Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/82c2f48d-5185-41f9-b6d2-228fbcac4e29/0/3130332e3138312e3138322e302f32332d3233203d3e20313439333931.roa
File:                     3130332e3138312e3138322e302f32332d3233203d3e20313439333931.roa (raw, json)
Hash identifier:          2g6I2y4xFrYy6tnn0hnUBWfbB06t6LOMi4Qz3BtzbNg=
Subject key identifier:   3D:C1:43:FE:4C:4D:90:F2:A4:E2:2E:82:6A:B8:D7:8D:E2:81:94:58
Certificate issuer:       /CN=5C9FB80DF9C5DBE8916F7349A5DD8E0699EA3B7A
Certificate serial:       7812A1426281B8EE32CB18ED1B82FB897726A724
Authority key identifier: 5C:9F:B8:0D:F9:C5:DB:E8:91:6F:73:49:A5:DD:8E:06:99:EA:3B:7A
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5C9FB80DF9C5DBE8916F7349A5DD8E0699EA3B7A.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/82c2f48d-5185-41f9-b6d2-228fbcac4e29/0/3130332e3138312e3138322e302f32332d3233203d3e20313439333931.roa
Signing time:             Tue 22 Feb 2022 06:40:28 +0000
ROA not before:           Tue 22 Feb 2022 06:35:28 +0000
ROA not after:            Wed 22 Feb 2023 06:40:28 +0000
asID:                     149391
IP address blocks:        103.181.182.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:12:a1:42:62:81:b8:ee:32:cb:18:ed:1b:82:fb:89:77:26:a7:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5C9FB80DF9C5DBE8916F7349A5DD8E0699EA3B7A
        Validity
            Not Before: Feb 22 06:35:28 2022 GMT
            Not After : Feb 22 06:40:28 2023 GMT
        Subject: CN=3082010A0282010100B9DA5B9969D52ED7ED018348272A460DA73B544A5E3E63D5FE46BB2AD046124061F9068AEE2557ABE3D5CDD2F2C97BA03DA983EBC4BD0A21F9D3F2214AEBB86EEDE812767A6220721BDB2188CC0DE53E43F77018F016B98CD72B616BCC6DC2AA56A3AE5BD886FD22C62F34ECCAC1E5966FABACBA4642F1E75652EF8A7379C38A073007E20F02C8F0E864DCD190DE2EFACF22AE6ED7672DEC962A0A29F6C0F9A511DA47D68B215AD08284A044F3CD3F72E7AE0EE1897A864115C69FA9CFCBF83A6D1B251A7F7F8F65353FE9220043F7891D098788CAB942839B3FD8E7A701F9DD2C5067826FFC785E46003B4C3FBFAEB0D45F70CF8CBCBF2F6FA2F9934356E5590203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:da:5b:99:69:d5:2e:d7:ed:01:83:48:27:2a:
                    46:0d:a7:3b:54:4a:5e:3e:63:d5:fe:46:bb:2a:d0:
                    46:12:40:61:f9:06:8a:ee:25:57:ab:e3:d5:cd:d2:
                    f2:c9:7b:a0:3d:a9:83:eb:c4:bd:0a:21:f9:d3:f2:
                    21:4a:eb:b8:6e:ed:e8:12:76:7a:62:20:72:1b:db:
                    21:88:cc:0d:e5:3e:43:f7:70:18:f0:16:b9:8c:d7:
                    2b:61:6b:cc:6d:c2:aa:56:a3:ae:5b:d8:86:fd:22:
                    c6:2f:34:ec:ca:c1:e5:96:6f:ab:ac:ba:46:42:f1:
                    e7:56:52:ef:8a:73:79:c3:8a:07:30:07:e2:0f:02:
                    c8:f0:e8:64:dc:d1:90:de:2e:fa:cf:22:ae:6e:d7:
                    67:2d:ec:96:2a:0a:29:f6:c0:f9:a5:11:da:47:d6:
                    8b:21:5a:d0:82:84:a0:44:f3:cd:3f:72:e7:ae:0e:
                    e1:89:7a:86:41:15:c6:9f:a9:cf:cb:f8:3a:6d:1b:
                    25:1a:7f:7f:8f:65:35:3f:e9:22:00:43:f7:89:1d:
                    09:87:88:ca:b9:42:83:9b:3f:d8:e7:a7:01:f9:dd:
                    2c:50:67:82:6f:fc:78:5e:46:00:3b:4c:3f:bf:ae:
                    b0:d4:5f:70:cf:8c:bc:bf:2f:6f:a2:f9:93:43:56:
                    e5:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:C1:43:FE:4C:4D:90:F2:A4:E2:2E:82:6A:B8:D7:8D:E2:81:94:58
            X509v3 Authority Key Identifier:
                keyid:5C:9F:B8:0D:F9:C5:DB:E8:91:6F:73:49:A5:DD:8E:06:99:EA:3B:7A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/82c2f48d-5185-41f9-b6d2-228fbcac4e29/0/5C9FB80DF9C5DBE8916F7349A5DD8E0699EA3B7A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5C9FB80DF9C5DBE8916F7349A5DD8E0699EA3B7A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/82c2f48d-5185-41f9-b6d2-228fbcac4e29/0/3130332e3138312e3138322e302f32332d3233203d3e20313439333931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.181.182.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5b:84:ad:23:b9:79:f9:8a:68:11:e9:a8:c5:5a:08:3e:8c:8e:
         8d:2e:1d:1a:1d:ef:1c:51:e3:6b:56:a9:63:fc:3b:0b:3a:92:
         9e:b3:3c:5d:b6:10:bc:55:e5:40:ed:2c:2c:fc:33:b0:53:30:
         1b:15:80:8a:c3:83:62:89:af:98:8f:0f:5a:f8:64:80:64:48:
         d7:02:5f:76:81:70:71:10:c5:4b:3d:54:05:6e:78:b9:e3:d3:
         47:26:ca:4c:57:43:34:5b:40:09:9e:25:f2:aa:95:05:59:ef:
         fc:86:b4:90:0d:f1:50:12:3b:2d:87:c9:a8:25:ff:c9:64:6e:
         0d:b5:4e:13:bb:17:60:65:13:11:04:4e:9e:35:93:69:cf:f7:
         6b:a8:4f:14:26:fb:d1:f6:8d:10:1e:1d:b2:c5:f2:52:81:0e:
         50:a8:42:5a:6a:79:52:e1:99:0a:2d:cb:1f:a5:f3:7a:bb:8a:
         8a:d0:81:c3:37:87:e5:41:2e:07:91:64:03:8a:66:1c:02:3a:
         70:80:65:bf:6b:ff:c2:92:df:00:37:8a:cf:e9:70:d3:3c:62:
         8b:2d:49:bf:54:c4:02:29:e0:fc:2b:95:bb:b4:0b:0c:c3:c6:
         1d:c8:89:8d:d6:7b:e7:7d:9e:f9:a9:3f:2a:c2:15:7f:04:69:
         c2:a3:ec:d9
-----BEGIN CERTIFICATE-----
MIIHKDCCBhCgAwIBAgIUeBKhQmKBuO4yyxjtG4L7iXcmpyQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNUM5RkI4MERGOUM1REJFODkxNkY3MzQ5QTVERDhFMDY5
OUVBM0I3QTAeFw0yMjAyMjIwNjM1MjhaFw0yMzAyMjIwNjQwMjhaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQjlEQTVCOTk2OUQ1MkVEN0VE
MDE4MzQ4MjcyQTQ2MERBNzNCNTQ0QTVFM0U2M0Q1RkU0NkJCMkFEMDQ2MTI0MDYx
RjkwNjhBRUUyNTU3QUJFM0Q1Q0REMkYyQzk3QkEwM0RBOTgzRUJDNEJEMEEyMUY5
RDNGMjIxNEFFQkI4NkVFREU4MTI3NjdBNjIyMDcyMUJEQjIxODhDQzBERTUzRTQz
Rjc3MDE4RjAxNkI5OENENzJCNjE2QkNDNkRDMkFBNTZBM0FFNUJEODg2RkQyMkM2
MkYzNEVDQ0FDMUU1OTY2RkFCQUNCQTQ2NDJGMUU3NTY1MkVGOEE3Mzc5QzM4QTA3
MzAwN0UyMEYwMkM4RjBFODY0RENEMTkwREUyRUZBQ0YyMkFFNkVENzY3MkRFQzk2
MkEwQTI5RjZDMEY5QTUxMURBNDdENjhCMjE1QUQwODI4NEEwNDRGM0NEM0Y3MkU3
QUUwRUUxODk3QTg2NDExNUM2OUZBOUNGQ0JGODNBNkQxQjI1MUE3RjdGOEY2NTM1
M0ZFOTIyMDA0M0Y3ODkxRDA5ODc4OENBQjk0MjgzOUIzRkQ4RTdBNzAxRjlERDJD
NTA2NzgyNkZGQzc4NUU0NjAwM0I0QzNGQkZBRUIwRDQ1RjcwQ0Y4Q0JDQkYyRjZG
QTJGOTkzNDM1NkU1NTkwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAudpbmWnVLtftAYNIJypGDac7VEpePmPV/ka7KtBGEkBh+QaK7iVX
q+PVzdLyyXugPamD68S9CiH50/IhSuu4bu3oEnZ6YiByG9shiMwN5T5D93AY8Ba5
jNcrYWvMbcKqVqOuW9iG/SLGLzTsysHllm+rrLpGQvHnVlLvinN5w4oHMAfiDwLI
8Ohk3NGQ3i76zyKubtdnLeyWKgop9sD5pRHaR9aLIVrQgoSgRPPNP3Lnrg7hiXqG
QRXGn6nPy/g6bRslGn9/j2U1P+kiAEP3iR0Jh4jKuUKDmz/Y56cB+d0sUGeCb/x4
XkYAO0w/v66w1F9wz4y8vy9vovmTQ1blWQIDAQABo4ICNjCCAjIwHQYDVR0OBBYE
FD3BQ/5MTZDypOIugmq4143igZRYMB8GA1UdIwQYMBaAFFyfuA35xdvokW9zSaXd
jgaZ6jt6MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vODJjMmY0OGQtNTE4NS00MWY5LWI2
ZDItMjI4ZmJjYWM0ZTI5LzAvNUM5RkI4MERGOUM1REJFODkxNkY3MzQ5QTVERDhF
MDY5OUVBM0I3QS5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yLzVDOUZCODBE
RjlDNURCRTg5MTZGNzM0OUE1REQ4RTA2OTlFQTNCN0EuY2VyMIGmBggrBgEFBQcB
CwSBmTCBljCBkwYIKwYBBQUHMAuGgYZyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby84MmMyZjQ4ZC01MTg1LTQxZjktYjZkMi0yMjhmYmNhYzRlMjkvMC8z
MTMwMzMyZTMxMzgzMTJlMzEzODMyMmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzEz
NDM5MzMzOTMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQBZ7W2MA0GCSqGSIb3DQEBCwUAA4IBAQBbhK0j
uXn5imgR6ajFWgg+jI6NLh0aHe8cUeNrVqlj/DsLOpKeszxdthC8VeVA7Sws/DOw
UzAbFYCKw4Niia+Yjw9a+GSAZEjXAl92gXBxEMVLPVQFbni549NHJspMV0M0W0AJ
niXyqpUFWe/8hrSQDfFQEjsth8moJf/JZG4NtU4TuxdgZRMRBE6eNZNpz/drqE8U
JvvR9o0QHh2yxfJSgQ5QqEJaanlS4ZkKLcsfpfN6u4qK0IHDN4flQS4HkWQDimYc
AjpwgGW/a//Ckt8AN4rP6XDTPGKLLUm/VMQCKeD8K5W7tAsMw8YdyImN1nvnfZ75
qT8qwhV/BGnCo+zZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:07 2024 by rpki-client on console-fra.rpki-client.org