Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/323030313a6466343a373130303a3a2f34382d3438203d3e20313331373834.roa
File:                     323030313a6466343a373130303a3a2f34382d3438203d3e20313331373834.roa (raw, json)
Hash identifier:          4bDEQjpekbcGr7lb8l3BA+QDs/kc094Ep8jDB6wYFiI=
Subject key identifier:   6A:1D:F5:59:11:E7:11:3C:0C:1F:BC:2B:C7:6A:A5:3A:D6:D4:B5:9B
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       3EB2DD6E6D3485C2AAAC08B473768FBE8A2FD436
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/323030313a6466343a373130303a3a2f34382d3438203d3e20313331373834.roa
Signing time:             Sat 20 Nov 2021 04:00:00 +0000
ROA not before:           Sat 20 Nov 2021 03:55:00 +0000
ROA not after:            Sun 20 Nov 2022 04:00:00 +0000
asID:                     131784
IP address blocks:        2001:df4:7100::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:b2:dd:6e:6d:34:85:c2:aa:ac:08:b4:73:76:8f:be:8a:2f:d4:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Nov 20 03:55:00 2021 GMT
            Not After : Nov 20 04:00:00 2022 GMT
        Subject: CN=3082010A0282010100C744974DCA8C613CB130F6BCEA88FF055E602E3773FD30C4A15C7065887639F8CD187EAD6218416F269F35DD2F878B1BCDE9553C8E3F5DBE860D21E4675F8F9670AA1794B1D3215D16B4DA0CE27AA27EC2D17B8D11C1D8BE434D23FAC57E05012DB3DB436E580ACA96CD34B44FAB669EE7570A3DD9A4F98B0379D92D54CF2039DC58D15828A3502BCFA425D2748EB933CE3B35FF4A2C62041C19A6CDA2784148B2FE073DCDE26019A74B9DEE4A02082B93835ACB2FF02CE06C75F65C099F66BF4583077899BD85F8A96D152C43D59B97A9B576B4A6A0EEE71DB1A19B7F465322C1096D4B4CCC160EB21477E857F96FAE7A2E541A9042A20AF986A03DE23624990203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:44:97:4d:ca:8c:61:3c:b1:30:f6:bc:ea:88:
                    ff:05:5e:60:2e:37:73:fd:30:c4:a1:5c:70:65:88:
                    76:39:f8:cd:18:7e:ad:62:18:41:6f:26:9f:35:dd:
                    2f:87:8b:1b:cd:e9:55:3c:8e:3f:5d:be:86:0d:21:
                    e4:67:5f:8f:96:70:aa:17:94:b1:d3:21:5d:16:b4:
                    da:0c:e2:7a:a2:7e:c2:d1:7b:8d:11:c1:d8:be:43:
                    4d:23:fa:c5:7e:05:01:2d:b3:db:43:6e:58:0a:ca:
                    96:cd:34:b4:4f:ab:66:9e:e7:57:0a:3d:d9:a4:f9:
                    8b:03:79:d9:2d:54:cf:20:39:dc:58:d1:58:28:a3:
                    50:2b:cf:a4:25:d2:74:8e:b9:33:ce:3b:35:ff:4a:
                    2c:62:04:1c:19:a6:cd:a2:78:41:48:b2:fe:07:3d:
                    cd:e2:60:19:a7:4b:9d:ee:4a:02:08:2b:93:83:5a:
                    cb:2f:f0:2c:e0:6c:75:f6:5c:09:9f:66:bf:45:83:
                    07:78:99:bd:85:f8:a9:6d:15:2c:43:d5:9b:97:a9:
                    b5:76:b4:a6:a0:ee:e7:1d:b1:a1:9b:7f:46:53:22:
                    c1:09:6d:4b:4c:cc:16:0e:b2:14:77:e8:57:f9:6f:
                    ae:7a:2e:54:1a:90:42:a2:0a:f9:86:a0:3d:e2:36:
                    24:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:1D:F5:59:11:E7:11:3C:0C:1F:BC:2B:C7:6A:A5:3A:D6:D4:B5:9B
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/323030313a6466343a373130303a3a2f34382d3438203d3e20313331373834.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df4:7100::/48

    Signature Algorithm: sha256WithRSAEncryption
         73:00:f2:98:1e:7b:3f:bd:f7:e0:69:41:f5:d7:67:1f:d7:51:
         29:2a:28:10:a5:dc:9a:80:01:92:ae:c8:30:67:7a:c6:42:1b:
         ab:3e:86:6a:ec:75:88:8a:a1:09:9a:1e:88:e5:0e:59:55:6a:
         a1:b5:43:b9:be:58:53:e6:65:c3:ce:84:64:fc:ba:ad:21:a1:
         ad:57:62:55:e2:40:c9:9e:5e:88:8c:27:14:39:bd:4d:43:cd:
         8a:cb:bb:30:61:22:65:6d:0a:a2:8a:74:c6:03:3a:d7:12:25:
         d9:74:3e:90:9a:5b:0e:d8:09:8a:01:d7:fc:3f:7f:b4:40:d1:
         ff:3c:1e:e1:63:be:37:b6:9f:f1:b7:a0:dd:bb:1d:f9:64:f2:
         2e:39:bd:79:a7:60:e5:b5:95:08:eb:95:e0:b8:77:a7:d9:3d:
         2a:65:1c:43:77:61:06:03:54:d5:77:08:86:f8:d7:82:f4:5c:
         82:f5:1a:1e:ca:5c:6f:da:5a:dd:ad:29:9e:8b:00:c5:c3:4c:
         ce:f1:76:be:13:e6:59:f3:3a:9e:80:5f:cf:98:10:5b:32:e7:
         e2:dd:c3:06:88:02:83:44:a8:b1:19:22:f2:45:e3:09:51:72:
         f5:73:da:6e:39:a7:4a:91:33:d8:65:bb:fc:09:35:ef:19:21:
         49:0e:2a:76
-----BEGIN CERTIFICATE-----
MIIHEzCCBfugAwIBAgIUPrLdbm00hcKqrAi0c3aPvoov1DYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIxMTEyMDAzNTUwMFoX
DTIyMTEyMDA0MDAwMFowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBDNzQ0OTc0RENBOEM2MTNDQjEzMEY2QkNFQTg4RkYwNTVFNjAyRTM3NzNG
RDMwQzRBMTVDNzA2NTg4NzYzOUY4Q0QxODdFQUQ2MjE4NDE2RjI2OUYzNUREMkY4
NzhCMUJDREU5NTUzQzhFM0Y1REJFODYwRDIxRTQ2NzVGOEY5NjcwQUExNzk0QjFE
MzIxNUQxNkI0REEwQ0UyN0FBMjdFQzJEMTdCOEQxMUMxRDhCRTQzNEQyM0ZBQzU3
RTA1MDEyREIzREI0MzZFNTgwQUNBOTZDRDM0QjQ0RkFCNjY5RUU3NTcwQTNERDlB
NEY5OEIwMzc5RDkyRDU0Q0YyMDM5REM1OEQxNTgyOEEzNTAyQkNGQTQyNUQyNzQ4
RUI5MzNDRTNCMzVGRjRBMkM2MjA0MUMxOUE2Q0RBMjc4NDE0OEIyRkUwNzNEQ0RF
MjYwMTlBNzRCOURFRTRBMDIwODJCOTM4MzVBQ0IyRkYwMkNFMDZDNzVGNjVDMDk5
RjY2QkY0NTgzMDc3ODk5QkQ4NUY4QTk2RDE1MkM0M0Q1OUI5N0E5QjU3NkI0QTZB
MEVFRTcxREIxQTE5QjdGNDY1MzIyQzEwOTZENEI0Q0NDMTYwRUIyMTQ3N0U4NTdG
OTZGQUU3QTJFNTQxQTkwNDJBMjBBRjk4NkEwM0RFMjM2MjQ5OTAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHRJdNyoxhPLEw9rzqiP8F
XmAuN3P9MMShXHBliHY5+M0Yfq1iGEFvJp813S+HixvN6VU8jj9dvoYNIeRnX4+W
cKoXlLHTIV0WtNoM4nqifsLRe40Rwdi+Q00j+sV+BQEts9tDblgKypbNNLRPq2ae
51cKPdmk+YsDedktVM8gOdxY0Vgoo1Arz6Ql0nSOuTPOOzX/SixiBBwZps2ieEFI
sv4HPc3iYBmnS53uSgIIK5ODWssv8CzgbHX2XAmfZr9Fgwd4mb2F+KltFSxD1ZuX
qbV2tKag7ucdsaGbf0ZTIsEJbUtMzBYOshR36Ff5b656LlQakEKiCvmGoD3iNiSZ
AgMBAAGjggIKMIICBjAdBgNVHQ4EFgQUah31WRHnETwMH7wrx2qlOtbUtZswHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBigYIKwYB
BQUHAQsEfjB8MHoGCCsGAQUFBzALhm5yc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMyMzAzMDMxM2E2NDY2MzQzYTM3MzEzMDMwM2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzMzMxMzczODM0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN
9HEAMA0GCSqGSIb3DQEBCwUAA4IBAQBzAPKYHns/vffgaUH112cf11EpKigQpdya
gAGSrsgwZ3rGQhurPoZq7HWIiqEJmh6I5Q5ZVWqhtUO5vlhT5mXDzoRk/LqtIaGt
V2JV4kDJnl6IjCcUOb1NQ82Ky7swYSJlbQqiinTGAzrXEiXZdD6QmlsO2AmKAdf8
P3+0QNH/PB7hY743tp/xt6Ddux35ZPIuOb15p2DltZUI65XguHen2T0qZRxDd2EG
A1TVdwiG+NeC9FyC9Roeylxv2lrdrSmeiwDFw0zO8Xa+E+ZZ8zqegF/PmBBbMufi
3cMGiAKDRKixGSLyReMJUXL1c9puOadKkTPYZbv8CTXvGSFJDip2
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:09 2023 by rpki-client on console-ams.rpki-client.org