Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/88f2915d-18c9-4e03-bbfb-2074c5980898/0/3230322e3138322e34392e302f32342d3234203d3e203536323432.roa
File:                     3230322e3138322e34392e302f32342d3234203d3e203536323432.roa (raw, json)
Hash identifier:          O7JlykRIMPFO/NoMT/Fqbl4mZPpqxxeUS0+SPy13MeM=
Subject key identifier:   C9:AD:F3:55:6F:DF:A1:5E:FB:F7:31:DE:E6:D6:3E:A7:38:D5:95:59
Certificate issuer:       /CN=9169B9B6526CD14984DDE3A42E24DD8FE7ABC17F
Certificate serial:       17E164E8688F38CE1459AAB3447A5AD7033A63B1
Authority key identifier: 91:69:B9:B6:52:6C:D1:49:84:DD:E3:A4:2E:24:DD:8F:E7:AB:C1:7F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9169B9B6526CD14984DDE3A42E24DD8FE7ABC17F.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/88f2915d-18c9-4e03-bbfb-2074c5980898/0/3230322e3138322e34392e302f32342d3234203d3e203536323432.roa
Signing time:             Thu 20 May 2021 12:16:10 +0000
ROA not before:           Thu 20 May 2021 12:11:10 +0000
ROA not after:            Fri 20 May 2022 12:16:10 +0000
asID:                     56242
IP address blocks:        202.182.49.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:e1:64:e8:68:8f:38:ce:14:59:aa:b3:44:7a:5a:d7:03:3a:63:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9169B9B6526CD14984DDE3A42E24DD8FE7ABC17F
        Validity
            Not Before: May 20 12:11:10 2021 GMT
            Not After : May 20 12:16:10 2022 GMT
        Subject: CN=3082010A0282010100CFAC0BB407B7177B4EEF9EA89AF2127982E7959A66B99C474DB32DD402EB653DAC132A89DAA1D60B786BE8E6B300DC2D5D494CB8AA9FE5D093D7BDF28A5B0811B465BAD27E0CF8D45124F79C21E8879183EC45F9E5169CD153BAD5EEE668096DAF250BDAF076D3581C0E16E4710C6972A0BB034500E248B9D5C68A3DB36B034795EF6EA75D70008973B3B008FD0CF042411286F7A840ED7F6B069DA69D6C13A6E34A29ED70DC5892DD41142F967493A4E415DC030104DBDC90CD648D1A249F88B6A4DF1E9E5F973C316273A8238C8AB3D9875882342F583DD5EF57EC46F9A817DE4C438C49766BECE8436A236BC573F8C114E270FE6FA893D4BF62A7D592C8390203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:ac:0b:b4:07:b7:17:7b:4e:ef:9e:a8:9a:f2:
                    12:79:82:e7:95:9a:66:b9:9c:47:4d:b3:2d:d4:02:
                    eb:65:3d:ac:13:2a:89:da:a1:d6:0b:78:6b:e8:e6:
                    b3:00:dc:2d:5d:49:4c:b8:aa:9f:e5:d0:93:d7:bd:
                    f2:8a:5b:08:11:b4:65:ba:d2:7e:0c:f8:d4:51:24:
                    f7:9c:21:e8:87:91:83:ec:45:f9:e5:16:9c:d1:53:
                    ba:d5:ee:e6:68:09:6d:af:25:0b:da:f0:76:d3:58:
                    1c:0e:16:e4:71:0c:69:72:a0:bb:03:45:00:e2:48:
                    b9:d5:c6:8a:3d:b3:6b:03:47:95:ef:6e:a7:5d:70:
                    00:89:73:b3:b0:08:fd:0c:f0:42:41:12:86:f7:a8:
                    40:ed:7f:6b:06:9d:a6:9d:6c:13:a6:e3:4a:29:ed:
                    70:dc:58:92:dd:41:14:2f:96:74:93:a4:e4:15:dc:
                    03:01:04:db:dc:90:cd:64:8d:1a:24:9f:88:b6:a4:
                    df:1e:9e:5f:97:3c:31:62:73:a8:23:8c:8a:b3:d9:
                    87:58:82:34:2f:58:3d:d5:ef:57:ec:46:f9:a8:17:
                    de:4c:43:8c:49:76:6b:ec:e8:43:6a:23:6b:c5:73:
                    f8:c1:14:e2:70:fe:6f:a8:93:d4:bf:62:a7:d5:92:
                    c8:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:AD:F3:55:6F:DF:A1:5E:FB:F7:31:DE:E6:D6:3E:A7:38:D5:95:59
            X509v3 Authority Key Identifier:
                keyid:91:69:B9:B6:52:6C:D1:49:84:DD:E3:A4:2E:24:DD:8F:E7:AB:C1:7F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/88f2915d-18c9-4e03-bbfb-2074c5980898/0/9169B9B6526CD14984DDE3A42E24DD8FE7ABC17F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9169B9B6526CD14984DDE3A42E24DD8FE7ABC17F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/88f2915d-18c9-4e03-bbfb-2074c5980898/0/3230322e3138322e34392e302f32342d3234203d3e203536323432.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.182.49.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:2f:cb:16:05:b0:22:dc:8a:b4:56:a0:2f:aa:be:62:6d:ff:
         54:ae:fe:c0:96:4f:6c:f7:5a:c9:c2:70:8c:2f:4a:1d:fc:91:
         2f:45:c8:fa:18:24:bc:75:c4:37:6e:a6:1a:c6:8e:d9:64:cc:
         cc:6a:f6:9e:a2:ad:3b:ae:f1:cb:b1:ae:4a:3f:a7:e7:2f:ba:
         3e:53:43:3d:7c:26:bc:3a:1c:5f:d0:49:1a:c1:7e:34:02:c1:
         e3:24:56:ed:dd:69:8d:4b:62:fc:1c:d7:bb:45:75:8d:be:75:
         61:46:94:2a:24:e9:8f:db:d3:7b:48:a5:98:08:9f:41:64:4c:
         02:ad:5f:e4:65:f7:1a:31:be:16:ba:1e:49:37:bc:b3:66:89:
         cc:50:73:e1:59:b5:9d:62:5e:d3:c6:a0:5d:ec:b9:cd:bc:95:
         4b:d6:0f:e6:43:68:91:99:34:16:5d:40:46:35:11:84:66:ad:
         fb:a0:ea:6e:87:32:f5:d5:9e:f8:0a:b0:c4:65:df:a7:90:15:
         2e:63:fa:0f:b6:e4:45:bd:4d:1e:bf:a5:de:25:f4:a0:ee:25:
         ca:81:41:e2:58:5e:b7:42:2d:f6:52:4f:51:6f:e4:82:f4:96:
         37:c0:ca:a7:ed:d3:c5:be:91:ee:4c:b7:ef:31:e9:2f:3b:2d:
         77:f3:10:05
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUF+Fk6GiPOM4UWaqzRHpa1wM6Y7EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTE2OUI5QjY1MjZDRDE0OTg0RERFM0E0MkUyNEREOEZF
N0FCQzE3RjAeFw0yMTA1MjAxMjExMTBaFw0yMjA1MjAxMjE2MTBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQ0ZBQzBCQjQwN0I3MTc3QjRF
RUY5RUE4OUFGMjEyNzk4MkU3OTU5QTY2Qjk5QzQ3NERCMzJERDQwMkVCNjUzREFD
MTMyQTg5REFBMUQ2MEI3ODZCRThFNkIzMDBEQzJENUQ0OTRDQjhBQTlGRTVEMDkz
RDdCREYyOEE1QjA4MTFCNDY1QkFEMjdFMENGOEQ0NTEyNEY3OUMyMUU4ODc5MTgz
RUM0NUY5RTUxNjlDRDE1M0JBRDVFRUU2NjgwOTZEQUYyNTBCREFGMDc2RDM1ODFD
MEUxNkU0NzEwQzY5NzJBMEJCMDM0NTAwRTI0OEI5RDVDNjhBM0RCMzZCMDM0Nzk1
RUY2RUE3NUQ3MDAwODk3M0IzQjAwOEZEMENGMDQyNDExMjg2RjdBODQwRUQ3RjZC
MDY5REE2OUQ2QzEzQTZFMzRBMjlFRDcwREM1ODkyREQ0MTE0MkY5Njc0OTNBNEU0
MTVEQzAzMDEwNERCREM5MENENjQ4RDFBMjQ5Rjg4QjZBNERGMUU5RTVGOTczQzMx
NjI3M0E4MjM4QzhBQjNEOTg3NTg4MjM0MkY1ODNERDVFRjU3RUM0NkY5QTgxN0RF
NEM0MzhDNDk3NjZCRUNFODQzNkEyMzZCQzU3M0Y4QzExNEUyNzBGRTZGQTg5M0Q0
QkY2MkE3RDU5MkM4MzkwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAz6wLtAe3F3tO756omvISeYLnlZpmuZxHTbMt1ALrZT2sEyqJ2qHW
C3hr6OazANwtXUlMuKqf5dCT173yilsIEbRlutJ+DPjUUST3nCHoh5GD7EX55Rac
0VO61e7maAltryUL2vB201gcDhbkcQxpcqC7A0UA4ki51caKPbNrA0eV726nXXAA
iXOzsAj9DPBCQRKG96hA7X9rBp2mnWwTpuNKKe1w3FiS3UEUL5Z0k6TkFdwDAQTb
3JDNZI0aJJ+ItqTfHp5flzwxYnOoI4yKs9mHWII0L1g91e9X7Eb5qBfeTEOMSXZr
7OhDaiNrxXP4wRTicP5vqJPUv2Kn1ZLIOQIDAQABo4ICMjCCAi4wHQYDVR0OBBYE
FMmt81Vv36Fe+/cx3ubWPqc41ZVZMB8GA1UdIwQYMBaAFJFpubZSbNFJhN3jpC4k
3Y/nq8F/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vODhmMjkxNWQtMThjOS00ZTAzLWJi
ZmItMjA3NGM1OTgwODk4LzAvOTE2OUI5QjY1MjZDRDE0OTg0RERFM0E0MkUyNERE
OEZFN0FCQzE3Ri5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yLzkxNjlCOUI2
NTI2Q0QxNDk4NERERTNBNDJFMjRERDhGRTdBQkMxN0YuY2VyMIGiBggrBgEFBQcB
CwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby84OGYyOTE1ZC0xOGM5LTRlMDMtYmJmYi0yMDc0YzU5ODA4OTgvMC8z
MjMwMzIyZTMxMzgzMjJlMzQzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzYz
MjM0MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBADKtjEwDQYJKoZIhvcNAQELBQADggEBAAovyxYFsCLc
irRWoC+qvmJt/1Su/sCWT2z3WsnCcIwvSh38kS9FyPoYJLx1xDduphrGjtlkzMxq
9p6irTuu8cuxrko/p+cvuj5TQz18Jrw6HF/QSRrBfjQCweMkVu3daY1LYvwc17tF
dY2+dWFGlCok6Y/b03tIpZgIn0FkTAKtX+Rl9xoxvha6Hkk3vLNmicxQc+FZtZ1i
XtPGoF3suc28lUvWD+ZDaJGZNBZdQEY1EYRmrfug6m6HMvXVnvgKsMRl36eQFS5j
+g+25EW9TR6/pd4l9KDuJcqBQeJYXrdCLfZST1Fv5IL0ljfAyqft08W+ke5Mt+8x
6S87LXfzEAU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:41 2024 by rpki-client on console-ams.rpki-client.org