Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/5c0c14a9-3a77-49e2-9194-48d0913458b2/0/3230322e3135342e33362e302f32332d3234203d3e2034343334.roa
File:                     3230322e3135342e33362e302f32332d3234203d3e2034343334.roa (raw, json)
Hash identifier:          QEJy5XlFSJTdqUUZds41p82OY4Hq3VjUlRyCHXnjgSg=
Subject key identifier:   26:79:18:66:3B:7F:37:05:13:56:7D:45:B1:F8:E1:B8:0F:D9:3D:9B
Certificate issuer:       /CN=10F00FAE6F0B93ABDC95628ACE3C3C189AE927F6
Certificate serial:       2874CC52DFF9EC31EB2A2EEBA1F22E61E7D15E47
Authority key identifier: 10:F0:0F:AE:6F:0B:93:AB:DC:95:62:8A:CE:3C:3C:18:9A:E9:27:F6
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/10F00FAE6F0B93ABDC95628ACE3C3C189AE927F6.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/5c0c14a9-3a77-49e2-9194-48d0913458b2/0/3230322e3135342e33362e302f32332d3234203d3e2034343334.roa
Signing time:             Wed 19 Oct 2022 10:49:34 +0000
ROA not before:           Wed 19 Oct 2022 10:44:34 +0000
ROA not after:            Wed 18 Oct 2023 10:49:34 +0000
asID:                     4434
IP address blocks:        202.154.36.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:74:cc:52:df:f9:ec:31:eb:2a:2e:eb:a1:f2:2e:61:e7:d1:5e:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10F00FAE6F0B93ABDC95628ACE3C3C189AE927F6
        Validity
            Not Before: Oct 19 10:44:34 2022 GMT
            Not After : Oct 18 10:49:34 2023 GMT
        Subject: CN=267918663B7F370513567D45B1F8E1B80FD93D9B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:31:88:e4:72:51:67:d6:2f:49:c4:e1:be:02:
                    df:d5:7e:82:e3:48:9a:1b:7f:66:b7:0b:94:a6:a3:
                    e2:c2:61:dc:ea:07:76:85:f0:d6:e3:28:5f:c9:93:
                    a3:05:2b:59:d1:e0:ce:db:a0:ac:70:0a:7a:48:5c:
                    20:01:20:ae:92:e8:d0:28:9b:ef:ec:c0:7e:c0:e5:
                    83:19:b1:58:5c:6c:65:c0:46:d4:a9:71:35:71:56:
                    1b:30:a5:fa:51:71:c9:d6:e4:d5:9a:d6:ce:54:cc:
                    48:d2:58:71:df:24:48:ec:52:88:ad:6e:f7:78:ed:
                    09:09:cc:b1:ae:bb:0f:e8:17:6e:93:64:9b:95:ff:
                    25:61:88:01:99:5a:85:33:f9:99:fe:ab:a9:83:5d:
                    cb:0f:c7:21:77:69:97:93:c9:6e:01:fc:cd:89:f7:
                    3c:27:25:32:93:2f:3a:72:ab:c6:71:f8:f8:1f:f1:
                    f1:ec:33:53:b8:d7:ab:da:5f:d2:43:40:86:2c:0f:
                    91:24:18:cc:25:59:05:2c:a2:be:ab:ee:51:ec:99:
                    0a:14:53:fd:8b:4c:2a:f7:d8:b5:aa:87:cc:70:e5:
                    19:1a:c3:b8:57:b3:a0:34:47:ca:b3:d3:ba:aa:53:
                    db:14:a1:e7:31:09:e0:cd:10:86:ca:a8:7d:0f:20:
                    0d:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:79:18:66:3B:7F:37:05:13:56:7D:45:B1:F8:E1:B8:0F:D9:3D:9B
            X509v3 Authority Key Identifier:
                keyid:10:F0:0F:AE:6F:0B:93:AB:DC:95:62:8A:CE:3C:3C:18:9A:E9:27:F6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/5c0c14a9-3a77-49e2-9194-48d0913458b2/0/10F00FAE6F0B93ABDC95628ACE3C3C189AE927F6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/10F00FAE6F0B93ABDC95628ACE3C3C189AE927F6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5c0c14a9-3a77-49e2-9194-48d0913458b2/0/3230322e3135342e33362e302f32332d3234203d3e2034343334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.154.36.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7b:33:ac:a9:f0:f9:1e:a6:4b:61:59:99:45:85:2f:8e:7a:2d:
         2b:32:74:1c:30:7f:d5:4b:8a:cb:23:eb:87:8b:93:28:10:0f:
         71:fc:c3:81:53:d3:80:54:ce:98:ac:45:ea:d2:21:e2:75:84:
         ac:ea:6b:4f:d2:0f:a6:04:6f:72:ab:22:8e:26:ec:b3:bf:de:
         cd:71:a6:d4:1a:13:5a:ea:72:86:c8:21:16:eb:6e:1f:67:46:
         4b:b0:62:81:92:a4:ac:b0:db:17:68:d0:55:03:0b:70:40:2b:
         84:a2:a3:2c:cb:6a:43:14:b4:b3:0a:55:57:bc:51:3f:8c:76:
         21:e3:4d:aa:a7:61:8e:de:53:30:d0:bc:01:d6:a3:26:51:89:
         65:20:50:3b:a7:d3:0d:f1:25:fc:68:5c:91:38:ca:0c:bd:5d:
         2c:64:a3:e6:f2:66:96:a1:dd:2f:fe:74:c5:02:6e:06:a5:ad:
         5a:52:3f:fa:bd:48:e7:9a:5a:d1:80:a7:ee:d9:cd:6e:7c:3b:
         7e:3e:2f:d3:39:34:ed:72:94:31:02:2a:b3:3b:d4:da:92:05:
         64:ac:49:80:9f:78:d0:de:ee:a5:59:ba:68:f7:aa:59:0b:48:
         ca:10:a5:f2:f9:b7:fe:cb:64:7a:ab:c0:6f:7d:1a:20:a5:45:
         be:34:aa:07
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUKHTMUt/57DHrKi7rofIuYefRXkcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTBGMDBGQUU2RjBCOTNBQkRDOTU2MjhBQ0UzQzNDMTg5
QUU5MjdGNjAeFw0yMjEwMTkxMDQ0MzRaFw0yMzEwMTgxMDQ5MzRaMDMxMTAvBgNV
BAMTKDI2NzkxODY2M0I3RjM3MDUxMzU2N0Q0NUIxRjhFMUI4MEZEOTNEOUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNMYjkclFn1i9JxOG+At/VfoLj
SJobf2a3C5Smo+LCYdzqB3aF8NbjKF/Jk6MFK1nR4M7boKxwCnpIXCABIK6S6NAo
m+/swH7A5YMZsVhcbGXARtSpcTVxVhswpfpRccnW5NWa1s5UzEjSWHHfJEjsUoit
bvd47QkJzLGuuw/oF26TZJuV/yVhiAGZWoUz+Zn+q6mDXcsPxyF3aZeTyW4B/M2J
9zwnJTKTLzpyq8Zx+Pgf8fHsM1O416vaX9JDQIYsD5EkGMwlWQUsor6r7lHsmQoU
U/2LTCr32LWqh8xw5Rkaw7hXs6A0R8qz07qqU9sUoecxCeDNEIbKqH0PIA0FAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUJnkYZjt/NwUTVn1FsfjhuA/ZPZswHwYDVR0j
BBgwFoAUEPAPrm8Lk6vclWKKzjw8GJrpJ/YwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
YzBjMTRhOS0zYTc3LTQ5ZTItOTE5NC00OGQwOTEzNDU4YjIvMC8xMEYwMEZBRTZG
MEI5M0FCREM5NTYyOEFDRTNDM0MxODlBRTkyN0Y2LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMTBGMDBGQUU2RjBCOTNBQkRDOTU2MjhBQ0UzQzNDMTg5QUU5
MjdGNi5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVjMGMxNGE5LTNhNzctNDllMi05
MTk0LTQ4ZDA5MTM0NThiMi8wLzMyMzAzMjJlMzEzNTM0MmUzMzM2MmUzMDJmMzIz
MzJkMzIzNDIwM2QzZTIwMzQzNDMzMzQucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHKmiQwDQYJKoZIhvcN
AQELBQADggEBAHszrKnw+R6mS2FZmUWFL456LSsydBwwf9VLissj64eLkygQD3H8
w4FT04BUzpisRerSIeJ1hKzqa0/SD6YEb3KrIo4m7LO/3s1xptQaE1rqcobIIRbr
bh9nRkuwYoGSpKyw2xdo0FUDC3BAK4SioyzLakMUtLMKVVe8UT+MdiHjTaqnYY7e
UzDQvAHWoyZRiWUgUDun0w3xJfxoXJE4ygy9XSxko+byZpah3S/+dMUCbgalrVpS
P/q9SOeaWtGAp+7ZzW58O34+L9M5NO1ylDECKrM71NqSBWSsSYCfeNDe7qVZumj3
qlkLSMoQpfL5t/7LZHqrwG99GiClRb40qgc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:07 2024 by rpki-client on console-fra.rpki-client.org