Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/323030313a6466323a346130303a3a2f34382d3438203d3e20313335343431.roa
File:                     323030313a6466323a346130303a3a2f34382d3438203d3e20313335343431.roa (raw, json)
Hash identifier:          xhFGCTvZcqAlSsSkKQqLIfxu+WkT9dvGBqxQfaKVr4k=
Subject key identifier:   67:77:71:E6:C2:C6:A5:92:7E:66:AA:3C:E2:0C:A1:F9:1F:0C:BD:0C
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       253D334659D132E562A1F08A1D2C5A69F729CD40
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/323030313a6466323a346130303a3a2f34382d3438203d3e20313335343431.roa
Signing time:             Fri 19 Nov 2021 05:00:01 +0000
ROA not before:           Fri 19 Nov 2021 04:55:01 +0000
ROA not after:            Sat 19 Nov 2022 05:00:01 +0000
asID:                     135441
IP address blocks:        2001:df2:4a00::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:3d:33:46:59:d1:32:e5:62:a1:f0:8a:1d:2c:5a:69:f7:29:cd:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Nov 19 04:55:01 2021 GMT
            Not After : Nov 19 05:00:01 2022 GMT
        Subject: CN=3082010A0282010100C4DFF06500B4B5DFC875E33E2D5D9FD39CBB27F0CCFCD7CE9788833129A1C6E60EF0B2C71658B46F9B3A1287D8BEC8A06567F21DC9CC0694B29CE2F30C02853488F4AD43B59FA13E46C119672E28E678299244F67F3501E9970E0AEAD1EB0F37B73E5984FCEB59989E8105D53A93872E510767D48CCEB12EAAACA916382385BB21BDEDB94726C32A7BB12623924D5830BDF5759DF0C8D9066100BAD0BFC057A36ED091485F445C93BACA9A39CB7893080A2E77B13076A3394A36A255DBBAF2D05409B22AD3C02DDB756ACB1F948B9FDC97A7745CD99AF9F8AB65366771C70A05542224BCF64FD26A72F77C4CBE0D945097F8A9C2CBADCC136A5E076C597315050203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:df:f0:65:00:b4:b5:df:c8:75:e3:3e:2d:5d:
                    9f:d3:9c:bb:27:f0:cc:fc:d7:ce:97:88:83:31:29:
                    a1:c6:e6:0e:f0:b2:c7:16:58:b4:6f:9b:3a:12:87:
                    d8:be:c8:a0:65:67:f2:1d:c9:cc:06:94:b2:9c:e2:
                    f3:0c:02:85:34:88:f4:ad:43:b5:9f:a1:3e:46:c1:
                    19:67:2e:28:e6:78:29:92:44:f6:7f:35:01:e9:97:
                    0e:0a:ea:d1:eb:0f:37:b7:3e:59:84:fc:eb:59:98:
                    9e:81:05:d5:3a:93:87:2e:51:07:67:d4:8c:ce:b1:
                    2e:aa:ac:a9:16:38:23:85:bb:21:bd:ed:b9:47:26:
                    c3:2a:7b:b1:26:23:92:4d:58:30:bd:f5:75:9d:f0:
                    c8:d9:06:61:00:ba:d0:bf:c0:57:a3:6e:d0:91:48:
                    5f:44:5c:93:ba:ca:9a:39:cb:78:93:08:0a:2e:77:
                    b1:30:76:a3:39:4a:36:a2:55:db:ba:f2:d0:54:09:
                    b2:2a:d3:c0:2d:db:75:6a:cb:1f:94:8b:9f:dc:97:
                    a7:74:5c:d9:9a:f9:f8:ab:65:36:67:71:c7:0a:05:
                    54:22:24:bc:f6:4f:d2:6a:72:f7:7c:4c:be:0d:94:
                    50:97:f8:a9:c2:cb:ad:cc:13:6a:5e:07:6c:59:73:
                    15:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:77:71:E6:C2:C6:A5:92:7E:66:AA:3C:E2:0C:A1:F9:1F:0C:BD:0C
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/323030313a6466323a346130303a3a2f34382d3438203d3e20313335343431.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df2:4a00::/48

    Signature Algorithm: sha256WithRSAEncryption
         12:3d:ec:a8:e4:98:b8:b9:61:cd:f5:79:33:8e:a2:a8:97:34:
         d1:ac:0c:cd:15:30:f2:38:4e:10:0d:66:68:c2:f2:17:f4:97:
         51:58:4e:ca:3d:b7:4d:3d:a3:17:f0:7d:05:bc:82:1b:f9:2d:
         09:81:e9:0e:9b:a1:62:dd:40:23:19:57:3e:97:ae:0e:5c:e5:
         94:4f:73:41:9c:ce:5c:f4:b7:4d:b3:fd:da:e7:c4:af:cf:02:
         4c:20:c5:b7:1c:fd:60:4b:d2:bf:2c:ee:dc:03:45:a2:66:c8:
         b8:2e:59:ff:6d:76:2f:bc:b9:00:55:2b:2e:d4:8d:c2:8f:f1:
         69:c4:2f:f6:4b:c7:20:70:1f:1b:ff:86:bc:1c:d7:a2:bc:47:
         50:c9:9e:16:86:7b:9c:e7:9f:82:46:1c:3c:33:63:c4:b0:f6:
         3d:6f:88:fd:41:a1:9b:a7:9a:75:fe:ac:90:ae:30:ce:d9:49:
         9f:80:77:cf:55:bf:ce:c4:52:5d:68:3c:24:d5:0a:96:f9:c3:
         f9:00:16:4d:e2:06:ef:a9:99:78:df:93:9a:1f:46:ab:d5:b1:
         00:a7:39:6e:9f:a6:24:70:fb:83:c1:45:37:ca:f6:d6:7d:83:
         6c:04:67:40:56:70:a8:b2:83:9e:80:fd:e2:18:90:50:09:3e:
         ab:7f:34:a5
-----BEGIN CERTIFICATE-----
MIIHEzCCBfugAwIBAgIUJT0zRlnRMuViofCKHSxaafcpzUAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIxMTExOTA0NTUwMVoX
DTIyMTExOTA1MDAwMVowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBDNERGRjA2NTAwQjRCNURGQzg3NUUzM0UyRDVEOUZEMzlDQkIyN0YwQ0NG
Q0Q3Q0U5Nzg4ODMzMTI5QTFDNkU2MEVGMEIyQzcxNjU4QjQ2RjlCM0ExMjg3RDhC
RUM4QTA2NTY3RjIxREM5Q0MwNjk0QjI5Q0UyRjMwQzAyODUzNDg4RjRBRDQzQjU5
RkExM0U0NkMxMTk2NzJFMjhFNjc4Mjk5MjQ0RjY3RjM1MDFFOTk3MEUwQUVBRDFF
QjBGMzdCNzNFNTk4NEZDRUI1OTk4OUU4MTA1RDUzQTkzODcyRTUxMDc2N0Q0OEND
RUIxMkVBQUFDQTkxNjM4MjM4NUJCMjFCREVEQjk0NzI2QzMyQTdCQjEyNjIzOTI0
RDU4MzBCREY1NzU5REYwQzhEOTA2NjEwMEJBRDBCRkMwNTdBMzZFRDA5MTQ4NUY0
NDVDOTNCQUNBOUEzOUNCNzg5MzA4MEEyRTc3QjEzMDc2QTMzOTRBMzZBMjU1REJC
QUYyRDA1NDA5QjIyQUQzQzAyRERCNzU2QUNCMUY5NDhCOUZEQzk3QTc3NDVDRDk5
QUY5RjhBQjY1MzY2NzcxQzcwQTA1NTQyMjI0QkNGNjRGRDI2QTcyRjc3QzRDQkUw
RDk0NTA5N0Y4QTlDMkNCQURDQzEzNkE1RTA3NkM1OTczMTUwNTAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDE3/BlALS138h14z4tXZ/T
nLsn8Mz8186XiIMxKaHG5g7wsscWWLRvmzoSh9i+yKBlZ/IdycwGlLKc4vMMAoU0
iPStQ7WfoT5GwRlnLijmeCmSRPZ/NQHplw4K6tHrDze3PlmE/OtZmJ6BBdU6k4cu
UQdn1IzOsS6qrKkWOCOFuyG97blHJsMqe7EmI5JNWDC99XWd8MjZBmEAutC/wFej
btCRSF9EXJO6ypo5y3iTCAoud7EwdqM5SjaiVdu68tBUCbIq08At23Vqyx+Ui5/c
l6d0XNma+firZTZncccKBVQiJLz2T9Jqcvd8TL4NlFCX+KnCy63ME2peB2xZcxUF
AgMBAAGjggIKMIICBjAdBgNVHQ4EFgQUZ3dx5sLGpZJ+Zqo84gyh+R8MvQwwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBigYIKwYB
BQUHAQsEfjB8MHoGCCsGAQUFBzALhm5yc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMyMzAzMDMxM2E2NDY2MzIzYTM0NjEzMDMwM2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzMzM1MzQzNDMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN
8koAMA0GCSqGSIb3DQEBCwUAA4IBAQASPeyo5Ji4uWHN9XkzjqKolzTRrAzNFTDy
OE4QDWZowvIX9JdRWE7KPbdNPaMX8H0FvIIb+S0JgekOm6Fi3UAjGVc+l64OXOWU
T3NBnM5c9LdNs/3a58SvzwJMIMW3HP1gS9K/LO7cA0WiZsi4Lln/bXYvvLkAVSsu
1I3Cj/FpxC/2S8cgcB8b/4a8HNeivEdQyZ4Whnuc55+CRhw8M2PEsPY9b4j9QaGb
p5p1/qyQrjDO2UmfgHfPVb/OxFJdaDwk1QqW+cP5ABZN4gbvqZl435OaH0ar1bEA
pzlun6YkcPuDwUU3yvbWfYNsBGdAVnCosoOegP3iGJBQCT6rfzSl
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:55 2023 by rpki-client on console-fra.rpki-client.org