Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3135362e3231382e302f32332d3234203d3e203633383539.roa
File:                     3130332e3135362e3231382e302f32332d3234203d3e203633383539.roa (raw, json)
Hash identifier:          LLK8IUFKcHL5d5koiXSUjy0g9eHsvNi6lV3ybcVyq/U=
Subject key identifier:   7B:D0:13:B8:33:62:B0:59:E9:65:9F:FD:D6:08:98:FB:FC:36:7B:B2
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       64704EF9E613E1710D7D07C816A41C3259648CC4
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3135362e3231382e302f32332d3234203d3e203633383539.roa
Signing time:             Wed 10 Nov 2021 08:00:01 +0000
ROA not before:           Wed 10 Nov 2021 07:55:01 +0000
ROA not after:            Thu 10 Nov 2022 08:00:01 +0000
asID:                     63859
IP address blocks:        103.156.218.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            64:70:4e:f9:e6:13:e1:71:0d:7d:07:c8:16:a4:1c:32:59:64:8c:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Nov 10 07:55:01 2021 GMT
            Not After : Nov 10 08:00:01 2022 GMT
        Subject: CN=3082010A0282010100B63062279ADB56ED38751F967253B2F2DA9E76B189FF487A677A7DCC8833A73693992C7E6A8F955B18E392E45D28E2CA85170257556648E0CF2BAB3E6D03B3B63A0EF1DEA087845FA06F279A22859C57C1C80E218AA9D3BB7C038D998AA1DFFF009191758BD5423312EFB5CC33AEBCF9A5C847BB5564753681E446E614D00E3787AE3050A815BD5E39C70F875AFBC680A725ED9B1D6D72BB7F0037BA4F2D768C7753791FEDAB501D178EE359D488AB525F068BDB23F35012E21DDF1E89888F7BD6DC3D183CE6AA43E37A085D43B2E2A2B0346B5A92C3FDB8592E6A213A25AE1AA38AAD00F8FBBB398D9E0107317E5BA39F091991D6DE0737B496ADFF522D94250203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:30:62:27:9a:db:56:ed:38:75:1f:96:72:53:
                    b2:f2:da:9e:76:b1:89:ff:48:7a:67:7a:7d:cc:88:
                    33:a7:36:93:99:2c:7e:6a:8f:95:5b:18:e3:92:e4:
                    5d:28:e2:ca:85:17:02:57:55:66:48:e0:cf:2b:ab:
                    3e:6d:03:b3:b6:3a:0e:f1:de:a0:87:84:5f:a0:6f:
                    27:9a:22:85:9c:57:c1:c8:0e:21:8a:a9:d3:bb:7c:
                    03:8d:99:8a:a1:df:ff:00:91:91:75:8b:d5:42:33:
                    12:ef:b5:cc:33:ae:bc:f9:a5:c8:47:bb:55:64:75:
                    36:81:e4:46:e6:14:d0:0e:37:87:ae:30:50:a8:15:
                    bd:5e:39:c7:0f:87:5a:fb:c6:80:a7:25:ed:9b:1d:
                    6d:72:bb:7f:00:37:ba:4f:2d:76:8c:77:53:79:1f:
                    ed:ab:50:1d:17:8e:e3:59:d4:88:ab:52:5f:06:8b:
                    db:23:f3:50:12:e2:1d:df:1e:89:88:8f:7b:d6:dc:
                    3d:18:3c:e6:aa:43:e3:7a:08:5d:43:b2:e2:a2:b0:
                    34:6b:5a:92:c3:fd:b8:59:2e:6a:21:3a:25:ae:1a:
                    a3:8a:ad:00:f8:fb:bb:39:8d:9e:01:07:31:7e:5b:
                    a3:9f:09:19:91:d6:de:07:37:b4:96:ad:ff:52:2d:
                    94:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:D0:13:B8:33:62:B0:59:E9:65:9F:FD:D6:08:98:FB:FC:36:7B:B2
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3135362e3231382e302f32332d3234203d3e203633383539.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.156.218.0/23

    Signature Algorithm: sha256WithRSAEncryption
         46:70:81:74:73:85:55:1d:90:ee:02:0e:ee:db:29:7d:30:b2:
         1f:30:09:2b:7e:9b:33:53:1b:8a:e1:38:2d:d6:46:a5:cf:41:
         48:e6:e7:6f:f6:5d:10:c3:06:d8:25:ed:84:78:ac:b7:e3:3f:
         c9:fd:83:75:fb:d1:a1:97:6a:c8:27:17:06:ea:56:95:78:3f:
         12:c4:68:fc:d5:07:54:aa:15:5c:35:f7:ee:a7:28:06:63:f8:
         3c:8e:e5:ad:ac:f4:88:64:1d:b6:85:35:7d:6b:3e:30:0a:61:
         7c:2d:5b:e0:3d:42:21:91:4a:2c:70:95:b1:6c:3a:a1:c4:f8:
         7e:be:0d:d0:3f:ca:09:2d:6e:10:9f:6f:8d:84:87:34:f0:bb:
         97:a5:9f:d8:17:a7:7b:8b:c1:b5:57:aa:24:38:86:ff:e4:4e:
         cc:61:4a:7f:f9:9f:02:52:80:d9:c3:0a:43:2e:03:c3:1f:0e:
         3b:a1:9a:66:2f:89:cd:37:1c:34:21:52:dd:7b:36:2f:b2:96:
         8e:db:15:b2:c8:d8:9a:89:e1:d1:94:d3:7b:64:21:fe:ba:be:
         a0:4f:e9:12:f7:2e:59:ac:9a:bc:e5:19:4a:41:45:27:5b:71:
         d8:bd:3a:24:fb:b8:40:53:60:84:f1:a1:40:99:f4:cc:30:90:
         b4:45:84:ad
-----BEGIN CERTIFICATE-----
MIIHCjCCBfKgAwIBAgIUZHBO+eYT4XENfQfIFqQcMllkjMQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIxMTExMDA3NTUwMVoX
DTIyMTExMDA4MDAwMVowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBCNjMwNjIyNzlBREI1NkVEMzg3NTFGOTY3MjUzQjJGMkRBOUU3NkIxODlG
RjQ4N0E2NzdBN0RDQzg4MzNBNzM2OTM5OTJDN0U2QThGOTU1QjE4RTM5MkU0NUQy
OEUyQ0E4NTE3MDI1NzU1NjY0OEUwQ0YyQkFCM0U2RDAzQjNCNjNBMEVGMURFQTA4
Nzg0NUZBMDZGMjc5QTIyODU5QzU3QzFDODBFMjE4QUE5RDNCQjdDMDM4RDk5OEFB
MURGRkYwMDkxOTE3NThCRDU0MjMzMTJFRkI1Q0MzM0FFQkNGOUE1Qzg0N0JCNTU2
NDc1MzY4MUU0NDZFNjE0RDAwRTM3ODdBRTMwNTBBODE1QkQ1RTM5QzcwRjg3NUFG
QkM2ODBBNzI1RUQ5QjFENkQ3MkJCN0YwMDM3QkE0RjJENzY4Qzc3NTM3OTFGRURB
QjUwMUQxNzhFRTM1OUQ0ODhBQjUyNUYwNjhCREIyM0YzNTAxMkUyMURERjFFODk4
ODhGN0JENkRDM0QxODNDRTZBQTQzRTM3QTA4NUQ0M0IyRTJBMkIwMzQ2QjVBOTJD
M0ZEQjg1OTJFNkEyMTNBMjVBRTFBQTM4QUFEMDBGOEZCQkIzOThEOUUwMTA3MzE3
RTVCQTM5RjA5MTk5MUQ2REUwNzM3QjQ5NkFERkY1MjJEOTQyNTAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2MGInmttW7Th1H5ZyU7Ly
2p52sYn/SHpnen3MiDOnNpOZLH5qj5VbGOOS5F0o4sqFFwJXVWZI4M8rqz5tA7O2
Og7x3qCHhF+gbyeaIoWcV8HIDiGKqdO7fAONmYqh3/8AkZF1i9VCMxLvtcwzrrz5
pchHu1VkdTaB5EbmFNAON4euMFCoFb1eOccPh1r7xoCnJe2bHW1yu38AN7pPLXaM
d1N5H+2rUB0XjuNZ1IirUl8Gi9sj81AS4h3fHomIj3vW3D0YPOaqQ+N6CF1DsuKi
sDRrWpLD/bhZLmohOiWuGqOKrQD4+7s5jZ4BBzF+W6OfCRmR1t4HN7SWrf9SLZQl
AgMBAAGjggIBMIIB/TAdBgNVHQ4EFgQUe9ATuDNisFnpZZ/91giY+/w2e7IwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBhAYIKwYB
BQUHAQsEeDB2MHQGCCsGAQUFBzALhmhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMxMzAzMzJlMzEzNTM2MmUzMjMxMzgyZTMwMmYz
MjMzMmQzMjM0MjAzZDNlMjAzNjMzMzgzNTM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ5zaMA0GCSqG
SIb3DQEBCwUAA4IBAQBGcIF0c4VVHZDuAg7u2yl9MLIfMAkrfpszUxuK4Tgt1kal
z0FI5udv9l0QwwbYJe2EeKy34z/J/YN1+9Ghl2rIJxcG6laVeD8SxGj81QdUqhVc
NffupygGY/g8juWtrPSIZB22hTV9az4wCmF8LVvgPUIhkUoscJWxbDqhxPh+vg3Q
P8oJLW4Qn2+NhIc08LuXpZ/YF6d7i8G1V6okOIb/5E7MYUp/+Z8CUoDZwwpDLgPD
Hw47oZpmL4nNNxw0IVLdezYvspaO2xWyyNiaieHRlNN7ZCH+ur6gT+kS9y5ZrJq8
5RlKQUUnW3HYvTok+7hAU2CE8aFAmfTMMJC0RYSt
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:50 2023 by rpki-client on console-fra.rpki-client.org