Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3131312e3232332e3235322e302f32322d3234203d3e203436303434.roa
File:                     3131312e3232332e3235322e302f32322d3234203d3e203436303434.roa (raw, json)
Hash identifier:          Z5iyumW/qBVzp9djGusbFcQeyfNGNAm0986/8MoxSJ0=
Subject key identifier:   18:F1:12:34:A3:3D:54:31:AC:5C:63:F1:02:A1:79:D1:6D:2A:15:89
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       6268EEA321C5C9E49E1F99D9F4B777860285FDEB
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3131312e3232332e3235322e302f32322d3234203d3e203436303434.roa
Signing time:             Mon 22 Nov 2021 04:00:02 +0000
ROA not before:           Mon 22 Nov 2021 03:55:02 +0000
ROA not after:            Tue 22 Nov 2022 04:00:02 +0000
asID:                     46044
IP address blocks:        111.223.252.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:68:ee:a3:21:c5:c9:e4:9e:1f:99:d9:f4:b7:77:86:02:85:fd:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Nov 22 03:55:02 2021 GMT
            Not After : Nov 22 04:00:02 2022 GMT
        Subject: CN=3082010A0282010100B84C30493A173314E7F7E44C3A37DE3A2C9B2D94BE946F32EB555D2DB9BD582B768EAD7DFC790E5495E7844A0E93A878BF90EDF4D77D17559C26A52EEA40E8CF4FF426A33778777DADB979D368DD9BF75B948B16D51AF635BF40F01B1E9DC1169A723563137E01250A129C8FADBB8E668D687E55C77A38755C62C1C8D9B4A714E31D08732AC4970B2D6EFCFAB9E9C2F6EF38B24A58A92E2E5DD69CE77E4F3523F477846CF2BE74626E08ABABE8F63D5734BF45BA83FC3A34457AF2F9448CEABD768720FD06DB557468F2F8831E19674277254EF87A866F78218DE30001EB07C5963E3F72B7AB2C380AC71296477FC8D14A102B4955D10598FD26DB45472218B10203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:4c:30:49:3a:17:33:14:e7:f7:e4:4c:3a:37:
                    de:3a:2c:9b:2d:94:be:94:6f:32:eb:55:5d:2d:b9:
                    bd:58:2b:76:8e:ad:7d:fc:79:0e:54:95:e7:84:4a:
                    0e:93:a8:78:bf:90:ed:f4:d7:7d:17:55:9c:26:a5:
                    2e:ea:40:e8:cf:4f:f4:26:a3:37:78:77:7d:ad:b9:
                    79:d3:68:dd:9b:f7:5b:94:8b:16:d5:1a:f6:35:bf:
                    40:f0:1b:1e:9d:c1:16:9a:72:35:63:13:7e:01:25:
                    0a:12:9c:8f:ad:bb:8e:66:8d:68:7e:55:c7:7a:38:
                    75:5c:62:c1:c8:d9:b4:a7:14:e3:1d:08:73:2a:c4:
                    97:0b:2d:6e:fc:fa:b9:e9:c2:f6:ef:38:b2:4a:58:
                    a9:2e:2e:5d:d6:9c:e7:7e:4f:35:23:f4:77:84:6c:
                    f2:be:74:62:6e:08:ab:ab:e8:f6:3d:57:34:bf:45:
                    ba:83:fc:3a:34:45:7a:f2:f9:44:8c:ea:bd:76:87:
                    20:fd:06:db:55:74:68:f2:f8:83:1e:19:67:42:77:
                    25:4e:f8:7a:86:6f:78:21:8d:e3:00:01:eb:07:c5:
                    96:3e:3f:72:b7:ab:2c:38:0a:c7:12:96:47:7f:c8:
                    d1:4a:10:2b:49:55:d1:05:98:fd:26:db:45:47:22:
                    18:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:F1:12:34:A3:3D:54:31:AC:5C:63:F1:02:A1:79:D1:6D:2A:15:89
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3131312e3232332e3235322e302f32322d3234203d3e203436303434.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  111.223.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         65:66:21:06:55:e7:1a:24:1e:2b:da:49:5e:45:ed:ba:01:4e:
         e3:9d:49:d1:c4:07:81:5a:bd:2d:d6:e9:b3:a7:62:dd:98:96:
         5e:17:52:d5:75:80:a7:fd:56:fb:72:bc:bf:c2:9b:51:29:c4:
         6c:f6:1d:0c:23:86:6c:4f:10:29:1c:0c:72:4a:ae:ac:2c:44:
         64:c1:73:13:40:5c:d3:88:e1:b7:2e:5b:01:32:70:97:e6:7f:
         bd:aa:93:5b:ee:08:47:bb:f9:08:2a:98:92:67:3d:03:53:c6:
         82:ae:68:51:a9:4f:43:46:3f:55:06:9c:de:0e:66:1d:8b:33:
         37:ac:22:d1:1a:e4:fa:81:a9:5d:cb:8d:3d:6f:79:64:24:a8:
         25:55:37:b7:f7:82:ed:68:4a:dc:68:aa:8b:5b:78:c2:ca:79:
         50:ff:85:55:fd:e4:ce:99:31:17:3b:35:96:84:5e:17:62:43:
         e3:95:69:3b:f8:7a:cb:dd:51:3a:bd:02:6a:e7:76:4b:19:e2:
         3c:74:29:20:35:53:a9:0b:59:1e:35:89:c8:ce:11:18:63:f4:
         7d:3c:89:91:b7:05:a3:d7:97:d0:e8:15:98:c0:5e:1f:d8:bc:
         25:b6:dd:f8:f8:90:29:e3:df:bb:9e:95:37:7b:b0:d8:53:b3:
         b1:db:cc:62
-----BEGIN CERTIFICATE-----
MIIHCjCCBfKgAwIBAgIUYmjuoyHFyeSeH5nZ9Ld3hgKF/eswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIxMTEyMjAzNTUwMloX
DTIyMTEyMjA0MDAwMlowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBCODRDMzA0OTNBMTczMzE0RTdGN0U0NEMzQTM3REUzQTJDOUIyRDk0QkU5
NDZGMzJFQjU1NUQyREI5QkQ1ODJCNzY4RUFEN0RGQzc5MEU1NDk1RTc4NDRBMEU5
M0E4NzhCRjkwRURGNEQ3N0QxNzU1OUMyNkE1MkVFQTQwRThDRjRGRjQyNkEzMzc3
ODc3N0RBREI5NzlEMzY4REQ5QkY3NUI5NDhCMTZENTFBRjYzNUJGNDBGMDFCMUU5
REMxMTY5QTcyMzU2MzEzN0UwMTI1MEExMjlDOEZBREJCOEU2NjhENjg3RTU1Qzc3
QTM4NzU1QzYyQzFDOEQ5QjRBNzE0RTMxRDA4NzMyQUM0OTcwQjJENkVGQ0ZBQjlF
OUMyRjZFRjM4QjI0QTU4QTkyRTJFNURENjlDRTc3RTRGMzUyM0Y0Nzc4NDZDRjJC
RTc0NjI2RTA4QUJBQkU4RjYzRDU3MzRCRjQ1QkE4M0ZDM0EzNDQ1N0FGMkY5NDQ4
Q0VBQkQ3Njg3MjBGRDA2REI1NTc0NjhGMkY4ODMxRTE5Njc0Mjc3MjU0RUY4N0E4
NjZGNzgyMThERTMwMDAxRUIwN0M1OTYzRTNGNzJCN0FCMkMzODBBQzcxMjk2NDc3
RkM4RDE0QTEwMkI0OTU1RDEwNTk4RkQyNkRCNDU0NzIyMThCMTAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4TDBJOhczFOf35Ew6N946
LJstlL6UbzLrVV0tub1YK3aOrX38eQ5UleeESg6TqHi/kO30130XVZwmpS7qQOjP
T/Qmozd4d32tuXnTaN2b91uUixbVGvY1v0DwGx6dwRaacjVjE34BJQoSnI+tu45m
jWh+Vcd6OHVcYsHI2bSnFOMdCHMqxJcLLW78+rnpwvbvOLJKWKkuLl3WnOd+TzUj
9HeEbPK+dGJuCKur6PY9VzS/RbqD/Do0RXry+USM6r12hyD9BttVdGjy+IMeGWdC
dyVO+HqGb3ghjeMAAesHxZY+P3K3qyw4CscSlkd/yNFKECtJVdEFmP0m20VHIhix
AgMBAAGjggIBMIIB/TAdBgNVHQ4EFgQUGPESNKM9VDGsXGPxAqF50W0qFYkwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBhAYIKwYB
BQUHAQsEeDB2MHQGCCsGAQUFBzALhmhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMxMzEzMTJlMzIzMjMzMmUzMjM1MzIyZTMwMmYz
MjMyMmQzMjM0MjAzZDNlMjAzNDM2MzAzNDM0LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCb9/8MA0GCSqG
SIb3DQEBCwUAA4IBAQBlZiEGVecaJB4r2kleRe26AU7jnUnRxAeBWr0t1umzp2Ld
mJZeF1LVdYCn/Vb7cry/wptRKcRs9h0MI4ZsTxApHAxySq6sLERkwXMTQFzTiOG3
LlsBMnCX5n+9qpNb7ghHu/kIKpiSZz0DU8aCrmhRqU9DRj9VBpzeDmYdizM3rCLR
GuT6galdy409b3lkJKglVTe394LtaErcaKqLW3jCynlQ/4VV/eTOmTEXOzWWhF4X
YkPjlWk7+HrL3VE6vQJq53ZLGeI8dCkgNVOpC1keNYnIzhEYY/R9PImRtwWj15fQ
6BWYwF4f2Lwltt34+JAp49+7npU3e7DYU7Ox28xi
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:55 2023 by rpki-client on console-fra.rpki-client.org