Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3132372e35322e302f32322d3234203d3e2030.roa
File:                     3130332e3132372e35322e302f32322d3234203d3e2030.roa (raw, json)
Hash identifier:          lV6ypTywrhxtn4b/wfXEjoCP0H1ZOpxvK35LrS+DDg0=
Subject key identifier:   5B:E5:0E:2C:CF:78:2C:D1:07:63:64:DE:90:99:3E:FD:4E:57:44:C3
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       02DFA90F73C88BF317D37831A9B494210C4C8F6B
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3132372e35322e302f32322d3234203d3e2030.roa
Signing time:             Mon 31 Jan 2022 03:42:25 +0000
ROA not before:           Mon 31 Jan 2022 03:37:25 +0000
ROA not after:            Tue 31 Jan 2023 03:42:25 +0000
asID:                     0
IP address blocks:        103.127.52.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:df:a9:0f:73:c8:8b:f3:17:d3:78:31:a9:b4:94:21:0c:4c:8f:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Jan 31 03:37:25 2022 GMT
            Not After : Jan 31 03:42:25 2023 GMT
        Subject: CN=3082010A0282010100B853B31080FF4B5317038259C6547BB729D97D6564ED6799D699F947C22838DA60446963D0CFBC205253193BD9001B31DD1CF09197113B5D1AA8E1DDE968863043F0FA36D892A89AC1CBBB8B0174D0A092443150D784885BAE0E295338528EDFB97960FD2F9BC69C012512F9FC2FADEC8A27A2331965BDCAE971DCFA9B2559348ECD849476E0783FB9B12C487F903B1BE793F0E3BA05A1E4E9EDC27794E99558A28F83FD7CDA0E7A086907E179BF5AD2F8BC55B3B13335F9C3DF49E8918F5572CAF36D1DE9AF408727874C9E3A62F2F9F4EBDDAA01C154C132E967AB8DED9A67CFD9A53899FC4EA3D705124F2510E51E02CCF6D987437EC0C9BF2B80655C47490203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:53:b3:10:80:ff:4b:53:17:03:82:59:c6:54:
                    7b:b7:29:d9:7d:65:64:ed:67:99:d6:99:f9:47:c2:
                    28:38:da:60:44:69:63:d0:cf:bc:20:52:53:19:3b:
                    d9:00:1b:31:dd:1c:f0:91:97:11:3b:5d:1a:a8:e1:
                    dd:e9:68:86:30:43:f0:fa:36:d8:92:a8:9a:c1:cb:
                    bb:8b:01:74:d0:a0:92:44:31:50:d7:84:88:5b:ae:
                    0e:29:53:38:52:8e:df:b9:79:60:fd:2f:9b:c6:9c:
                    01:25:12:f9:fc:2f:ad:ec:8a:27:a2:33:19:65:bd:
                    ca:e9:71:dc:fa:9b:25:59:34:8e:cd:84:94:76:e0:
                    78:3f:b9:b1:2c:48:7f:90:3b:1b:e7:93:f0:e3:ba:
                    05:a1:e4:e9:ed:c2:77:94:e9:95:58:a2:8f:83:fd:
                    7c:da:0e:7a:08:69:07:e1:79:bf:5a:d2:f8:bc:55:
                    b3:b1:33:35:f9:c3:df:49:e8:91:8f:55:72:ca:f3:
                    6d:1d:e9:af:40:87:27:87:4c:9e:3a:62:f2:f9:f4:
                    eb:dd:aa:01:c1:54:c1:32:e9:67:ab:8d:ed:9a:67:
                    cf:d9:a5:38:99:fc:4e:a3:d7:05:12:4f:25:10:e5:
                    1e:02:cc:f6:d9:87:43:7e:c0:c9:bf:2b:80:65:5c:
                    47:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:E5:0E:2C:CF:78:2C:D1:07:63:64:DE:90:99:3E:FD:4E:57:44:C3
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3132372e35322e302f32322d3234203d3e2030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.127.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         93:50:0e:5a:d0:52:21:03:20:02:65:1a:b3:2d:41:e5:aa:70:
         03:c5:dc:67:cd:db:8b:ae:60:3c:8f:d2:60:4d:16:30:1c:d7:
         d9:a9:90:d4:1d:45:63:ff:7b:60:98:9e:71:03:48:4b:0f:38:
         30:e5:69:09:e7:20:2d:f3:97:22:06:65:37:83:fd:67:98:a5:
         cd:d4:e1:2c:cb:14:23:8c:6b:58:29:ee:23:69:81:d9:9f:ee:
         82:36:a4:36:e3:64:6b:c6:fc:32:55:e5:02:06:79:2d:e9:58:
         c3:f4:d7:40:08:d2:5a:21:1a:be:01:39:8d:c4:cb:06:f0:11:
         29:92:97:e0:66:be:98:83:ea:f0:30:6f:ea:0d:1e:c3:fe:f6:
         b3:96:5f:52:8e:f1:28:31:e3:c1:87:36:2c:a3:60:a9:70:ee:
         1c:dd:37:68:c4:41:70:40:75:59:88:1b:7c:e6:f2:57:48:a8:
         6e:1a:a4:d6:3b:64:a3:fc:a1:db:aa:55:7f:a0:01:ec:a2:2f:
         66:70:98:a0:78:99:1c:2e:20:ce:f8:62:ec:78:fe:7f:21:e9:
         69:fa:9a:08:98:80:6c:34:51:62:6a:da:aa:2d:ac:e0:8b:a2:
         13:bc:52:c3:13:c2:6a:4e:6d:bd:27:28:d3:be:4b:73:45:bd:
         a2:22:94:5d
-----BEGIN CERTIFICATE-----
MIIG/zCCBeegAwIBAgIUAt+pD3PIi/MX03gxqbSUIQxMj2swDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIyMDEzMTAzMzcyNVoX
DTIzMDEzMTAzNDIyNVowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBCODUzQjMxMDgwRkY0QjUzMTcwMzgyNTlDNjU0N0JCNzI5RDk3RDY1NjRF
RDY3OTlENjk5Rjk0N0MyMjgzOERBNjA0NDY5NjNEMENGQkMyMDUyNTMxOTNCRDkw
MDFCMzFERDFDRjA5MTk3MTEzQjVEMUFBOEUxRERFOTY4ODYzMDQzRjBGQTM2RDg5
MkE4OUFDMUNCQkI4QjAxNzREMEEwOTI0NDMxNTBENzg0ODg1QkFFMEUyOTUzMzg1
MjhFREZCOTc5NjBGRDJGOUJDNjlDMDEyNTEyRjlGQzJGQURFQzhBMjdBMjMzMTk2
NUJEQ0FFOTcxRENGQTlCMjU1OTM0OEVDRDg0OTQ3NkUwNzgzRkI5QjEyQzQ4N0Y5
MDNCMUJFNzkzRjBFM0JBMDVBMUU0RTlFREMyNzc5NEU5OTU1OEEyOEY4M0ZEN0NE
QTBFN0EwODY5MDdFMTc5QkY1QUQyRjhCQzU1QjNCMTMzMzVGOUMzREY0OUU4OTE4
RjU1NzJDQUYzNkQxREU5QUY0MDg3Mjc4NzRDOUUzQTYyRjJGOUY0RUJEREFBMDFD
MTU0QzEzMkU5NjdBQjhERUQ5QTY3Q0ZEOUE1Mzg5OUZDNEVBM0Q3MDUxMjRGMjUx
MEU1MUUwMkNDRjZEOTg3NDM3RUMwQzlCRjJCODA2NTVDNDc0OTAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4U7MQgP9LUxcDglnGVHu3
Kdl9ZWTtZ5nWmflHwig42mBEaWPQz7wgUlMZO9kAGzHdHPCRlxE7XRqo4d3paIYw
Q/D6NtiSqJrBy7uLAXTQoJJEMVDXhIhbrg4pUzhSjt+5eWD9L5vGnAElEvn8L63s
iieiMxllvcrpcdz6myVZNI7NhJR24Hg/ubEsSH+QOxvnk/DjugWh5OntwneU6ZVY
oo+D/XzaDnoIaQfheb9a0vi8VbOxMzX5w99J6JGPVXLK820d6a9AhyeHTJ46YvL5
9OvdqgHBVMEy6Werje2aZ8/ZpTiZ/E6j1wUSTyUQ5R4CzPbZh0N+wMm/K4BlXEdJ
AgMBAAGjggH2MIIB8jAdBgNVHQ4EFgQUW+UOLM94LNEHY2TekJk+/U5XRMMwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjB6BggrBgEF
BQcBCwRuMGwwagYIKwYBBQUHMAuGXnJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5l
dC9yZXBvL0lETklDLUlELzIvMzEzMDMzMmUzMTMyMzcyZTM1MzIyZTMwMmYzMjMy
MmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmd/NDANBgkqhkiG9w0BAQsFAAOC
AQEAk1AOWtBSIQMgAmUasy1B5apwA8XcZ83bi65gPI/SYE0WMBzX2amQ1B1FY/97
YJiecQNISw84MOVpCecgLfOXIgZlN4P9Z5ilzdThLMsUI4xrWCnuI2mB2Z/ugjak
NuNka8b8MlXlAgZ5LelYw/TXQAjSWiEavgE5jcTLBvARKZKX4Ga+mIPq8DBv6g0e
w/72s5ZfUo7xKDHjwYc2LKNgqXDuHN03aMRBcEB1WYgbfObyV0iobhqk1jtko/yh
26pVf6AB7KIvZnCYoHiZHC4gzvhi7Hj+fyHpafqaCJiAbDRRYmraqi2s4IuiE7xS
wxPCak5tvSco075Lc0W9oiKUXQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:42 2024 by rpki-client on console-ams.rpki-client.org