6rhQ-Yuac2rdG8AU.roa (raw, json)
Hash identifier:          ETgWuU/xON5NzKZ5mzMKv4D88I6Drwnv8Bp/VmWQawo=
Subject key identifier:   77:57:41:B6:8F:B3:C3:F1:BA:AE:14:3E:62:E6:9C:DA:B7:46:F0:05
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       078AECBE
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/d1dBto-zw_G6rhQ-Yuac2rdG8AU.roa
Signing time:             Tue 22 Feb 2022 09:41:18 +0000
ROA not before:           Tue 22 Feb 2022 09:41:18 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43260
IP address blocks:        213.209.144.0/24 maxlen: 24
                          213.209.146.0/24 maxlen: 24
                          213.209.151.0/24 maxlen: 24
                          213.209.158.0/24 maxlen: 24
                          77.90.164.0/24 maxlen: 24
                          77.90.173.0/24 maxlen: 24
                          185.230.15.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 126545086 (0x78aecbe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Feb 22 09:41:18 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=775741b68fb3c3f1baae143e62e69cdab746f005
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:34:c9:12:05:07:2f:6e:4a:91:a4:05:7e:2b:
                    99:57:47:df:dd:07:9c:50:bb:5b:69:79:3a:be:1e:
                    68:13:d0:2d:cb:ca:49:20:99:cb:40:fe:95:0c:e1:
                    37:19:fc:9a:45:37:ff:ca:48:82:e6:8c:d8:ff:dd:
                    3b:09:03:63:bf:8b:79:83:5a:73:3b:24:26:3e:e8:
                    d5:eb:b9:bd:44:0c:92:52:78:2b:5d:ed:7c:c4:2e:
                    94:b7:36:0e:57:de:46:7d:e5:67:3b:c4:01:8e:50:
                    80:a0:0f:36:04:86:18:df:54:a7:88:d5:a4:e1:c6:
                    69:76:63:1a:a5:94:fd:69:6c:48:eb:f9:e7:53:02:
                    90:39:93:8d:23:e4:7b:d4:c3:22:10:10:1a:13:77:
                    90:96:4e:81:19:63:c4:6c:85:8d:fb:45:97:ce:23:
                    4b:d1:56:40:63:24:1c:18:f5:fe:29:19:59:1a:3a:
                    11:de:4a:2f:a1:da:7a:66:6d:01:65:2c:45:01:64:
                    f9:f1:f0:9f:a0:a9:1a:ca:27:29:f2:9e:4d:56:40:
                    c4:9b:59:b5:ba:e3:67:b5:31:d9:1f:05:7a:35:9c:
                    e2:d9:c8:12:c2:18:a5:3d:00:81:5b:d5:4b:67:ba:
                    9a:40:17:41:7d:0f:00:e0:bb:e5:f9:e7:cc:a9:c1:
                    47:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:57:41:B6:8F:B3:C3:F1:BA:AE:14:3E:62:E6:9C:DA:B7:46:F0:05
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/d1dBto-zw_G6rhQ-Yuac2rdG8AU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.164.0/24
                  77.90.173.0/24
                  185.230.15.0/24
                  213.209.144.0/24
                  213.209.146.0/24
                  213.209.151.0/24
                  213.209.158.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:e0:65:7a:2c:7d:b9:5c:71:9f:07:04:21:1b:58:a3:6d:65:
         31:9a:9c:56:fe:4d:bc:42:80:2b:f1:2e:25:07:d6:df:07:2c:
         ef:21:58:05:b8:da:b5:32:3a:8e:11:61:bd:5c:2e:21:a0:bc:
         0d:62:30:e4:d4:89:cf:75:90:1c:62:19:f7:29:3a:e6:62:cf:
         b8:35:b6:86:5e:01:1e:d4:1a:0d:67:51:cc:81:21:be:7c:7a:
         76:0e:03:50:c0:4c:79:cd:7f:05:5a:fb:46:2e:f1:69:59:19:
         5b:63:ba:62:3c:35:db:9a:c0:93:3b:67:81:87:57:b8:79:14:
         ed:0e:32:e2:bd:88:fe:01:87:e3:35:e9:4d:e1:51:41:0a:ec:
         b7:2a:3d:90:68:2c:37:08:78:b8:10:a3:0b:86:04:59:ca:17:
         f6:a9:02:6c:c8:73:07:45:48:32:fb:4a:43:9b:31:44:f0:dd:
         c6:5d:46:3d:e6:8e:73:91:9e:ed:89:74:1c:ec:e4:e0:fc:2f:
         1c:16:e0:66:5d:86:23:61:29:2a:85:0d:ff:83:5e:f4:7b:18:
         68:0d:bd:4c:0b:38:49:79:70:a7:12:3c:41:ca:77:d8:4c:13:
         24:4b:8b:4f:9b:3e:fb:3a:19:44:fe:6d:58:14:8e:cd:b2:71:
         f0:96:52:53
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEB4rsvjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDIy
MjA5NDExOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzc1NzQxYjY4ZmIz
YzNmMWJhYWUxNDNlNjJlNjljZGFiNzQ2ZjAwNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJs0yRIFBy9uSpGkBX4rmVdH390HnFC7W2l5Or4eaBPQLcvK
SSCZy0D+lQzhNxn8mkU3/8pIguaM2P/dOwkDY7+LeYNaczskJj7o1eu5vUQMklJ4
K13tfMQulLc2DlfeRn3lZzvEAY5QgKAPNgSGGN9Up4jVpOHGaXZjGqWU/WlsSOv5
51MCkDmTjSPke9TDIhAQGhN3kJZOgRljxGyFjftFl84jS9FWQGMkHBj1/ikZWRo6
Ed5KL6HaemZtAWUsRQFk+fHwn6CpGsonKfKeTVZAxJtZtbrjZ7Ux2R8FejWc4tnI
EsIYpT0AgVvVS2e6mkAXQX0PAOC75fnnzKnBRwUCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBR3V0G2j7PD8bquFD5i5pzat0bwBTAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L2QxZEJ0by16d19HNnJoUS1ZdWFjMnJkRzhBVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAE1apAMEAE1arQMEALnmDwMEANXR
kAMEANXRkgMEANXRlwMEANXRnjANBgkqhkiG9w0BAQsFAAOCAQEANOBleix9uVxx
nwcEIRtYo21lMZqcVv5NvEKAK/EuJQfW3wcs7yFYBbjatTI6jhFhvVwuIaC8DWIw
5NSJz3WQHGIZ9yk65mLPuDW2hl4BHtQaDWdRzIEhvnx6dg4DUMBMec1/BVr7Ri7x
aVkZW2O6Yjw125rAkztngYdXuHkU7Q4y4r2I/gGH4zXpTeFRQQrstyo9kGgsNwh4
uBCjC4YEWcoX9qkCbMhzB0VIMvtKQ5sxRPDdxl1GPeaOc5Ge7Yl0HOzk4PwvHBbg
Zl2GI2EpKoUN/4Ne9HsYaA29TAs4SXlwpxI8Qcp32EwTJEuLT5s++zoZRP5tWBSO
zbJx8JZSUw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:23 2023 by rpki-client on console-fra.rpki-client.org