Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3131382e3137362e302f32322d3234203d3e20313337333730.roa
File:                     3130332e3131382e3137362e302f32322d3234203d3e20313337333730.roa (raw, json)
Hash identifier:          pNIAdzdIeJQ0OqpgAqoPnb5onvrekq2uiGrqq2FM8KI=
Subject key identifier:   61:6B:51:C1:B6:D1:12:3B:03:58:34:AB:58:4E:55:C0:1B:78:34:1F
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       2A346CB683F8E98BF02125C038C1C94FC635789F
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3131382e3137362e302f32322d3234203d3e20313337333730.roa
Signing time:             Sat 26 Feb 2022 10:00:00 +0000
ROA not before:           Sat 26 Feb 2022 09:55:00 +0000
ROA not after:            Sun 26 Feb 2023 10:00:00 +0000
asID:                     137370
IP address blocks:        103.118.176.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:34:6c:b6:83:f8:e9:8b:f0:21:25:c0:38:c1:c9:4f:c6:35:78:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Feb 26 09:55:00 2022 GMT
            Not After : Feb 26 10:00:00 2023 GMT
        Subject: CN=3082010A0282010100D53B046DB014579608DD27F337102B9422A2395F74AB0C00E152A3EAE12BE901CF6DAEF70E4DFB8C643B9DAB6F5E02C8C7BCF0D3AFDFD35B026DC15C49848FAA50C2EC73B6529F9CEB5F8CB1CDF1EFF8F2484BB11BAA72EA94DBFAC6E2AB84E9CA8B39AC9D875B44CFB5050F9300612F82B6B321E1FFC47AD71F2C14CAA6DE27D55CAC55126384DAFF8ACBB305AE9B06B77D9B295B5ADA8168C9A292E42BEFBF3485A4E01A3C90D02BD8F8E026A3905DE5A6CD74127811B42C3D0C437F1C5593F315DA2ED8959989E18C23F9C83B58D8AE794BAF4079D1C5B42346615E21B9C9BC32EADF597C894AC5CBBBA68439FA50D23CBBE53A86F8E3043538DB2D3DE5F30203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:3b:04:6d:b0:14:57:96:08:dd:27:f3:37:10:
                    2b:94:22:a2:39:5f:74:ab:0c:00:e1:52:a3:ea:e1:
                    2b:e9:01:cf:6d:ae:f7:0e:4d:fb:8c:64:3b:9d:ab:
                    6f:5e:02:c8:c7:bc:f0:d3:af:df:d3:5b:02:6d:c1:
                    5c:49:84:8f:aa:50:c2:ec:73:b6:52:9f:9c:eb:5f:
                    8c:b1:cd:f1:ef:f8:f2:48:4b:b1:1b:aa:72:ea:94:
                    db:fa:c6:e2:ab:84:e9:ca:8b:39:ac:9d:87:5b:44:
                    cf:b5:05:0f:93:00:61:2f:82:b6:b3:21:e1:ff:c4:
                    7a:d7:1f:2c:14:ca:a6:de:27:d5:5c:ac:55:12:63:
                    84:da:ff:8a:cb:b3:05:ae:9b:06:b7:7d:9b:29:5b:
                    5a:da:81:68:c9:a2:92:e4:2b:ef:bf:34:85:a4:e0:
                    1a:3c:90:d0:2b:d8:f8:e0:26:a3:90:5d:e5:a6:cd:
                    74:12:78:11:b4:2c:3d:0c:43:7f:1c:55:93:f3:15:
                    da:2e:d8:95:99:89:e1:8c:23:f9:c8:3b:58:d8:ae:
                    79:4b:af:40:79:d1:c5:b4:23:46:61:5e:21:b9:c9:
                    bc:32:ea:df:59:7c:89:4a:c5:cb:bb:a6:84:39:fa:
                    50:d2:3c:bb:e5:3a:86:f8:e3:04:35:38:db:2d:3d:
                    e5:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:6B:51:C1:B6:D1:12:3B:03:58:34:AB:58:4E:55:C0:1B:78:34:1F
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3131382e3137362e302f32322d3234203d3e20313337333730.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.118.176.0/22

    Signature Algorithm: sha256WithRSAEncryption
         29:8a:50:1e:89:90:a7:63:75:d0:b4:d2:7a:d3:c6:22:af:62:
         0c:57:33:f6:b1:2f:07:b3:ba:99:5d:ee:ca:f2:29:76:87:aa:
         96:ee:b8:61:b5:6e:80:1f:96:b0:b4:05:78:8e:9b:87:3a:cf:
         76:0a:71:ca:17:f4:49:39:23:7d:85:6c:bd:d7:d2:c2:47:e0:
         c4:7a:1b:94:6b:09:7d:ff:6c:ac:e4:70:58:85:aa:bb:60:58:
         6c:57:0b:59:ac:0d:28:c5:45:a8:a8:b0:82:cf:3a:77:f2:49:
         1a:67:07:c4:41:3c:d7:18:86:d5:6f:c9:4e:59:ea:98:42:dd:
         15:56:34:59:2a:be:55:1a:55:69:10:c3:12:eb:ad:ec:6f:52:
         ca:fe:67:76:77:57:2f:3f:3e:38:31:5b:44:23:28:1a:4b:32:
         23:1f:ca:9e:6e:59:95:f7:74:3d:99:e7:3b:54:6d:c7:73:09:
         25:a0:5e:3b:6d:c1:dd:ee:cc:0a:91:2d:d6:f7:2f:04:40:d7:
         ec:29:f5:95:6a:41:a5:22:5d:dd:be:99:47:fa:6e:9a:d2:43:
         40:e5:a8:4d:fb:24:d0:f6:cb:13:10:81:e2:61:05:8b:0f:dc:
         0c:5e:c3:34:70:da:a4:ef:de:bb:c4:2b:e6:06:39:32:78:1c:
         4b:a0:04:47
-----BEGIN CERTIFICATE-----
MIIHDDCCBfSgAwIBAgIUKjRstoP46YvwISXAOMHJT8Y1eJ8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIyMDIyNjA5NTUwMFoX
DTIzMDIyNjEwMDAwMFowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBENTNCMDQ2REIwMTQ1Nzk2MDhERDI3RjMzNzEwMkI5NDIyQTIzOTVGNzRB
QjBDMDBFMTUyQTNFQUUxMkJFOTAxQ0Y2REFFRjcwRTRERkI4QzY0M0I5REFCNkY1
RTAyQzhDN0JDRjBEM0FGREZEMzVCMDI2REMxNUM0OTg0OEZBQTUwQzJFQzczQjY1
MjlGOUNFQjVGOENCMUNERjFFRkY4RjI0ODRCQjExQkFBNzJFQTk0REJGQUM2RTJB
Qjg0RTlDQThCMzlBQzlEODc1QjQ0Q0ZCNTA1MEY5MzAwNjEyRjgyQjZCMzIxRTFG
RkM0N0FENzFGMkMxNENBQTZERTI3RDU1Q0FDNTUxMjYzODREQUZGOEFDQkIzMDVB
RTlCMDZCNzdEOUIyOTVCNUFEQTgxNjhDOUEyOTJFNDJCRUZCRjM0ODVBNEUwMUEz
QzkwRDAyQkQ4RjhFMDI2QTM5MDVERTVBNkNENzQxMjc4MTFCNDJDM0QwQzQzN0Yx
QzU1OTNGMzE1REEyRUQ4OTU5OTg5RTE4QzIzRjlDODNCNThEOEFFNzk0QkFGNDA3
OUQxQzVCNDIzNDY2MTVFMjFCOUM5QkMzMkVBREY1OTdDODk0QUM1Q0JCQkE2ODQz
OUZBNTBEMjNDQkJFNTNBODZGOEUzMDQzNTM4REIyRDNERTVGMzAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVOwRtsBRXlgjdJ/M3ECuU
IqI5X3SrDADhUqPq4SvpAc9trvcOTfuMZDudq29eAsjHvPDTr9/TWwJtwVxJhI+q
UMLsc7ZSn5zrX4yxzfHv+PJIS7EbqnLqlNv6xuKrhOnKizmsnYdbRM+1BQ+TAGEv
grazIeH/xHrXHywUyqbeJ9VcrFUSY4Ta/4rLswWumwa3fZspW1ragWjJopLkK++/
NIWk4Bo8kNAr2PjgJqOQXeWmzXQSeBG0LD0MQ38cVZPzFdou2JWZieGMI/nIO1jY
rnlLr0B50cW0I0ZhXiG5ybwy6t9ZfIlKxcu7poQ5+lDSPLvlOob44wQ1ONstPeXz
AgMBAAGjggIDMIIB/zAdBgNVHQ4EFgQUYWtRwbbREjsDWDSrWE5VwBt4NB8wHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBhgYIKwYB
BQUHAQsEejB4MHYGCCsGAQUFBzALhmpyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMxMzAzMzJlMzEzMTM4MmUzMTM3MzYyZTMwMmYz
MjMyMmQzMjM0MjAzZDNlMjAzMTMzMzczMzM3MzAucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJndrAwDQYJ
KoZIhvcNAQELBQADggEBACmKUB6JkKdjddC00nrTxiKvYgxXM/axLwezupld7sry
KXaHqpbuuGG1boAflrC0BXiOm4c6z3YKccoX9Ek5I32FbL3X0sJH4MR6G5RrCX3/
bKzkcFiFqrtgWGxXC1msDSjFRaiosILPOnfySRpnB8RBPNcYhtVvyU5Z6phC3RVW
NFkqvlUaVWkQwxLrrexvUsr+Z3Z3Vy8/PjgxW0QjKBpLMiMfyp5uWZX3dD2Z5ztU
bcdzCSWgXjttwd3uzAqRLdb3LwRA1+wp9ZVqQaUiXd2+mUf6bprSQ0DlqE37JND2
yxMQgeJhBYsP3AxewzRw2qTv3rvEK+YGOTJ4HEugBEc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:42 2024 by rpki-client on console-ams.rpki-client.org