Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/wwVYTOrFrF0ahiqM_daeI9mHSN4.roa
File:                     wwVYTOrFrF0ahiqM_daeI9mHSN4.roa (raw, json)
Hash identifier:          aZGCRH11MnsY8euWMjLqF+aPbv6jEY62H9Nfb1OJstU=
Subject key identifier:   C3:05:58:4C:EA:C5:AC:5D:1A:86:2A:8C:FD:D6:9E:23:D9:87:48:DE
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       085E5C3A
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/wwVYTOrFrF0ahiqM_daeI9mHSN4.roa
Signing time:             Wed 30 Mar 2022 18:58:44 +0000
ROA not before:           Wed 30 Mar 2022 18:58:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     30823
IP address blocks:        213.209.136.0/24 maxlen: 24
                          213.209.133.0/24 maxlen: 24
                          213.209.150.0/24 maxlen: 24
                          213.209.147.0/24 maxlen: 24
                          77.90.138.0/24 maxlen: 24
                          77.90.153.0/24 maxlen: 24
                          77.90.157.0/24 maxlen: 24
                          185.230.13.0/24 maxlen: 24
                          185.230.14.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 140401722 (0x85e5c3a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Mar 30 18:58:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c305584ceac5ac5d1a862a8cfdd69e23d98748de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:46:ae:e1:27:3e:d5:0d:ef:c3:ea:5e:a9:ae:
                    06:9c:b2:d9:3d:5e:05:e6:ff:74:a7:13:9a:45:98:
                    2d:92:fd:a9:33:fb:b0:c2:a2:ab:f6:ba:5e:76:ca:
                    3b:fa:d9:23:61:92:2e:fc:2f:03:bc:1b:43:c6:85:
                    bb:c0:8e:db:2e:cd:29:b2:6e:d6:c0:a5:33:04:4e:
                    3f:6b:74:56:15:37:07:e9:64:e6:8a:27:ab:ec:0f:
                    71:89:86:d8:0f:e7:b5:67:bd:cc:b5:d6:78:ac:2f:
                    b5:4c:60:61:cd:11:d4:88:76:54:09:b7:20:d3:0c:
                    3a:cb:3e:bc:f0:ab:89:11:af:59:29:91:ff:8c:73:
                    c9:03:fb:59:fa:b7:fc:59:1a:3d:c9:7e:af:73:21:
                    b6:2b:f0:b8:c5:93:7c:82:3d:d1:a0:29:f9:df:34:
                    bb:24:68:81:86:8c:f4:bd:a9:68:e3:7a:63:30:77:
                    c2:5c:87:6f:c6:ce:02:30:8e:0c:a9:db:33:b8:42:
                    f9:ab:35:09:ba:e4:e7:84:dc:10:bc:0b:92:43:09:
                    eb:c7:67:9a:e5:d9:bc:27:60:22:f1:e3:e6:8f:90:
                    16:e4:25:9c:73:04:d5:96:8d:c3:5b:b4:e0:97:42:
                    f5:6b:aa:e7:3f:01:20:83:70:d7:b5:3e:28:76:20:
                    7c:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:05:58:4C:EA:C5:AC:5D:1A:86:2A:8C:FD:D6:9E:23:D9:87:48:DE
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/wwVYTOrFrF0ahiqM_daeI9mHSN4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.138.0/24
                  77.90.153.0/24
                  77.90.157.0/24
                  185.230.13.0-185.230.14.255
                  213.209.133.0/24
                  213.209.136.0/24
                  213.209.147.0/24
                  213.209.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:99:67:e4:fa:30:68:7c:89:3e:1f:82:3a:0b:e3:d2:f5:d5:
         71:e4:dc:d2:66:44:e3:ce:b4:d2:aa:3b:da:0b:5f:cd:b2:55:
         d7:22:b6:f7:21:1a:6c:6d:71:82:d3:37:1a:b7:58:1a:e2:5c:
         16:e2:06:25:a2:87:30:11:7d:7a:b6:fb:de:73:b7:56:cf:cd:
         02:ce:cc:ba:9b:48:8f:98:f7:91:41:1e:67:78:5f:60:aa:ba:
         a7:1b:92:a6:85:e4:28:31:52:23:eb:e4:73:00:16:8e:5c:de:
         49:94:55:6d:b1:3a:b4:5c:d1:b2:87:b5:5b:c6:35:36:9a:ae:
         5e:85:a2:de:11:7c:68:54:9d:81:b6:45:f5:0b:be:d7:df:9e:
         2e:2c:6d:dd:03:e4:03:90:8b:d9:c0:bb:01:8f:01:58:d4:2b:
         29:b5:64:67:78:b8:12:06:e4:40:35:07:64:de:fd:56:43:b8:
         e8:36:d4:9c:03:e7:6c:2e:cb:d9:57:9f:43:70:34:8a:5e:95:
         1c:a9:59:58:47:30:eb:f6:8b:50:ef:a6:9c:3e:f2:77:9f:6f:
         b4:6f:c4:49:b8:6c:90:a6:c3:fe:21:54:f6:d6:d3:20:f5:ac:
         b5:32:78:96:1c:8b:88:42:f7:ac:c3:2d:ca:0e:e4:b1:30:ad:
         48:0f:be:58
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIECF5cOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjQ3NmUxMmU4OTg3ZTViMzAyY2RjMjRiZGQ5ZGIzZmU4M2M4NDQ5MB4XDTIyMDMz
MDE4NTg0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzMwNTU4NGNlYWM1
YWM1ZDFhODYyYThjZmRkNjllMjNkOTg3NDhkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJGruEnPtUN78PqXqmuBpyy2T1eBeb/dKcTmkWYLZL9qTP7
sMKiq/a6XnbKO/rZI2GSLvwvA7wbQ8aFu8CO2y7NKbJu1sClMwROP2t0VhU3B+lk
5oonq+wPcYmG2A/ntWe9zLXWeKwvtUxgYc0R1Ih2VAm3INMMOss+vPCriRGvWSmR
/4xzyQP7Wfq3/FkaPcl+r3MhtivwuMWTfII90aAp+d80uyRogYaM9L2paON6YzB3
wlyHb8bOAjCODKnbM7hC+as1Cbrk54TcELwLkkMJ68dnmuXZvCdgIvHj5o+QFuQl
nHME1ZaNw1u04JdC9Wuq5z8BIINw17U+KHYgfBsCAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBTDBVhM6sWsXRqGKoz91p4j2YdI3jAfBgNVHSMEGDAWgBQ7R24S6Jh+WzAs
3CS92ds/6DyESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08wZHVFdWlZZmxzd0xOd2t2ZG5iUC1nOGhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8x
L3d3VllUT3JGckYwYWhpcU1fZGFlSTltSFNONC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZDkwYzZmLTY1NzYtNDZiOS04MzEzLTZjYmZmM2M0ZGEwMS8xL08wZHVFdWlZZmxz
d0xOd2t2ZG5iUC1nOGhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwPgQCAAEwOAMEAE1aigMEAE1amQMEAE1anTAMAwQA
ueYNAwQAueYOAwQA1dGFAwQA1dGIAwQA1dGTAwQA1dGWMA0GCSqGSIb3DQEBCwUA
A4IBAQBymWfk+jBofIk+H4I6C+PS9dVx5NzSZkTjzrTSqjvaC1/NslXXIrb3IRps
bXGC0zcat1ga4lwW4gYloocwEX16tvvec7dWz80Czsy6m0iPmPeRQR5neF9gqrqn
G5KmheQoMVIj6+RzABaOXN5JlFVtsTq0XNGyh7VbxjU2mq5ehaLeEXxoVJ2BtkX1
C77X354uLG3dA+QDkIvZwLsBjwFY1CsptWRneLgSBuRANQdk3v1WQ7joNtScA+ds
LsvZV59DcDSKXpUcqVlYRzDr9otQ76acPvJ3n2+0b8RJuGyQpsP+IVT21tMg9ay1
MniWHIuIQveswy3KDuSxMK1ID75Y
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:23 2023 by rpki-client on console-fra.rpki-client.org