Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/tMsZ76CZ_m9b-MbsBEYEaKOR6FU.roa
File:                     tMsZ76CZ_m9b-MbsBEYEaKOR6FU.roa (raw, json)
Hash identifier:          qNyyXqji8IiY4zIC04MDtg2AtVNhpc2T1HWkBdH27y8=
Subject key identifier:   B4:CB:19:EF:A0:99:FE:6F:5B:F8:C6:EC:04:46:04:68:A3:91:E8:55
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       08BED957
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/tMsZ76CZ_m9b-MbsBEYEaKOR6FU.roa
Signing time:             Wed 20 Apr 2022 20:24:05 +0000
ROA not before:           Wed 20 Apr 2022 20:24:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     42821
IP address blocks:        77.90.129.0/24 maxlen: 24
                          77.90.128.0/24 maxlen: 24
                          77.90.130.0/24 maxlen: 24
                          77.90.132.0/24 maxlen: 24
                          185.230.13.0/24 maxlen: 24
                          185.230.14.0/24 maxlen: 24
                          77.90.191.0/24 maxlen: 24
                          77.90.136.0/24 maxlen: 24
                          77.90.135.0/24 maxlen: 24
                          77.90.138.0/24 maxlen: 24
                          77.90.137.0/24 maxlen: 24
                          77.90.133.0/24 maxlen: 24
                          77.90.134.0/24 maxlen: 24
                          77.90.143.0/24 maxlen: 24
                          77.90.142.0/24 maxlen: 24
                          77.90.145.0/24 maxlen: 24
                          77.90.144.0/24 maxlen: 24
                          77.90.140.0/24 maxlen: 24
                          77.90.152.0/24 maxlen: 24
                          77.90.147.0/24 maxlen: 24
                          77.90.146.0/24 maxlen: 24
                          77.90.148.0/24 maxlen: 24
                          77.90.157.0/24 maxlen: 24
                          77.90.180.0/24 maxlen: 24
                          77.90.185.0/24 maxlen: 24
                          213.209.130.0/24 maxlen: 24
                          213.209.138.0/24 maxlen: 24
                          213.209.136.0/24 maxlen: 24
                          213.209.147.0/24 maxlen: 24
                          213.209.146.0/24 maxlen: 24
                          213.209.149.0/24 maxlen: 24
                          213.209.156.0/24 maxlen: 24
                          2a04:29c2::/32 maxlen: 32
                          2a04:29c7::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 146725207 (0x8bed957)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Apr 20 20:24:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b4cb19efa099fe6f5bf8c6ec04460468a391e855
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:5f:8d:69:54:22:04:87:ff:72:c2:70:6f:14:
                    d1:80:6a:57:d8:52:82:c2:84:6a:71:3f:6a:59:6e:
                    37:4b:f8:4c:3e:39:13:70:d8:46:8f:80:02:5b:08:
                    94:79:96:86:f6:af:eb:20:0f:4c:c1:a4:04:de:85:
                    a0:ca:82:31:c4:e5:82:bf:e6:ba:0d:bd:91:06:e0:
                    db:62:58:2e:65:2a:0a:c7:45:c2:4d:c3:b4:12:40:
                    66:0c:8b:88:56:07:85:83:f2:39:c0:dd:38:f1:cb:
                    7b:8a:69:57:10:e5:9d:ec:ea:aa:62:06:51:6a:fe:
                    8c:35:2b:8b:7a:4e:1d:94:3a:cb:fd:0a:a2:63:6f:
                    e6:67:0f:a2:dd:5e:17:55:9f:99:15:c7:3b:40:18:
                    8c:29:bd:5f:26:a8:55:34:9d:d3:db:3a:1e:33:11:
                    07:8f:89:da:43:54:10:18:d9:45:5a:35:9f:31:eb:
                    b6:fb:c5:c1:5d:a3:89:bf:96:cf:bd:33:bd:4c:79:
                    bb:7d:d7:ac:6c:84:6c:8b:4d:93:66:cf:85:e8:df:
                    27:e4:17:64:31:dc:b9:ac:e4:43:1e:af:83:88:a0:
                    0c:ef:80:b8:53:3c:dd:54:90:d2:73:f4:ce:9e:76:
                    21:2a:0a:09:e9:3c:b6:27:52:8c:1d:1f:00:16:36:
                    30:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:CB:19:EF:A0:99:FE:6F:5B:F8:C6:EC:04:46:04:68:A3:91:E8:55
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/tMsZ76CZ_m9b-MbsBEYEaKOR6FU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.128.0-77.90.130.255
                  77.90.132.0-77.90.138.255
                  77.90.140.0/24
                  77.90.142.0-77.90.148.255
                  77.90.152.0/24
                  77.90.157.0/24
                  77.90.180.0/24
                  77.90.185.0/24
                  77.90.191.0/24
                  185.230.13.0-185.230.14.255
                  213.209.130.0/24
                  213.209.136.0/24
                  213.209.138.0/24
                  213.209.146.0/23
                  213.209.149.0/24
                  213.209.156.0/24
                IPv6:
                  2a04:29c2::/32
                  2a04:29c7::/32

    Signature Algorithm: sha256WithRSAEncryption
         46:78:e6:89:ca:82:53:ef:a4:2b:05:8a:74:8a:23:49:5c:0a:
         97:ca:94:35:35:38:65:a8:c5:1e:bd:08:ae:40:9d:3b:41:02:
         df:0d:0a:c0:fd:61:77:0a:c8:84:01:fc:c6:af:71:e8:ca:34:
         87:30:b4:12:02:91:ee:e4:1d:cc:af:8e:cd:a5:3b:91:a3:4f:
         b1:66:44:55:06:8a:8e:f5:47:9e:e8:da:9e:c1:1a:73:7d:89:
         48:34:ba:98:a8:1b:be:bb:18:40:19:31:0d:a8:91:d5:7e:b1:
         5b:6f:ff:22:f3:9b:fd:49:78:e2:ee:8d:76:8c:71:11:b8:39:
         53:c7:6e:80:7b:08:a5:1e:e2:ec:a6:10:71:bd:a3:27:34:4b:
         fa:50:c9:d0:04:4a:da:f4:cc:76:04:02:90:c9:f7:78:7a:bc:
         77:c7:df:7e:46:51:c1:c9:1a:36:91:8e:a7:ee:1c:a2:49:15:
         58:a1:96:2c:4d:88:97:f4:3a:62:63:19:1e:7b:c0:13:39:1c:
         50:74:6b:d9:79:0b:f1:39:91:6d:66:b3:b5:86:1c:ae:e2:d3:
         dd:0f:66:9e:ec:5a:93:0d:fa:31:d6:35:2c:ff:d3:3a:82:88:
         ff:38:7a:35:ed:5b:64:9c:47:55:06:c1:4e:ab:c3:6f:a4:9d:
         fc:2b:22:d6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIECL7ZVzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDQy
MDIwMjQwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjRjYjE5ZWZhMDk5
ZmU2ZjViZjhjNmVjMDQ0NjA0NjhhMzkxZTg1NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKRfjWlUIgSH/3LCcG8U0YBqV9hSgsKEanE/alluN0v4TD45
E3DYRo+AAlsIlHmWhvav6yAPTMGkBN6FoMqCMcTlgr/mug29kQbg22JYLmUqCsdF
wk3DtBJAZgyLiFYHhYPyOcDdOPHLe4ppVxDlnezqqmIGUWr+jDUri3pOHZQ6y/0K
omNv5mcPot1eF1WfmRXHO0AYjCm9XyaoVTSd09s6HjMRB4+J2kNUEBjZRVo1nzHr
tvvFwV2jib+Wz70zvUx5u33XrGyEbItNk2bPhejfJ+QXZDHcuazkQx6vg4igDO+A
uFM83VSQ0nP0zp52ISoKCek8tidSjB0fABY2MPECAwEAAaOCAp4wggKaMB0GA1Ud
DgQWBBS0yxnvoJn+b1v4xuwERgRoo5HoVTAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L3RNc1o3NkNaX205Yi1NYnNCRVlFYUtPUjZGVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
swYIKwYBBQUHAQcBAf8EgaMwgaAwgYcEAgABMIGAMAwDBAdNWoADBABNWoIwDAME
Ak1ahAMEAE1aigMEAE1ajDAMAwQBTVqOAwQATVqUAwQATVqYAwQATVqdAwQATVq0
AwQATVq5AwQATVq/MAwDBAC55g0DBAC55g4DBADV0YIDBADV0YgDBADV0YoDBAHV
0ZIDBADV0ZUDBADV0ZwwFAQCAAIwDgMFACoEKcIDBQAqBCnHMA0GCSqGSIb3DQEB
CwUAA4IBAQBGeOaJyoJT76QrBYp0iiNJXAqXypQ1NThlqMUevQiuQJ07QQLfDQrA
/WF3CsiEAfzGr3HoyjSHMLQSApHu5B3Mr47NpTuRo0+xZkRVBoqO9Uee6NqewRpz
fYlINLqYqBu+uxhAGTENqJHVfrFbb/8i85v9SXji7o12jHERuDlTx26AewilHuLs
phBxvaMnNEv6UMnQBEra9Mx2BAKQyfd4erx3x99+RlHByRo2kY6n7hyiSRVYoZYs
TYiX9DpiYxkee8ATORxQdGvZeQvxOZFtZrO1hhyu4tPdD2ae7FqTDfox1jUs/9M6
goj/OHo17VtknEdVBsFOq8NvpJ38KyLW
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:09 2023 by rpki-client on console-ams.rpki-client.org