Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/88f2915d-18c9-4e03-bbfb-2074c5980898/0/3130332e31352e3137322e302f32322d3232203d3e203338353131.roa
File:                     3130332e31352e3137322e302f32322d3232203d3e203338353131.roa (raw, json)
Hash identifier:          yDzftUDX/8eHhUgISRNiDB+g0fHqJhCOlc7qcP3At5Q=
Subject key identifier:   8C:10:59:3F:BF:F7:11:F0:48:DF:8D:D6:0B:7F:AE:F9:2E:A2:F2:13
Certificate issuer:       /CN=9169B9B6526CD14984DDE3A42E24DD8FE7ABC17F
Certificate serial:       1A0513A10B9390638592B14DA32751FBBC9408CF
Authority key identifier: 91:69:B9:B6:52:6C:D1:49:84:DD:E3:A4:2E:24:DD:8F:E7:AB:C1:7F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9169B9B6526CD14984DDE3A42E24DD8FE7ABC17F.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/88f2915d-18c9-4e03-bbfb-2074c5980898/0/3130332e31352e3137322e302f32322d3232203d3e203338353131.roa
Signing time:             Wed 01 Sep 2021 09:31:49 +0000
ROA not before:           Wed 01 Sep 2021 09:26:49 +0000
ROA not after:            Thu 01 Sep 2022 09:31:49 +0000
asID:                     38511
IP address blocks:        103.15.172.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:05:13:a1:0b:93:90:63:85:92:b1:4d:a3:27:51:fb:bc:94:08:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9169B9B6526CD14984DDE3A42E24DD8FE7ABC17F
        Validity
            Not Before: Sep  1 09:26:49 2021 GMT
            Not After : Sep  1 09:31:49 2022 GMT
        Subject: CN=3082010A0282010100C414AFC29195F776BEF21B4C0708C65377D2AB3E95D0B097F5220BE9D2C144C716760AD8A03F44C79DFF9719F722A0EA90D193BD4D25AAE1F2D8FE418F3B5C1188C0482E9309F473574E10C440E03032AA75ED80932703CA6A67195467391D0C8956E4E186C7E82C0377075DB34F6841D9B9EA07D235E0A759D90B6C8C0A908CA0F3744660A61AD9AF4260EAAB127972678A2232DB0AA6CA60570FE88EC030E90B00DE0FC93BEFDCDEFF403944A23B4EE02EE4AB96CC58A75327ADE673CB2949AB7213806D3EEBEC09328DBE0A448B69B03E49F085B07164B7F1CCE4A73F0242DCD1B2A0F8277E2BC2F6C8BE6BF3F229A68EE1C751703AB5D46E1BD1ACA629C10203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:14:af:c2:91:95:f7:76:be:f2:1b:4c:07:08:
                    c6:53:77:d2:ab:3e:95:d0:b0:97:f5:22:0b:e9:d2:
                    c1:44:c7:16:76:0a:d8:a0:3f:44:c7:9d:ff:97:19:
                    f7:22:a0:ea:90:d1:93:bd:4d:25:aa:e1:f2:d8:fe:
                    41:8f:3b:5c:11:88:c0:48:2e:93:09:f4:73:57:4e:
                    10:c4:40:e0:30:32:aa:75:ed:80:93:27:03:ca:6a:
                    67:19:54:67:39:1d:0c:89:56:e4:e1:86:c7:e8:2c:
                    03:77:07:5d:b3:4f:68:41:d9:b9:ea:07:d2:35:e0:
                    a7:59:d9:0b:6c:8c:0a:90:8c:a0:f3:74:46:60:a6:
                    1a:d9:af:42:60:ea:ab:12:79:72:67:8a:22:32:db:
                    0a:a6:ca:60:57:0f:e8:8e:c0:30:e9:0b:00:de:0f:
                    c9:3b:ef:dc:de:ff:40:39:44:a2:3b:4e:e0:2e:e4:
                    ab:96:cc:58:a7:53:27:ad:e6:73:cb:29:49:ab:72:
                    13:80:6d:3e:eb:ec:09:32:8d:be:0a:44:8b:69:b0:
                    3e:49:f0:85:b0:71:64:b7:f1:cc:e4:a7:3f:02:42:
                    dc:d1:b2:a0:f8:27:7e:2b:c2:f6:c8:be:6b:f3:f2:
                    29:a6:8e:e1:c7:51:70:3a:b5:d4:6e:1b:d1:ac:a6:
                    29:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:10:59:3F:BF:F7:11:F0:48:DF:8D:D6:0B:7F:AE:F9:2E:A2:F2:13
            X509v3 Authority Key Identifier:
                keyid:91:69:B9:B6:52:6C:D1:49:84:DD:E3:A4:2E:24:DD:8F:E7:AB:C1:7F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/88f2915d-18c9-4e03-bbfb-2074c5980898/0/9169B9B6526CD14984DDE3A42E24DD8FE7ABC17F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9169B9B6526CD14984DDE3A42E24DD8FE7ABC17F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/88f2915d-18c9-4e03-bbfb-2074c5980898/0/3130332e31352e3137322e302f32322d3232203d3e203338353131.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.15.172.0/22

    Signature Algorithm: sha256WithRSAEncryption
         bd:51:55:7a:5a:12:ac:e7:89:ce:79:25:e4:6e:d6:2b:72:09:
         3f:c1:e6:dc:9d:af:e0:64:83:4f:dc:32:81:51:5c:fc:dd:d4:
         36:ca:dd:d3:15:a2:e9:78:2a:a3:d8:a0:05:eb:9c:38:c6:60:
         5a:3e:06:66:3f:ce:49:34:16:ab:0a:1d:9e:a5:54:98:3b:35:
         c4:27:74:d9:bc:8a:53:ab:b3:05:fc:69:81:6f:47:b1:cc:34:
         77:33:5e:05:a9:05:1b:9c:79:ad:f3:b6:cb:a3:c7:91:e3:d2:
         d2:55:4a:3a:a9:b1:d7:8f:c1:c3:21:ec:27:9f:d3:ab:e5:1e:
         4f:09:ea:e1:28:61:57:0d:cb:d1:9d:9f:40:30:c8:4a:3f:84:
         b1:81:d2:67:45:b2:ba:f2:f3:a1:b4:8b:9b:b6:cb:3e:62:c3:
         ea:a6:96:39:62:03:eb:77:d4:1c:ba:08:85:57:39:ae:1e:13:
         e8:bb:4b:35:81:61:9f:50:1e:53:35:dc:48:94:7d:ef:41:43:
         e2:ad:4e:10:11:12:53:95:0a:41:c9:87:f4:2e:52:fd:83:ca:
         6e:b2:f2:c0:7b:10:44:1d:f2:cb:00:4c:c5:53:26:73:a6:48:
         01:5f:69:27:07:fa:39:2a:5f:c0:ff:e8:02:eb:8a:3f:dd:5a:
         57:49:db:46
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUGgUToQuTkGOFkrFNoydR+7yUCM8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTE2OUI5QjY1MjZDRDE0OTg0RERFM0E0MkUyNEREOEZF
N0FCQzE3RjAeFw0yMTA5MDEwOTI2NDlaFw0yMjA5MDEwOTMxNDlaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQzQxNEFGQzI5MTk1Rjc3NkJF
RjIxQjRDMDcwOEM2NTM3N0QyQUIzRTk1RDBCMDk3RjUyMjBCRTlEMkMxNDRDNzE2
NzYwQUQ4QTAzRjQ0Qzc5REZGOTcxOUY3MjJBMEVBOTBEMTkzQkQ0RDI1QUFFMUYy
RDhGRTQxOEYzQjVDMTE4OEMwNDgyRTkzMDlGNDczNTc0RTEwQzQ0MEUwMzAzMkFB
NzVFRDgwOTMyNzAzQ0E2QTY3MTk1NDY3MzkxRDBDODk1NkU0RTE4NkM3RTgyQzAz
NzcwNzVEQjM0RjY4NDFEOUI5RUEwN0QyMzVFMEE3NTlEOTBCNkM4QzBBOTA4Q0Ew
RjM3NDQ2NjBBNjFBRDlBRjQyNjBFQUFCMTI3OTcyNjc4QTIyMzJEQjBBQTZDQTYw
NTcwRkU4OEVDMDMwRTkwQjAwREUwRkM5M0JFRkRDREVGRjQwMzk0NEEyM0I0RUUw
MkVFNEFCOTZDQzU4QTc1MzI3QURFNjczQ0IyOTQ5QUI3MjEzODA2RDNFRUJFQzA5
MzI4REJFMEE0NDhCNjlCMDNFNDlGMDg1QjA3MTY0QjdGMUNDRTRBNzNGMDI0MkRD
RDFCMkEwRjgyNzdFMkJDMkY2QzhCRTZCRjNGMjI5QTY4RUUxQzc1MTcwM0FCNUQ0
NkUxQkQxQUNBNjI5QzEwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAxBSvwpGV93a+8htMBwjGU3fSqz6V0LCX9SIL6dLBRMcWdgrYoD9E
x53/lxn3IqDqkNGTvU0lquHy2P5BjztcEYjASC6TCfRzV04QxEDgMDKqde2AkycD
ympnGVRnOR0MiVbk4YbH6CwDdwdds09oQdm56gfSNeCnWdkLbIwKkIyg83RGYKYa
2a9CYOqrEnlyZ4oiMtsKpspgVw/ojsAw6QsA3g/JO+/c3v9AOUSiO07gLuSrlsxY
p1MnreZzyylJq3ITgG0+6+wJMo2+CkSLabA+SfCFsHFkt/HM5Kc/AkLc0bKg+Cd+
K8L2yL5r8/Ippo7hx1FwOrXUbhvRrKYpwQIDAQABo4ICMjCCAi4wHQYDVR0OBBYE
FIwQWT+/9xHwSN+N1gt/rvkuovITMB8GA1UdIwQYMBaAFJFpubZSbNFJhN3jpC4k
3Y/nq8F/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vODhmMjkxNWQtMThjOS00ZTAzLWJi
ZmItMjA3NGM1OTgwODk4LzAvOTE2OUI5QjY1MjZDRDE0OTg0RERFM0E0MkUyNERE
OEZFN0FCQzE3Ri5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yLzkxNjlCOUI2
NTI2Q0QxNDk4NERERTNBNDJFMjRERDhGRTdBQkMxN0YuY2VyMIGiBggrBgEFBQcB
CwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby84OGYyOTE1ZC0xOGM5LTRlMDMtYmJmYi0yMDc0YzU5ODA4OTgvMC8z
MTMwMzMyZTMxMzUyZTMxMzczMjJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMzMzgz
NTMxMzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBAJnD6wwDQYJKoZIhvcNAQELBQADggEBAL1RVXpaEqzn
ic55JeRu1ityCT/B5tydr+Bkg0/cMoFRXPzd1DbK3dMVoul4KqPYoAXrnDjGYFo+
BmY/zkk0FqsKHZ6lVJg7NcQndNm8ilOrswX8aYFvR7HMNHczXgWpBRucea3ztsuj
x5Hj0tJVSjqpsdePwcMh7Cef06vlHk8J6uEoYVcNy9Gdn0AwyEo/hLGB0mdFsrry
86G0i5u2yz5iw+qmljliA+t31By6CIVXOa4eE+i7SzWBYZ9QHlM13EiUfe9BQ+Kt
ThARElOVCkHJh/QuUv2Dym6y8sB7EEQd8ssATMVTJnOmSAFfaScH+jkqX8D/6ALr
ij/dWldJ20Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:08 2024 by rpki-client on console-fra.rpki-client.org