Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/T3brVhW0nK_3lvc-BeXBqDsjTVE.roa
File:                     T3brVhW0nK_3lvc-BeXBqDsjTVE.roa (raw, json)
Hash identifier:          8sg137tColJpiGGOOc4IVMvvS5aJymM4bgMVgrixEEE=
Subject key identifier:   4F:76:EB:56:15:B4:9C:AF:F7:96:F7:3E:05:E5:C1:A8:3B:23:4D:51
Certificate issuer:       /CN=81812385b82dda0fd4826abb7aefeb0df3eb8ffd
Certificate serial:       01842EFA5B4D8104F0CB4E954237D937FE4E
Authority key identifier: 81:81:23:85:B8:2D:DA:0F:D4:82:6A:BB:7A:EF:EB:0D:F3:EB:8F:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gYEjhbgt2g_Ugmq7eu_rDfPrj_0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/T3brVhW0nK_3lvc-BeXBqDsjTVE.roa
Signing time:             Mon 31 Oct 2022 16:57:49 +0000
ROA not before:           Mon 31 Oct 2022 16:57:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     21430
IP address blocks:        82.208.52.0/22 maxlen: 22
                          82.208.57.0/24 maxlen: 24
                          82.208.59.0/24 maxlen: 24
                          109.123.200.0/23 maxlen: 23
                          82.208.0.0/22 maxlen: 22
                          109.123.204.0/24 maxlen: 24
                          109.123.212.0/23 maxlen: 23
                          82.208.13.0/24 maxlen: 24
                          82.208.15.0/24 maxlen: 24
                          82.208.24.0/23 maxlen: 23
                          109.123.226.0/24 maxlen: 24
                          82.208.19.0/24 maxlen: 24
                          82.208.30.0/23 maxlen: 23
                          82.208.36.0/23 maxlen: 23
                          82.208.38.0/24 maxlen: 24
                          82.208.42.0/23 maxlen: 23
                          82.208.51.0/24 maxlen: 24
                          82.208.45.0/24 maxlen: 24
                          185.33.136.0/22 maxlen: 22
                          217.11.255.0/24 maxlen: 24
                          83.136.200.0/21 maxlen: 21
                          217.11.226.0/24 maxlen: 24
                          217.11.231.0/24 maxlen: 24
                          217.11.234.0/24 maxlen: 24
                          217.11.237.0/24 maxlen: 24
                          217.11.238.0/23 maxlen: 23
                          217.11.240.0/23 maxlen: 23
                          217.11.244.0/24 maxlen: 24
                          217.11.250.0/24 maxlen: 24
                          217.11.252.0/23 maxlen: 23
                          31.7.240.0/21 maxlen: 21
                          85.239.254.0/23 maxlen: 23
                          77.78.80.0/21 maxlen: 21
                          81.0.216.0/24 maxlen: 24
                          81.0.215.0/24 maxlen: 24
                          77.78.88.0/22 maxlen: 22
                          81.0.222.0/23 maxlen: 23
                          81.0.224.0/24 maxlen: 24
                          77.78.92.0/23 maxlen: 24
                          81.0.227.0/24 maxlen: 24
                          81.0.229.0/24 maxlen: 24
                          81.0.244.0/23 maxlen: 23
                          81.0.252.0/23 maxlen: 23
                          81.0.251.0/24 maxlen: 24
                          77.78.122.0/24 maxlen: 24
                          185.161.240.0/22 maxlen: 22
                          85.239.224.0/23 maxlen: 23
                          85.239.226.0/24 maxlen: 24
                          85.239.228.0/23 maxlen: 23
                          80.250.0.0/19 maxlen: 19
                          81.0.196.0/23 maxlen: 23
                          81.0.198.0/24 maxlen: 24
                          77.78.64.0/22 maxlen: 22
                          81.0.200.0/22 maxlen: 22
                          77.78.68.0/23 maxlen: 23
                          81.0.204.0/23 maxlen: 23
                          77.78.74.0/23 maxlen: 23
                          81.0.210.0/23 maxlen: 23
                          85.239.251.0/24 maxlen: 24
                          2a01:6400::/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:2e:fa:5b:4d:81:04:f0:cb:4e:95:42:37:d9:37:fe:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81812385b82dda0fd4826abb7aefeb0df3eb8ffd
        Validity
            Not Before: Oct 31 16:57:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4f76eb5615b49caff796f73e05e5c1a83b234d51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:e2:2f:fd:4b:45:04:c9:f5:0c:52:cf:ae:a3:
                    df:8b:f5:b9:3e:c4:7f:84:0d:d4:9e:aa:ae:c1:cb:
                    29:d7:f9:80:7f:0f:8f:3f:34:69:ad:1a:2b:a9:4c:
                    a8:e5:f0:30:bc:56:5e:ac:af:01:46:bd:dd:7a:f2:
                    3c:c0:73:6a:31:96:8a:3f:f7:6b:37:fb:bc:96:91:
                    47:73:40:41:2e:16:ef:7a:e8:c8:d9:dd:bd:4b:9f:
                    10:c7:0d:e7:77:b5:df:73:12:6f:51:f4:8a:1e:75:
                    b6:13:48:ad:42:68:77:f5:56:db:b1:f5:4f:4d:5e:
                    a1:ee:1c:e8:e6:52:bf:3d:81:36:52:95:34:18:d2:
                    5f:e4:d1:cb:bb:4f:ca:46:14:a5:61:dd:3c:3b:f4:
                    68:21:3f:0c:4c:47:ee:a1:4c:b4:42:b1:0c:36:8f:
                    c3:ad:fe:75:ff:2a:ef:3e:01:c3:a4:95:73:53:ec:
                    d1:b0:72:0d:a8:14:0a:45:46:66:90:5e:6b:89:fa:
                    89:ab:54:17:3f:1f:5c:98:d0:ab:48:45:b6:4e:c7:
                    d9:ba:39:cc:fc:2d:41:bb:64:c6:c3:80:3d:ba:85:
                    fb:fc:30:6c:b3:cd:91:72:be:ed:ff:1f:e2:44:4f:
                    ab:32:81:ee:36:ba:be:cf:2e:97:c0:d2:08:65:48:
                    a6:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:76:EB:56:15:B4:9C:AF:F7:96:F7:3E:05:E5:C1:A8:3B:23:4D:51
            X509v3 Authority Key Identifier:
                keyid:81:81:23:85:B8:2D:DA:0F:D4:82:6A:BB:7A:EF:EB:0D:F3:EB:8F:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gYEjhbgt2g_Ugmq7eu_rDfPrj_0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/T3brVhW0nK_3lvc-BeXBqDsjTVE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/gYEjhbgt2g_Ugmq7eu_rDfPrj_0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.7.240.0/21
                  77.78.64.0-77.78.69.255
                  77.78.74.0/23
                  77.78.80.0-77.78.93.255
                  77.78.122.0/24
                  80.250.0.0/19
                  81.0.196.0-81.0.198.255
                  81.0.200.0-81.0.205.255
                  81.0.210.0/23
                  81.0.215.0-81.0.216.255
                  81.0.222.0-81.0.224.255
                  81.0.227.0/24
                  81.0.229.0/24
                  81.0.244.0/23
                  81.0.251.0-81.0.253.255
                  82.208.0.0/22
                  82.208.13.0/24
                  82.208.15.0/24
                  82.208.19.0/24
                  82.208.24.0/23
                  82.208.30.0/23
                  82.208.36.0-82.208.38.255
                  82.208.42.0/23
                  82.208.45.0/24
                  82.208.51.0-82.208.55.255
                  82.208.57.0/24
                  82.208.59.0/24
                  83.136.200.0/21
                  85.239.224.0-85.239.226.255
                  85.239.228.0/23
                  85.239.251.0/24
                  85.239.254.0/23
                  109.123.200.0/23
                  109.123.204.0/24
                  109.123.212.0/23
                  109.123.226.0/24
                  185.33.136.0/22
                  185.161.240.0/22
                  217.11.226.0/24
                  217.11.231.0/24
                  217.11.234.0/24
                  217.11.237.0-217.11.241.255
                  217.11.244.0/24
                  217.11.250.0/24
                  217.11.252.0/23
                  217.11.255.0/24
                IPv6:
                  2a01:6400::/32

    Signature Algorithm: sha256WithRSAEncryption
         66:cc:d8:f5:c9:74:03:d1:86:70:6d:32:3f:17:29:51:b0:76:
         f8:43:0f:15:9c:e8:9e:ee:40:5f:ec:0d:83:61:6e:9c:59:b7:
         4a:20:87:9a:ca:fd:88:fc:e4:ca:af:48:0d:04:68:a1:c9:68:
         5e:7d:c8:43:d0:06:91:37:9b:64:0d:5a:24:2c:4f:6f:9d:06:
         f6:68:7a:a1:96:23:2d:c7:dc:20:75:99:81:e0:ce:27:26:23:
         64:e3:ce:3f:86:d4:4b:69:66:89:8e:f7:c2:2b:1d:c2:13:a0:
         06:b5:16:0c:20:0c:ea:ae:a4:4e:98:6f:fe:e2:3d:3b:f9:2e:
         bb:d1:51:db:13:e4:49:46:31:1d:e5:ca:94:ae:7e:45:bf:90:
         32:2d:f9:f2:ef:29:db:a3:35:b4:c3:9c:bc:aa:e1:02:04:05:
         86:ec:56:28:63:4f:cf:95:03:2c:ed:4b:02:d9:13:3d:38:68:
         bf:53:b0:ef:ba:d6:c6:1b:77:03:ee:17:9f:27:f0:0d:82:45:
         52:49:e9:0b:e2:08:d8:06:7c:7d:d5:f6:fc:bc:91:25:d5:4b:
         b6:e9:8a:85:5e:da:e2:80:72:c0:78:f4:90:db:72:28:2d:e5:
         f7:7e:49:bf:28:0f:81:66:af:14:bf:82:fd:9a:91:c4:c7:2a:
         36:5c:42:fa
-----BEGIN CERTIFICATE-----
MIIGfDCCBWSgAwIBAgISAYQu+ltNgQTwy06VQjfZN/5OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxODEyMzg1YjgyZGRhMGZkNDgyNmFiYjdhZWZlYjBkZjNl
YjhmZmQwHhcNMjIxMDMxMTY1NzQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Zjc2ZWI1NjE1YjQ5Y2FmZjc5NmY3M2UwNWU1YzFhODNiMjM0ZDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeIv/UtFBMn1DFLPrqPfi/W5PsR/
hA3Unqquwcsp1/mAfw+PPzRprRorqUyo5fAwvFZerK8BRr3devI8wHNqMZaKP/dr
N/u8lpFHc0BBLhbveujI2d29S58Qxw3nd7XfcxJvUfSKHnW2E0itQmh39VbbsfVP
TV6h7hzo5lK/PYE2UpU0GNJf5NHLu0/KRhSlYd08O/RoIT8MTEfuoUy0QrEMNo/D
rf51/yrvPgHDpJVzU+zRsHINqBQKRUZmkF5rifqJq1QXPx9cmNCrSEW2TsfZujnM
/C1Bu2TGw4A9uoX7/DBss82Rcr7t/x/iRE+rMoHuNrq+zy6XwNIIZUimYwIDAQAB
o4IDiDCCA4QwHQYDVR0OBBYEFE9261YVtJyv95b3PgXlwag7I01RMB8GA1UdIwQY
MBaAFIGBI4W4LdoP1IJqu3rv6w3z64/9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1lFamhiZ3QyZ19VZ21xN2V1X3JEZlByal8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8wMDkwNzQtNjZmNi00ZDRkLTk3NGEt
ZGEyZWM4Y2ZiODg4LzEvVDNiclZoVzBuS18zbHZjLUJlWEJxRHNqVFZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8wMDkwNzQtNjZmNi00ZDRkLTk3NGEtZGEyZWM4Y2ZiODg4
LzEvZ1lFamhiZ3QyZ19VZ21xN2V1X3JEZlByal8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBnAYIKwYBBQUHAQcBAf8EggGLMIIBhzCCAXQEAgABMIIB
bAMEAx8H8DAMAwQGTU5AAwQBTU5EAwQBTU5KMAwDBARNTlADBAFNTlwDBABNTnoD
BAVQ+gAwDAMEAlEAxAMEAFEAxjAMAwQDUQDIAwQBUQDMAwQBUQDSMAwDBABRANcD
BABRANgwDAMEAVEA3gMEAFEA4AMEAFEA4wMEAFEA5QMEAVEA9DAMAwQAUQD7AwQB
UQD8AwQCUtAAAwQAUtANAwQAUtAPAwQAUtATAwQBUtAYAwQBUtAeMAwDBAJS0CQD
BABS0CYDBAFS0CoDBABS0C0wDAMEAFLQMwMEA1LQMAMEAFLQOQMEAFLQOwMEA1OI
yDAMAwQFVe/gAwQAVe/iAwQBVe/kAwQAVe/7AwQBVe/+AwQBbXvIAwQAbXvMAwQB
bXvUAwQAbXviAwQCuSGIAwQCuaHwAwQA2QviAwQA2QvnAwQA2QvqMAwDBADZC+0D
BAHZC/ADBADZC/QDBADZC/oDBAHZC/wDBADZC/8wDQQCAAIwBwMFACoBZAAwDQYJ
KoZIhvcNAQELBQADggEBAGbM2PXJdAPRhnBtMj8XKVGwdvhDDxWc6J7uQF/sDYNh
bpxZt0ogh5rK/Yj85MqvSA0EaKHJaF59yEPQBpE3m2QNWiQsT2+dBvZoeqGWIy3H
3CB1mYHgzicmI2Tjzj+G1EtpZomO98IrHcIToAa1FgwgDOqupE6Yb/7iPTv5LrvR
UdsT5ElGMR3lypSufkW/kDIt+fLvKdujNbTDnLyq4QIEBYbsVihjT8+VAyztSwLZ
Ez04aL9TsO+61sYbdwPuF58n8A2CRVJJ6QviCNgGfH3V9vy8kSXVS7bpioVe2uKA
csB49JDbcigt5fd+Sb8oD4FmrxS/gv2akcTHKjZcQvo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:07 2024 by rpki-client on console-fra.rpki-client.org