Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/jAW9xCoy0wQuv7VSCHiGc9kpyHA.roa
File:                     jAW9xCoy0wQuv7VSCHiGc9kpyHA.roa (raw, json)
Hash identifier:          HKCCsHfUQdzsoXM74++zF2qQ1RSI00QwCe2ffAhPeyE=
Subject key identifier:   8C:05:BD:C4:2A:32:D3:04:2E:BF:B5:52:08:78:86:73:D9:29:C8:70
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       0184FBDB3FC13591AE3B90D7FF594B844730
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/jAW9xCoy0wQuv7VSCHiGc9kpyHA.roa
Signing time:             Sat 10 Dec 2022 11:46:00 +0000
ROA not before:           Sat 10 Dec 2022 11:46:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212238
IP address blocks:        77.90.145.0/24 maxlen: 24
                          77.90.154.0/24 maxlen: 24
                          185.230.13.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:fb:db:3f:c1:35:91:ae:3b:90:d7:ff:59:4b:84:47:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Dec 10 11:46:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8c05bdc42a32d3042ebfb55208788673d929c870
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:56:a0:a2:1f:a4:63:b8:b7:0d:90:9a:48:e7:
                    72:e4:cf:4a:3b:60:d9:2d:ec:10:71:e4:d1:5c:0b:
                    90:1f:29:33:00:15:30:5c:91:05:66:98:a0:18:88:
                    58:77:59:6a:71:ff:5d:f2:70:62:43:46:b5:bb:ed:
                    07:10:6b:f1:1b:5c:35:9b:17:1c:f0:c8:4b:4d:a5:
                    eb:35:9e:eb:72:a5:d1:ce:c1:8c:07:13:25:7b:7a:
                    18:62:7f:76:1d:b1:3c:f0:34:b6:f2:de:9d:f7:8a:
                    9f:69:ad:60:13:f5:f1:bd:a4:d4:df:b0:4b:79:e0:
                    72:c8:2a:59:a9:3c:09:15:af:a4:36:d6:90:aa:87:
                    dc:b8:21:fb:a1:2d:ad:f1:cb:0d:84:f1:82:63:ce:
                    a4:67:82:d4:0c:54:be:eb:9b:e6:08:f1:08:70:c0:
                    07:22:8f:4a:9a:60:d5:97:a0:1e:c0:24:92:fc:da:
                    7b:3e:ca:81:0f:79:6d:8c:8f:0c:59:c5:15:e4:46:
                    84:7b:84:5f:b7:8b:b3:e7:2f:55:9a:cd:ea:7e:f1:
                    83:d6:e5:17:59:62:dd:70:8c:4c:3b:98:9c:c5:28:
                    f4:14:ed:f7:39:55:27:0a:f7:57:63:d4:4a:22:5d:
                    cd:ca:4d:59:b4:f3:c3:3f:4e:4a:f5:2c:3d:fd:d0:
                    80:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:05:BD:C4:2A:32:D3:04:2E:BF:B5:52:08:78:86:73:D9:29:C8:70
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/jAW9xCoy0wQuv7VSCHiGc9kpyHA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.145.0/24
                  77.90.154.0/24
                  185.230.13.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:e0:d1:52:88:32:1a:30:65:0a:67:e0:23:dc:d7:0e:8f:dc:
         18:af:62:32:29:fb:15:0c:56:38:78:76:9f:be:c1:15:00:64:
         39:c8:b3:50:19:43:ab:4c:62:08:6c:5f:76:1d:00:3b:07:fd:
         c2:54:69:d2:df:28:e3:03:26:8d:5b:ca:fd:9b:89:79:a7:7f:
         0c:3d:f6:7e:f4:19:8e:d0:a3:ea:39:22:64:0c:67:1f:3e:b5:
         25:ed:f5:06:9e:a6:55:6c:f8:c2:af:42:6a:e8:ef:8d:69:78:
         c9:6b:55:04:8f:6b:14:63:b8:b9:24:47:ed:06:22:8b:36:0e:
         23:41:77:4d:68:48:17:6b:84:ce:18:11:ee:ee:05:c3:6b:2c:
         76:c6:cb:79:22:7e:e5:b7:a8:78:b0:3b:43:fc:3d:8f:72:c7:
         23:a0:b8:a5:7f:50:a8:9a:d3:ee:c6:55:cd:bf:46:b9:c1:27:
         78:16:ac:6b:ef:d2:4e:55:cd:bc:de:30:6f:ac:5b:e9:5e:0a:
         f3:57:f0:4a:58:b4:87:11:d0:da:79:0a:40:11:1f:b9:4a:7c:
         09:1a:03:1e:1b:b7:b4:c1:37:65:00:c3:10:69:5e:89:2e:d3:
         08:8e:89:4d:eb:0f:9b:5a:50:40:cb:28:98:59:1f:86:1d:ab:
         d9:c1:0b:a6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYT72z/BNZGuO5DX/1lLhEcwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIxMjEwMTE0NjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzA1YmRjNDJhMzJkMzA0MmViZmI1NTIwODc4ODY3M2Q5MjljODcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVagoh+kY7i3DZCaSOdy5M9KO2DZ
LewQceTRXAuQHykzABUwXJEFZpigGIhYd1lqcf9d8nBiQ0a1u+0HEGvxG1w1mxcc
8MhLTaXrNZ7rcqXRzsGMBxMle3oYYn92HbE88DS28t6d94qfaa1gE/XxvaTU37BL
eeByyCpZqTwJFa+kNtaQqofcuCH7oS2t8csNhPGCY86kZ4LUDFS+65vmCPEIcMAH
Io9KmmDVl6AewCSS/Np7PsqBD3ltjI8MWcUV5EaEe4Rft4uz5y9Vms3qfvGD1uUX
WWLdcIxMO5icxSj0FO33OVUnCvdXY9RKIl3Nyk1ZtPPDP05K9Sw9/dCAWQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIwFvcQqMtMELr+1Ugh4hnPZKchwMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvakFXOXhDb3kwd1F1djdWU0NIaUdjOWtweUhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATVqRAwQA
TVqaAwQAueYNMA0GCSqGSIb3DQEBCwUAA4IBAQCU4NFSiDIaMGUKZ+Aj3NcOj9wY
r2IyKfsVDFY4eHafvsEVAGQ5yLNQGUOrTGIIbF92HQA7B/3CVGnS3yjjAyaNW8r9
m4l5p38MPfZ+9BmO0KPqOSJkDGcfPrUl7fUGnqZVbPjCr0Jq6O+NaXjJa1UEj2sU
Y7i5JEftBiKLNg4jQXdNaEgXa4TOGBHu7gXDayx2xst5In7lt6h4sDtD/D2Pcscj
oLilf1ComtPuxlXNv0a5wSd4Fqxr79JOVc283jBvrFvpXgrzV/BKWLSHEdDaeQpA
ER+5SnwJGgMeG7e0wTdlAMMQaV6JLtMIjolN6w+bWlBAyyiYWR+GHavZwQum
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:23 2023 by rpki-client on console-fra.rpki-client.org