Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nd_N9xwYd0MuaRRLOoadlyQnvDk.roa
File:                     nd_N9xwYd0MuaRRLOoadlyQnvDk.roa (raw, json)
Hash identifier:          gHZOOmaGLfuca1j4qDRh5PlBxX5bkRrAYvXIfv09oe0=
Subject key identifier:   9D:DF:CD:F7:1C:18:77:43:2E:69:14:4B:3A:86:9D:97:24:27:BC:39
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       13A4BAE6
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nd_N9xwYd0MuaRRLOoadlyQnvDk.roa
Signing time:             Sun 10 Apr 2022 15:20:14 +0000
ROA not before:           Sun 10 Apr 2022 15:20:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211522
IP address blocks:        2a10:cc44:202::/48 maxlen: 48
                          2a10:cc44:201::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 329562854 (0x13a4bae6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Apr 10 15:20:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9ddfcdf71c1877432e69144b3a869d972427bc39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:4b:93:73:bd:4a:78:23:86:10:4a:06:4b:58:
                    58:32:db:e8:84:51:11:c5:f4:e9:f6:64:95:d7:6a:
                    1c:d6:c3:5f:9c:02:e5:c1:7f:b8:36:bf:c5:7a:9d:
                    94:68:d0:dc:52:61:ca:f9:46:26:a3:6d:f0:5a:14:
                    25:86:d3:8c:66:38:6f:40:3c:22:3b:b7:6a:39:16:
                    5b:8e:a2:8a:66:c4:9b:9e:5f:9e:d5:e2:86:a0:40:
                    5f:1f:5d:95:4a:c2:fd:65:32:7e:1c:c9:a6:88:27:
                    5e:81:a4:02:1e:eb:09:c4:c8:b9:c5:99:7b:98:bf:
                    b2:93:56:7c:35:92:d8:f6:02:0c:ea:31:01:d7:32:
                    f5:ba:1b:bc:a0:81:92:f5:0d:18:2b:ff:61:1e:28:
                    cf:7f:a0:e2:59:1a:85:73:19:59:64:5c:60:42:91:
                    ce:9f:47:db:6d:0d:51:6c:39:d2:f1:66:42:8d:a1:
                    4f:9f:fe:f6:41:44:ee:5c:a1:77:83:2f:85:ef:ff:
                    54:48:8c:ad:80:b1:4a:d7:32:66:13:c2:2b:df:62:
                    0f:8e:d7:6a:ec:94:72:92:8a:6e:6f:27:25:11:2f:
                    d8:86:c6:f2:6d:8e:47:04:b6:d4:ba:95:0c:f2:2a:
                    ba:bb:aa:7c:cf:20:ea:82:19:0d:15:fc:7c:13:05:
                    98:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:DF:CD:F7:1C:18:77:43:2E:69:14:4B:3A:86:9D:97:24:27:BC:39
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nd_N9xwYd0MuaRRLOoadlyQnvDk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:cc44:201::-2a10:cc44:202:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         33:86:2a:59:92:07:a9:68:ae:22:17:73:1a:f6:c1:70:bf:a8:
         be:ca:7c:1d:fe:94:ca:5f:0f:92:cf:6b:d9:8a:ae:35:43:88:
         6b:96:6d:f4:5b:d5:22:50:87:85:83:7a:ea:9c:20:54:8a:de:
         05:cb:77:98:86:38:2c:78:82:ed:24:46:52:83:c6:ee:5b:2b:
         f5:8f:d3:12:c4:2e:4c:e2:db:0f:f8:38:2e:4f:a6:4a:e1:94:
         11:8d:61:fb:90:15:fc:08:5e:11:56:05:c8:0e:45:27:97:3f:
         6a:c7:1e:6d:77:8a:59:91:da:a6:8c:25:c0:01:c8:96:7f:07:
         59:25:ac:33:e5:f9:f3:cd:03:1d:f5:21:26:2a:15:f4:19:04:
         6c:5e:36:b4:f9:ad:f9:93:9c:e0:e1:2e:bb:3b:8c:df:23:0f:
         94:e7:b8:bf:30:c3:cd:9b:36:8c:fd:bc:42:ee:27:f8:75:3d:
         0d:be:6b:d5:86:2b:c7:7a:c3:84:f2:b0:80:07:04:bd:80:4b:
         08:9e:20:f2:fc:5a:7d:fe:07:35:08:0e:00:11:78:b7:9a:fa:
         08:2f:f4:e9:55:39:e7:3a:ed:09:8b:68:ae:b0:70:5e:c4:6f:
         75:7b:93:08:df:dc:52:af:82:79:85:21:3c:9d:db:c6:ba:57:
         54:b2:71:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEE6S65jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDQx
MDE1MjAxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWRkZmNkZjcxYzE4
Nzc0MzJlNjkxNDRiM2E4NjlkOTcyNDI3YmMzOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKxLk3O9SngjhhBKBktYWDLb6IRREcX06fZklddqHNbDX5wC
5cF/uDa/xXqdlGjQ3FJhyvlGJqNt8FoUJYbTjGY4b0A8Iju3ajkWW46iimbEm55f
ntXihqBAXx9dlUrC/WUyfhzJpognXoGkAh7rCcTIucWZe5i/spNWfDWS2PYCDOox
Adcy9bobvKCBkvUNGCv/YR4oz3+g4lkahXMZWWRcYEKRzp9H220NUWw50vFmQo2h
T5/+9kFE7lyhd4Mvhe//VEiMrYCxStcyZhPCK99iD47XauyUcpKKbm8nJREv2IbG
8m2ORwS21LqVDPIquruqfM8g6oIZDRX8fBMFmC8CAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBSd3833HBh3Qy5pFEs6hp2XJCe8OTAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L25kX045eHdZZDBNdWFSUkxPb2FkbHlRbnZEay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAIwFDASAwcAKhDMRAIBAwcAKhDMRAICMA0G
CSqGSIb3DQEBCwUAA4IBAQAzhipZkgepaK4iF3Ma9sFwv6i+ynwd/pTKXw+Sz2vZ
iq41Q4hrlm30W9UiUIeFg3rqnCBUit4Fy3eYhjgseILtJEZSg8buWyv1j9MSxC5M
4tsP+DguT6ZK4ZQRjWH7kBX8CF4RVgXIDkUnlz9qxx5td4pZkdqmjCXAAciWfwdZ
Jawz5fnzzQMd9SEmKhX0GQRsXja0+a35k5zg4S67O4zfIw+U57i/MMPNmzaM/bxC
7if4dT0NvmvVhivHesOE8rCABwS9gEsIniDy/Fp9/gc1CA4AEXi3mvoIL/TpVTnn
Ou0Ji2iusHBexG91e5MI39xSr4J5hSE8ndvGuldUsnFE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:37 2024 by rpki-client on console-fra.rpki-client.org