Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/1b6c614f-d0ff-41a9-92d0-3a213581537b/0/3130332e3135382e3139322e302f32332d3233203d3e20313431313433.roa
File:                     3130332e3135382e3139322e302f32332d3233203d3e20313431313433.roa (raw, json)
Hash identifier:          zwLmyekjqvEnBwalVS0+lY9MJH27zFAH6OkRAx5jNcA=
Subject key identifier:   4C:72:B7:C1:02:7F:7B:C0:29:0E:67:4C:5B:E5:A3:F1:38:F6:E5:F4
Certificate issuer:       /CN=A0021383E40D55B69009CDEA313E654C3CE463B0
Certificate serial:       2731536C7002C4BF187A7120BD709A2B52A7B0FC
Authority key identifier: A0:02:13:83:E4:0D:55:B6:90:09:CD:EA:31:3E:65:4C:3C:E4:63:B0
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A0021383E40D55B69009CDEA313E654C3CE463B0.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/1b6c614f-d0ff-41a9-92d0-3a213581537b/0/3130332e3135382e3139322e302f32332d3233203d3e20313431313433.roa
Signing time:             Thu 03 Feb 2022 15:00:00 +0000
ROA not before:           Thu 03 Feb 2022 14:55:00 +0000
ROA not after:            Fri 03 Feb 2023 15:00:00 +0000
asID:                     141143
IP address blocks:        103.158.192.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:31:53:6c:70:02:c4:bf:18:7a:71:20:bd:70:9a:2b:52:a7:b0:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0021383E40D55B69009CDEA313E654C3CE463B0
        Validity
            Not Before: Feb  3 14:55:00 2022 GMT
            Not After : Feb  3 15:00:00 2023 GMT
        Subject: CN=3082010A0282010100E7CC4668E5F89E3D73E913E32FF8A1D2D6FC6254F5131763DC8D6D3534BEAB951F9488EE490C5C47DAB876A36B2FF4A60F9F7B33BA8CC9C63B1248073F882AA957828F1763BFF4C992CAE79AADA218A8824E65275A14823F352C66F17370CC26A17A8174723DE91D67AFC873D82BF465F10802E67EE83FA77155BA0CE3E2E78C5BA9F1692A742575E3C0E6CCE1B2DA960EC1D62A5F18DFA7D5F61378015F0839D1DA5ABCB3D7CD5EC107D16C15DFFEBC6E55B990A400467A92F4297E5E63AC75EF3DED0F94353810949082AB80EB9A560526D9DA4C77AE2012D2F43B42AD37367B16B139802BA01ED00BCA49F2B21E252DDECE269B1235A4D4307221203843470203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:cc:46:68:e5:f8:9e:3d:73:e9:13:e3:2f:f8:
                    a1:d2:d6:fc:62:54:f5:13:17:63:dc:8d:6d:35:34:
                    be:ab:95:1f:94:88:ee:49:0c:5c:47:da:b8:76:a3:
                    6b:2f:f4:a6:0f:9f:7b:33:ba:8c:c9:c6:3b:12:48:
                    07:3f:88:2a:a9:57:82:8f:17:63:bf:f4:c9:92:ca:
                    e7:9a:ad:a2:18:a8:82:4e:65:27:5a:14:82:3f:35:
                    2c:66:f1:73:70:cc:26:a1:7a:81:74:72:3d:e9:1d:
                    67:af:c8:73:d8:2b:f4:65:f1:08:02:e6:7e:e8:3f:
                    a7:71:55:ba:0c:e3:e2:e7:8c:5b:a9:f1:69:2a:74:
                    25:75:e3:c0:e6:cc:e1:b2:da:96:0e:c1:d6:2a:5f:
                    18:df:a7:d5:f6:13:78:01:5f:08:39:d1:da:5a:bc:
                    b3:d7:cd:5e:c1:07:d1:6c:15:df:fe:bc:6e:55:b9:
                    90:a4:00:46:7a:92:f4:29:7e:5e:63:ac:75:ef:3d:
                    ed:0f:94:35:38:10:94:90:82:ab:80:eb:9a:56:05:
                    26:d9:da:4c:77:ae:20:12:d2:f4:3b:42:ad:37:36:
                    7b:16:b1:39:80:2b:a0:1e:d0:0b:ca:49:f2:b2:1e:
                    25:2d:de:ce:26:9b:12:35:a4:d4:30:72:21:20:38:
                    43:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:72:B7:C1:02:7F:7B:C0:29:0E:67:4C:5B:E5:A3:F1:38:F6:E5:F4
            X509v3 Authority Key Identifier:
                keyid:A0:02:13:83:E4:0D:55:B6:90:09:CD:EA:31:3E:65:4C:3C:E4:63:B0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/1b6c614f-d0ff-41a9-92d0-3a213581537b/0/A0021383E40D55B69009CDEA313E654C3CE463B0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A0021383E40D55B69009CDEA313E654C3CE463B0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1b6c614f-d0ff-41a9-92d0-3a213581537b/0/3130332e3135382e3139322e302f32332d3233203d3e20313431313433.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.158.192.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0f:46:2d:10:f0:a5:1e:f9:c7:00:24:24:66:8c:76:0b:71:eb:
         bd:21:5b:a7:23:1d:11:66:8a:c4:2e:8e:a2:6e:32:9b:c2:1e:
         2c:d8:3a:ca:ef:fa:bf:93:2d:4a:a8:35:0e:bd:e3:94:d4:2f:
         42:65:d9:ad:55:35:13:e8:05:a6:71:f2:1e:56:c2:eb:3b:6f:
         a9:61:f8:17:5b:cd:65:90:de:c4:b6:6a:14:17:e9:77:b1:fb:
         f2:3f:c9:f6:28:ee:52:a1:ca:48:d2:bf:80:d8:b9:25:1b:49:
         a3:75:4f:0a:1b:35:6c:fc:a0:ba:de:4a:20:47:f8:26:09:76:
         c2:a1:dc:5b:35:b8:82:f3:22:19:f6:a8:83:1d:0b:87:56:2b:
         28:eb:43:22:c0:4d:4c:c0:18:a7:c5:cc:02:01:91:ee:b0:0d:
         70:cf:71:90:76:fe:6b:20:f3:01:ca:f3:43:cb:84:c2:9a:6e:
         f8:4d:ec:8d:b3:b3:dc:7f:76:23:06:47:b2:48:2b:b8:2c:02:
         9c:7f:8e:4d:e2:ef:9d:c0:bc:a0:72:ec:2d:b0:e7:b7:a4:f3:
         3f:a3:5c:62:1c:26:68:71:4c:e3:67:dd:45:cd:f4:3c:34:f5:
         b2:0c:83:49:42:ee:9f:21:a5:ef:c0:f9:0a:0b:a0:96:9a:8e:
         d1:a8:5c:2e
-----BEGIN CERTIFICATE-----
MIIHKDCCBhCgAwIBAgIUJzFTbHACxL8YenEgvXCaK1KnsPwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTAwMjEzODNFNDBENTVCNjkwMDlDREVBMzEzRTY1NEMz
Q0U0NjNCMDAeFw0yMjAyMDMxNDU1MDBaFw0yMzAyMDMxNTAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRTdDQzQ2NjhFNUY4OUUzRDcz
RTkxM0UzMkZGOEExRDJENkZDNjI1NEY1MTMxNzYzREM4RDZEMzUzNEJFQUI5NTFG
OTQ4OEVFNDkwQzVDNDdEQUI4NzZBMzZCMkZGNEE2MEY5RjdCMzNCQThDQzlDNjNC
MTI0ODA3M0Y4ODJBQTk1NzgyOEYxNzYzQkZGNEM5OTJDQUU3OUFBREEyMThBODgy
NEU2NTI3NUExNDgyM0YzNTJDNjZGMTczNzBDQzI2QTE3QTgxNzQ3MjNERTkxRDY3
QUZDODczRDgyQkY0NjVGMTA4MDJFNjdFRTgzRkE3NzE1NUJBMENFM0UyRTc4QzVC
QTlGMTY5MkE3NDI1NzVFM0MwRTZDQ0UxQjJEQTk2MEVDMUQ2MkE1RjE4REZBN0Q1
RjYxMzc4MDE1RjA4MzlEMURBNUFCQ0IzRDdDRDVFQzEwN0QxNkMxNURGRkVCQzZF
NTVCOTkwQTQwMDQ2N0E5MkY0Mjk3RTVFNjNBQzc1RUYzREVEMEY5NDM1MzgxMDk0
OTA4MkFCODBFQjlBNTYwNTI2RDlEQTRDNzdBRTIwMTJEMkY0M0I0MkFEMzczNjdC
MTZCMTM5ODAyQkEwMUVEMDBCQ0E0OUYyQjIxRTI1MkRERUNFMjY5QjEyMzVBNEQ0
MzA3MjIxMjAzODQzNDcwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA58xGaOX4nj1z6RPjL/ih0tb8YlT1Exdj3I1tNTS+q5UflIjuSQxc
R9q4dqNrL/SmD597M7qMycY7EkgHP4gqqVeCjxdjv/TJksrnmq2iGKiCTmUnWhSC
PzUsZvFzcMwmoXqBdHI96R1nr8hz2Cv0ZfEIAuZ+6D+ncVW6DOPi54xbqfFpKnQl
dePA5szhstqWDsHWKl8Y36fV9hN4AV8IOdHaWryz181ewQfRbBXf/rxuVbmQpABG
epL0KX5eY6x17z3tD5Q1OBCUkIKrgOuaVgUm2dpMd64gEtL0O0KtNzZ7FrE5gCug
HtALyknysh4lLd7OJpsSNaTUMHIhIDhDRwIDAQABo4ICNjCCAjIwHQYDVR0OBBYE
FExyt8ECf3vAKQ5nTFvlo/E49uX0MB8GA1UdIwQYMBaAFKACE4PkDVW2kAnN6jE+
ZUw85GOwMA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMWI2YzYxNGYtZDBmZi00MWE5LTky
ZDAtM2EyMTM1ODE1MzdiLzAvQTAwMjEzODNFNDBENTVCNjkwMDlDREVBMzEzRTY1
NEMzQ0U0NjNCMC5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0EwMDIxMzgz
RTQwRDU1QjY5MDA5Q0RFQTMxM0U2NTRDM0NFNDYzQjAuY2VyMIGmBggrBgEFBQcB
CwSBmTCBljCBkwYIKwYBBQUHMAuGgYZyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8xYjZjNjE0Zi1kMGZmLTQxYTktOTJkMC0zYTIxMzU4MTUzN2IvMC8z
MTMwMzMyZTMxMzUzODJlMzEzOTMyMmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzEz
NDMxMzEzNDMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQBZ57AMA0GCSqGSIb3DQEBCwUAA4IBAQAPRi0Q
8KUe+ccAJCRmjHYLceu9IVunIx0RZorELo6ibjKbwh4s2DrK7/q/ky1KqDUOveOU
1C9CZdmtVTUT6AWmcfIeVsLrO2+pYfgXW81lkN7EtmoUF+l3sfvyP8n2KO5SocpI
0r+A2LklG0mjdU8KGzVs/KC63kogR/gmCXbCodxbNbiC8yIZ9qiDHQuHViso60Mi
wE1MwBinxcwCAZHusA1wz3GQdv5rIPMByvNDy4TCmm74TeyNs7Pcf3YjBkeySCu4
LAKcf45N4u+dwLygcuwtsOe3pPM/o1xiHCZocUzjZ91FzfQ8NPWyDINJQu6fIaXv
wPkKC6CWmo7RqFwu
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:59 2023 by rpki-client on console-ams.rpki-client.org