Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/niRUuZFvByhF2JROJIPXcaw_jBI.roa
File:                     niRUuZFvByhF2JROJIPXcaw_jBI.roa (raw, json)
Hash identifier:          DeRClE6RFz1xo+t6anvBFqOvphU2RJwD+r9454UVAbs=
Subject key identifier:   9E:24:54:B9:91:6F:07:28:45:D8:94:4E:24:83:D7:71:AC:3F:8C:12
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       0838966E
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/niRUuZFvByhF2JROJIPXcaw_jBI.roa
Signing time:             Mon 21 Mar 2022 09:00:33 +0000
ROA not before:           Mon 21 Mar 2022 09:00:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43260
IP address blocks:        77.90.188.0/24 maxlen: 24
                          213.209.147.0/24 maxlen: 24
                          213.209.151.0/24 maxlen: 24
                          213.209.158.0/24 maxlen: 24
                          77.90.153.0/24 maxlen: 24
                          77.90.173.0/24 maxlen: 24
                          185.230.13.0/24 maxlen: 24
                          185.230.15.0/24 maxlen: 24
                          77.90.184.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 137926254 (0x838966e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Mar 21 09:00:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9e2454b9916f072845d8944e2483d771ac3f8c12
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:f2:15:29:b4:ba:96:dc:d0:f9:56:48:92:2f:
                    59:8c:dc:94:96:11:c7:bc:84:b9:bb:00:57:43:db:
                    f8:8b:e0:67:fc:5b:e0:f0:34:90:db:be:7f:7a:45:
                    7f:7d:56:07:12:5e:6f:dd:51:22:2b:5e:f1:2e:55:
                    28:97:a6:a7:fb:41:0f:9b:d7:bd:0b:1a:e6:e2:b7:
                    cf:d0:78:b6:dd:28:0b:20:24:df:9e:ad:b1:29:bf:
                    e8:7e:d2:61:eb:53:18:cc:c0:f1:a8:ed:85:c3:d1:
                    57:77:e1:cd:db:d1:ae:f5:10:2d:55:db:43:15:8d:
                    77:fb:75:3e:6e:3d:f3:54:59:ec:56:0f:90:43:0f:
                    d6:e8:34:9e:04:ae:be:c3:bd:2d:83:8a:2b:ac:28:
                    91:c8:2a:cc:e1:f7:c3:09:ed:2b:30:e8:20:73:47:
                    53:f1:8d:f9:77:81:a0:e0:b0:a1:f2:85:e7:49:e7:
                    7d:cb:25:aa:7d:6d:27:19:75:06:a0:99:18:12:a0:
                    eb:54:95:47:60:a9:ff:95:0a:db:37:b6:2c:8a:03:
                    1b:08:9d:b4:d8:36:29:ae:a3:4d:45:07:4f:8f:22:
                    74:89:6c:6f:ad:ad:0e:34:26:e5:b8:57:dd:ca:47:
                    58:40:be:a9:f0:4d:98:a2:35:3d:2f:2d:22:df:5e:
                    97:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:24:54:B9:91:6F:07:28:45:D8:94:4E:24:83:D7:71:AC:3F:8C:12
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/niRUuZFvByhF2JROJIPXcaw_jBI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.153.0/24
                  77.90.173.0/24
                  77.90.184.0/24
                  77.90.188.0/24
                  185.230.13.0/24
                  185.230.15.0/24
                  213.209.147.0/24
                  213.209.151.0/24
                  213.209.158.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:c9:72:ec:ca:73:9a:06:59:60:fc:8a:06:7e:00:7d:58:ce:
         a4:1c:e8:84:1e:81:3b:f7:f2:e5:34:a6:dc:be:93:cb:11:3a:
         2f:05:79:9e:42:a6:40:0a:b5:c6:e8:fa:a0:68:dc:eb:08:97:
         74:e9:aa:2a:2d:3b:80:66:f1:2c:83:f1:09:6a:97:30:f9:9c:
         79:d6:cd:33:8d:ef:a9:ea:cd:9d:6e:ed:9e:5a:94:83:ad:04:
         a2:be:a1:ba:54:df:90:41:35:f3:65:44:60:b4:75:de:4d:86:
         69:36:0f:17:28:7a:4c:55:c4:16:21:7a:2e:f5:00:ac:39:a2:
         cf:1e:47:6b:78:fb:42:47:79:7d:74:79:87:3a:1e:ab:cd:f7:
         48:ee:27:7c:b3:42:12:3d:d1:a9:4c:dc:57:43:78:c7:69:ff:
         e8:3d:57:b9:6f:7e:b1:5c:6e:be:f3:4c:4b:c7:3c:db:3e:38:
         36:5b:f6:60:d7:15:86:16:99:98:a8:61:06:2d:6e:c1:25:d6:
         a8:43:26:80:6f:e2:f2:ad:64:d7:c1:5a:d0:03:5b:42:fe:6e:
         42:fc:59:a0:c8:dd:f7:11:4f:ef:45:d9:cf:f5:38:fb:b3:e4:
         b8:fb:4e:91:ae:4c:20:c2:18:06:5c:53:ac:66:5a:13:2b:37:
         89:35:ee:c1
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIECDiWbjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDMy
MTA5MDAzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWUyNDU0Yjk5MTZm
MDcyODQ1ZDg5NDRlMjQ4M2Q3NzFhYzNmOGMxMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM7yFSm0upbc0PlWSJIvWYzclJYRx7yEubsAV0Pb+IvgZ/xb
4PA0kNu+f3pFf31WBxJeb91RIite8S5VKJemp/tBD5vXvQsa5uK3z9B4tt0oCyAk
356tsSm/6H7SYetTGMzA8ajthcPRV3fhzdvRrvUQLVXbQxWNd/t1Pm4981RZ7FYP
kEMP1ug0ngSuvsO9LYOKK6wokcgqzOH3wwntKzDoIHNHU/GN+XeBoOCwofKF50nn
fcslqn1tJxl1BqCZGBKg61SVR2Cp/5UK2ze2LIoDGwidtNg2Ka6jTUUHT48idIls
b62tDjQm5bhX3cpHWEC+qfBNmKI1PS8tIt9el3sCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBSeJFS5kW8HKEXYlE4kg9dxrD+MEjAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L25pUlV1WkZ2QnloRjJKUk9KSVBYY2F3X2pCSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAE1amQMEAE1arQMEAE1auAMEAE1a
vAMEALnmDQMEALnmDwMEANXRkwMEANXRlwMEANXRnjANBgkqhkiG9w0BAQsFAAOC
AQEAV8ly7MpzmgZZYPyKBn4AfVjOpBzohB6BO/fy5TSm3L6TyxE6LwV5nkKmQAq1
xuj6oGjc6wiXdOmqKi07gGbxLIPxCWqXMPmcedbNM43vqerNnW7tnlqUg60Eor6h
ulTfkEE182VEYLR13k2GaTYPFyh6TFXEFiF6LvUArDmizx5Ha3j7Qkd5fXR5hzoe
q833SO4nfLNCEj3RqUzcV0N4x2n/6D1XuW9+sVxuvvNMS8c82z44Nlv2YNcVhhaZ
mKhhBi1uwSXWqEMmgG/i8q1k18Fa0ANbQv5uQvxZoMjd9xFP70XZz/U4+7PkuPtO
ka5MIMIYBlxTrGZaEys3iTXuwQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org