Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/2d2a5b51-bc00-4d6b-8761-c7d0d3f6de12/0/3130332e3131382e3132342e302f32322d3232203d3e20313337333736.roa
File:                     3130332e3131382e3132342e302f32322d3232203d3e20313337333736.roa (raw, json)
Hash identifier:          fjlwhIZi+AiK6LXNAiiF9JGSbwrOFtIrVimAxxW2eqM=
Subject key identifier:   1C:C4:B8:1B:BD:24:35:D1:74:E4:75:0C:DB:51:57:B2:09:85:C3:42
Certificate issuer:       /CN=8C5FA2EBD7AF40393883FB08E71BDF41AAE20F57
Certificate serial:       17671383B94EB6CB3BE23A6CCB0734AD4362661C
Authority key identifier: 8C:5F:A2:EB:D7:AF:40:39:38:83:FB:08:E7:1B:DF:41:AA:E2:0F:57
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8C5FA2EBD7AF40393883FB08E71BDF41AAE20F57.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/2d2a5b51-bc00-4d6b-8761-c7d0d3f6de12/0/3130332e3131382e3132342e302f32322d3232203d3e20313337333736.roa
Signing time:             Fri 11 Feb 2022 09:25:26 +0000
ROA not before:           Fri 11 Feb 2022 09:20:26 +0000
ROA not after:            Sat 11 Feb 2023 09:25:26 +0000
asID:                     137376
IP address blocks:        103.118.124.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:67:13:83:b9:4e:b6:cb:3b:e2:3a:6c:cb:07:34:ad:43:62:66:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8C5FA2EBD7AF40393883FB08E71BDF41AAE20F57
        Validity
            Not Before: Feb 11 09:20:26 2022 GMT
            Not After : Feb 11 09:25:26 2023 GMT
        Subject: CN=3082010A0282010100B7CA0352EF66BA4E26099CA337CCAA2575195E44FA3552C69CE880D600BEBE9DE54E49C328A7470BDDB2C8671D2734634FAFC9C347AEE2E4F7E63D201B731151914EBBAFFE4C9F63CB4AC4CB366AD7BD8EF9A24621400A01BECB898FFB9D7E36281A2F8E0F716E1830808057C248F102EF068D555E687569D76A5E142CA4C8D6DE9EA12DB82F3EE448D9D35BDCB4464117759B9B846D8D09C367B13F7DDC4675FE10CFF9EB3860AC503ACA7256383DAAF00A06D243699FA5634805AFD8766EF555543A2C41991DC48FA519038D0AEE1DB2415A32B30FC6DF2AE47AA2BE02AC8D1B7CB03908E94536EEE5B6CAB3F983530AFD02113AFDD0803D082D3E8C6353410203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:ca:03:52:ef:66:ba:4e:26:09:9c:a3:37:cc:
                    aa:25:75:19:5e:44:fa:35:52:c6:9c:e8:80:d6:00:
                    be:be:9d:e5:4e:49:c3:28:a7:47:0b:dd:b2:c8:67:
                    1d:27:34:63:4f:af:c9:c3:47:ae:e2:e4:f7:e6:3d:
                    20:1b:73:11:51:91:4e:bb:af:fe:4c:9f:63:cb:4a:
                    c4:cb:36:6a:d7:bd:8e:f9:a2:46:21:40:0a:01:be:
                    cb:89:8f:fb:9d:7e:36:28:1a:2f:8e:0f:71:6e:18:
                    30:80:80:57:c2:48:f1:02:ef:06:8d:55:5e:68:75:
                    69:d7:6a:5e:14:2c:a4:c8:d6:de:9e:a1:2d:b8:2f:
                    3e:e4:48:d9:d3:5b:dc:b4:46:41:17:75:9b:9b:84:
                    6d:8d:09:c3:67:b1:3f:7d:dc:46:75:fe:10:cf:f9:
                    eb:38:60:ac:50:3a:ca:72:56:38:3d:aa:f0:0a:06:
                    d2:43:69:9f:a5:63:48:05:af:d8:76:6e:f5:55:54:
                    3a:2c:41:99:1d:c4:8f:a5:19:03:8d:0a:ee:1d:b2:
                    41:5a:32:b3:0f:c6:df:2a:e4:7a:a2:be:02:ac:8d:
                    1b:7c:b0:39:08:e9:45:36:ee:e5:b6:ca:b3:f9:83:
                    53:0a:fd:02:11:3a:fd:d0:80:3d:08:2d:3e:8c:63:
                    53:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:C4:B8:1B:BD:24:35:D1:74:E4:75:0C:DB:51:57:B2:09:85:C3:42
            X509v3 Authority Key Identifier:
                keyid:8C:5F:A2:EB:D7:AF:40:39:38:83:FB:08:E7:1B:DF:41:AA:E2:0F:57

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/2d2a5b51-bc00-4d6b-8761-c7d0d3f6de12/0/8C5FA2EBD7AF40393883FB08E71BDF41AAE20F57.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8C5FA2EBD7AF40393883FB08E71BDF41AAE20F57.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2d2a5b51-bc00-4d6b-8761-c7d0d3f6de12/0/3130332e3131382e3132342e302f32322d3232203d3e20313337333736.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.118.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a6:c9:b6:7d:b3:eb:d1:16:c3:5c:9f:1e:7c:cc:a7:0a:df:64:
         b5:9d:68:d1:f7:c0:0a:b6:6f:47:5a:7d:09:08:ef:43:fc:89:
         02:4a:f3:c9:50:51:14:12:ff:f5:22:1c:bd:ec:b9:95:16:19:
         77:95:ad:a6:8b:f6:a3:e4:bc:fe:5e:a7:f1:3e:e7:f8:44:d5:
         9a:c0:fb:c6:17:fa:c5:11:57:87:68:18:84:ac:f1:73:5b:ba:
         78:a5:28:fc:3d:12:30:0c:10:34:fa:dc:23:d9:0d:1c:cd:08:
         9d:73:ef:db:d5:a0:d6:c5:27:f6:4b:36:b8:2b:4b:3b:65:c4:
         d1:89:3f:62:bf:e7:41:6c:64:97:6d:5a:3a:c2:f1:25:e8:27:
         23:54:92:86:15:76:01:93:52:34:cb:27:81:b1:96:99:78:66:
         3e:f5:3a:05:fe:e8:82:08:af:1f:1a:a4:a0:01:93:33:7b:e5:
         65:36:0a:30:14:aa:22:d0:47:66:65:6c:3a:71:cb:5e:17:20:
         2b:b9:43:01:b0:f1:37:fd:89:79:c0:fe:7b:de:7b:9d:aa:c8:
         9f:05:f1:93:e6:c1:59:1c:c7:f0:e0:29:52:87:54:d5:c9:06:
         99:54:eb:32:30:7a:f4:11:89:8b:11:cf:ea:c2:2d:1e:52:44:
         e2:fc:91:68
-----BEGIN CERTIFICATE-----
MIIHKDCCBhCgAwIBAgIUF2cTg7lOtss74jpsywc0rUNiZhwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEM1RkEyRUJEN0FGNDAzOTM4ODNGQjA4RTcxQkRGNDFB
QUUyMEY1NzAeFw0yMjAyMTEwOTIwMjZaFw0yMzAyMTEwOTI1MjZaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQjdDQTAzNTJFRjY2QkE0RTI2
MDk5Q0EzMzdDQ0FBMjU3NTE5NUU0NEZBMzU1MkM2OUNFODgwRDYwMEJFQkU5REU1
NEU0OUMzMjhBNzQ3MEJEREIyQzg2NzFEMjczNDYzNEZBRkM5QzM0N0FFRTJFNEY3
RTYzRDIwMUI3MzExNTE5MTRFQkJBRkZFNEM5RjYzQ0I0QUM0Q0IzNjZBRDdCRDhF
RjlBMjQ2MjE0MDBBMDFCRUNCODk4RkZCOUQ3RTM2MjgxQTJGOEUwRjcxNkUxODMw
ODA4MDU3QzI0OEYxMDJFRjA2OEQ1NTVFNjg3NTY5RDc2QTVFMTQyQ0E0QzhENkRF
OUVBMTJEQjgyRjNFRTQ0OEQ5RDM1QkRDQjQ0NjQxMTc3NTlCOUI4NDZEOEQwOUMz
NjdCMTNGN0REQzQ2NzVGRTEwQ0ZGOUVCMzg2MEFDNTAzQUNBNzI1NjM4M0RBQUYw
MEEwNkQyNDM2OTlGQTU2MzQ4MDVBRkQ4NzY2RUY1NTU1NDNBMkM0MTk5MURDNDhG
QTUxOTAzOEQwQUVFMURCMjQxNUEzMkIzMEZDNkRGMkFFNDdBQTJCRTAyQUM4RDFC
N0NCMDM5MDhFOTQ1MzZFRUU1QjZDQUIzRjk4MzUzMEFGRDAyMTEzQUZERDA4MDNE
MDgyRDNFOEM2MzUzNDEwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAt8oDUu9muk4mCZyjN8yqJXUZXkT6NVLGnOiA1gC+vp3lTknDKKdH
C92yyGcdJzRjT6/Jw0eu4uT35j0gG3MRUZFOu6/+TJ9jy0rEyzZq172O+aJGIUAK
Ab7LiY/7nX42KBovjg9xbhgwgIBXwkjxAu8GjVVeaHVp12peFCykyNbenqEtuC8+
5EjZ01vctEZBF3Wbm4RtjQnDZ7E/fdxGdf4Qz/nrOGCsUDrKclY4ParwCgbSQ2mf
pWNIBa/Ydm71VVQ6LEGZHcSPpRkDjQruHbJBWjKzD8bfKuR6or4CrI0bfLA5COlF
Nu7ltsqz+YNTCv0CETr90IA9CC0+jGNTQQIDAQABo4ICNjCCAjIwHQYDVR0OBBYE
FBzEuBu9JDXRdOR1DNtRV7IJhcNCMB8GA1UdIwQYMBaAFIxfouvXr0A5OIP7COcb
30Gq4g9XMA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMmQyYTViNTEtYmMwMC00ZDZiLTg3
NjEtYzdkMGQzZjZkZTEyLzAvOEM1RkEyRUJEN0FGNDAzOTM4ODNGQjA4RTcxQkRG
NDFBQUUyMEY1Ny5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yLzhDNUZBMkVC
RDdBRjQwMzkzODgzRkIwOEU3MUJERjQxQUFFMjBGNTcuY2VyMIGmBggrBgEFBQcB
CwSBmTCBljCBkwYIKwYBBQUHMAuGgYZyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8yZDJhNWI1MS1iYzAwLTRkNmItODc2MS1jN2QwZDNmNmRlMTIvMC8z
MTMwMzMyZTMxMzEzODJlMzEzMjM0MmUzMDJmMzIzMjJkMzIzMjIwM2QzZTIwMzEz
MzM3MzMzNzM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCZ3Z8MA0GCSqGSIb3DQEBCwUAA4IBAQCmybZ9
s+vRFsNcnx58zKcK32S1nWjR98AKtm9HWn0JCO9D/IkCSvPJUFEUEv/1Ihy97LmV
Fhl3la2mi/aj5Lz+XqfxPuf4RNWawPvGF/rFEVeHaBiErPFzW7p4pSj8PRIwDBA0
+twj2Q0czQidc+/b1aDWxSf2Sza4K0s7ZcTRiT9iv+dBbGSXbVo6wvEl6CcjVJKG
FXYBk1I0yyeBsZaZeGY+9ToF/uiCCK8fGqSgAZMze+VlNgowFKoi0EdmZWw6ccte
FyAruUMBsPE3/Yl5wP573nudqsifBfGT5sFZHMfw4ClSh1TVyQaZVOsyMHr0EYmL
Ec/qwi0eUkTi/JFo
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:02 2024 by rpki-client on console-fra.rpki-client.org