Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/d_Uhdjqi0Vu5oB_aNR233wTToqE.roa
File:                     d_Uhdjqi0Vu5oB_aNR233wTToqE.roa (raw, json)
Hash identifier:          Ma9x60qZnsm3qhJrHNe7kmhVDbsNuVWxXJt+8B3y72k=
Subject key identifier:   77:F5:21:76:3A:A2:D1:5B:B9:A0:1F:DA:35:1D:B7:DF:04:D3:A2:A1
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       095BB5DE
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/d_Uhdjqi0Vu5oB_aNR233wTToqE.roa
Signing time:             Mon 30 May 2022 19:35:15 +0000
ROA not before:           Mon 30 May 2022 19:35:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42821
IP address blocks:        77.90.129.0/24 maxlen: 24
                          77.90.128.0/24 maxlen: 24
                          77.90.130.0/24 maxlen: 24
                          77.90.132.0/24 maxlen: 24
                          185.230.13.0/24 maxlen: 24
                          77.90.191.0/24 maxlen: 24
                          77.90.136.0/24 maxlen: 24
                          77.90.135.0/24 maxlen: 24
                          77.90.137.0/24 maxlen: 24
                          77.90.133.0/24 maxlen: 24
                          77.90.134.0/24 maxlen: 24
                          77.90.143.0/24 maxlen: 24
                          77.90.142.0/24 maxlen: 24
                          77.90.145.0/24 maxlen: 24
                          77.90.144.0/24 maxlen: 24
                          77.90.140.0/24 maxlen: 24
                          77.90.147.0/24 maxlen: 24
                          77.90.146.0/24 maxlen: 24
                          77.90.148.0/24 maxlen: 24
                          77.90.157.0/24 maxlen: 24
                          77.90.164.0/24 maxlen: 24
                          77.90.178.0/24 maxlen: 24
                          77.90.181.0/24 maxlen: 24
                          213.209.130.0/24 maxlen: 24
                          213.209.133.0/24 maxlen: 24
                          213.209.138.0/24 maxlen: 24
                          213.209.134.0/24 maxlen: 24
                          213.209.136.0/24 maxlen: 24
                          213.209.144.0/24 maxlen: 24
                          213.209.159.0/24 maxlen: 24
                          213.209.156.0/24 maxlen: 24
                          2a04:29c2::/32 maxlen: 32
                          2a04:29c7:1290:24::/64 maxlen: 64
                          2a04:29c7:1371:6027::/64 maxlen: 64
                          2a04:29c7:1280:27::/64 maxlen: 64
                          2a04:29c7:1420::/48 maxlen: 48
                          2a04:29c7::/32 maxlen: 32
                          2a04:29c7:1300:24::/64 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 157005278 (0x95bb5de)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: May 30 19:35:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=77f521763aa2d15bb9a01fda351db7df04d3a2a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:45:71:cd:f7:89:05:18:b2:a0:4b:42:c3:47:
                    db:ce:a5:cc:8b:92:3f:6b:90:0c:e9:74:ae:ea:51:
                    36:63:15:a9:50:03:b4:e5:42:d0:ab:ff:06:35:d0:
                    ca:84:5b:06:dc:ab:27:05:24:bc:83:73:be:1b:11:
                    28:3e:53:8b:b3:40:ac:62:e3:48:58:a9:19:0c:3f:
                    20:69:83:53:a5:5f:84:f6:c7:3f:a4:07:f5:07:f2:
                    57:dc:29:df:d2:03:78:b5:49:5d:ac:cd:8a:e7:48:
                    e1:66:8b:e9:0e:0d:17:cd:97:58:fd:f7:2b:7e:4d:
                    e2:c9:4c:54:8f:3e:58:3f:91:0d:54:5c:02:6e:25:
                    39:50:a2:60:d8:83:86:2d:15:25:7d:3d:2e:f2:c1:
                    a2:52:6b:63:a9:f6:9e:3d:49:71:c1:6c:ad:36:42:
                    9b:8b:8b:24:81:26:bb:d2:c2:06:f2:5e:bc:7d:a0:
                    1a:27:54:1c:af:4a:12:8f:66:33:12:b1:0d:1c:4a:
                    a2:b5:57:68:d1:f5:c1:e1:f5:f6:67:81:2d:5c:e7:
                    c3:6a:e9:0c:15:89:30:03:3c:da:04:db:ec:6a:f2:
                    7d:26:9b:62:32:61:57:20:97:3d:e8:4a:7c:a2:de:
                    51:71:d9:d8:d2:c3:2d:e5:88:6d:29:c9:64:a3:bf:
                    4e:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:F5:21:76:3A:A2:D1:5B:B9:A0:1F:DA:35:1D:B7:DF:04:D3:A2:A1
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/d_Uhdjqi0Vu5oB_aNR233wTToqE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.128.0-77.90.130.255
                  77.90.132.0-77.90.137.255
                  77.90.140.0/24
                  77.90.142.0-77.90.148.255
                  77.90.157.0/24
                  77.90.164.0/24
                  77.90.178.0/24
                  77.90.181.0/24
                  77.90.191.0/24
                  185.230.13.0/24
                  213.209.130.0/24
                  213.209.133.0-213.209.134.255
                  213.209.136.0/24
                  213.209.138.0/24
                  213.209.144.0/24
                  213.209.156.0/24
                  213.209.159.0/24
                IPv6:
                  2a04:29c2::/32
                  2a04:29c7::/32

    Signature Algorithm: sha256WithRSAEncryption
         09:1e:65:b7:99:85:fa:cf:99:70:56:95:f5:c5:d4:db:36:d8:
         00:7f:c7:1e:cb:93:c3:47:cc:7a:c9:65:b2:18:fd:ed:32:e9:
         d4:1c:3a:d9:63:e0:2f:18:b8:2e:e5:4a:72:9c:b6:aa:91:ac:
         d6:7c:81:31:c5:52:55:d0:85:fd:d6:3c:38:f8:a4:b5:91:17:
         1f:0f:68:5f:ce:44:84:bf:c0:64:7f:dd:07:4c:d5:7b:ca:4a:
         49:58:90:8a:ce:03:a3:b1:93:f2:7b:7f:b8:67:cd:34:b2:08:
         b0:6c:e2:6a:f8:98:22:25:bd:6c:73:9a:01:e6:47:55:4c:c6:
         d5:d9:f0:fb:3c:14:c5:3e:8c:f1:04:6d:db:db:a0:e7:01:23:
         6e:a4:82:7a:cc:ee:57:f1:fa:f1:d8:22:78:7c:f5:e7:0d:92:
         1b:f3:85:21:8d:99:b7:74:74:0d:7f:bc:cb:81:6a:c7:ef:0d:
         30:af:cf:74:45:5f:c2:e9:74:a9:82:ff:b3:16:3f:7b:1b:de:
         82:54:55:48:fc:8d:24:da:39:e0:96:0b:1b:d4:19:a7:a5:23:
         46:9b:bf:99:d0:79:34:b5:38:95:d6:39:6e:ff:15:f5:cd:7a:
         74:4b:db:8c:55:bc:51:74:20:ea:f7:50:dd:11:45:e2:06:58:
         de:64:32:f2
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIECVu13jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDUz
MDE5MzUxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzdmNTIxNzYzYWEy
ZDE1YmI5YTAxZmRhMzUxZGI3ZGYwNGQzYTJhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKBFcc33iQUYsqBLQsNH286lzIuSP2uQDOl0rupRNmMVqVAD
tOVC0Kv/BjXQyoRbBtyrJwUkvINzvhsRKD5Ti7NArGLjSFipGQw/IGmDU6VfhPbH
P6QH9QfyV9wp39IDeLVJXazNiudI4WaL6Q4NF82XWP33K35N4slMVI8+WD+RDVRc
Am4lOVCiYNiDhi0VJX09LvLBolJrY6n2nj1JccFsrTZCm4uLJIEmu9LCBvJevH2g
GidUHK9KEo9mMxKxDRxKorVXaNH1weH19meBLVznw2rpDBWJMAM82gTb7GryfSab
YjJhVyCXPehKfKLeUXHZ2NLDLeWIbSnJZKO/TkkCAwEAAaOCAqQwggKgMB0GA1Ud
DgQWBBR39SF2OqLRW7mgH9o1HbffBNOioTAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L2RfVWhkanFpMFZ1NW9CX2FOUjIzM3dUVG9xRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
uQYIKwYBBQUHAQcBAf8EgakwgaYwgY0EAgABMIGGMAwDBAdNWoADBABNWoIwDAME
Ak1ahAMEAU1aiAMEAE1ajDAMAwQBTVqOAwQATVqUAwQATVqdAwQATVqkAwQATVqy
AwQATVq1AwQATVq/AwQAueYNAwQA1dGCMAwDBADV0YUDBADV0YYDBADV0YgDBADV
0YoDBADV0ZADBADV0ZwDBADV0Z8wFAQCAAIwDgMFACoEKcIDBQAqBCnHMA0GCSqG
SIb3DQEBCwUAA4IBAQAJHmW3mYX6z5lwVpX1xdTbNtgAf8cey5PDR8x6yWWyGP3t
MunUHDrZY+AvGLgu5UpynLaqkazWfIExxVJV0IX91jw4+KS1kRcfD2hfzkSEv8Bk
f90HTNV7ykpJWJCKzgOjsZPye3+4Z800sgiwbOJq+JgiJb1sc5oB5kdVTMbV2fD7
PBTFPozxBG3b26DnASNupIJ6zO5X8frx2CJ4fPXnDZIb84UhjZm3dHQNf7zLgWrH
7w0wr890RV/C6XSpgv+zFj97G96CVFVI/I0k2jnglgsb1BmnpSNGm7+Z0Hk0tTiV
1jlu/xX1zXp0S9uMVbxRdCDq91DdEUXiBljeZDLy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org