Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/dGviJ07Pa3o6-ei4oHpVQSSfzQs.roa
File:                     dGviJ07Pa3o6-ei4oHpVQSSfzQs.roa (raw, json)
Hash identifier:          qsERA/l0ZqMn4GcPeWQAyaQOWVJpOl/Wdl+v5eYHOu0=
Subject key identifier:   74:6B:E2:27:4E:CF:6B:7A:3A:F9:E8:B8:A0:7A:55:41:24:9F:CD:0B
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       080319A7
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/dGviJ07Pa3o6-ei4oHpVQSSfzQs.roa
Signing time:             Fri 11 Mar 2022 14:26:09 +0000
ROA not before:           Fri 11 Mar 2022 14:26:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42821
IP address blocks:        77.90.129.0/24 maxlen: 24
                          77.90.128.0/24 maxlen: 24
                          77.90.130.0/24 maxlen: 24
                          77.90.132.0/24 maxlen: 24
                          185.230.12.0/24 maxlen: 24
                          213.209.130.0/24 maxlen: 24
                          213.209.133.0/24 maxlen: 24
                          213.209.138.0/24 maxlen: 24
                          213.209.136.0/24 maxlen: 24
                          213.209.145.0/24 maxlen: 24
                          77.90.136.0/24 maxlen: 24
                          77.90.135.0/24 maxlen: 24
                          77.90.137.0/24 maxlen: 24
                          77.90.133.0/24 maxlen: 24
                          77.90.134.0/24 maxlen: 24
                          77.90.143.0/24 maxlen: 24
                          77.90.142.0/24 maxlen: 24
                          77.90.144.0/24 maxlen: 24
                          77.90.140.0/24 maxlen: 24
                          77.90.147.0/24 maxlen: 24
                          77.90.146.0/24 maxlen: 24
                          77.90.148.0/24 maxlen: 24
                          2a04:29c2::/32 maxlen: 32
                          2a04:29c7::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 134420903 (0x80319a7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Mar 11 14:26:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=746be2274ecf6b7a3af9e8b8a07a5541249fcd0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:9c:d8:cd:47:5e:04:cb:c4:6d:cf:fc:63:e2:
                    f2:07:ec:1b:3a:ab:bd:ac:b6:d9:55:65:59:ed:34:
                    04:c7:53:9e:b4:93:b6:54:0d:62:b2:88:95:b2:20:
                    38:c3:64:5b:75:aa:64:9c:84:87:39:5d:99:aa:be:
                    cb:92:2a:ce:bd:62:84:05:f2:d5:c9:e3:22:bc:d7:
                    d2:83:4e:0a:ae:e3:5d:52:f5:54:71:35:7e:58:88:
                    ca:ae:09:f3:8f:04:47:c6:ca:d0:b6:30:94:bb:b9:
                    2a:68:09:38:38:19:50:36:1a:3c:bc:63:23:5f:94:
                    5f:0c:e2:50:35:58:a4:15:15:e4:8b:18:0c:f1:c2:
                    59:19:68:06:5d:02:94:9c:28:1d:0e:5a:f6:b9:91:
                    7c:3c:30:90:df:56:6f:8a:13:a0:2b:7c:37:3a:f2:
                    4b:4c:28:f0:fa:00:f7:ca:a1:69:d4:5e:60:f7:8c:
                    11:0c:58:7a:3d:72:0a:05:d2:4d:f3:0c:cc:46:e9:
                    0c:c7:d8:62:97:89:c8:bf:c3:45:47:de:1b:4c:08:
                    27:cb:4f:21:c5:5a:04:c8:67:30:ef:28:7a:d3:75:
                    9a:f1:11:7f:44:b1:1f:b1:dc:00:7f:b1:cd:95:0b:
                    de:b2:5b:ac:0f:59:3c:4e:36:ab:11:cf:22:f8:5a:
                    20:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:6B:E2:27:4E:CF:6B:7A:3A:F9:E8:B8:A0:7A:55:41:24:9F:CD:0B
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/dGviJ07Pa3o6-ei4oHpVQSSfzQs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.128.0-77.90.130.255
                  77.90.132.0-77.90.137.255
                  77.90.140.0/24
                  77.90.142.0-77.90.144.255
                  77.90.146.0-77.90.148.255
                  185.230.12.0/24
                  213.209.130.0/24
                  213.209.133.0/24
                  213.209.136.0/24
                  213.209.138.0/24
                  213.209.145.0/24
                IPv6:
                  2a04:29c2::/32
                  2a04:29c7::/32

    Signature Algorithm: sha256WithRSAEncryption
         af:bc:8c:6e:45:31:4f:fe:e9:e1:04:65:18:cb:27:05:f6:27:
         97:bc:4c:b6:6b:e5:a6:a0:c0:1d:66:b1:27:1e:80:10:36:4d:
         46:2d:35:ef:a8:b0:84:e1:f3:a6:3a:e9:a0:2a:b2:5f:55:24:
         ae:6a:98:46:a6:ee:16:af:89:67:4f:a9:9c:54:9c:b2:b0:8c:
         cd:50:97:54:d7:aa:82:b8:e8:03:2c:61:5f:d9:c0:5e:53:18:
         8c:34:14:34:4e:45:55:ed:c0:40:60:32:15:73:3c:2b:4c:2e:
         60:4d:dc:c5:5b:b5:57:58:71:1c:f6:1d:c6:16:42:56:96:d6:
         23:12:d9:59:81:28:a7:42:21:5d:d4:0b:96:f7:87:4f:54:f7:
         c8:35:de:3d:b8:72:9a:35:7d:ed:07:ac:2c:e4:c6:f6:64:f2:
         04:53:0e:29:25:96:78:2c:30:0a:11:7a:9d:91:b4:f9:dc:7b:
         d7:93:35:ae:de:b6:aa:f9:33:69:62:5c:54:ab:66:e8:17:bb:
         6c:5b:e0:6c:66:10:26:26:72:ef:e4:e9:90:9a:84:4f:7c:4f:
         91:d9:ec:2b:50:fa:7e:1c:a1:ec:b2:fe:c2:78:6c:0b:4c:10:
         29:39:f6:2f:46:ba:dc:54:68:bf:71:ee:81:76:4b:a5:ac:8f:
         22:5e:fd:1e
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgIECAMZpzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDMx
MTE0MjYwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzQ2YmUyMjc0ZWNm
NmI3YTNhZjllOGI4YTA3YTU1NDEyNDlmY2QwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALKc2M1HXgTLxG3P/GPi8gfsGzqrvay22VVlWe00BMdTnrST
tlQNYrKIlbIgOMNkW3WqZJyEhzldmaq+y5Iqzr1ihAXy1cnjIrzX0oNOCq7jXVL1
VHE1fliIyq4J848ER8bK0LYwlLu5KmgJODgZUDYaPLxjI1+UXwziUDVYpBUV5IsY
DPHCWRloBl0ClJwoHQ5a9rmRfDwwkN9Wb4oToCt8NzryS0wo8PoA98qhadReYPeM
EQxYej1yCgXSTfMMzEbpDMfYYpeJyL/DRUfeG0wIJ8tPIcVaBMhnMO8oetN1mvER
f0SxH7HcAH+xzZUL3rJbrA9ZPE42qxHPIvhaIIsCAwEAAaOCAn4wggJ6MB0GA1Ud
DgQWBBR0a+InTs9rejr56LigelVBJJ/NCzAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L2RHdmlKMDdQYTNvNi1laTRvSHBWUVNTZnpRcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
kwYIKwYBBQUHAQcBAf8EgYMwgYAwaAQCAAEwYjAMAwQHTVqAAwQATVqCMAwDBAJN
WoQDBAFNWogDBABNWowwDAMEAU1ajgMEAE1akDAMAwQBTVqSAwQATVqUAwQAueYM
AwQA1dGCAwQA1dGFAwQA1dGIAwQA1dGKAwQA1dGRMBQEAgACMA4DBQAqBCnCAwUA
KgQpxzANBgkqhkiG9w0BAQsFAAOCAQEAr7yMbkUxT/7p4QRlGMsnBfYnl7xMtmvl
pqDAHWaxJx6AEDZNRi0176iwhOHzpjrpoCqyX1UkrmqYRqbuFq+JZ0+pnFScsrCM
zVCXVNeqgrjoAyxhX9nAXlMYjDQUNE5FVe3AQGAyFXM8K0wuYE3cxVu1V1hxHPYd
xhZCVpbWIxLZWYEop0IhXdQLlveHT1T3yDXePbhymjV97QesLOTG9mTyBFMOKSWW
eCwwChF6nZG0+dx715M1rt62qvkzaWJcVKtm6Be7bFvgbGYQJiZy7+TpkJqET3xP
kdnsK1D6fhyh7LL+wnhsC0wQKTn2L0a63FRov3HugXZLpayPIl79Hg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org