Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/88f2915d-18c9-4e03-bbfb-2074c5980898/0/3131352e3132342e38382e302f32312d3231203d3e203338353131.roa
File:                     3131352e3132342e38382e302f32312d3231203d3e203338353131.roa (raw, json)
Hash identifier:          LZtrF0MlKFv0nKOaxF7dUCptkYm02331tBYKLKJzX5g=
Subject key identifier:   99:2A:F5:78:6E:20:EB:39:0D:FC:E6:94:F6:A2:63:4E:B6:B9:EC:FB
Certificate issuer:       /CN=9169B9B6526CD14984DDE3A42E24DD8FE7ABC17F
Certificate serial:       7D63B8F0FE4F873CFD27681A75DBBB9687F45FC0
Authority key identifier: 91:69:B9:B6:52:6C:D1:49:84:DD:E3:A4:2E:24:DD:8F:E7:AB:C1:7F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9169B9B6526CD14984DDE3A42E24DD8FE7ABC17F.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/88f2915d-18c9-4e03-bbfb-2074c5980898/0/3131352e3132342e38382e302f32312d3231203d3e203338353131.roa
Signing time:             Wed 23 Feb 2022 02:00:00 +0000
ROA not before:           Wed 23 Feb 2022 01:55:00 +0000
ROA not after:            Thu 23 Feb 2023 02:00:00 +0000
asID:                     38511
IP address blocks:        115.124.88.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:63:b8:f0:fe:4f:87:3c:fd:27:68:1a:75:db:bb:96:87:f4:5f:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9169B9B6526CD14984DDE3A42E24DD8FE7ABC17F
        Validity
            Not Before: Feb 23 01:55:00 2022 GMT
            Not After : Feb 23 02:00:00 2023 GMT
        Subject: CN=3082010A0282010100B47BF5EC8341EB1BF0D5ABDA68766FE43563E4608C336C7302BB6E605B6BEE58CBB050BC573CE15F7D1FA8E3F46B551D347824F3EC9EE3601995ACD711CAC23B46643ADFEBE337FF62CD510EBE2E540E8EDFA00104253C2AE3D8AC5D01D08938B6D7DB99D7DBFEFFE7798D2DA9F6C01BBE7CF84C4D1819884CC647C315C5E0BC03933325B0C710C3F6A4F0C4DDC3E7D9AAB04BF3AA3ED88A6A17E72773B012CF9226425742109B37800FAA97DB0E3DE5258B3B42CE58CAB5ADAD2164194A86633D2EC8E0F4C6AE4966A37663EB387AEF07EDB35E5E5B352D3511C54A61AAA54BCB92B92F002F7A6214BAAB8564A5740FF0EFCDC4DCEC1FA260538570495E28510203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:7b:f5:ec:83:41:eb:1b:f0:d5:ab:da:68:76:
                    6f:e4:35:63:e4:60:8c:33:6c:73:02:bb:6e:60:5b:
                    6b:ee:58:cb:b0:50:bc:57:3c:e1:5f:7d:1f:a8:e3:
                    f4:6b:55:1d:34:78:24:f3:ec:9e:e3:60:19:95:ac:
                    d7:11:ca:c2:3b:46:64:3a:df:eb:e3:37:ff:62:cd:
                    51:0e:be:2e:54:0e:8e:df:a0:01:04:25:3c:2a:e3:
                    d8:ac:5d:01:d0:89:38:b6:d7:db:99:d7:db:fe:ff:
                    e7:79:8d:2d:a9:f6:c0:1b:be:7c:f8:4c:4d:18:19:
                    88:4c:c6:47:c3:15:c5:e0:bc:03:93:33:25:b0:c7:
                    10:c3:f6:a4:f0:c4:dd:c3:e7:d9:aa:b0:4b:f3:aa:
                    3e:d8:8a:6a:17:e7:27:73:b0:12:cf:92:26:42:57:
                    42:10:9b:37:80:0f:aa:97:db:0e:3d:e5:25:8b:3b:
                    42:ce:58:ca:b5:ad:ad:21:64:19:4a:86:63:3d:2e:
                    c8:e0:f4:c6:ae:49:66:a3:76:63:eb:38:7a:ef:07:
                    ed:b3:5e:5e:5b:35:2d:35:11:c5:4a:61:aa:a5:4b:
                    cb:92:b9:2f:00:2f:7a:62:14:ba:ab:85:64:a5:74:
                    0f:f0:ef:cd:c4:dc:ec:1f:a2:60:53:85:70:49:5e:
                    28:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:2A:F5:78:6E:20:EB:39:0D:FC:E6:94:F6:A2:63:4E:B6:B9:EC:FB
            X509v3 Authority Key Identifier:
                keyid:91:69:B9:B6:52:6C:D1:49:84:DD:E3:A4:2E:24:DD:8F:E7:AB:C1:7F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/88f2915d-18c9-4e03-bbfb-2074c5980898/0/9169B9B6526CD14984DDE3A42E24DD8FE7ABC17F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9169B9B6526CD14984DDE3A42E24DD8FE7ABC17F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/88f2915d-18c9-4e03-bbfb-2074c5980898/0/3131352e3132342e38382e302f32312d3231203d3e203338353131.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  115.124.88.0/21

    Signature Algorithm: sha256WithRSAEncryption
         34:f5:dd:9d:4d:3c:9a:5a:4c:e3:ad:79:42:95:d1:08:71:79:
         56:94:fb:45:d9:25:85:59:0c:1b:a7:6f:1e:76:d6:f3:fd:79:
         bc:49:f4:76:34:ca:5f:f7:23:49:82:55:0e:4a:00:5f:83:c6:
         65:6a:6a:32:74:6d:65:fa:fb:86:01:b4:01:9a:a3:06:55:07:
         dc:e4:b0:eb:82:5d:28:71:62:3d:ee:ba:2c:bb:bb:24:2d:bc:
         21:33:41:5e:e0:1b:5f:f0:06:4a:7a:4a:06:d7:f7:64:24:8e:
         b9:60:15:c2:60:12:46:e4:26:5e:66:c9:1f:bb:d6:61:62:18:
         b1:9c:1a:0b:79:85:07:70:c5:a0:6c:40:cd:f7:6c:5c:03:82:
         58:ef:97:f7:2a:c9:e7:0d:51:3c:05:fe:39:e7:d9:85:3c:cc:
         1f:16:05:91:e9:16:d4:fb:ee:f9:84:17:5c:ca:01:f5:32:df:
         57:b6:cf:c6:33:cd:84:67:c9:a6:24:17:d3:46:21:22:f0:35:
         58:65:89:ea:12:04:24:35:de:38:8a:34:46:02:a7:a2:6d:d2:
         90:78:05:63:88:a1:37:6b:cc:6b:c4:d5:90:d5:4f:50:1c:44:
         aa:36:7e:ac:e9:ff:16:9b:45:10:c1:04:b4:e0:b0:89:82:35:
         7d:1e:99:79
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUfWO48P5Phzz9J2gaddu7lof0X8AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTE2OUI5QjY1MjZDRDE0OTg0RERFM0E0MkUyNEREOEZF
N0FCQzE3RjAeFw0yMjAyMjMwMTU1MDBaFw0yMzAyMjMwMjAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQjQ3QkY1RUM4MzQxRUIxQkYw
RDVBQkRBNjg3NjZGRTQzNTYzRTQ2MDhDMzM2QzczMDJCQjZFNjA1QjZCRUU1OENC
QjA1MEJDNTczQ0UxNUY3RDFGQThFM0Y0NkI1NTFEMzQ3ODI0RjNFQzlFRTM2MDE5
OTVBQ0Q3MTFDQUMyM0I0NjY0M0FERkVCRTMzN0ZGNjJDRDUxMEVCRTJFNTQwRThF
REZBMDAxMDQyNTNDMkFFM0Q4QUM1RDAxRDA4OTM4QjZEN0RCOTlEN0RCRkVGRkU3
Nzk4RDJEQTlGNkMwMUJCRTdDRjg0QzREMTgxOTg4NENDNjQ3QzMxNUM1RTBCQzAz
OTMzMzI1QjBDNzEwQzNGNkE0RjBDNEREQzNFN0Q5QUFCMDRCRjNBQTNFRDg4QTZB
MTdFNzI3NzNCMDEyQ0Y5MjI2NDI1NzQyMTA5QjM3ODAwRkFBOTdEQjBFM0RFNTI1
OEIzQjQyQ0U1OENBQjVBREFEMjE2NDE5NEE4NjYzM0QyRUM4RTBGNEM2QUU0OTY2
QTM3NjYzRUIzODdBRUYwN0VEQjM1RTVFNUIzNTJEMzUxMUM1NEE2MUFBQTU0QkNC
OTJCOTJGMDAyRjdBNjIxNEJBQUI4NTY0QTU3NDBGRjBFRkNEQzREQ0VDMUZBMjYw
NTM4NTcwNDk1RTI4NTEwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAtHv17INB6xvw1avaaHZv5DVj5GCMM2xzArtuYFtr7ljLsFC8Vzzh
X30fqOP0a1UdNHgk8+ye42AZlazXEcrCO0ZkOt/r4zf/Ys1RDr4uVA6O36ABBCU8
KuPYrF0B0Ik4ttfbmdfb/v/neY0tqfbAG758+ExNGBmITMZHwxXF4LwDkzMlsMcQ
w/ak8MTdw+fZqrBL86o+2IpqF+cnc7ASz5ImQldCEJs3gA+ql9sOPeUliztCzljK
ta2tIWQZSoZjPS7I4PTGrklmo3Zj6zh67wfts15eWzUtNRHFSmGqpUvLkrkvAC96
YhS6q4VkpXQP8O/NxNzsH6JgU4VwSV4oUQIDAQABo4ICMjCCAi4wHQYDVR0OBBYE
FJkq9XhuIOs5DfzmlPaiY062uez7MB8GA1UdIwQYMBaAFJFpubZSbNFJhN3jpC4k
3Y/nq8F/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vODhmMjkxNWQtMThjOS00ZTAzLWJi
ZmItMjA3NGM1OTgwODk4LzAvOTE2OUI5QjY1MjZDRDE0OTg0RERFM0E0MkUyNERE
OEZFN0FCQzE3Ri5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yLzkxNjlCOUI2
NTI2Q0QxNDk4NERERTNBNDJFMjRERDhGRTdBQkMxN0YuY2VyMIGiBggrBgEFBQcB
CwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby84OGYyOTE1ZC0xOGM5LTRlMDMtYmJmYi0yMDc0YzU5ODA4OTgvMC8z
MTMxMzUyZTMxMzIzNDJlMzgzODJlMzAyZjMyMzEyZDMyMzEyMDNkM2UyMDMzMzgz
NTMxMzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBANzfFgwDQYJKoZIhvcNAQELBQADggEBADT13Z1NPJpa
TOOteUKV0QhxeVaU+0XZJYVZDBunbx521vP9ebxJ9HY0yl/3I0mCVQ5KAF+DxmVq
ajJ0bWX6+4YBtAGaowZVB9zksOuCXShxYj3uuiy7uyQtvCEzQV7gG1/wBkp6SgbX
92QkjrlgFcJgEkbkJl5myR+71mFiGLGcGgt5hQdwxaBsQM33bFwDgljvl/cqyecN
UTwF/jnn2YU8zB8WBZHpFtT77vmEF1zKAfUy31e2z8YzzYRnyaYkF9NGISLwNVhl
ieoSBCQ13jiKNEYCp6Jt0pB4BWOIoTdrzGvE1ZDVT1AcRKo2fqzp/xabRRDBBLTg
sImCNX0emXk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:08 2024 by rpki-client on console-fra.rpki-client.org