Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/jf8YNRYajpVg6Z9LX6aa__YGZmo.roa
File:                     jf8YNRYajpVg6Z9LX6aa__YGZmo.roa (raw, json)
Hash identifier:          DubcnEiKSQDOl7AjzqutrM+1NFEYisZZs/GFJbUIsHM=
Subject key identifier:   8D:FF:18:35:16:1A:8E:95:60:E9:9F:4B:5F:A6:9A:FF:F6:06:66:6A
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       09F922B3
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/jf8YNRYajpVg6Z9LX6aa__YGZmo.roa
Signing time:             Fri 01 Jul 2022 09:44:25 +0000
ROA not before:           Fri 01 Jul 2022 09:44:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42821
IP address blocks:        77.90.129.0/24 maxlen: 24
                          77.90.128.0/24 maxlen: 24
                          77.90.130.0/24 maxlen: 24
                          77.90.132.0/24 maxlen: 24
                          77.90.191.0/24 maxlen: 24
                          77.90.136.0/24 maxlen: 24
                          77.90.135.0/24 maxlen: 24
                          77.90.138.0/24 maxlen: 24
                          77.90.137.0/24 maxlen: 24
                          77.90.133.0/24 maxlen: 24
                          77.90.134.0/24 maxlen: 24
                          77.90.143.0/24 maxlen: 24
                          77.90.142.0/24 maxlen: 24
                          77.90.144.0/24 maxlen: 24
                          77.90.140.0/24 maxlen: 24
                          77.90.150.0/24 maxlen: 24
                          77.90.147.0/24 maxlen: 24
                          77.90.146.0/24 maxlen: 24
                          77.90.148.0/24 maxlen: 24
                          77.90.157.0/24 maxlen: 24
                          77.90.153.0/24 maxlen: 24
                          77.90.154.0/24 maxlen: 24
                          77.90.179.0/24 maxlen: 24
                          77.90.181.0/24 maxlen: 24
                          213.209.130.0/24 maxlen: 24
                          213.209.138.0/24 maxlen: 24
                          213.209.147.0/24 maxlen: 24
                          213.209.151.0/24 maxlen: 24
                          213.209.149.0/24 maxlen: 24
                          213.209.158.0/24 maxlen: 24
                          2a04:29c2::/32 maxlen: 32
                          2a04:29c7:1290:24::/64 maxlen: 64
                          2a04:29c7:1371:6027::/64 maxlen: 64
                          2a04:29c7:1280:27::/64 maxlen: 64
                          2a04:29c7:1420::/48 maxlen: 48
                          2a04:29c7::/32 maxlen: 32
                          2a04:29c7:1300:24::/64 maxlen: 64
                          2a04:29c7:1280:24::/64 maxlen: 64

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 167322291 (0x9f922b3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Jul  1 09:44:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8dff1835161a8e9560e99f4b5fa69afff606666a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:a8:cb:97:47:81:68:e2:c7:b0:6f:2e:e2:40:
                    62:2e:47:1c:14:de:1e:1c:23:e8:9a:12:d3:e2:e5:
                    8b:d3:5b:83:da:f6:ab:4d:28:29:28:c8:3b:56:cb:
                    23:61:80:48:44:aa:bc:ce:65:57:20:ab:e3:f7:39:
                    44:65:dc:b9:f1:85:cd:e4:0a:83:2a:37:ca:57:3b:
                    b3:ab:96:c4:f6:8d:8c:89:6c:62:7c:e9:a6:74:25:
                    4c:8f:78:9a:01:ab:fa:00:8c:2e:54:6c:c1:8b:ae:
                    66:8c:5f:2b:49:34:c9:3c:6e:09:08:3a:a7:71:b8:
                    0d:d8:61:aa:52:32:2c:ba:62:4d:a6:19:7e:c4:ea:
                    fa:84:ef:3e:f1:d7:9d:b8:52:28:f1:0c:95:4b:1e:
                    59:e5:3a:cf:62:89:95:d5:87:c5:3e:3a:1c:81:3c:
                    a4:72:e6:fc:99:a8:56:04:b9:22:df:08:28:cf:d7:
                    15:e8:c2:98:73:24:ce:15:44:56:2c:90:83:21:69:
                    94:6e:49:7b:38:26:11:40:9a:1b:b1:36:d3:64:c4:
                    e0:92:27:4a:4e:56:c2:ab:00:ae:88:30:a9:33:34:
                    2c:ce:64:1b:fa:c0:7d:88:3d:28:f8:a6:13:64:f8:
                    8b:7f:b9:d9:19:b1:6f:0d:33:3f:24:64:be:aa:a0:
                    ed:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:FF:18:35:16:1A:8E:95:60:E9:9F:4B:5F:A6:9A:FF:F6:06:66:6A
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/jf8YNRYajpVg6Z9LX6aa__YGZmo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.128.0-77.90.130.255
                  77.90.132.0-77.90.138.255
                  77.90.140.0/24
                  77.90.142.0-77.90.144.255
                  77.90.146.0-77.90.148.255
                  77.90.150.0/24
                  77.90.153.0-77.90.154.255
                  77.90.157.0/24
                  77.90.179.0/24
                  77.90.181.0/24
                  77.90.191.0/24
                  213.209.130.0/24
                  213.209.138.0/24
                  213.209.147.0/24
                  213.209.149.0/24
                  213.209.151.0/24
                  213.209.158.0/24
                IPv6:
                  2a04:29c2::/32
                  2a04:29c7::/32

    Signature Algorithm: sha256WithRSAEncryption
         60:50:2e:37:b4:6a:ea:f4:b1:d0:f6:27:0f:42:ae:f5:48:66:
         eb:ca:0d:89:df:9c:2c:21:ed:5c:aa:83:20:91:6a:0c:f6:a6:
         e4:0d:9d:15:87:c6:8f:eb:cb:2c:79:aa:8c:a0:2b:62:8f:82:
         7b:17:04:fc:bf:a3:0b:7c:40:9f:4a:79:80:35:45:a5:40:09:
         b3:19:1d:9c:d1:99:0d:13:03:1a:7c:c3:91:9c:e6:9d:06:88:
         71:fa:a4:ec:8e:75:ff:78:8c:4e:d7:cf:18:29:07:bc:3e:54:
         12:4e:f4:76:f6:ce:34:a7:f5:89:5b:5f:a0:6b:31:6c:5a:09:
         90:d6:82:87:f4:92:8a:68:75:a8:21:8b:3e:12:65:14:4e:bc:
         4f:ff:9a:f4:0e:d5:50:e1:25:21:84:76:16:80:63:72:19:92:
         d7:0c:dc:e6:34:68:d8:7b:47:9d:d1:9c:17:9e:b1:4d:23:ee:
         51:21:dd:d6:42:7e:b9:d9:57:11:ad:6f:f9:b4:2d:35:82:01:
         c8:81:28:45:d8:43:55:ef:6f:4d:57:bd:a2:22:ce:c0:64:4a:
         56:a7:c2:d8:2f:0a:0e:38:c3:a3:bd:64:d2:db:b6:d6:ac:75:
         89:a8:f7:de:b3:56:94:88:6b:df:3f:45:bc:1c:57:2a:2b:fd:
         bd:e8:4f:7d
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIECfkiszANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDcw
MTA5NDQyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGRmZjE4MzUxNjFh
OGU5NTYwZTk5ZjRiNWZhNjlhZmZmNjA2NjY2YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOKoy5dHgWjix7BvLuJAYi5HHBTeHhwj6JoS0+Lli9Nbg9r2
q00oKSjIO1bLI2GASESqvM5lVyCr4/c5RGXcufGFzeQKgyo3ylc7s6uWxPaNjIls
YnzppnQlTI94mgGr+gCMLlRswYuuZoxfK0k0yTxuCQg6p3G4DdhhqlIyLLpiTaYZ
fsTq+oTvPvHXnbhSKPEMlUseWeU6z2KJldWHxT46HIE8pHLm/JmoVgS5It8IKM/X
FejCmHMkzhVEViyQgyFplG5JezgmEUCaG7E202TE4JInSk5WwqsArogwqTM0LM5k
G/rAfYg9KPimE2T4i3+52Rmxbw0zPyRkvqqg7W0CAwEAAaOCAqwwggKoMB0GA1Ud
DgQWBBSN/xg1FhqOlWDpn0tfppr/9gZmajAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L2pmOFlOUllhanBWZzZaOUxYNmFhX19ZR1ptby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
wQYIKwYBBQUHAQcBAf8EgbEwga4wgZUEAgABMIGOMAwDBAdNWoADBABNWoIwDAME
Ak1ahAMEAE1aigMEAE1ajDAMAwQBTVqOAwQATVqQMAwDBAFNWpIDBABNWpQDBABN
WpYwDAMEAE1amQMEAE1amgMEAE1anQMEAE1aswMEAE1atQMEAE1avwMEANXRggME
ANXRigMEANXRkwMEANXRlQMEANXRlwMEANXRnjAUBAIAAjAOAwUAKgQpwgMFACoE
KccwDQYJKoZIhvcNAQELBQADggEBAGBQLje0aur0sdD2Jw9CrvVIZuvKDYnfnCwh
7VyqgyCRagz2puQNnRWHxo/ryyx5qoygK2KPgnsXBPy/owt8QJ9KeYA1RaVACbMZ
HZzRmQ0TAxp8w5Gc5p0GiHH6pOyOdf94jE7XzxgpB7w+VBJO9Hb2zjSn9YlbX6Br
MWxaCZDWgof0kopodaghiz4SZRROvE//mvQO1VDhJSGEdhaAY3IZktcM3OY0aNh7
R53RnBeesU0j7lEh3dZCfrnZVxGtb/m0LTWCAciBKEXYQ1Xvb01XvaIizsBkSlan
wtgvCg44w6O9ZNLbttasdYmo996zVpSIa98/RbwcVyor/b3oT30=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:23 2023 by rpki-client on console-fra.rpki-client.org