Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/eVeywHUmSKFBQinRAU0V4mgSntc.roa
File:                     eVeywHUmSKFBQinRAU0V4mgSntc.roa (raw, json)
Hash identifier:          h3rlrVwW9pRCqQOjJiZmRd2xwktvgjQxwDyO943eK6M=
Subject key identifier:   79:57:B2:C0:75:26:48:A1:41:42:29:D1:01:4D:15:E2:68:12:9E:D7
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       090B2314
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/eVeywHUmSKFBQinRAU0V4mgSntc.roa
Signing time:             Wed 11 May 2022 19:26:02 +0000
ROA not before:           Wed 11 May 2022 19:26:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208485
IP address blocks:        213.209.129.0/24 maxlen: 24
                          213.209.145.0/24 maxlen: 24
                          213.209.143.0/24 maxlen: 24
                          213.209.150.0/24 maxlen: 24
                          213.209.158.0/24 maxlen: 24
                          77.90.150.0/24 maxlen: 24
                          77.90.149.0/24 maxlen: 24
                          77.90.157.0/24 maxlen: 24
                          185.230.14.0/24 maxlen: 24
                          77.90.179.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 151724820 (0x90b2314)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: May 11 19:26:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7957b2c0752648a1414229d1014d15e268129ed7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:23:e9:6f:de:3a:90:8e:90:29:5d:5f:d8:05:
                    8b:18:b1:69:fa:40:07:34:39:14:ba:0d:a1:4d:fa:
                    02:13:b7:b8:55:96:71:9a:06:51:ae:3a:6d:02:7d:
                    b1:32:d9:f9:66:16:57:00:35:89:ef:bb:11:6d:35:
                    f2:34:52:41:6a:d3:6d:09:7a:42:2a:10:5e:90:e4:
                    a1:a7:25:c8:5f:df:a6:ab:72:d7:00:9c:73:93:ba:
                    61:23:93:fd:57:43:98:5c:35:5d:08:83:1d:b8:df:
                    97:05:fd:17:54:f8:f9:09:f7:f2:c9:90:15:c5:58:
                    f1:40:7d:1d:cc:c8:55:84:c0:ae:a0:44:f8:b9:16:
                    9c:5f:93:da:48:22:37:6b:28:42:16:a5:76:bc:90:
                    51:e6:c8:b4:33:00:cc:20:67:5f:c8:15:8f:44:bd:
                    95:9c:60:99:49:16:32:ad:4e:4d:a7:da:51:b5:52:
                    c5:d8:5e:8f:3f:b5:48:0d:6f:6a:a6:b3:ba:10:99:
                    ae:eb:78:a3:bc:65:35:96:ea:2e:5f:f3:dd:f3:53:
                    bb:75:21:55:36:46:42:9a:42:17:6c:6b:3a:e0:bb:
                    eb:92:35:26:30:3e:95:a7:9f:c8:44:da:a0:4c:bd:
                    dc:8a:37:87:c8:26:4f:30:44:ba:18:b5:fa:02:4f:
                    45:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:57:B2:C0:75:26:48:A1:41:42:29:D1:01:4D:15:E2:68:12:9E:D7
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/eVeywHUmSKFBQinRAU0V4mgSntc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.149.0-77.90.150.255
                  77.90.157.0/24
                  77.90.179.0/24
                  185.230.14.0/24
                  213.209.129.0/24
                  213.209.143.0/24
                  213.209.145.0/24
                  213.209.150.0/24
                  213.209.158.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:1e:22:fd:69:ba:8b:29:84:f5:48:46:3c:e0:5a:96:1a:93:
         1f:6e:54:28:76:94:bd:86:a1:8c:06:22:e8:bb:da:e2:40:6e:
         15:ff:4f:27:60:70:aa:b7:8e:ec:c0:11:46:99:0d:5d:7f:ea:
         24:51:16:bc:f7:0c:63:df:c8:12:d7:32:34:ea:00:ab:33:0c:
         0a:a1:6e:27:e7:db:b3:b4:6e:00:bd:da:b3:cc:a8:f2:8e:95:
         2b:84:21:90:e3:08:ee:2d:58:0f:42:60:4a:72:be:52:48:9d:
         79:f1:c5:8c:c2:79:91:73:81:c3:ba:c5:4f:7b:70:07:78:49:
         5c:c5:51:3b:13:5e:6f:18:d7:33:71:23:79:8f:60:24:89:47:
         12:8b:fa:1f:6b:cd:f7:e1:df:3e:ac:91:ab:f4:f0:b6:7a:ab:
         af:a5:fe:ca:18:41:02:b2:c1:f2:21:75:50:09:30:82:93:e9:
         5e:b8:71:e9:23:8e:f1:e4:90:e1:a4:44:17:f9:67:4c:b0:ad:
         10:68:05:1d:8f:c6:40:91:29:c2:1f:80:13:ba:cb:d7:39:2d:
         1c:da:7e:f4:e0:ef:78:3c:93:c1:5b:17:9d:8e:f7:e4:cd:13:
         6b:f8:4d:40:57:35:d7:df:80:bf:98:6f:a4:8f:74:ef:35:93:
         bb:4d:cc:90
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIECQsjFDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDUx
MTE5MjYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzk1N2IyYzA3NTI2
NDhhMTQxNDIyOWQxMDE0ZDE1ZTI2ODEyOWVkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANgj6W/eOpCOkCldX9gFixixafpABzQ5FLoNoU36AhO3uFWW
cZoGUa46bQJ9sTLZ+WYWVwA1ie+7EW018jRSQWrTbQl6QioQXpDkoaclyF/fpqty
1wCcc5O6YSOT/VdDmFw1XQiDHbjflwX9F1T4+Qn38smQFcVY8UB9HczIVYTArqBE
+LkWnF+T2kgiN2soQhaldryQUebItDMAzCBnX8gVj0S9lZxgmUkWMq1OTafaUbVS
xdhejz+1SA1vaqazuhCZrut4o7xlNZbqLl/z3fNTu3UhVTZGQppCF2xrOuC765I1
JjA+laefyETaoEy93Io3h8gmTzBEuhi1+gJPRasCAwEAAaOCAkEwggI9MB0GA1Ud
DgQWBBR5V7LAdSZIoUFCKdEBTRXiaBKe1zAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L2VWZXl3SFVtU0tGQlFpblJBVTBWNG1nU250Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBX
BggrBgEFBQcBBwEB/wRIMEYwRAQCAAEwPjAMAwQATVqVAwQATVqWAwQATVqdAwQA
TVqzAwQAueYOAwQA1dGBAwQA1dGPAwQA1dGRAwQA1dGWAwQA1dGeMA0GCSqGSIb3
DQEBCwUAA4IBAQBTHiL9abqLKYT1SEY84FqWGpMfblQodpS9hqGMBiLou9riQG4V
/08nYHCqt47swBFGmQ1df+okURa89wxj38gS1zI06gCrMwwKoW4n59uztG4Avdqz
zKjyjpUrhCGQ4wjuLVgPQmBKcr5SSJ158cWMwnmRc4HDusVPe3AHeElcxVE7E15v
GNczcSN5j2AkiUcSi/ofa8334d8+rJGr9PC2equvpf7KGEECssHyIXVQCTCCk+le
uHHpI47x5JDhpEQX+WdMsK0QaAUdj8ZAkSnCH4ATusvXOS0c2n704O94PJPBWxed
jvfkzRNr+E1AVzXX34C/mG+kj3TvNZO7TcyQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org