Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/de34b5-0320-4cd9-9ee3-c4ce3e8073db/1/nMG668M6MAd-no2a6LtXEG9DV30.roa
File:                     nMG668M6MAd-no2a6LtXEG9DV30.roa (raw, json)
Hash identifier:          74Ch9SUBMX6mfrJnf0mNf+uDd0gFdApYZihb55R6IQI=
Subject key identifier:   9C:C1:BA:EB:C3:3A:30:07:7E:9E:8D:9A:E8:BB:57:10:6F:43:57:7D
Certificate issuer:       /CN=d2eda4f8d9e482952a112b2ef5a4f239b7f62551
Certificate serial:       01848A9F250D17C1A071DB3BD3DA5F69B6C0
Authority key identifier: D2:ED:A4:F8:D9:E4:82:95:2A:11:2B:2E:F5:A4:F2:39:B7:F6:25:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0u2k-NnkgpUqESsu9aTyObf2JVE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/de34b5-0320-4cd9-9ee3-c4ce3e8073db/1/nMG668M6MAd-no2a6LtXEG9DV30.roa
Signing time:             Fri 18 Nov 2022 12:03:16 +0000
ROA not before:           Fri 18 Nov 2022 12:03:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50251
IP address blocks:        193.106.48.0/22 maxlen: 24
                          2a0b:d7c4::/30 maxlen: 30

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:8a:9f:25:0d:17:c1:a0:71:db:3b:d3:da:5f:69:b6:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2eda4f8d9e482952a112b2ef5a4f239b7f62551
        Validity
            Not Before: Nov 18 12:03:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9cc1baebc33a30077e9e8d9ae8bb57106f43577d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:37:0f:e0:d7:c3:bd:f8:aa:bb:08:bf:da:58:
                    bf:b8:60:29:3a:98:41:cb:f0:7a:e8:7a:e8:34:27:
                    1d:92:a3:ae:98:cb:45:9f:3d:07:dc:00:0b:19:83:
                    d2:93:25:b8:44:de:f3:b7:2f:36:23:a1:1b:ab:e1:
                    e7:d5:75:67:d7:81:0f:f4:a1:02:2c:62:18:c3:88:
                    a1:7a:13:e3:60:3c:9b:81:ae:02:63:c2:b2:99:95:
                    9c:67:f7:4b:32:2c:82:f2:41:4e:61:ec:20:4c:41:
                    f4:f8:31:c7:60:ea:02:4f:fa:b9:8f:d4:56:73:11:
                    d4:07:89:98:1a:21:5f:b3:11:f3:6b:c0:57:e7:50:
                    29:7c:ff:82:06:61:99:25:0f:8f:9a:33:65:06:07:
                    8b:e4:98:6a:bd:0f:87:68:51:95:07:fb:b3:24:0f:
                    d6:35:1c:bc:42:61:87:18:58:3f:9d:4c:2f:a8:6c:
                    ea:11:d1:75:f8:1e:4a:39:5e:31:5f:ad:59:73:47:
                    a0:90:2f:e9:15:91:7c:1f:7e:aa:c9:5f:91:2b:46:
                    54:d8:98:db:4f:ae:d2:23:0a:0d:66:35:d1:d3:8a:
                    b2:82:42:11:ce:fa:4c:38:63:4c:11:71:fa:18:ea:
                    2a:ce:2c:5f:7d:b8:8e:d6:a6:0c:15:05:1e:98:1d:
                    8f:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:C1:BA:EB:C3:3A:30:07:7E:9E:8D:9A:E8:BB:57:10:6F:43:57:7D
            X509v3 Authority Key Identifier:
                keyid:D2:ED:A4:F8:D9:E4:82:95:2A:11:2B:2E:F5:A4:F2:39:B7:F6:25:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0u2k-NnkgpUqESsu9aTyObf2JVE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/de34b5-0320-4cd9-9ee3-c4ce3e8073db/1/nMG668M6MAd-no2a6LtXEG9DV30.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/de34b5-0320-4cd9-9ee3-c4ce3e8073db/1/0u2k-NnkgpUqESsu9aTyObf2JVE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.106.48.0/22
                IPv6:
                  2a0b:d7c4::/30

    Signature Algorithm: sha256WithRSAEncryption
         42:15:5a:4e:11:6a:a7:06:8f:eb:05:f7:f1:98:e1:cb:58:12:
         3c:7c:fb:3f:30:ae:f8:d9:5a:06:a8:b6:b7:b7:0d:ce:45:40:
         30:42:f9:f0:7e:42:7a:1a:f4:da:b0:31:18:86:7c:a9:91:bd:
         53:f0:ab:5b:e9:2e:3f:17:03:e2:e4:98:5b:fe:53:7b:e0:78:
         52:24:08:e5:ad:c6:96:c6:3f:4a:dd:0f:fc:3c:74:67:d4:ba:
         f6:e0:f1:97:47:8d:1c:7f:9c:45:43:85:cf:39:50:27:75:87:
         c5:7d:53:5e:22:6f:ea:6a:46:31:b1:1a:62:bf:32:b4:6f:7b:
         2a:8f:cb:c0:f2:ec:b5:fb:fa:97:09:77:dd:8e:54:ed:3d:aa:
         01:d4:2f:c1:96:70:43:7d:e5:64:e8:0e:ae:74:8f:e6:a6:00:
         64:fb:ab:e3:07:bd:c2:be:dd:bf:87:b1:f8:22:f1:0f:72:0e:
         5b:f9:89:19:d8:b1:01:19:a9:c5:7c:9f:ee:3c:d8:0d:f2:fa:
         42:64:76:65:95:31:87:1f:63:b7:84:e7:b4:3e:85:ee:6e:e7:
         93:cf:77:2b:c6:76:24:db:4c:64:88:c0:ec:20:27:9d:df:45:
         c6:11:4e:18:e9:83:d5:4d:d3:7c:91:ba:c1:dc:cb:35:f6:b1:
         ad:6a:3d:b2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYSKnyUNF8Ggcds709pfabbAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyZWRhNGY4ZDllNDgyOTUyYTExMmIyZWY1YTRmMjM5Yjdm
NjI1NTEwHhcNMjIxMTE4MTIwMzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2MxYmFlYmMzM2EzMDA3N2U5ZThkOWFlOGJiNTcxMDZmNDM1NzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2TcP4NfDvfiquwi/2li/uGApOphB
y/B66HroNCcdkqOumMtFnz0H3AALGYPSkyW4RN7zty82I6Ebq+Hn1XVn14EP9KEC
LGIYw4ihehPjYDybga4CY8KymZWcZ/dLMiyC8kFOYewgTEH0+DHHYOoCT/q5j9RW
cxHUB4mYGiFfsxHza8BX51ApfP+CBmGZJQ+PmjNlBgeL5JhqvQ+HaFGVB/uzJA/W
NRy8QmGHGFg/nUwvqGzqEdF1+B5KOV4xX61Zc0egkC/pFZF8H36qyV+RK0ZU2Jjb
T67SIwoNZjXR04qygkIRzvpMOGNMEXH6GOoqzixffbiO1qYMFQUemB2P9QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJzBuuvDOjAHfp6Nmui7VxBvQ1d9MB8GA1UdIwQY
MBaAFNLtpPjZ5IKVKhErLvWk8jm39iVRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHUyay1ObmtncFVxRVNzdTlhVHlPYmYySlZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9kZTM0YjUtMDMyMC00Y2Q5LTllZTMt
YzRjZTNlODA3M2RiLzEvbk1HNjY4TTZNQWQtbm8yYTZMdFhFRzlEVjMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9kZTM0YjUtMDMyMC00Y2Q5LTllZTMtYzRjZTNlODA3M2Ri
LzEvMHUyay1ObmtncFVxRVNzdTlhVHlPYmYySlZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwWowMA0E
AgACMAcDBQIqC9fEMA0GCSqGSIb3DQEBCwUAA4IBAQBCFVpOEWqnBo/rBffxmOHL
WBI8fPs/MK742VoGqLa3tw3ORUAwQvnwfkJ6GvTasDEYhnypkb1T8Ktb6S4/FwPi
5Jhb/lN74HhSJAjlrcaWxj9K3Q/8PHRn1Lr24PGXR40cf5xFQ4XPOVAndYfFfVNe
Im/qakYxsRpivzK0b3sqj8vA8uy1+/qXCXfdjlTtPaoB1C/BlnBDfeVk6A6udI/m
pgBk+6vjB73Cvt2/h7H4IvEPcg5b+YkZ2LEBGanFfJ/uPNgN8vpCZHZllTGHH2O3
hOe0PoXubueTz3crxnYk20xkiMDsICed30XGEU4Y6YPVTdN8kbrB3Ms19rGtaj2y
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:26 2024 by rpki-client on console-ams.rpki-client.org