Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/SGGOBnUoihURZjK8obofwZzuW-8.roa
File:                     SGGOBnUoihURZjK8obofwZzuW-8.roa (raw, json)
Hash identifier:          pnMZhZ0hFZw5yQafThzvfviXwzkCmCYY+C2c54R5ETY=
Subject key identifier:   48:61:8E:06:75:28:8A:15:11:66:32:BC:A1:BA:1F:C1:9C:EE:5B:EF
Certificate issuer:       /CN=81812385b82dda0fd4826abb7aefeb0df3eb8ffd
Certificate serial:       0185103D56E15F93AA7838CD8C72EF5F6B98
Authority key identifier: 81:81:23:85:B8:2D:DA:0F:D4:82:6A:BB:7A:EF:EB:0D:F3:EB:8F:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gYEjhbgt2g_Ugmq7eu_rDfPrj_0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/SGGOBnUoihURZjK8obofwZzuW-8.roa
Signing time:             Wed 14 Dec 2022 10:45:33 +0000
ROA not before:           Wed 14 Dec 2022 10:45:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     21430
IP address blocks:        82.208.52.0/22 maxlen: 22
                          82.208.57.0/24 maxlen: 24
                          82.208.59.0/24 maxlen: 24
                          109.123.200.0/23 maxlen: 23
                          82.208.0.0/22 maxlen: 22
                          109.123.204.0/24 maxlen: 24
                          109.123.212.0/23 maxlen: 23
                          82.208.13.0/24 maxlen: 24
                          82.208.15.0/24 maxlen: 24
                          82.208.24.0/23 maxlen: 23
                          109.123.226.0/24 maxlen: 24
                          82.208.19.0/24 maxlen: 24
                          82.208.30.0/23 maxlen: 23
                          82.208.36.0/23 maxlen: 23
                          82.208.38.0/24 maxlen: 24
                          82.208.42.0/23 maxlen: 23
                          82.208.51.0/24 maxlen: 24
                          82.208.45.0/24 maxlen: 24
                          185.33.136.0/22 maxlen: 22
                          217.11.255.0/24 maxlen: 24
                          83.136.200.0/21 maxlen: 21
                          217.11.226.0/24 maxlen: 24
                          217.11.231.0/24 maxlen: 24
                          217.11.234.0/24 maxlen: 24
                          217.11.237.0/24 maxlen: 24
                          217.11.238.0/23 maxlen: 23
                          217.11.240.0/23 maxlen: 23
                          217.11.244.0/24 maxlen: 24
                          217.11.250.0/24 maxlen: 24
                          217.11.252.0/23 maxlen: 23
                          31.7.240.0/21 maxlen: 21
                          85.239.254.0/23 maxlen: 23
                          77.78.80.0/21 maxlen: 21
                          81.0.216.0/24 maxlen: 24
                          81.0.215.0/24 maxlen: 24
                          77.78.88.0/22 maxlen: 24
                          81.0.222.0/23 maxlen: 23
                          81.0.224.0/24 maxlen: 24
                          77.78.92.0/23 maxlen: 24
                          81.0.227.0/24 maxlen: 24
                          81.0.229.0/24 maxlen: 24
                          81.0.244.0/23 maxlen: 23
                          81.0.252.0/23 maxlen: 23
                          81.0.251.0/24 maxlen: 24
                          77.78.122.0/24 maxlen: 24
                          185.161.240.0/22 maxlen: 22
                          85.239.224.0/23 maxlen: 23
                          85.239.226.0/24 maxlen: 24
                          85.239.228.0/23 maxlen: 23
                          80.250.0.0/19 maxlen: 19
                          81.0.196.0/23 maxlen: 23
                          81.0.198.0/24 maxlen: 24
                          77.78.64.0/22 maxlen: 22
                          81.0.200.0/22 maxlen: 22
                          77.78.68.0/23 maxlen: 23
                          81.0.204.0/23 maxlen: 23
                          77.78.74.0/23 maxlen: 23
                          81.0.210.0/23 maxlen: 23
                          85.239.251.0/24 maxlen: 24
                          2a01:6400::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:10:3d:56:e1:5f:93:aa:78:38:cd:8c:72:ef:5f:6b:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81812385b82dda0fd4826abb7aefeb0df3eb8ffd
        Validity
            Not Before: Dec 14 10:45:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=48618e0675288a15116632bca1ba1fc19cee5bef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:85:e1:7c:a3:85:60:a6:7e:7a:a2:02:99:f6:
                    59:65:4d:77:d7:8c:4e:be:c5:83:09:f0:31:2b:cb:
                    c2:a5:c7:c2:66:8e:04:47:f5:42:b6:09:58:b2:95:
                    e4:60:cf:0e:d2:77:b4:7a:ec:e1:25:f9:90:38:a5:
                    80:c4:31:96:ba:8d:85:61:53:1a:04:bf:e8:f2:0f:
                    21:74:72:ea:4f:90:6c:c5:91:03:e7:c0:62:ea:13:
                    90:8c:51:66:e0:e5:1b:1e:cd:68:bc:e5:12:7d:d5:
                    64:3f:e8:3c:d0:ef:3e:af:91:d2:80:db:c3:c1:a2:
                    44:46:01:02:9f:38:66:0a:2b:b0:3d:1e:74:ae:43:
                    fe:6d:58:d6:b4:9f:89:87:55:bb:a7:65:18:f6:30:
                    b0:07:25:3d:2f:91:0e:5e:1b:5e:1f:80:4f:d1:27:
                    32:07:f7:c5:c8:85:72:8f:02:e0:c3:3d:f8:ad:87:
                    91:76:3c:df:74:fa:c6:91:f7:a3:7c:06:0f:00:c1:
                    eb:22:63:55:2d:cc:74:66:1d:d8:59:11:83:93:a0:
                    b4:38:4a:fe:bb:d9:77:e5:a6:c2:88:7f:f7:24:78:
                    68:9b:72:b9:b2:2f:cb:63:fa:53:ad:c4:38:c1:e3:
                    d7:37:5e:1f:26:4d:c5:ff:b5:15:44:a5:45:d2:c6:
                    16:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:61:8E:06:75:28:8A:15:11:66:32:BC:A1:BA:1F:C1:9C:EE:5B:EF
            X509v3 Authority Key Identifier:
                keyid:81:81:23:85:B8:2D:DA:0F:D4:82:6A:BB:7A:EF:EB:0D:F3:EB:8F:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gYEjhbgt2g_Ugmq7eu_rDfPrj_0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/SGGOBnUoihURZjK8obofwZzuW-8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/gYEjhbgt2g_Ugmq7eu_rDfPrj_0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.7.240.0/21
                  77.78.64.0-77.78.69.255
                  77.78.74.0/23
                  77.78.80.0-77.78.93.255
                  77.78.122.0/24
                  80.250.0.0/19
                  81.0.196.0-81.0.198.255
                  81.0.200.0-81.0.205.255
                  81.0.210.0/23
                  81.0.215.0-81.0.216.255
                  81.0.222.0-81.0.224.255
                  81.0.227.0/24
                  81.0.229.0/24
                  81.0.244.0/23
                  81.0.251.0-81.0.253.255
                  82.208.0.0/22
                  82.208.13.0/24
                  82.208.15.0/24
                  82.208.19.0/24
                  82.208.24.0/23
                  82.208.30.0/23
                  82.208.36.0-82.208.38.255
                  82.208.42.0/23
                  82.208.45.0/24
                  82.208.51.0-82.208.55.255
                  82.208.57.0/24
                  82.208.59.0/24
                  83.136.200.0/21
                  85.239.224.0-85.239.226.255
                  85.239.228.0/23
                  85.239.251.0/24
                  85.239.254.0/23
                  109.123.200.0/23
                  109.123.204.0/24
                  109.123.212.0/23
                  109.123.226.0/24
                  185.33.136.0/22
                  185.161.240.0/22
                  217.11.226.0/24
                  217.11.231.0/24
                  217.11.234.0/24
                  217.11.237.0-217.11.241.255
                  217.11.244.0/24
                  217.11.250.0/24
                  217.11.252.0/23
                  217.11.255.0/24
                IPv6:
                  2a01:6400::/32

    Signature Algorithm: sha256WithRSAEncryption
         7a:d4:c2:36:f8:b7:38:d0:d9:02:cb:76:df:8d:79:75:7f:d0:
         a1:c3:8d:5c:7f:1a:18:f5:85:10:d5:06:5c:1f:7b:4e:2e:c8:
         a0:52:86:1a:68:aa:bf:48:81:1f:24:79:b8:dd:db:a6:74:83:
         aa:c5:72:6a:bc:14:d0:2b:79:e9:cf:f2:cc:d4:31:68:63:70:
         29:ed:61:c0:c1:1c:eb:6c:40:91:9a:1f:e5:87:12:cc:9a:ba:
         71:52:c9:5a:40:3b:94:4a:e5:d2:63:19:7d:a1:18:d9:94:64:
         57:ae:11:65:cc:9f:84:77:ae:76:fb:eb:5f:32:c6:b4:0a:6f:
         6a:ac:24:7c:2b:a3:95:91:41:c4:95:4c:99:40:fd:ad:5f:f6:
         07:24:92:4b:7b:46:bd:33:12:bb:f5:06:92:41:64:7b:65:2e:
         0e:83:a9:e1:86:b0:da:cb:bc:8c:61:c4:d8:44:90:e4:d8:63:
         7d:c9:fc:87:3f:c5:da:c7:ae:b3:e7:94:69:26:cb:9e:b9:af:
         eb:bd:dd:ac:bf:21:4a:a5:c0:1c:02:82:65:fd:1f:82:a7:bd:
         65:74:9b:bc:51:24:96:0e:b1:dc:25:e3:68:5d:81:88:cd:84:
         6d:18:4b:38:eb:54:4d:33:04:ee:28:8c:3d:91:79:81:ce:1f:
         d8:c7:66:b9
-----BEGIN CERTIFICATE-----
MIIGfDCCBWSgAwIBAgISAYUQPVbhX5OqeDjNjHLvX2uYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxODEyMzg1YjgyZGRhMGZkNDgyNmFiYjdhZWZlYjBkZjNl
YjhmZmQwHhcNMjIxMjE0MTA0NTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODYxOGUwNjc1Mjg4YTE1MTE2NjMyYmNhMWJhMWZjMTljZWU1YmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIXhfKOFYKZ+eqICmfZZZU1314xO
vsWDCfAxK8vCpcfCZo4ER/VCtglYspXkYM8O0ne0euzhJfmQOKWAxDGWuo2FYVMa
BL/o8g8hdHLqT5BsxZED58Bi6hOQjFFm4OUbHs1ovOUSfdVkP+g80O8+r5HSgNvD
waJERgECnzhmCiuwPR50rkP+bVjWtJ+Jh1W7p2UY9jCwByU9L5EOXhteH4BP0Scy
B/fFyIVyjwLgwz34rYeRdjzfdPrGkfejfAYPAMHrImNVLcx0Zh3YWRGDk6C0OEr+
u9l35abCiH/3JHhom3K5si/LY/pTrcQ4wePXN14fJk3F/7UVRKVF0sYWGwIDAQAB
o4IDiDCCA4QwHQYDVR0OBBYEFEhhjgZ1KIoVEWYyvKG6H8Gc7lvvMB8GA1UdIwQY
MBaAFIGBI4W4LdoP1IJqu3rv6w3z64/9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1lFamhiZ3QyZ19VZ21xN2V1X3JEZlByal8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8wMDkwNzQtNjZmNi00ZDRkLTk3NGEt
ZGEyZWM4Y2ZiODg4LzEvU0dHT0JuVW9paFVSWmpLOG9ib2Z3Wnp1Vy04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8wMDkwNzQtNjZmNi00ZDRkLTk3NGEtZGEyZWM4Y2ZiODg4
LzEvZ1lFamhiZ3QyZ19VZ21xN2V1X3JEZlByal8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBnAYIKwYBBQUHAQcBAf8EggGLMIIBhzCCAXQEAgABMIIB
bAMEAx8H8DAMAwQGTU5AAwQBTU5EAwQBTU5KMAwDBARNTlADBAFNTlwDBABNTnoD
BAVQ+gAwDAMEAlEAxAMEAFEAxjAMAwQDUQDIAwQBUQDMAwQBUQDSMAwDBABRANcD
BABRANgwDAMEAVEA3gMEAFEA4AMEAFEA4wMEAFEA5QMEAVEA9DAMAwQAUQD7AwQB
UQD8AwQCUtAAAwQAUtANAwQAUtAPAwQAUtATAwQBUtAYAwQBUtAeMAwDBAJS0CQD
BABS0CYDBAFS0CoDBABS0C0wDAMEAFLQMwMEA1LQMAMEAFLQOQMEAFLQOwMEA1OI
yDAMAwQFVe/gAwQAVe/iAwQBVe/kAwQAVe/7AwQBVe/+AwQBbXvIAwQAbXvMAwQB
bXvUAwQAbXviAwQCuSGIAwQCuaHwAwQA2QviAwQA2QvnAwQA2QvqMAwDBADZC+0D
BAHZC/ADBADZC/QDBADZC/oDBAHZC/wDBADZC/8wDQQCAAIwBwMFACoBZAAwDQYJ
KoZIhvcNAQELBQADggEBAHrUwjb4tzjQ2QLLdt+NeXV/0KHDjVx/Ghj1hRDVBlwf
e04uyKBShhpoqr9IgR8kebjd26Z0g6rFcmq8FNAreenP8szUMWhjcCntYcDBHOts
QJGaH+WHEsyaunFSyVpAO5RK5dJjGX2hGNmUZFeuEWXMn4R3rnb7618yxrQKb2qs
JHwro5WRQcSVTJlA/a1f9gckkkt7Rr0zErv1BpJBZHtlLg6DqeGGsNrLvIxhxNhE
kOTYY33J/Ic/xdrHrrPnlGkmy565r+u93ay/IUqlwBwCgmX9H4KnvWV0m7xRJJYO
sdwl42hdgYjNhG0YSzjrVE0zBO4ojD2ReYHOH9jHZrk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:30 2024 by rpki-client on console-ams.rpki-client.org