Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/lEJqLyPRc4IBVq2DPUsGOf5CB8Y.roa
File:                     lEJqLyPRc4IBVq2DPUsGOf5CB8Y.roa (raw, json)
Hash identifier:          rNw0CnkfpxCwyWxpTEEKIhtbsFMrvR2/lpM3/+slpGQ=
Subject key identifier:   94:42:6A:2F:23:D1:73:82:01:56:AD:83:3D:4B:06:39:FE:42:07:C6
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       08A3E511
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/lEJqLyPRc4IBVq2DPUsGOf5CB8Y.roa
Signing time:             Fri 15 Apr 2022 14:57:59 +0000
ROA not before:           Fri 15 Apr 2022 14:57:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42821
IP address blocks:        77.90.129.0/24 maxlen: 24
                          77.90.128.0/24 maxlen: 24
                          77.90.130.0/24 maxlen: 24
                          77.90.132.0/24 maxlen: 24
                          185.230.13.0/24 maxlen: 24
                          185.230.14.0/24 maxlen: 24
                          77.90.189.0/24 maxlen: 24
                          77.90.136.0/24 maxlen: 24
                          77.90.135.0/24 maxlen: 24
                          77.90.138.0/24 maxlen: 24
                          77.90.137.0/24 maxlen: 24
                          77.90.133.0/24 maxlen: 24
                          77.90.134.0/24 maxlen: 24
                          77.90.143.0/24 maxlen: 24
                          77.90.142.0/24 maxlen: 24
                          77.90.145.0/24 maxlen: 24
                          77.90.144.0/24 maxlen: 24
                          77.90.140.0/24 maxlen: 24
                          77.90.147.0/24 maxlen: 24
                          77.90.146.0/24 maxlen: 24
                          77.90.148.0/24 maxlen: 24
                          77.90.157.0/24 maxlen: 24
                          77.90.180.0/24 maxlen: 24
                          77.90.185.0/24 maxlen: 24
                          77.90.184.0/24 maxlen: 24
                          213.209.130.0/24 maxlen: 24
                          213.209.138.0/24 maxlen: 24
                          213.209.134.0/24 maxlen: 24
                          213.209.136.0/24 maxlen: 24
                          213.209.147.0/24 maxlen: 24
                          213.209.146.0/24 maxlen: 24
                          213.209.158.0/24 maxlen: 24
                          213.209.156.0/24 maxlen: 24
                          213.209.157.0/24 maxlen: 24
                          2a04:29c2::/32 maxlen: 32
                          2a04:29c7::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 144958737 (0x8a3e511)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Apr 15 14:57:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=94426a2f23d173820156ad833d4b0639fe4207c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:67:6d:68:07:74:1a:30:6a:f8:1c:44:30:ec:
                    5c:dc:ca:b8:45:56:f6:1f:39:d8:b1:63:24:6b:d3:
                    4c:a3:de:6d:bd:e8:bf:a2:33:6c:c2:e6:b5:bc:3e:
                    30:f1:be:b1:0b:04:73:fd:6f:7b:36:dd:85:17:5a:
                    e7:f9:e8:0f:ca:ad:51:20:40:4d:2d:aa:02:24:a9:
                    f3:d5:91:33:08:b3:b4:be:d7:1f:cb:76:ed:ce:1a:
                    6f:d0:67:f7:eb:14:17:59:a9:3c:a2:63:14:6d:87:
                    e0:49:91:20:8d:74:ce:db:b4:3e:ef:c4:f6:84:b7:
                    46:b8:0f:0e:9d:26:f4:bd:3a:c1:8c:69:ec:e9:05:
                    6c:85:f0:58:9c:c9:d5:80:07:27:81:0a:da:8c:21:
                    e0:72:88:4b:a4:e1:bb:bd:00:6e:8d:cf:54:6b:2c:
                    93:cc:49:03:12:02:85:85:0c:6c:ee:a5:54:13:5d:
                    66:ea:20:97:11:b5:71:60:a6:5b:90:f2:cc:ad:04:
                    70:38:e0:93:c4:12:f7:f7:cf:e5:e2:1a:18:ae:b6:
                    b4:a5:c6:48:35:84:aa:f1:6c:7c:c3:38:9d:b7:6b:
                    fb:55:ca:7d:6c:4c:cd:a0:28:8e:e2:94:ce:cc:5b:
                    1a:78:cb:f6:7a:6d:54:37:94:c8:ee:2a:c8:4e:3c:
                    92:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:42:6A:2F:23:D1:73:82:01:56:AD:83:3D:4B:06:39:FE:42:07:C6
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/lEJqLyPRc4IBVq2DPUsGOf5CB8Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.128.0-77.90.130.255
                  77.90.132.0-77.90.138.255
                  77.90.140.0/24
                  77.90.142.0-77.90.148.255
                  77.90.157.0/24
                  77.90.180.0/24
                  77.90.184.0/23
                  77.90.189.0/24
                  185.230.13.0-185.230.14.255
                  213.209.130.0/24
                  213.209.134.0/24
                  213.209.136.0/24
                  213.209.138.0/24
                  213.209.146.0/23
                  213.209.156.0-213.209.158.255
                IPv6:
                  2a04:29c2::/32
                  2a04:29c7::/32

    Signature Algorithm: sha256WithRSAEncryption
         31:54:66:eb:d4:39:2b:de:98:a0:99:65:3a:47:dc:47:81:e8:
         f6:40:27:d0:5f:6c:79:7c:4e:9f:41:c8:96:6e:d6:f5:da:6e:
         ef:68:cf:eb:88:45:06:d5:1f:01:fb:d7:6d:00:dc:a9:ab:d9:
         91:05:1f:b9:48:44:8a:5c:00:c2:fd:91:e5:77:50:ff:1e:40:
         73:b5:33:3c:3a:54:ac:c4:f9:23:90:83:18:b0:6c:dd:01:42:
         f6:98:6c:2d:b0:19:83:a5:a7:6f:06:90:e0:13:e3:aa:92:cc:
         16:0a:41:eb:dd:43:5b:47:e2:d3:7a:8a:34:3d:86:32:b4:f5:
         8a:a0:02:0d:9a:08:e1:67:ea:84:04:e5:82:d9:f1:b2:97:0e:
         b9:43:a2:49:a0:e8:59:f1:de:e5:42:7d:a4:a9:3c:c9:b0:e1:
         b5:5c:27:5c:ec:f5:1d:31:dd:2b:0f:94:02:06:57:d9:42:21:
         7b:d7:b1:d7:70:9e:34:06:1d:25:de:13:b1:43:c8:fb:76:d2:
         e2:c7:90:8c:85:0a:a1:4b:07:18:14:43:a7:6d:39:84:12:2e:
         da:2e:13:15:1c:34:79:90:c2:7c:0e:10:46:4b:4b:fa:a3:66:
         78:81:83:84:37:8d:5a:4d:af:1d:c3:4f:99:2b:6f:1c:e4:66:
         0d:4b:3e:d1
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgIECKPlETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDQx
NTE0NTc1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTQ0MjZhMmYyM2Qx
NzM4MjAxNTZhZDgzM2Q0YjA2MzlmZTQyMDdjNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKRnbWgHdBowavgcRDDsXNzKuEVW9h852LFjJGvTTKPebb3o
v6IzbMLmtbw+MPG+sQsEc/1vezbdhRda5/noD8qtUSBATS2qAiSp89WRMwiztL7X
H8t27c4ab9Bn9+sUF1mpPKJjFG2H4EmRII10ztu0Pu/E9oS3RrgPDp0m9L06wYxp
7OkFbIXwWJzJ1YAHJ4EK2owh4HKIS6Thu70Abo3PVGssk8xJAxIChYUMbO6lVBNd
ZuoglxG1cWCmW5DyzK0EcDjgk8QS9/fP5eIaGK62tKXGSDWEqvFsfMM4nbdr+1XK
fWxMzaAojuKUzsxbGnjL9nptVDeUyO4qyE48koUCAwEAAaOCAqAwggKcMB0GA1Ud
DgQWBBSUQmovI9FzggFWrYM9SwY5/kIHxjAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L2xFSnFMeVBSYzRJQlZxMkRQVXNHT2Y1Q0I4WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
tQYIKwYBBQUHAQcBAf8EgaUwgaIwgYkEAgABMIGCMAwDBAdNWoADBABNWoIwDAME
Ak1ahAMEAE1aigMEAE1ajDAMAwQBTVqOAwQATVqUAwQATVqdAwQATVq0AwQBTVq4
AwQATVq9MAwDBAC55g0DBAC55g4DBADV0YIDBADV0YYDBADV0YgDBADV0YoDBAHV
0ZIwDAMEAtXRnAMEANXRnjAUBAIAAjAOAwUAKgQpwgMFACoEKccwDQYJKoZIhvcN
AQELBQADggEBADFUZuvUOSvemKCZZTpH3EeB6PZAJ9BfbHl8Tp9ByJZu1vXabu9o
z+uIRQbVHwH7120A3Kmr2ZEFH7lIRIpcAML9keV3UP8eQHO1Mzw6VKzE+SOQgxiw
bN0BQvaYbC2wGYOlp28GkOAT46qSzBYKQevdQ1tH4tN6ijQ9hjK09YqgAg2aCOFn
6oQE5YLZ8bKXDrlDokmg6Fnx3uVCfaSpPMmw4bVcJ1zs9R0x3SsPlAIGV9lCIXvX
sddwnjQGHSXeE7FDyPt20uLHkIyFCqFLBxgUQ6dtOYQSLtouExUcNHmQwnwOEEZL
S/qjZniBg4Q3jVpNrx3DT5krbxzkZg1LPtE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:03 2024 by rpki-client on console-fra.rpki-client.org