Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/88f2915d-18c9-4e03-bbfb-2074c5980898/0/3131352e3132342e36382e302f32342d3234203d3e203338353131.roa
File:                     3131352e3132342e36382e302f32342d3234203d3e203338353131.roa (raw, json)
Hash identifier:          NBxWui7v7Md+sTsMjfTLbC2CUV5/FEYLafBteo5jJvk=
Subject key identifier:   57:74:21:72:AB:DB:63:4C:91:31:3A:EF:41:AD:58:64:C3:44:4A:DA
Certificate issuer:       /CN=9169B9B6526CD14984DDE3A42E24DD8FE7ABC17F
Certificate serial:       1907855FE52709717DF03C694EE8E9C498A02C6B
Authority key identifier: 91:69:B9:B6:52:6C:D1:49:84:DD:E3:A4:2E:24:DD:8F:E7:AB:C1:7F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9169B9B6526CD14984DDE3A42E24DD8FE7ABC17F.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/88f2915d-18c9-4e03-bbfb-2074c5980898/0/3131352e3132342e36382e302f32342d3234203d3e203338353131.roa
Signing time:             Thu 20 May 2021 12:00:47 +0000
ROA not before:           Thu 20 May 2021 11:55:47 +0000
ROA not after:            Fri 20 May 2022 12:00:47 +0000
asID:                     38511
IP address blocks:        115.124.68.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:07:85:5f:e5:27:09:71:7d:f0:3c:69:4e:e8:e9:c4:98:a0:2c:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9169B9B6526CD14984DDE3A42E24DD8FE7ABC17F
        Validity
            Not Before: May 20 11:55:47 2021 GMT
            Not After : May 20 12:00:47 2022 GMT
        Subject: CN=3082010A0282010100BBCD1B77F9EB7E4804297357445D00DAA93D8A86316CD3583F343B7FF13529D4CCD21688E5C727CD5A28F5C9992B88C5D1B25CFC0779CC57DD4C22B9C6E559102B5F33DF1D3EE04A5DC275738D78E749754EBBAB070413E1639BEB42F55987F9AE4927DD281F4C54C4A3D0056DC717ABCEE78ABE3502DC9AECE3746B5503586ACE3AF7D8684A6277610D0EF2B131DBF0DE75AA93451EDC3E23720F1C363895DA50D2010E292D248F8D5535D5AB76CE685FFFFB8A4CAC6435037E0F80BBD656D7A8BB0A4BEA172595D28E86D6512A074C1072F13D007448EEB854EBC90427FF25ECCE6DBF4B49845BAA3C4559F264FBA5D75036ECAE3ED76EBEC9A69FD2F265F50203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:cd:1b:77:f9:eb:7e:48:04:29:73:57:44:5d:
                    00:da:a9:3d:8a:86:31:6c:d3:58:3f:34:3b:7f:f1:
                    35:29:d4:cc:d2:16:88:e5:c7:27:cd:5a:28:f5:c9:
                    99:2b:88:c5:d1:b2:5c:fc:07:79:cc:57:dd:4c:22:
                    b9:c6:e5:59:10:2b:5f:33:df:1d:3e:e0:4a:5d:c2:
                    75:73:8d:78:e7:49:75:4e:bb:ab:07:04:13:e1:63:
                    9b:eb:42:f5:59:87:f9:ae:49:27:dd:28:1f:4c:54:
                    c4:a3:d0:05:6d:c7:17:ab:ce:e7:8a:be:35:02:dc:
                    9a:ec:e3:74:6b:55:03:58:6a:ce:3a:f7:d8:68:4a:
                    62:77:61:0d:0e:f2:b1:31:db:f0:de:75:aa:93:45:
                    1e:dc:3e:23:72:0f:1c:36:38:95:da:50:d2:01:0e:
                    29:2d:24:8f:8d:55:35:d5:ab:76:ce:68:5f:ff:fb:
                    8a:4c:ac:64:35:03:7e:0f:80:bb:d6:56:d7:a8:bb:
                    0a:4b:ea:17:25:95:d2:8e:86:d6:51:2a:07:4c:10:
                    72:f1:3d:00:74:48:ee:b8:54:eb:c9:04:27:ff:25:
                    ec:ce:6d:bf:4b:49:84:5b:aa:3c:45:59:f2:64:fb:
                    a5:d7:50:36:ec:ae:3e:d7:6e:be:c9:a6:9f:d2:f2:
                    65:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:74:21:72:AB:DB:63:4C:91:31:3A:EF:41:AD:58:64:C3:44:4A:DA
            X509v3 Authority Key Identifier:
                keyid:91:69:B9:B6:52:6C:D1:49:84:DD:E3:A4:2E:24:DD:8F:E7:AB:C1:7F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/88f2915d-18c9-4e03-bbfb-2074c5980898/0/9169B9B6526CD14984DDE3A42E24DD8FE7ABC17F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9169B9B6526CD14984DDE3A42E24DD8FE7ABC17F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/88f2915d-18c9-4e03-bbfb-2074c5980898/0/3131352e3132342e36382e302f32342d3234203d3e203338353131.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  115.124.68.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c3:1b:25:7e:cd:d3:f3:8a:61:a7:b4:d9:d5:6a:44:00:eb:f8:
         38:b2:bf:d4:df:91:4d:b0:37:f2:78:1f:80:ce:f8:eb:32:32:
         71:2f:6c:e0:1a:4d:6f:32:be:ad:ab:d2:19:bd:8d:52:60:06:
         3a:14:be:5c:46:3c:a5:a6:3a:67:41:cd:20:4e:f2:d1:17:91:
         e0:4c:8f:c2:42:25:08:ee:e1:cc:01:f7:3d:31:e6:48:ed:36:
         10:9a:0b:7a:78:1c:a9:17:5a:c4:23:16:06:b6:76:d4:21:82:
         72:1e:b7:eb:39:80:68:e3:7e:94:db:36:fc:41:4d:df:e3:80:
         49:1f:56:23:96:f4:59:6b:92:bc:b2:b2:7c:97:3b:21:90:8b:
         30:ab:88:6e:bc:5e:ee:d5:5f:40:c1:e2:6b:34:41:57:ef:6e:
         86:a3:13:3f:04:94:e6:e6:cc:49:bf:f7:ae:1c:89:dc:6f:87:
         90:9f:9a:b1:47:94:0d:3a:c8:ab:0e:6c:ec:24:d9:b2:12:a1:
         a9:2f:be:c7:1e:36:c7:37:a2:a3:2f:2c:fd:43:fb:62:ff:f4:
         65:41:22:93:c2:73:0e:fa:f3:a0:1c:af:04:5a:db:34:a2:dc:
         55:fc:09:b4:8e:9d:ec:cf:49:05:f3:d7:88:64:8a:6a:46:a7:
         e3:d1:88:ae
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUGQeFX+UnCXF98DxpTujpxJigLGswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTE2OUI5QjY1MjZDRDE0OTg0RERFM0E0MkUyNEREOEZF
N0FCQzE3RjAeFw0yMTA1MjAxMTU1NDdaFw0yMjA1MjAxMjAwNDdaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQkJDRDFCNzdGOUVCN0U0ODA0
Mjk3MzU3NDQ1RDAwREFBOTNEOEE4NjMxNkNEMzU4M0YzNDNCN0ZGMTM1MjlENEND
RDIxNjg4RTVDNzI3Q0Q1QTI4RjVDOTk5MkI4OEM1RDFCMjVDRkMwNzc5Q0M1N0RE
NEMyMkI5QzZFNTU5MTAyQjVGMzNERjFEM0VFMDRBNURDMjc1NzM4RDc4RTc0OTc1
NEVCQkFCMDcwNDEzRTE2MzlCRUI0MkY1NTk4N0Y5QUU0OTI3REQyODFGNEM1NEM0
QTNEMDA1NkRDNzE3QUJDRUU3OEFCRTM1MDJEQzlBRUNFMzc0NkI1NTAzNTg2QUNF
M0FGN0Q4Njg0QTYyNzc2MTBEMEVGMkIxMzFEQkYwREU3NUFBOTM0NTFFREMzRTIz
NzIwRjFDMzYzODk1REE1MEQyMDEwRTI5MkQyNDhGOEQ1NTM1RDVBQjc2Q0U2ODVG
RkZGQjhBNENBQzY0MzUwMzdFMEY4MEJCRDY1NkQ3QThCQjBBNEJFQTE3MjU5NUQy
OEU4NkQ2NTEyQTA3NEMxMDcyRjEzRDAwNzQ0OEVFQjg1NEVCQzkwNDI3RkYyNUVD
Q0U2REJGNEI0OTg0NUJBQTNDNDU1OUYyNjRGQkE1RDc1MDM2RUNBRTNFRDc2RUJF
QzlBNjlGRDJGMjY1RjUwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAu80bd/nrfkgEKXNXRF0A2qk9ioYxbNNYPzQ7f/E1KdTM0haI5ccn
zVoo9cmZK4jF0bJc/Ad5zFfdTCK5xuVZECtfM98dPuBKXcJ1c41450l1TrurBwQT
4WOb60L1WYf5rkkn3SgfTFTEo9AFbccXq87nir41Atya7ON0a1UDWGrOOvfYaEpi
d2ENDvKxMdvw3nWqk0Ue3D4jcg8cNjiV2lDSAQ4pLSSPjVU11at2zmhf//uKTKxk
NQN+D4C71lbXqLsKS+oXJZXSjobWUSoHTBBy8T0AdEjuuFTryQQn/yXszm2/S0mE
W6o8RVnyZPul11A27K4+126+yaaf0vJl9QIDAQABo4ICMjCCAi4wHQYDVR0OBBYE
FFd0IXKr22NMkTE670GtWGTDREraMB8GA1UdIwQYMBaAFJFpubZSbNFJhN3jpC4k
3Y/nq8F/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vODhmMjkxNWQtMThjOS00ZTAzLWJi
ZmItMjA3NGM1OTgwODk4LzAvOTE2OUI5QjY1MjZDRDE0OTg0RERFM0E0MkUyNERE
OEZFN0FCQzE3Ri5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yLzkxNjlCOUI2
NTI2Q0QxNDk4NERERTNBNDJFMjRERDhGRTdBQkMxN0YuY2VyMIGiBggrBgEFBQcB
CwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby84OGYyOTE1ZC0xOGM5LTRlMDMtYmJmYi0yMDc0YzU5ODA4OTgvMC8z
MTMxMzUyZTMxMzIzNDJlMzYzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzgz
NTMxMzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBABzfEQwDQYJKoZIhvcNAQELBQADggEBAMMbJX7N0/OK
Yae02dVqRADr+Diyv9TfkU2wN/J4H4DO+OsyMnEvbOAaTW8yvq2r0hm9jVJgBjoU
vlxGPKWmOmdBzSBO8tEXkeBMj8JCJQju4cwB9z0x5kjtNhCaC3p4HKkXWsQjFga2
dtQhgnIet+s5gGjjfpTbNvxBTd/jgEkfViOW9FlrkryysnyXOyGQizCriG68Xu7V
X0DB4ms0QVfvboajEz8ElObmzEm/964cidxvh5CfmrFHlA06yKsObOwk2bISoakv
vsceNsc3oqMvLP1D+2L/9GVBIpPCcw7686AcrwRa2zSi3FX8CbSOnezPSQXz14hk
impGp+PRiK4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:41 2024 by rpki-client on console-ams.rpki-client.org