Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ecqsK7idVRDMdOzOyLdAXOAz_V4.roa
File:                     ecqsK7idVRDMdOzOyLdAXOAz_V4.roa (raw, json)
Hash identifier:          TlCQRpPPNEkQPkXFithISCwD3cP3pv+aqOfarvnpC1U=
Subject key identifier:   79:CA:AC:2B:B8:9D:55:10:CC:74:EC:CE:C8:B7:40:5C:E0:33:FD:5E
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       07BA6F46
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ecqsK7idVRDMdOzOyLdAXOAz_V4.roa
Signing time:             Mon 07 Mar 2022 07:36:47 +0000
ROA not before:           Mon 07 Mar 2022 07:36:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42821
IP address blocks:        77.90.129.0/24 maxlen: 24
                          77.90.128.0/24 maxlen: 24
                          77.90.130.0/24 maxlen: 24
                          77.90.132.0/24 maxlen: 24
                          77.90.136.0/24 maxlen: 24
                          77.90.135.0/24 maxlen: 24
                          77.90.137.0/24 maxlen: 24
                          77.90.133.0/24 maxlen: 24
                          77.90.134.0/24 maxlen: 24
                          77.90.143.0/24 maxlen: 24
                          77.90.142.0/24 maxlen: 24
                          77.90.144.0/24 maxlen: 24
                          77.90.140.0/24 maxlen: 24
                          77.90.147.0/24 maxlen: 24
                          77.90.146.0/24 maxlen: 24
                          77.90.148.0/24 maxlen: 24
                          77.90.185.0/24 maxlen: 24
                          77.90.184.0/24 maxlen: 24
                          213.209.130.0/24 maxlen: 24
                          213.209.129.0/24 maxlen: 24
                          213.209.133.0/24 maxlen: 24
                          213.209.138.0/24 maxlen: 24
                          213.209.136.0/24 maxlen: 24
                          213.209.146.0/24 maxlen: 24
                          2a04:29c2::/32 maxlen: 32
                          2a04:29c7::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 129658694 (0x7ba6f46)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Mar  7 07:36:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=79caac2bb89d5510cc74eccec8b7405ce033fd5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:e8:12:9d:52:50:6e:33:91:40:e5:f6:3d:c3:
                    5e:81:c7:37:72:6d:e7:68:d4:66:97:9d:8f:61:fe:
                    c7:d1:75:f5:01:03:96:51:45:75:65:ce:cf:3b:07:
                    15:11:6e:1e:b9:5c:c2:80:88:02:c0:a4:f1:71:80:
                    5b:2a:ae:29:60:0b:f2:fd:b3:90:86:7e:01:c8:97:
                    8b:27:e1:bc:01:3f:67:69:0e:a5:da:dc:9f:41:cd:
                    f8:57:16:e1:92:bd:d2:07:16:55:f1:1c:31:06:3b:
                    a1:7c:ae:a4:89:a4:73:a1:b4:08:fe:1b:33:77:a7:
                    b2:76:62:dd:54:ef:63:21:6b:c6:38:9f:d9:2e:ff:
                    a5:64:09:1f:17:32:0f:7a:6d:f1:13:ff:a3:8e:8c:
                    47:29:6d:f4:3e:d2:cd:1b:82:c7:89:a6:74:09:38:
                    d6:4c:cb:c8:cd:08:a6:17:ad:e2:6f:95:97:50:6a:
                    c3:65:6e:10:1e:c6:56:c4:cc:db:2a:3c:3d:6d:00:
                    6d:f2:03:85:21:5a:1b:39:78:55:e8:51:f1:d9:e8:
                    eb:d5:83:ac:25:43:13:8e:26:b2:40:f6:2b:5f:d3:
                    43:07:64:7b:3c:ed:2d:20:69:8c:23:8f:8e:39:33:
                    55:f3:1d:91:a4:3b:76:21:aa:8d:27:fe:7f:04:8b:
                    22:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:CA:AC:2B:B8:9D:55:10:CC:74:EC:CE:C8:B7:40:5C:E0:33:FD:5E
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/ecqsK7idVRDMdOzOyLdAXOAz_V4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.128.0-77.90.130.255
                  77.90.132.0-77.90.137.255
                  77.90.140.0/24
                  77.90.142.0-77.90.144.255
                  77.90.146.0-77.90.148.255
                  77.90.184.0/23
                  213.209.129.0-213.209.130.255
                  213.209.133.0/24
                  213.209.136.0/24
                  213.209.138.0/24
                  213.209.146.0/24
                IPv6:
                  2a04:29c2::/32
                  2a04:29c7::/32

    Signature Algorithm: sha256WithRSAEncryption
         b5:43:96:f1:ca:7d:be:24:9e:38:5c:8a:57:03:a2:1e:c4:7e:
         f6:d5:26:cb:dd:87:25:df:0a:3d:86:b2:9b:1e:ca:e6:76:26:
         33:44:de:0f:10:d1:35:2e:e9:37:fc:09:dd:d0:eb:a9:52:80:
         cf:2d:b1:69:13:e6:50:e8:4a:ba:f7:14:bb:1d:5f:36:0f:7f:
         43:51:67:e9:36:b4:b4:37:70:ef:82:fc:cd:13:0c:c6:9b:ab:
         ba:c5:74:c9:d3:87:31:12:2c:cf:94:66:71:96:c4:5a:40:17:
         21:a5:c0:f6:82:c5:b8:67:4e:0f:c9:1e:6c:a3:4c:2e:72:e2:
         87:fc:63:ff:76:cd:d5:f1:68:3c:8f:71:48:1a:d4:d1:56:91:
         3f:ca:00:fa:33:8b:02:27:1a:9e:78:c5:82:ec:39:ff:10:c7:
         6a:82:da:19:9c:14:4f:fa:d6:88:e4:22:72:c6:17:42:be:fc:
         fb:0d:5d:83:75:dd:ac:19:20:53:cc:0c:94:a7:27:b0:d6:9a:
         4a:1f:3d:19:aa:21:65:39:a0:d3:fd:a4:8d:aa:32:12:27:c1:
         bc:0c:10:77:41:ea:a8:2f:da:58:47:e6:10:5a:62:2e:b8:b1:
         aa:39:6a:11:71:68:1c:aa:a4:2b:d4:8d:53:3d:c6:eb:69:24:
         8f:ba:f5:6a
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIEB7pvRjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDMw
NzA3MzY0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzljYWFjMmJiODlk
NTUxMGNjNzRlY2NlYzhiNzQwNWNlMDMzZmQ1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALvoEp1SUG4zkUDl9j3DXoHHN3Jt52jUZpedj2H+x9F19QED
llFFdWXOzzsHFRFuHrlcwoCIAsCk8XGAWyquKWAL8v2zkIZ+AciXiyfhvAE/Z2kO
pdrcn0HN+FcW4ZK90gcWVfEcMQY7oXyupImkc6G0CP4bM3ensnZi3VTvYyFrxjif
2S7/pWQJHxcyD3pt8RP/o46MRylt9D7SzRuCx4mmdAk41kzLyM0Iphet4m+Vl1Bq
w2VuEB7GVsTM2yo8PW0AbfIDhSFaGzl4VehR8dno69WDrCVDE44mskD2K1/TQwdk
ezztLSBpjCOPjjkzVfMdkaQ7diGqjSf+fwSLIvcCAwEAAaOCAoYwggKCMB0GA1Ud
DgQWBBR5yqwruJ1VEMx07M7It0Bc4DP9XjAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L2VjcXNLN2lkVlJETWRPek95TGRBWE9Bel9WNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
mwYIKwYBBQUHAQcBAf8EgYswgYgwcAQCAAEwajAMAwQHTVqAAwQATVqCMAwDBAJN
WoQDBAFNWogDBABNWowwDAMEAU1ajgMEAE1akDAMAwQBTVqSAwQATVqUAwQBTVq4
MAwDBADV0YEDBADV0YIDBADV0YUDBADV0YgDBADV0YoDBADV0ZIwFAQCAAIwDgMF
ACoEKcIDBQAqBCnHMA0GCSqGSIb3DQEBCwUAA4IBAQC1Q5bxyn2+JJ44XIpXA6Ie
xH721SbL3Ycl3wo9hrKbHsrmdiYzRN4PENE1Luk3/And0OupUoDPLbFpE+ZQ6Eq6
9xS7HV82D39DUWfpNrS0N3DvgvzNEwzGm6u6xXTJ04cxEizPlGZxlsRaQBchpcD2
gsW4Z04PyR5so0wucuKH/GP/ds3V8Wg8j3FIGtTRVpE/ygD6M4sCJxqeeMWC7Dn/
EMdqgtoZnBRP+taI5CJyxhdCvvz7DV2Ddd2sGSBTzAyUpyew1ppKHz0ZqiFlOaDT
/aSNqjISJ8G8DBB3QeqoL9pYR+YQWmIuuLGqOWoRcWgcqqQr1I1TPcbraSSPuvVq
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:23 2023 by rpki-client on console-fra.rpki-client.org