Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/03b59ce4-66a2-4f4d-b3d6-9299484ba56b/0/3131342e3139382e3234332e302f32342d3234203d3e203535363832.roa
File:                     3131342e3139382e3234332e302f32342d3234203d3e203535363832.roa (raw, json)
Hash identifier:          olM0rDP1D9SHf9E/sueOvdo9dvMtij0hJfkc2nMUhQI=
Subject key identifier:   1D:01:EB:37:12:A2:5C:6B:1C:D5:D2:DA:BB:7D:F4:FB:8F:DB:6F:C3
Certificate issuer:       /CN=C30DE71F7CAE16CA2D8DAB6D01CA43D72FB4FE6E
Certificate serial:       41519116AD928E0F349BF0C4391D51ED4B8F48F3
Authority key identifier: C3:0D:E7:1F:7C:AE:16:CA:2D:8D:AB:6D:01:CA:43:D7:2F:B4:FE:6E
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C30DE71F7CAE16CA2D8DAB6D01CA43D72FB4FE6E.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/03b59ce4-66a2-4f4d-b3d6-9299484ba56b/0/3131342e3139382e3234332e302f32342d3234203d3e203535363832.roa
Signing time:             Wed 13 Apr 2022 12:00:01 +0000
ROA not before:           Wed 13 Apr 2022 11:55:01 +0000
ROA not after:            Wed 12 Apr 2023 12:00:01 +0000
asID:                     55682
IP address blocks:        114.198.243.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:51:91:16:ad:92:8e:0f:34:9b:f0:c4:39:1d:51:ed:4b:8f:48:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C30DE71F7CAE16CA2D8DAB6D01CA43D72FB4FE6E
        Validity
            Not Before: Apr 13 11:55:01 2022 GMT
            Not After : Apr 12 12:00:01 2023 GMT
        Subject: CN=1D01EB3712A25C6B1CD5D2DABB7DF4FB8FDB6FC3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:d6:75:4e:25:89:ae:34:b8:2c:16:7e:e8:0c:
                    3e:f6:fb:49:e6:03:21:9e:82:d6:47:57:35:4c:7e:
                    3a:35:c9:88:21:43:5c:8d:28:9b:1d:42:7e:e4:5b:
                    be:eb:43:3a:8e:5a:8a:53:e0:37:8f:b8:76:80:34:
                    89:73:8d:49:f3:e1:c8:cf:c8:67:61:b1:66:dd:eb:
                    39:e6:f5:23:21:55:58:3f:8e:3b:6e:19:34:ef:be:
                    b3:77:8a:03:22:ab:ed:25:b4:d9:c9:66:fd:4d:11:
                    d0:8b:d8:f8:18:df:bf:17:e2:44:43:a3:58:7d:bc:
                    15:c5:47:c5:a0:0b:f7:db:fa:e6:86:60:21:57:9a:
                    b4:06:72:1c:d9:fb:3b:65:0e:d5:a7:43:a2:3a:d0:
                    13:cf:02:56:c2:4c:a9:70:2a:dc:b0:d9:28:25:fc:
                    88:72:49:5d:b9:07:ea:cd:64:ec:cd:0d:f1:ec:12:
                    b1:3f:4c:d6:70:96:38:7a:2c:bf:40:ee:aa:09:e6:
                    f6:cc:d2:83:f6:59:45:8a:1a:ca:94:3f:f4:a4:28:
                    a3:fb:69:e8:d2:3d:4a:9c:f9:a7:9a:99:34:9d:ea:
                    3f:fb:66:47:14:1d:fb:43:ad:40:d3:56:b3:c6:4d:
                    d4:fe:98:17:63:d3:65:d7:5f:66:87:0e:65:99:aa:
                    7d:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:01:EB:37:12:A2:5C:6B:1C:D5:D2:DA:BB:7D:F4:FB:8F:DB:6F:C3
            X509v3 Authority Key Identifier:
                keyid:C3:0D:E7:1F:7C:AE:16:CA:2D:8D:AB:6D:01:CA:43:D7:2F:B4:FE:6E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/03b59ce4-66a2-4f4d-b3d6-9299484ba56b/0/C30DE71F7CAE16CA2D8DAB6D01CA43D72FB4FE6E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C30DE71F7CAE16CA2D8DAB6D01CA43D72FB4FE6E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/03b59ce4-66a2-4f4d-b3d6-9299484ba56b/0/3131342e3139382e3234332e302f32342d3234203d3e203535363832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  114.198.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9c:5b:6b:5a:a4:2f:06:bb:51:3a:c7:1e:b1:74:4e:5c:d3:a4:
         99:3c:92:ca:8c:aa:9e:61:58:98:2d:be:52:42:a7:b3:67:40:
         a5:e1:f6:4e:03:0e:74:f5:1c:32:5a:d1:85:cb:6e:b1:20:fa:
         18:b9:46:38:aa:5f:2c:79:70:89:38:65:2d:c8:84:45:30:df:
         98:e4:0e:96:a1:37:98:b3:a1:17:8e:07:60:49:39:f9:16:83:
         8a:21:91:98:5f:c7:d7:83:9c:a4:0b:fe:dc:50:d4:1b:06:30:
         69:e2:6a:eb:e6:e1:f7:55:88:30:f6:da:03:34:80:44:e7:a7:
         76:2c:a5:3f:03:33:cc:98:81:0d:74:39:f7:47:88:3f:06:a1:
         b5:84:8f:65:f2:52:8e:27:aa:99:5a:d3:62:24:9c:96:ea:c6:
         5a:33:4d:51:6c:b4:99:03:72:b5:3e:f1:54:cf:15:e9:d3:32:
         82:7f:3b:66:b9:45:bc:ae:aa:6b:c2:24:62:e0:dd:88:d4:f4:
         9a:16:bb:61:68:81:25:ee:e6:50:76:00:85:2d:1b:92:93:e7:
         d3:b7:cd:5b:f5:78:ed:ee:9a:f5:7c:52:4b:25:1e:de:76:90:
         4b:18:3e:29:a5:e1:77:70:67:5f:6f:8c:f8:16:c4:fe:e0:4e:
         53:ec:74:3c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUQVGRFq2Sjg80m/DEOR1R7UuPSPMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzMwREU3MUY3Q0FFMTZDQTJEOERBQjZEMDFDQTQzRDcy
RkI0RkU2RTAeFw0yMjA0MTMxMTU1MDFaFw0yMzA0MTIxMjAwMDFaMDMxMTAvBgNV
BAMTKDFEMDFFQjM3MTJBMjVDNkIxQ0Q1RDJEQUJCN0RGNEZCOEZEQjZGQzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC91nVOJYmuNLgsFn7oDD72+0nm
AyGegtZHVzVMfjo1yYghQ1yNKJsdQn7kW77rQzqOWopT4DePuHaANIlzjUnz4cjP
yGdhsWbd6znm9SMhVVg/jjtuGTTvvrN3igMiq+0ltNnJZv1NEdCL2PgY378X4kRD
o1h9vBXFR8WgC/fb+uaGYCFXmrQGchzZ+ztlDtWnQ6I60BPPAlbCTKlwKtyw2Sgl
/IhySV25B+rNZOzNDfHsErE/TNZwljh6LL9A7qoJ5vbM0oP2WUWKGsqUP/SkKKP7
aejSPUqc+aeamTSd6j/7ZkcUHftDrUDTVrPGTdT+mBdj02XXX2aHDmWZqn0NAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUHQHrNxKiXGsc1dLau330+4/bb8MwHwYDVR0j
BBgwFoAUww3nH3yuFsotjattAcpD1y+0/m4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
M2I1OWNlNC02NmEyLTRmNGQtYjNkNi05Mjk5NDg0YmE1NmIvMC9DMzBERTcxRjdD
QUUxNkNBMkQ4REFCNkQwMUNBNDNENzJGQjRGRTZFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQzMwREU3MUY3Q0FFMTZDQTJEOERBQjZEMDFDQTQzRDcyRkI0
RkU2RS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzAzYjU5Y2U0LTY2YTItNGY0ZC1i
M2Q2LTkyOTk0ODRiYTU2Yi8wLzMxMzEzNDJlMzEzOTM4MmUzMjM0MzMyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzNTM1MzYzODMyLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAcsbzMA0GCSqG
SIb3DQEBCwUAA4IBAQCcW2tapC8Gu1E6xx6xdE5c06SZPJLKjKqeYViYLb5SQqez
Z0Cl4fZOAw509RwyWtGFy26xIPoYuUY4ql8seXCJOGUtyIRFMN+Y5A6WoTeYs6EX
jgdgSTn5FoOKIZGYX8fXg5ykC/7cUNQbBjBp4mrr5uH3VYgw9toDNIBE56d2LKU/
AzPMmIENdDn3R4g/BqG1hI9l8lKOJ6qZWtNiJJyW6sZaM01RbLSZA3K1PvFUzxXp
0zKCfztmuUW8rqprwiRi4N2I1PSaFrthaIEl7uZQdgCFLRuSk+fTt81b9Xjt7pr1
fFJLJR7edpBLGD4ppeF3cGdfb4z4FsT+4E5T7HQ8
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:58 2023 by rpki-client on console-ams.rpki-client.org