Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/5c0c14a9-3a77-49e2-9194-48d0913458b2/0/3230322e3135342e31362e302f32332d3234203d3e2034343334.roa
File:                     3230322e3135342e31362e302f32332d3234203d3e2034343334.roa (raw, json)
Hash identifier:          L0yb82A60r8cK7HJrKzBQe2GIHEgsa+WQN4wja8MLXE=
Subject key identifier:   CE:F3:58:47:B0:B5:95:7B:3B:29:E0:1A:97:8D:72:99:9A:2B:2C:9D
Certificate issuer:       /CN=10F00FAE6F0B93ABDC95628ACE3C3C189AE927F6
Certificate serial:       7BB56DAF2181B521990061F3A8468AA88F3E03FA
Authority key identifier: 10:F0:0F:AE:6F:0B:93:AB:DC:95:62:8A:CE:3C:3C:18:9A:E9:27:F6
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/10F00FAE6F0B93ABDC95628ACE3C3C189AE927F6.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/5c0c14a9-3a77-49e2-9194-48d0913458b2/0/3230322e3135342e31362e302f32332d3234203d3e2034343334.roa
Signing time:             Wed 19 Oct 2022 10:46:40 +0000
ROA not before:           Wed 19 Oct 2022 10:41:40 +0000
ROA not after:            Wed 18 Oct 2023 10:46:40 +0000
asID:                     4434
IP address blocks:        202.154.16.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:b5:6d:af:21:81:b5:21:99:00:61:f3:a8:46:8a:a8:8f:3e:03:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10F00FAE6F0B93ABDC95628ACE3C3C189AE927F6
        Validity
            Not Before: Oct 19 10:41:40 2022 GMT
            Not After : Oct 18 10:46:40 2023 GMT
        Subject: CN=CEF35847B0B5957B3B29E01A978D72999A2B2C9D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:93:bc:ad:5f:22:c8:ef:0f:8b:94:66:c4:22:
                    fe:6e:33:6d:9f:30:f9:a3:b9:06:ed:1c:9e:da:d4:
                    74:1e:8c:42:53:73:d9:ab:b3:d4:3f:d0:87:3d:75:
                    6a:97:18:52:ad:06:a4:2e:5f:ff:e2:57:5e:20:6f:
                    f7:4c:02:9e:8e:e4:6b:a5:66:c5:f5:5f:d8:8a:91:
                    40:17:28:4f:1e:e2:f7:1e:b4:43:cb:50:a7:b0:16:
                    6a:ce:c5:f0:bf:02:c9:9f:43:7f:05:7d:a0:60:e9:
                    ae:e9:52:d0:6c:df:15:0a:d1:5d:60:e2:20:66:33:
                    1d:1b:ef:c9:e2:7a:f6:49:1a:78:48:d6:7a:4f:58:
                    d7:15:63:0b:77:a0:b5:30:bd:42:19:52:60:f7:ce:
                    1c:41:c2:5e:b6:46:a5:68:a4:19:90:fa:b4:da:07:
                    7f:5d:0b:35:fb:bc:c5:dc:ea:15:9a:22:b8:0f:43:
                    47:cf:1f:e3:0e:59:28:df:93:0f:0a:53:1e:99:29:
                    20:38:8e:e9:6c:2b:25:f7:1d:8d:e2:10:6a:38:82:
                    06:2c:d1:ea:af:8d:82:aa:ec:41:d9:93:5e:ec:e2:
                    0d:28:46:90:5f:36:d7:f8:ab:a3:89:62:2e:b9:49:
                    d1:36:ca:a3:07:9c:04:8e:cb:81:54:98:d1:e1:a6:
                    4f:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:F3:58:47:B0:B5:95:7B:3B:29:E0:1A:97:8D:72:99:9A:2B:2C:9D
            X509v3 Authority Key Identifier:
                keyid:10:F0:0F:AE:6F:0B:93:AB:DC:95:62:8A:CE:3C:3C:18:9A:E9:27:F6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/5c0c14a9-3a77-49e2-9194-48d0913458b2/0/10F00FAE6F0B93ABDC95628ACE3C3C189AE927F6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/10F00FAE6F0B93ABDC95628ACE3C3C189AE927F6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5c0c14a9-3a77-49e2-9194-48d0913458b2/0/3230322e3135342e31362e302f32332d3234203d3e2034343334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.154.16.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3b:a5:cc:e7:e6:67:aa:d0:8f:7b:51:8d:d9:b8:20:49:92:86:
         78:fe:0f:98:99:cd:28:bc:56:1f:b0:74:18:61:38:01:bd:13:
         09:40:c0:6e:16:a2:d0:9b:aa:30:5e:2e:56:97:9a:69:81:04:
         51:4c:f6:c9:7e:78:25:16:4f:14:b5:03:47:6f:94:9c:8c:5b:
         f7:91:f6:76:bc:41:f6:b5:76:af:13:8b:fa:af:4a:49:f3:10:
         d1:13:85:a9:17:50:0d:0d:a5:16:ca:00:fa:03:1b:e5:1b:b9:
         69:15:da:6f:54:70:9f:a5:33:63:b3:3e:e4:b5:19:83:cc:a3:
         a1:da:f0:22:04:0a:64:ae:39:bc:8a:a6:41:7d:18:32:e8:a6:
         1d:00:9f:f5:4a:e1:bf:a5:08:13:2b:2f:48:f3:fe:ef:64:73:
         6f:7f:9f:07:59:1f:c9:81:55:4f:e2:0c:ba:41:1a:45:31:76:
         a6:13:2f:44:70:1f:05:25:23:58:25:90:0b:39:1f:25:d9:d9:
         ec:53:49:f6:f2:25:61:a5:42:e5:ee:09:96:d3:73:bc:f3:06:
         68:81:82:10:40:15:2b:4b:3c:5e:92:bb:67:67:fd:32:b6:65:
         28:47:ad:aa:87:69:c7:c8:f1:d6:d8:33:b8:73:5e:97:ed:b5:
         67:30:4d:c9
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUe7VtryGBtSGZAGHzqEaKqI8+A/owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTBGMDBGQUU2RjBCOTNBQkRDOTU2MjhBQ0UzQzNDMTg5
QUU5MjdGNjAeFw0yMjEwMTkxMDQxNDBaFw0yMzEwMTgxMDQ2NDBaMDMxMTAvBgNV
BAMTKENFRjM1ODQ3QjBCNTk1N0IzQjI5RTAxQTk3OEQ3Mjk5OUEyQjJDOUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRk7ytXyLI7w+LlGbEIv5uM22f
MPmjuQbtHJ7a1HQejEJTc9mrs9Q/0Ic9dWqXGFKtBqQuX//iV14gb/dMAp6O5Gul
ZsX1X9iKkUAXKE8e4vcetEPLUKewFmrOxfC/AsmfQ38FfaBg6a7pUtBs3xUK0V1g
4iBmMx0b78nievZJGnhI1npPWNcVYwt3oLUwvUIZUmD3zhxBwl62RqVopBmQ+rTa
B39dCzX7vMXc6hWaIrgPQ0fPH+MOWSjfkw8KUx6ZKSA4julsKyX3HY3iEGo4ggYs
0eqvjYKq7EHZk17s4g0oRpBfNtf4q6OJYi65SdE2yqMHnASOy4FUmNHhpk8DAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUzvNYR7C1lXs7KeAal41ymZorLJ0wHwYDVR0j
BBgwFoAUEPAPrm8Lk6vclWKKzjw8GJrpJ/YwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
YzBjMTRhOS0zYTc3LTQ5ZTItOTE5NC00OGQwOTEzNDU4YjIvMC8xMEYwMEZBRTZG
MEI5M0FCREM5NTYyOEFDRTNDM0MxODlBRTkyN0Y2LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMTBGMDBGQUU2RjBCOTNBQkRDOTU2MjhBQ0UzQzNDMTg5QUU5
MjdGNi5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVjMGMxNGE5LTNhNzctNDllMi05
MTk0LTQ4ZDA5MTM0NThiMi8wLzMyMzAzMjJlMzEzNTM0MmUzMTM2MmUzMDJmMzIz
MzJkMzIzNDIwM2QzZTIwMzQzNDMzMzQucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHKmhAwDQYJKoZIhvcN
AQELBQADggEBADulzOfmZ6rQj3tRjdm4IEmShnj+D5iZzSi8Vh+wdBhhOAG9EwlA
wG4WotCbqjBeLlaXmmmBBFFM9sl+eCUWTxS1A0dvlJyMW/eR9na8Qfa1dq8Ti/qv
SknzENEThakXUA0NpRbKAPoDG+UbuWkV2m9UcJ+lM2OzPuS1GYPMo6Ha8CIECmSu
ObyKpkF9GDLoph0An/VK4b+lCBMrL0jz/u9kc29/nwdZH8mBVU/iDLpBGkUxdqYT
L0RwHwUlI1glkAs5HyXZ2exTSfbyJWGlQuXuCZbTc7zzBmiBghBAFStLPF6Su2dn
/TK2ZShHraqHacfI8dbYM7hzXpfttWcwTck=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:40 2024 by rpki-client on console-ams.rpki-client.org