Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/323430363a383763303a3a2f33322d3438203d3e20313431303931.roa
File:                     323430363a383763303a3a2f33322d3438203d3e20313431303931.roa (raw, json)
Hash identifier:          cqk9APH+Qo/TuXQTNtoCTCJB3QGKvxrbglQaY7InUyQ=
Subject key identifier:   65:DB:FD:44:92:D7:BF:32:4C:97:95:F1:26:0A:17:C2:59:09:96:C3
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       05FAE59A69064D4BCB0F6CCA67017495191D3C1E
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/323430363a383763303a3a2f33322d3438203d3e20313431303931.roa
Signing time:             Wed 20 Oct 2021 05:00:00 +0000
ROA not before:           Wed 20 Oct 2021 04:55:00 +0000
ROA not after:            Thu 20 Oct 2022 05:00:00 +0000
asID:                     141091
IP address blocks:        2406:87c0::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:fa:e5:9a:69:06:4d:4b:cb:0f:6c:ca:67:01:74:95:19:1d:3c:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Oct 20 04:55:00 2021 GMT
            Not After : Oct 20 05:00:00 2022 GMT
        Subject: CN=3082010A0282010100BC9520CFF4A740F08837DA5F100B4D099FBE75D5BF6E18E1D628099D671BB4F1119D07988641BEF2720EA603572DB224C030AEEACFB96B9989ADCA8DCFC65FA19187E5F05869CC3BB7CFAC6006055EFE7F34F0DCAFF6133C45BFFEBC06CB0D563B15D30F81C1F6CAED1BB580135306A7D722391387B168CC99417C57780638E2239CBE8F4611502EC517F1668993773E41BA36C226FF9673FEB4277AB7830DB0EB371E5C8788F5420E880EBC0B6FF34B4CC622BCD20CDFE8FB59757BD67FE18281190A354C77D4E7C92442C640061D31CBF71F7C7807A0B3388A31EB2471BE8ADC1785C22EE7EAEC2FEE539C75A8CA670A69DE8B8F6FF5B7B549F4D35F7D5AE30203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:95:20:cf:f4:a7:40:f0:88:37:da:5f:10:0b:
                    4d:09:9f:be:75:d5:bf:6e:18:e1:d6:28:09:9d:67:
                    1b:b4:f1:11:9d:07:98:86:41:be:f2:72:0e:a6:03:
                    57:2d:b2:24:c0:30:ae:ea:cf:b9:6b:99:89:ad:ca:
                    8d:cf:c6:5f:a1:91:87:e5:f0:58:69:cc:3b:b7:cf:
                    ac:60:06:05:5e:fe:7f:34:f0:dc:af:f6:13:3c:45:
                    bf:fe:bc:06:cb:0d:56:3b:15:d3:0f:81:c1:f6:ca:
                    ed:1b:b5:80:13:53:06:a7:d7:22:39:13:87:b1:68:
                    cc:99:41:7c:57:78:06:38:e2:23:9c:be:8f:46:11:
                    50:2e:c5:17:f1:66:89:93:77:3e:41:ba:36:c2:26:
                    ff:96:73:fe:b4:27:7a:b7:83:0d:b0:eb:37:1e:5c:
                    87:88:f5:42:0e:88:0e:bc:0b:6f:f3:4b:4c:c6:22:
                    bc:d2:0c:df:e8:fb:59:75:7b:d6:7f:e1:82:81:19:
                    0a:35:4c:77:d4:e7:c9:24:42:c6:40:06:1d:31:cb:
                    f7:1f:7c:78:07:a0:b3:38:8a:31:eb:24:71:be:8a:
                    dc:17:85:c2:2e:e7:ea:ec:2f:ee:53:9c:75:a8:ca:
                    67:0a:69:de:8b:8f:6f:f5:b7:b5:49:f4:d3:5f:7d:
                    5a:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:DB:FD:44:92:D7:BF:32:4C:97:95:F1:26:0A:17:C2:59:09:96:C3
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/323430363a383763303a3a2f33322d3438203d3e20313431303931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:87c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         38:91:25:4d:73:f7:ee:fb:3b:5f:1a:3f:de:ac:25:87:d6:9e:
         3a:c6:cc:cf:ee:63:ff:88:f9:63:79:64:15:44:38:15:78:c7:
         2d:d8:75:11:28:cf:54:ba:db:c0:1d:15:fa:8a:a7:93:d4:74:
         6a:b3:33:4a:58:d2:f8:a5:e5:7a:b3:1d:6b:f3:4e:c7:82:49:
         0f:86:60:26:bd:ad:45:2e:b7:4d:e4:91:e8:ad:ef:3c:99:84:
         ff:e6:56:1f:f2:28:b2:52:46:be:2d:cf:fd:eb:6f:3e:0a:74:
         92:46:0a:43:f9:44:5c:9c:53:d0:fd:be:9e:72:51:3a:d9:ca:
         c4:3a:1c:98:26:fc:d6:42:e8:53:37:03:04:25:a7:06:a1:7c:
         f5:7c:ce:26:e1:57:6e:6f:91:93:47:20:6c:bb:91:83:ac:9d:
         ef:9e:d7:01:34:a1:99:74:53:31:bd:e5:ae:a7:e8:52:45:86:
         3d:89:b6:c5:8a:72:f5:9a:e5:ca:68:d0:a3:68:1a:c8:d2:1c:
         b8:a2:8a:5d:7c:16:1b:93:f7:9d:d0:c7:14:02:e4:bd:02:f7:
         5f:5f:1f:cf:46:80:42:4b:a9:cf:d6:da:34:1b:33:f8:a6:06:
         6f:9e:b3:ff:9b:1c:02:fc:45:2c:a2:70:1a:37:20:a7:d8:60:
         ce:e6:29:ae
-----BEGIN CERTIFICATE-----
MIIHCTCCBfGgAwIBAgIUBfrlmmkGTUvLD2zKZwF0lRkdPB4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIxMTAyMDA0NTUwMFoX
DTIyMTAyMDA1MDAwMFowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBCQzk1MjBDRkY0QTc0MEYwODgzN0RBNUYxMDBCNEQwOTlGQkU3NUQ1QkY2
RTE4RTFENjI4MDk5RDY3MUJCNEYxMTE5RDA3OTg4NjQxQkVGMjcyMEVBNjAzNTcy
REIyMjRDMDMwQUVFQUNGQjk2Qjk5ODlBRENBOERDRkM2NUZBMTkxODdFNUYwNTg2
OUNDM0JCN0NGQUM2MDA2MDU1RUZFN0YzNEYwRENBRkY2MTMzQzQ1QkZGRUJDMDZD
QjBENTYzQjE1RDMwRjgxQzFGNkNBRUQxQkI1ODAxMzUzMDZBN0Q3MjIzOTEzODdC
MTY4Q0M5OTQxN0M1Nzc4MDYzOEUyMjM5Q0JFOEY0NjExNTAyRUM1MTdGMTY2ODk5
Mzc3M0U0MUJBMzZDMjI2RkY5NjczRkVCNDI3N0FCNzgzMERCMEVCMzcxRTVDODc4
OEY1NDIwRTg4MEVCQzBCNkZGMzRCNENDNjIyQkNEMjBDREZFOEZCNTk3NTdCRDY3
RkUxODI4MTE5MEEzNTRDNzdENEU3QzkyNDQyQzY0MDA2MUQzMUNCRjcxRjdDNzgw
N0EwQjMzODhBMzFFQjI0NzFCRThBREMxNzg1QzIyRUU3RUFFQzJGRUU1MzlDNzVB
OENBNjcwQTY5REU4QjhGNkZGNUI3QjU0OUY0RDM1RjdENUFFMzAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8lSDP9KdA8Ig32l8QC00J
n7511b9uGOHWKAmdZxu08RGdB5iGQb7ycg6mA1ctsiTAMK7qz7lrmYmtyo3Pxl+h
kYfl8FhpzDu3z6xgBgVe/n808Nyv9hM8Rb/+vAbLDVY7FdMPgcH2yu0btYATUwan
1yI5E4exaMyZQXxXeAY44iOcvo9GEVAuxRfxZomTdz5BujbCJv+Wc/60J3q3gw2w
6zceXIeI9UIOiA68C2/zS0zGIrzSDN/o+1l1e9Z/4YKBGQo1THfU58kkQsZABh0x
y/cffHgHoLM4ijHrJHG+itwXhcIu5+rsL+5TnHWoymcKad6Lj2/1t7VJ9NNffVrj
AgMBAAGjggIAMIIB/DAdBgNVHQ4EFgQUZdv9RJLXvzJMl5XxJgoXwlkJlsMwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBggYIKwYB
BQUHAQsEdjB0MHIGCCsGAQUFBzALhmZyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMyMzQzMDM2M2EzODM3NjMzMDNhM2EyZjMzMzIy
ZDM0MzgyMDNkM2UyMDMxMzQzMTMwMzkzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQGh8AwDQYJKoZI
hvcNAQELBQADggEBADiRJU1z9+77O18aP96sJYfWnjrGzM/uY/+I+WN5ZBVEOBV4
xy3YdREoz1S628AdFfqKp5PUdGqzM0pY0vil5XqzHWvzTseCSQ+GYCa9rUUut03k
keit7zyZhP/mVh/yKLJSRr4tz/3rbz4KdJJGCkP5RFycU9D9vp5yUTrZysQ6HJgm
/NZC6FM3AwQlpwahfPV8zibhV25vkZNHIGy7kYOsne+e1wE0oZl0UzG95a6n6FJF
hj2JtsWKcvWa5cpo0KNoGsjSHLiiil18FhuT953QxxQC5L0C919fH89GgEJLqc/W
2jQbM/imBm+es/+bHAL8RSyicBo3IKfYYM7mKa4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:10 2023 by rpki-client on console-ams.rpki-client.org