Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/wsz7SQFFo5Yl6lxL7Ky7UlPEggE.roa
File:                     wsz7SQFFo5Yl6lxL7Ky7UlPEggE.roa (raw, json)
Hash identifier:          P+S+ehF/JFIO3cySU2A/V0S6mKm9f3UM/nieDDhgTMA=
Subject key identifier:   C2:CC:FB:49:01:45:A3:96:25:EA:5C:4B:EC:AC:BB:52:53:C4:82:01
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       09DB13F2
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/wsz7SQFFo5Yl6lxL7Ky7UlPEggE.roa
Signing time:             Fri 24 Jun 2022 09:36:47 +0000
ROA not before:           Fri 24 Jun 2022 09:36:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43260
IP address blocks:        213.209.134.0/24 maxlen: 24
                          213.209.133.0/24 maxlen: 24
                          213.209.149.0/24 maxlen: 24
                          213.209.159.0/24 maxlen: 24
                          77.90.145.0/24 maxlen: 24
                          77.90.155.0/24 maxlen: 24
                          77.90.156.0/24 maxlen: 24
                          185.230.12.0/24 maxlen: 24
                          77.90.184.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 165352434 (0x9db13f2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Jun 24 09:36:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c2ccfb490145a39625ea5c4becacbb5253c48201
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:97:1f:f2:37:29:8a:41:9c:7a:fb:ff:b0:94:
                    5e:d6:eb:62:3d:15:a7:0a:4c:48:1e:c3:e5:89:46:
                    54:01:25:fc:b1:32:7b:91:dc:e0:22:d1:05:54:1e:
                    0f:c7:8a:55:2b:9c:52:78:21:a5:20:e3:11:95:93:
                    d8:57:3a:ba:9c:f1:68:56:f7:1d:ee:60:3a:09:33:
                    b2:6b:b3:0d:1e:da:1c:61:78:e7:f2:21:7d:44:8e:
                    a9:56:3f:be:18:f1:ca:d9:b3:c8:46:70:ab:85:e8:
                    6d:37:7b:4f:b9:e2:f5:1e:c0:84:0a:ce:37:a2:19:
                    26:1a:a9:bc:93:e6:5f:bd:63:68:09:28:16:23:ab:
                    00:e9:ca:37:49:24:64:01:bb:03:3f:b0:a2:73:f8:
                    a3:b1:b7:06:7d:0b:b9:4f:3f:4b:a2:ce:31:ad:14:
                    9b:91:88:83:16:bb:17:8d:9d:68:6d:ed:c9:eb:86:
                    98:2c:5e:ae:8e:4d:c7:df:70:b4:ba:8d:7c:db:e2:
                    b0:f0:29:f4:9c:71:71:29:e2:69:f7:00:7c:be:f4:
                    36:3f:54:7f:58:b5:16:a2:8b:71:17:07:c5:81:59:
                    a7:47:41:f0:b9:0e:97:04:69:c9:6c:1a:bd:bc:ae:
                    86:4d:b3:84:ea:bc:5b:b3:0e:c4:8b:a7:63:9f:3a:
                    55:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:CC:FB:49:01:45:A3:96:25:EA:5C:4B:EC:AC:BB:52:53:C4:82:01
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/wsz7SQFFo5Yl6lxL7Ky7UlPEggE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.145.0/24
                  77.90.155.0-77.90.156.255
                  77.90.184.0/24
                  185.230.12.0/24
                  213.209.133.0-213.209.134.255
                  213.209.149.0/24
                  213.209.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:6b:35:91:a9:38:20:13:09:48:11:39:a6:93:1b:ec:be:0f:
         8c:2e:c1:89:f8:e2:87:f9:d8:03:de:9e:c8:3c:04:4b:66:3c:
         44:2d:30:b7:74:97:36:63:a7:94:96:00:02:dc:47:19:f5:98:
         2a:c5:26:ae:01:04:bb:d4:3e:fe:b0:dd:88:18:a6:71:c9:b8:
         4c:81:be:b8:71:ba:3f:03:c4:a2:3f:52:11:1c:9a:d9:43:ac:
         d6:6a:b3:66:df:e8:de:75:8e:07:b4:97:a3:4e:7c:7a:27:80:
         5a:25:5f:f4:8c:ef:d0:94:82:7c:69:b2:6f:b3:2c:1e:69:77:
         1c:d5:21:65:2c:74:f6:fe:5f:09:93:ae:82:84:58:cd:0e:05:
         84:49:84:66:33:9b:17:17:50:d2:a6:79:1c:34:82:a3:b9:43:
         e5:09:1c:9e:f4:47:37:9c:8f:4c:c2:65:26:72:3b:ef:04:4d:
         11:6c:b3:b7:3f:2e:96:3b:37:aa:a5:f4:42:96:df:4b:ff:30:
         91:f7:54:65:0b:ba:10:c1:75:3d:cd:b1:08:5f:cc:50:fa:52:
         59:eb:f0:78:b8:00:b7:d4:77:18:c2:81:30:03:3c:ba:de:d9:
         f9:7e:91:35:a7:bc:1e:e1:0a:17:b5:30:d2:7a:0e:4b:18:ab:
         d7:b5:76:a3
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIECdsT8jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDYy
NDA5MzY0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzJjY2ZiNDkwMTQ1
YTM5NjI1ZWE1YzRiZWNhY2JiNTI1M2M0ODIwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKyXH/I3KYpBnHr7/7CUXtbrYj0VpwpMSB7D5YlGVAEl/LEy
e5Hc4CLRBVQeD8eKVSucUnghpSDjEZWT2Fc6upzxaFb3He5gOgkzsmuzDR7aHGF4
5/IhfUSOqVY/vhjxytmzyEZwq4XobTd7T7ni9R7AhArON6IZJhqpvJPmX71jaAko
FiOrAOnKN0kkZAG7Az+wonP4o7G3Bn0LuU8/S6LOMa0Um5GIgxa7F42daG3tyeuG
mCxero5Nx99wtLqNfNvisPAp9JxxcSniafcAfL70Nj9Uf1i1FqKLcRcHxYFZp0dB
8LkOlwRpyWwavbyuhk2zhOq8W7MOxIunY586VVUCAwEAAaOCAj0wggI5MB0GA1Ud
DgQWBBTCzPtJAUWjliXqXEvsrLtSU8SCATAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L3dzejdTUUZGbzVZbDZseEw3S3k3VWxQRWdnRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBT
BggrBgEFBQcBBwEB/wREMEIwQAQCAAEwOgMEAE1akTAMAwQATVqbAwQATVqcAwQA
TVq4AwQAueYMMAwDBADV0YUDBADV0YYDBADV0ZUDBADV0Z8wDQYJKoZIhvcNAQEL
BQADggEBAAxrNZGpOCATCUgROaaTG+y+D4wuwYn44of52APensg8BEtmPEQtMLd0
lzZjp5SWAALcRxn1mCrFJq4BBLvUPv6w3YgYpnHJuEyBvrhxuj8DxKI/UhEcmtlD
rNZqs2bf6N51jge0l6NOfHongFolX/SM79CUgnxpsm+zLB5pdxzVIWUsdPb+XwmT
roKEWM0OBYRJhGYzmxcXUNKmeRw0gqO5Q+UJHJ70Rzecj0zCZSZyO+8ETRFss7c/
LpY7N6ql9EKW30v/MJH3VGULuhDBdT3NsQhfzFD6Ulnr8Hi4ALfUdxjCgTADPLre
2fl+kTWnvB7hChe1MNJ6DksYq9e1dqM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:23 2023 by rpki-client on console-fra.rpki-client.org