Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3133322e35322e302f32322d3234203d3e20313338313233.roa
File:                     3130332e3133322e35322e302f32322d3234203d3e20313338313233.roa (raw, json)
Hash identifier:          Q2i2LKqCQObwoeGQpxk/EmaT3M5t/2LpAyjBO3DSg+Q=
Subject key identifier:   BC:43:7D:E5:94:3E:5B:BD:A8:22:CA:FC:12:14:F3:98:2E:D5:0A:74
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       28D45A6A8529C1625DA5B88ADC00F30AB420DA2C
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3133322e35322e302f32322d3234203d3e20313338313233.roa
Signing time:             Fri 24 Sep 2021 03:01:20 +0000
ROA not before:           Fri 24 Sep 2021 02:56:20 +0000
ROA not after:            Sat 24 Sep 2022 03:01:20 +0000
asID:                     138123
IP address blocks:        103.132.52.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:d4:5a:6a:85:29:c1:62:5d:a5:b8:8a:dc:00:f3:0a:b4:20:da:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Sep 24 02:56:20 2021 GMT
            Not After : Sep 24 03:01:20 2022 GMT
        Subject: CN=3082010A0282010100B09144C8E595F3D81FDF2A3A87B6791802BE0D85CE6B415DC0228BDFEDF747EAFE8E94E0AD910CC0592426D2A1083D09D8B6599EF554BB5F312313A73A9C2737EE177BDE7657C91194FF471DAB8E1720AD43CBD3D79D65AE1D225148309F0D280BE28094EBEF81BA14D512843AE0DDE2BA19BBC8DF9128C66D3E11FAAF012447294BF59909BF007D574B3327C2B1901B89850614D5D63FECB1AFD2AF6C25F6F8D87D48D38BE6D8A55F18E8F9A65E285C9676184149725EA0F533B37C52EBA3208476F2EB83CEC0D13593367188775C4A8A3C058EDF687B9CE9560E5548BDEFED10404295242F6013105C1C8A6851CFF771B3B2C8A15EAABD2C4E6FDB65CC43270203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:91:44:c8:e5:95:f3:d8:1f:df:2a:3a:87:b6:
                    79:18:02:be:0d:85:ce:6b:41:5d:c0:22:8b:df:ed:
                    f7:47:ea:fe:8e:94:e0:ad:91:0c:c0:59:24:26:d2:
                    a1:08:3d:09:d8:b6:59:9e:f5:54:bb:5f:31:23:13:
                    a7:3a:9c:27:37:ee:17:7b:de:76:57:c9:11:94:ff:
                    47:1d:ab:8e:17:20:ad:43:cb:d3:d7:9d:65:ae:1d:
                    22:51:48:30:9f:0d:28:0b:e2:80:94:eb:ef:81:ba:
                    14:d5:12:84:3a:e0:dd:e2:ba:19:bb:c8:df:91:28:
                    c6:6d:3e:11:fa:af:01:24:47:29:4b:f5:99:09:bf:
                    00:7d:57:4b:33:27:c2:b1:90:1b:89:85:06:14:d5:
                    d6:3f:ec:b1:af:d2:af:6c:25:f6:f8:d8:7d:48:d3:
                    8b:e6:d8:a5:5f:18:e8:f9:a6:5e:28:5c:96:76:18:
                    41:49:72:5e:a0:f5:33:b3:7c:52:eb:a3:20:84:76:
                    f2:eb:83:ce:c0:d1:35:93:36:71:88:77:5c:4a:8a:
                    3c:05:8e:df:68:7b:9c:e9:56:0e:55:48:bd:ef:ed:
                    10:40:42:95:24:2f:60:13:10:5c:1c:8a:68:51:cf:
                    f7:71:b3:b2:c8:a1:5e:aa:bd:2c:4e:6f:db:65:cc:
                    43:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:43:7D:E5:94:3E:5B:BD:A8:22:CA:FC:12:14:F3:98:2E:D5:0A:74
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3133322e35322e302f32322d3234203d3e20313338313233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.132.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6c:9a:cb:58:63:b6:45:36:d6:62:b9:05:bf:20:56:43:5d:a8:
         b4:70:69:6c:8d:81:99:f5:56:2c:fe:2e:58:5f:ef:18:22:bb:
         0a:30:f4:64:f9:e1:22:c7:ba:5a:12:fd:7e:af:c3:2d:7b:81:
         9a:6d:14:e0:f7:3d:a4:89:03:1e:44:d3:bf:3b:73:2b:5f:25:
         ec:89:d6:3b:5f:88:bb:c6:ab:8f:5f:41:82:f5:6b:a5:f8:5a:
         74:c3:9e:17:06:41:a6:76:af:a4:66:74:ee:f4:55:bb:61:48:
         8b:21:64:a7:d5:94:ba:3d:a2:27:a0:f9:3b:f1:69:35:e3:e3:
         07:45:dc:6b:e8:12:e1:38:7a:bc:e5:c6:88:98:a0:90:12:da:
         b0:ca:34:9c:83:9b:5f:f5:ea:40:89:6a:50:f5:d2:c9:d8:a2:
         30:13:31:0a:76:02:5d:d7:fc:81:fc:88:81:33:44:f7:f7:e5:
         ba:c5:ac:b3:5f:7e:e0:9b:58:26:c1:1d:d2:52:19:fb:fe:2c:
         04:f3:62:f2:87:2c:ff:a2:45:eb:dd:f5:9d:d9:6f:81:86:7c:
         b8:cf:14:0b:8d:5e:07:3e:2b:74:d9:62:9b:80:32:7c:27:9e:
         c0:2e:b8:ac:f7:8a:8f:9d:6f:0c:83:f2:d9:90:e3:b0:1e:4d:
         68:e8:f9:ee
-----BEGIN CERTIFICATE-----
MIIHCjCCBfKgAwIBAgIUKNRaaoUpwWJdpbiK3ADzCrQg2iwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIxMDkyNDAyNTYyMFoX
DTIyMDkyNDAzMDEyMFowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBCMDkxNDRDOEU1OTVGM0Q4MUZERjJBM0E4N0I2NzkxODAyQkUwRDg1Q0U2
QjQxNURDMDIyOEJERkVERjc0N0VBRkU4RTk0RTBBRDkxMENDMDU5MjQyNkQyQTEw
ODNEMDlEOEI2NTk5RUY1NTRCQjVGMzEyMzEzQTczQTlDMjczN0VFMTc3QkRFNzY1
N0M5MTE5NEZGNDcxREFCOEUxNzIwQUQ0M0NCRDNENzlENjVBRTFEMjI1MTQ4MzA5
RjBEMjgwQkUyODA5NEVCRUY4MUJBMTRENTEyODQzQUUwRERFMkJBMTlCQkM4REY5
MTI4QzY2RDNFMTFGQUFGMDEyNDQ3Mjk0QkY1OTkwOUJGMDA3RDU3NEIzMzI3QzJC
MTkwMUI4OTg1MDYxNEQ1RDYzRkVDQjFBRkQyQUY2QzI1RjZGOEQ4N0Q0OEQzOEJF
NkQ4QTU1RjE4RThGOUE2NUUyODVDOTY3NjE4NDE0OTcyNUVBMEY1MzNCMzdDNTJF
QkEzMjA4NDc2RjJFQjgzQ0VDMEQxMzU5MzM2NzE4ODc3NUM0QThBM0MwNThFREY2
ODdCOUNFOTU2MEU1NTQ4QkRFRkVEMTA0MDQyOTUyNDJGNjAxMzEwNUMxQzhBNjg1
MUNGRjc3MUIzQjJDOEExNUVBQUJEMkM0RTZGREI2NUNDNDMyNzAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwkUTI5ZXz2B/fKjqHtnkY
Ar4Nhc5rQV3AIovf7fdH6v6OlOCtkQzAWSQm0qEIPQnYtlme9VS7XzEjE6c6nCc3
7hd73nZXyRGU/0cdq44XIK1Dy9PXnWWuHSJRSDCfDSgL4oCU6++BuhTVEoQ64N3i
uhm7yN+RKMZtPhH6rwEkRylL9ZkJvwB9V0szJ8KxkBuJhQYU1dY/7LGv0q9sJfb4
2H1I04vm2KVfGOj5pl4oXJZ2GEFJcl6g9TOzfFLroyCEdvLrg87A0TWTNnGId1xK
ijwFjt9oe5zpVg5VSL3v7RBAQpUkL2ATEFwcimhRz/dxs7LIoV6qvSxOb9tlzEMn
AgMBAAGjggIBMIIB/TAdBgNVHQ4EFgQUvEN95ZQ+W72oIsr8EhTzmC7VCnQwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBhAYIKwYB
BQUHAQsEeDB2MHQGCCsGAQUFBzALhmhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMxMzAzMzJlMzEzMzMyMmUzNTMyMmUzMDJmMzIz
MjJkMzIzNDIwM2QzZTIwMzEzMzM4MzEzMjMzLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ4Q0MA0GCSqG
SIb3DQEBCwUAA4IBAQBsmstYY7ZFNtZiuQW/IFZDXai0cGlsjYGZ9VYs/i5YX+8Y
IrsKMPRk+eEix7paEv1+r8Mte4GabRTg9z2kiQMeRNO/O3MrXyXsidY7X4i7xquP
X0GC9Wul+Fp0w54XBkGmdq+kZnTu9FW7YUiLIWSn1ZS6PaInoPk78Wk14+MHRdxr
6BLhOHq85caImKCQEtqwyjScg5tf9epAiWpQ9dLJ2KIwEzEKdgJd1/yB/IiBM0T3
9+W6xayzX37gm1gmwR3SUhn7/iwE82Lyhyz/okXr3fWd2W+Bhny4zxQLjV4HPit0
2WKbgDJ8J57ALris94qPnW8Mg/LZkOOwHk1o6Pnu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:42 2024 by rpki-client on console-ams.rpki-client.org