Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/323430373a323463303a3a2f33322d3438203d3e20313336383335.roa
File:                     323430373a323463303a3a2f33322d3438203d3e20313336383335.roa (raw, json)
Hash identifier:          A0FUDIAOgRnMHdSI0tbSJ7lfg8wnPc/dOJaiNKpKMiI=
Subject key identifier:   FE:49:4B:B2:98:D0:F3:D3:C0:0F:A4:16:1A:08:04:71:5C:4B:04:03
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       722BC99A190CA053D930B57C8C6F3C99ACB378A0
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/323430373a323463303a3a2f33322d3438203d3e20313336383335.roa
Signing time:             Tue 01 Feb 2022 03:00:00 +0000
ROA not before:           Tue 01 Feb 2022 02:55:00 +0000
ROA not after:            Wed 01 Feb 2023 03:00:00 +0000
asID:                     136835
IP address blocks:        2407:24c0::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:2b:c9:9a:19:0c:a0:53:d9:30:b5:7c:8c:6f:3c:99:ac:b3:78:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Feb  1 02:55:00 2022 GMT
            Not After : Feb  1 03:00:00 2023 GMT
        Subject: CN=3082010A028201010096E0F1BBE4B0E6731634359FC92F2D016460AF6946091FB669C8404C888E56E0506056BE29BAA5A15CD0C568DCD5E00D21EE4CED93485CC98F50E929C9C913F8D0FBD8AFE9735434D78B501C03B23447EC139C9F9F4890C1DEA5AFB5DDC7473BF5F4994FBE3C4FC6708D7476327C5D1C72E4F9F32E4BBF2409625CD2F61D88143EC1591A9527D2EA36D5FBEF6142A0808CD34E92F5BCB939BCD6E25E42428979786A7E46C1ECD3289D0B63757778BBC69F13DE6E74AD2D834A5CF96F1766629EC5F9B959D8D13CCD9A0BEA3DB0FD517E2AF3166E4223D96B7B908C93669D27D29617E2444E9E19352B2EA53D7E53D4CB4F8254C3F9210E94B6B8B7EE99B56EC90203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:e0:f1:bb:e4:b0:e6:73:16:34:35:9f:c9:2f:
                    2d:01:64:60:af:69:46:09:1f:b6:69:c8:40:4c:88:
                    8e:56:e0:50:60:56:be:29:ba:a5:a1:5c:d0:c5:68:
                    dc:d5:e0:0d:21:ee:4c:ed:93:48:5c:c9:8f:50:e9:
                    29:c9:c9:13:f8:d0:fb:d8:af:e9:73:54:34:d7:8b:
                    50:1c:03:b2:34:47:ec:13:9c:9f:9f:48:90:c1:de:
                    a5:af:b5:dd:c7:47:3b:f5:f4:99:4f:be:3c:4f:c6:
                    70:8d:74:76:32:7c:5d:1c:72:e4:f9:f3:2e:4b:bf:
                    24:09:62:5c:d2:f6:1d:88:14:3e:c1:59:1a:95:27:
                    d2:ea:36:d5:fb:ef:61:42:a0:80:8c:d3:4e:92:f5:
                    bc:b9:39:bc:d6:e2:5e:42:42:89:79:78:6a:7e:46:
                    c1:ec:d3:28:9d:0b:63:75:77:78:bb:c6:9f:13:de:
                    6e:74:ad:2d:83:4a:5c:f9:6f:17:66:62:9e:c5:f9:
                    b9:59:d8:d1:3c:cd:9a:0b:ea:3d:b0:fd:51:7e:2a:
                    f3:16:6e:42:23:d9:6b:7b:90:8c:93:66:9d:27:d2:
                    96:17:e2:44:4e:9e:19:35:2b:2e:a5:3d:7e:53:d4:
                    cb:4f:82:54:c3:f9:21:0e:94:b6:b8:b7:ee:99:b5:
                    6e:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:49:4B:B2:98:D0:F3:D3:C0:0F:A4:16:1A:08:04:71:5C:4B:04:03
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/323430373a323463303a3a2f33322d3438203d3e20313336383335.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2407:24c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         92:72:33:1b:f1:81:1a:a3:39:ba:37:1a:78:0d:61:bf:13:c9:
         bb:40:b6:bd:ec:d5:7d:3f:c8:98:b2:f2:80:64:ba:52:35:d1:
         8c:c2:3c:ce:55:03:67:40:f6:ab:27:17:02:29:46:6a:bf:25:
         bb:46:bb:4f:5f:2f:b1:c4:a2:a1:c4:cb:1b:30:19:21:22:67:
         3a:a9:6f:71:8d:5e:25:b6:45:2a:82:3e:99:ff:b2:f5:11:98:
         35:de:d8:0c:96:58:d6:f8:86:aa:e5:6a:99:5a:7e:7e:a2:f0:
         f5:c9:1a:ca:10:c6:98:b8:7d:8b:6d:08:6e:2f:b5:a4:43:df:
         a8:52:4f:0a:e8:8d:2d:23:c2:db:16:70:7f:1c:8e:f9:cb:96:
         28:03:79:e6:18:f8:82:07:2a:37:b4:7c:9d:1a:e9:17:89:8c:
         3e:24:ff:db:a6:fd:fd:44:b0:c8:1f:97:c3:9c:18:13:bb:4b:
         87:27:7f:3c:6f:f6:82:5d:d4:aa:c7:0e:d8:9b:a7:13:bf:85:
         fa:a3:05:c9:67:4f:dc:19:6f:7b:8f:07:51:02:b1:4d:bc:51:
         c0:f9:1f:e6:94:52:ed:aa:56:66:79:c1:6c:3d:f9:d0:7b:67:
         d3:b5:a7:ec:aa:f5:c4:77:44:d3:5c:df:cb:aa:15:e8:05:2f:
         04:34:b5:b4
-----BEGIN CERTIFICATE-----
MIIHCTCCBfGgAwIBAgIUcivJmhkMoFPZMLV8jG88mayzeKAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIyMDIwMTAyNTUwMFoX
DTIzMDIwMTAzMDAwMFowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDA5NkUwRjFCQkU0QjBFNjczMTYzNDM1OUZDOTJGMkQwMTY0NjBBRjY5NDYw
OTFGQjY2OUM4NDA0Qzg4OEU1NkUwNTA2MDU2QkUyOUJBQTVBMTVDRDBDNTY4RENE
NUUwMEQyMUVFNENFRDkzNDg1Q0M5OEY1MEU5MjlDOUM5MTNGOEQwRkJEOEFGRTk3
MzU0MzRENzhCNTAxQzAzQjIzNDQ3RUMxMzlDOUY5RjQ4OTBDMURFQTVBRkI1RERD
NzQ3M0JGNUY0OTk0RkJFM0M0RkM2NzA4RDc0NzYzMjdDNUQxQzcyRTRGOUYzMkU0
QkJGMjQwOTYyNUNEMkY2MUQ4ODE0M0VDMTU5MUE5NTI3RDJFQTM2RDVGQkVGNjE0
MkEwODA4Q0QzNEU5MkY1QkNCOTM5QkNENkUyNUU0MjQyODk3OTc4NkE3RTQ2QzFF
Q0QzMjg5RDBCNjM3NTc3NzhCQkM2OUYxM0RFNkU3NEFEMkQ4MzRBNUNGOTZGMTc2
NjYyOUVDNUY5Qjk1OUQ4RDEzQ0NEOUEwQkVBM0RCMEZENTE3RTJBRjMxNjZFNDIy
M0Q5NkI3QjkwOEM5MzY2OUQyN0QyOTYxN0UyNDQ0RTlFMTkzNTJCMkVBNTNEN0U1
M0Q0Q0I0RjgyNTRDM0Y5MjEwRTk0QjZCOEI3RUU5OUI1NkVDOTAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCW4PG75LDmcxY0NZ/JLy0B
ZGCvaUYJH7ZpyEBMiI5W4FBgVr4puqWhXNDFaNzV4A0h7kztk0hcyY9Q6SnJyRP4
0PvYr+lzVDTXi1AcA7I0R+wTnJ+fSJDB3qWvtd3HRzv19JlPvjxPxnCNdHYyfF0c
cuT58y5LvyQJYlzS9h2IFD7BWRqVJ9LqNtX772FCoICM006S9by5ObzW4l5CQol5
eGp+RsHs0yidC2N1d3i7xp8T3m50rS2DSlz5bxdmYp7F+blZ2NE8zZoL6j2w/VF+
KvMWbkIj2Wt7kIyTZp0n0pYX4kROnhk1Ky6lPX5T1MtPglTD+SEOlLa4t+6ZtW7J
AgMBAAGjggIAMIIB/DAdBgNVHQ4EFgQU/klLspjQ89PAD6QWGggEcVxLBAMwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBggYIKwYB
BQUHAQsEdjB0MHIGCCsGAQUFBzALhmZyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMyMzQzMDM3M2EzMjM0NjMzMDNhM2EyZjMzMzIy
ZDM0MzgyMDNkM2UyMDMxMzMzNjM4MzMzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQHJMAwDQYJKoZI
hvcNAQELBQADggEBAJJyMxvxgRqjObo3GngNYb8TybtAtr3s1X0/yJiy8oBkulI1
0YzCPM5VA2dA9qsnFwIpRmq/JbtGu09fL7HEoqHEyxswGSEiZzqpb3GNXiW2RSqC
Ppn/svURmDXe2AyWWNb4hqrlaplafn6i8PXJGsoQxpi4fYttCG4vtaRD36hSTwro
jS0jwtsWcH8cjvnLligDeeYY+IIHKje0fJ0a6ReJjD4k/9um/f1EsMgfl8OcGBO7
S4cnfzxv9oJd1KrHDtibpxO/hfqjBclnT9wZb3uPB1ECsU28UcD5H+aUUu2qVmZ5
wWw9+dB7Z9O1p+yq9cR3RNNc38uqFegFLwQ0tbQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:56 2023 by rpki-client on console-fra.rpki-client.org