Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3134332e3139382e302f32332d3234203d3e20313339343036.roa
File:                     3130332e3134332e3139382e302f32332d3234203d3e20313339343036.roa (raw, json)
Hash identifier:          ihxzg/PgfI9PC6lWW4awBDrhHWB8r311eeqww/vt0zA=
Subject key identifier:   AE:4D:7B:B5:5D:CF:2D:FB:C3:A4:84:AC:E0:71:22:EF:1C:3C:6A:AF
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       3A453C42586D49C8A50E4D98F1FD718589DB3EB9
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3134332e3139382e302f32332d3234203d3e20313339343036.roa
Signing time:             Mon 02 Aug 2021 02:59:46 +0000
ROA not before:           Mon 02 Aug 2021 02:54:46 +0000
ROA not after:            Tue 02 Aug 2022 02:59:46 +0000
asID:                     139406
IP address blocks:        103.143.198.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:45:3c:42:58:6d:49:c8:a5:0e:4d:98:f1:fd:71:85:89:db:3e:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Aug  2 02:54:46 2021 GMT
            Not After : Aug  2 02:59:46 2022 GMT
        Subject: CN=3082010A02820101009E640F4DFECAB679A7462683EE6C58AEC390CED43307AE400F6033E75A43453E5BB51E7D0CD15C992D7718841EE93CE2A7441EA3ACC87641F92F480BC7406852DA312D59E57A77D5A7707FCD421196B47717DAFA903FAD5BAD010BC3B159CFDCD395630E56D70FF54004AC5A53451C38E879051F3E32B00B5C6A12BB84B40EE97CA0132B8452B3C623A8FB0489EB06ABAD05959D64EFCEEAE388C69A02BDB3DCF36FB2E813CB6E9ABA2FADCB9F0972A3244F9D48AC6C9245551F200B7B922CA65ED5902EAE79BF91ADF2CE9523C989D165CB1ADDAE5A3D23D00225B4D7317A8542AFC2B622E3CB03E86A71E23C94DEC83248959ADEC9C92C9F372E94201FD66F0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:64:0f:4d:fe:ca:b6:79:a7:46:26:83:ee:6c:
                    58:ae:c3:90:ce:d4:33:07:ae:40:0f:60:33:e7:5a:
                    43:45:3e:5b:b5:1e:7d:0c:d1:5c:99:2d:77:18:84:
                    1e:e9:3c:e2:a7:44:1e:a3:ac:c8:76:41:f9:2f:48:
                    0b:c7:40:68:52:da:31:2d:59:e5:7a:77:d5:a7:70:
                    7f:cd:42:11:96:b4:77:17:da:fa:90:3f:ad:5b:ad:
                    01:0b:c3:b1:59:cf:dc:d3:95:63:0e:56:d7:0f:f5:
                    40:04:ac:5a:53:45:1c:38:e8:79:05:1f:3e:32:b0:
                    0b:5c:6a:12:bb:84:b4:0e:e9:7c:a0:13:2b:84:52:
                    b3:c6:23:a8:fb:04:89:eb:06:ab:ad:05:95:9d:64:
                    ef:ce:ea:e3:88:c6:9a:02:bd:b3:dc:f3:6f:b2:e8:
                    13:cb:6e:9a:ba:2f:ad:cb:9f:09:72:a3:24:4f:9d:
                    48:ac:6c:92:45:55:1f:20:0b:7b:92:2c:a6:5e:d5:
                    90:2e:ae:79:bf:91:ad:f2:ce:95:23:c9:89:d1:65:
                    cb:1a:dd:ae:5a:3d:23:d0:02:25:b4:d7:31:7a:85:
                    42:af:c2:b6:22:e3:cb:03:e8:6a:71:e2:3c:94:de:
                    c8:32:48:95:9a:de:c9:c9:2c:9f:37:2e:94:20:1f:
                    d6:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:4D:7B:B5:5D:CF:2D:FB:C3:A4:84:AC:E0:71:22:EF:1C:3C:6A:AF
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3134332e3139382e302f32332d3234203d3e20313339343036.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.143.198.0/23

    Signature Algorithm: sha256WithRSAEncryption
         08:2f:59:76:da:aa:18:da:a0:96:d8:a6:04:e5:80:0a:b6:e3:
         cf:0b:62:2a:ae:f2:38:45:72:e3:a9:ad:49:25:cb:39:2f:6e:
         37:96:e8:48:bc:6d:50:2c:7e:03:91:45:03:12:47:02:13:51:
         e6:81:f5:d9:c5:05:72:9a:a2:24:76:06:f2:37:10:fb:a7:16:
         c2:39:c3:94:c9:03:f2:12:d2:4a:65:fd:c0:84:e9:73:1c:2f:
         2f:4e:25:e7:8a:38:fe:22:a8:35:06:bf:2c:be:70:07:2f:5c:
         07:96:87:5c:b4:14:80:6c:54:f3:b1:0e:80:0a:40:4e:53:33:
         1c:ac:2a:9c:fe:6d:f9:61:65:06:6d:60:ed:23:16:d4:1f:0f:
         2b:97:a7:56:ec:a5:6f:15:f7:d9:6c:f1:cc:6b:89:db:21:52:
         02:41:9e:af:26:07:69:c0:e2:78:6e:d6:04:c0:43:e4:40:99:
         ee:50:b3:b8:3d:51:e2:b6:8e:45:4a:b5:65:79:e8:5d:ea:51:
         af:7e:aa:f6:97:72:ad:d3:52:ac:33:21:bb:d7:9c:40:8d:a7:
         9a:2e:49:d0:b0:a4:84:0b:99:30:d7:a7:11:e3:ef:77:0d:40:
         f3:55:94:75:be:b0:c4:d3:e4:aa:e7:df:22:b7:a5:44:06:96:
         b4:c5:02:a0
-----BEGIN CERTIFICATE-----
MIIHDDCCBfSgAwIBAgIUOkU8QlhtScilDk2Y8f1xhYnbPrkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIxMDgwMjAyNTQ0NloX
DTIyMDgwMjAyNTk0NlowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDA5RTY0MEY0REZFQ0FCNjc5QTc0NjI2ODNFRTZDNThBRUMzOTBDRUQ0MzMw
N0FFNDAwRjYwMzNFNzVBNDM0NTNFNUJCNTFFN0QwQ0QxNUM5OTJENzcxODg0MUVF
OTNDRTJBNzQ0MUVBM0FDQzg3NjQxRjkyRjQ4MEJDNzQwNjg1MkRBMzEyRDU5RTU3
QTc3RDVBNzcwN0ZDRDQyMTE5NkI0NzcxN0RBRkE5MDNGQUQ1QkFEMDEwQkMzQjE1
OUNGRENEMzk1NjMwRTU2RDcwRkY1NDAwNEFDNUE1MzQ1MUMzOEU4NzkwNTFGM0Uz
MkIwMEI1QzZBMTJCQjg0QjQwRUU5N0NBMDEzMkI4NDUyQjNDNjIzQThGQjA0ODlF
QjA2QUJBRDA1OTU5RDY0RUZDRUVBRTM4OEM2OUEwMkJEQjNEQ0YzNkZCMkU4MTND
QjZFOUFCQTJGQURDQjlGMDk3MkEzMjQ0RjlENDhBQzZDOTI0NTU1MUYyMDBCN0I5
MjJDQTY1RUQ1OTAyRUFFNzlCRjkxQURGMkNFOTUyM0M5ODlEMTY1Q0IxQUREQUU1
QTNEMjNEMDAyMjVCNEQ3MzE3QTg1NDJBRkMyQjYyMkUzQ0IwM0U4NkE3MUUyM0M5
NERFQzgzMjQ4OTU5QURFQzlDOTJDOUYzNzJFOTQyMDFGRDY2RjAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeZA9N/sq2eadGJoPubFiu
w5DO1DMHrkAPYDPnWkNFPlu1Hn0M0VyZLXcYhB7pPOKnRB6jrMh2QfkvSAvHQGhS
2jEtWeV6d9WncH/NQhGWtHcX2vqQP61brQELw7FZz9zTlWMOVtcP9UAErFpTRRw4
6HkFHz4ysAtcahK7hLQO6XygEyuEUrPGI6j7BInrBqutBZWdZO/O6uOIxpoCvbPc
82+y6BPLbpq6L63LnwlyoyRPnUisbJJFVR8gC3uSLKZe1ZAurnm/ka3yzpUjyYnR
Zcsa3a5aPSPQAiW01zF6hUKvwrYi48sD6Gpx4jyU3sgySJWa3snJLJ83LpQgH9Zv
AgMBAAGjggIDMIIB/zAdBgNVHQ4EFgQUrk17tV3PLfvDpISs4HEi7xw8aq8wHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBhgYIKwYB
BQUHAQsEejB4MHYGCCsGAQUFBzALhmpyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMxMzAzMzJlMzEzNDMzMmUzMTM5MzgyZTMwMmYz
MjMzMmQzMjM0MjAzZDNlMjAzMTMzMzkzNDMwMzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnj8YwDQYJ
KoZIhvcNAQELBQADggEBAAgvWXbaqhjaoJbYpgTlgAq2488LYiqu8jhFcuOprUkl
yzkvbjeW6Ei8bVAsfgORRQMSRwITUeaB9dnFBXKaoiR2BvI3EPunFsI5w5TJA/IS
0kpl/cCE6XMcLy9OJeeKOP4iqDUGvyy+cAcvXAeWh1y0FIBsVPOxDoAKQE5TMxys
Kpz+bflhZQZtYO0jFtQfDyuXp1bspW8V99ls8cxridshUgJBnq8mB2nA4nhu1gTA
Q+RAme5Qs7g9UeK2jkVKtWV56F3qUa9+qvaXcq3TUqwzIbvXnECNp5ouSdCwpIQL
mTDXpxHj73cNQPNVlHW+sMTT5Krn3yK3pUQGlrTFAqA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:09 2024 by rpki-client on console-fra.rpki-client.org