Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3135322e3134302e302f32332d3234203d3e20313430343832.roa
File:                     3130332e3135322e3134302e302f32332d3234203d3e20313430343832.roa (raw, json)
Hash identifier:          PmEj7paIv6mVtWzg85r3hh68vcbDnaxJ2kKaF347kHk=
Subject key identifier:   0A:AF:ED:4E:19:9F:9D:52:FF:96:B8:48:50:50:55:EA:0E:33:29:08
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       353DF70837F9DA4C48828566020645471333FA3F
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3135322e3134302e302f32332d3234203d3e20313430343832.roa
Signing time:             Tue 08 Feb 2022 02:00:05 +0000
ROA not before:           Tue 08 Feb 2022 01:55:05 +0000
ROA not after:            Wed 08 Feb 2023 02:00:05 +0000
asID:                     140482
IP address blocks:        103.152.140.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:3d:f7:08:37:f9:da:4c:48:82:85:66:02:06:45:47:13:33:fa:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Feb  8 01:55:05 2022 GMT
            Not After : Feb  8 02:00:05 2023 GMT
        Subject: CN=3082010A0282010100CA573016392D69A0E2131F9C0278C6E3E1CA827C43FB60841125FF7443B03181F59B455D9B965F42D9CCE4D3CA6128E430485BA67E22808F7619FA00B493D45AB8AC89C66305411F4BD352EC480B646DE0F383101BFC298E62A5ED272F70E2590B55CD1D60E963BFDAF561B8D79B0DE38E147EC5B22CB270144435457D9ACA6AB1CEB9807317BD90F7CC018B2E454BB02B3D314C24D8256CFE24836C69F283617334D46085499179763CC4B18C8F9B72B240BCE6BE318119140C543C150CA5D1D95127129545BC7011A6595ECE610EDACAC88A794A1B45044DCCB6AE0856B7CE7F8E081B49BCAFBF14242659A535A43FE54B378C6C5DE072E56C97A0DA9657E50203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:57:30:16:39:2d:69:a0:e2:13:1f:9c:02:78:
                    c6:e3:e1:ca:82:7c:43:fb:60:84:11:25:ff:74:43:
                    b0:31:81:f5:9b:45:5d:9b:96:5f:42:d9:cc:e4:d3:
                    ca:61:28:e4:30:48:5b:a6:7e:22:80:8f:76:19:fa:
                    00:b4:93:d4:5a:b8:ac:89:c6:63:05:41:1f:4b:d3:
                    52:ec:48:0b:64:6d:e0:f3:83:10:1b:fc:29:8e:62:
                    a5:ed:27:2f:70:e2:59:0b:55:cd:1d:60:e9:63:bf:
                    da:f5:61:b8:d7:9b:0d:e3:8e:14:7e:c5:b2:2c:b2:
                    70:14:44:35:45:7d:9a:ca:6a:b1:ce:b9:80:73:17:
                    bd:90:f7:cc:01:8b:2e:45:4b:b0:2b:3d:31:4c:24:
                    d8:25:6c:fe:24:83:6c:69:f2:83:61:73:34:d4:60:
                    85:49:91:79:76:3c:c4:b1:8c:8f:9b:72:b2:40:bc:
                    e6:be:31:81:19:14:0c:54:3c:15:0c:a5:d1:d9:51:
                    27:12:95:45:bc:70:11:a6:59:5e:ce:61:0e:da:ca:
                    c8:8a:79:4a:1b:45:04:4d:cc:b6:ae:08:56:b7:ce:
                    7f:8e:08:1b:49:bc:af:bf:14:24:26:59:a5:35:a4:
                    3f:e5:4b:37:8c:6c:5d:e0:72:e5:6c:97:a0:da:96:
                    57:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:AF:ED:4E:19:9F:9D:52:FF:96:B8:48:50:50:55:EA:0E:33:29:08
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3135322e3134302e302f32332d3234203d3e20313430343832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.152.140.0/23

    Signature Algorithm: sha256WithRSAEncryption
         22:11:c6:f7:7b:4e:fe:d8:b7:fc:33:69:a4:66:87:5a:d9:6d:
         8a:9f:43:3e:b7:14:4b:8b:ea:14:07:d7:e1:17:a3:06:7b:84:
         92:47:7f:8f:15:2c:7a:52:14:10:2b:3c:e2:bc:4b:05:f8:87:
         48:95:48:da:c4:10:87:38:00:28:19:ba:ee:50:c8:02:ff:f4:
         c9:32:f6:2d:ea:93:55:11:46:ce:65:b4:6d:f1:0b:8b:13:78:
         87:a0:68:55:ca:fc:37:99:04:c9:8b:2c:88:0e:cd:44:89:8c:
         57:a2:e8:2e:55:62:8e:d0:34:43:7e:64:5d:a6:cc:aa:c5:1f:
         1b:af:cd:01:d8:52:55:6a:da:45:db:a1:5e:9b:7c:16:99:db:
         9c:f9:6e:65:51:a7:04:f2:ae:3d:5d:53:57:0d:f8:6a:28:75:
         ad:fa:4e:e3:ea:e5:93:4b:91:55:57:d0:ac:b6:69:a7:12:25:
         24:09:5d:b0:dc:6b:79:6a:40:cb:eb:14:92:a9:03:8e:01:ef:
         0c:92:37:89:f0:ee:0e:88:90:7e:47:54:46:ea:2d:35:4f:ca:
         67:48:d9:b4:a3:8a:c5:fc:a1:bf:4d:75:91:fb:6a:07:06:cd:
         e4:10:87:21:f7:98:f2:1f:c1:33:25:26:55:d5:6f:9b:26:11:
         27:01:12:33
-----BEGIN CERTIFICATE-----
MIIHDDCCBfSgAwIBAgIUNT33CDf52kxIgoVmAgZFRxMz+j8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIyMDIwODAxNTUwNVoX
DTIzMDIwODAyMDAwNVowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBDQTU3MzAxNjM5MkQ2OUEwRTIxMzFGOUMwMjc4QzZFM0UxQ0E4MjdDNDNG
QjYwODQxMTI1RkY3NDQzQjAzMTgxRjU5QjQ1NUQ5Qjk2NUY0MkQ5Q0NFNEQzQ0E2
MTI4RTQzMDQ4NUJBNjdFMjI4MDhGNzYxOUZBMDBCNDkzRDQ1QUI4QUM4OUM2NjMw
NTQxMUY0QkQzNTJFQzQ4MEI2NDZERTBGMzgzMTAxQkZDMjk4RTYyQTVFRDI3MkY3
MEUyNTkwQjU1Q0QxRDYwRTk2M0JGREFGNTYxQjhENzlCMERFMzhFMTQ3RUM1QjIy
Q0IyNzAxNDQ0MzU0NTdEOUFDQTZBQjFDRUI5ODA3MzE3QkQ5MEY3Q0MwMThCMkU0
NTRCQjAyQjNEMzE0QzI0RDgyNTZDRkUyNDgzNkM2OUYyODM2MTczMzRENDYwODU0
OTkxNzk3NjNDQzRCMThDOEY5QjcyQjI0MEJDRTZCRTMxODExOTE0MEM1NDNDMTUw
Q0E1RDFEOTUxMjcxMjk1NDVCQzcwMTFBNjU5NUVDRTYxMEVEQUNBQzg4QTc5NEEx
QjQ1MDQ0RENDQjZBRTA4NTZCN0NFN0Y4RTA4MUI0OUJDQUZCRjE0MjQyNjU5QTUz
NUE0M0ZFNTRCMzc4QzZDNURFMDcyRTU2Qzk3QTBEQTk2NTdFNTAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKVzAWOS1poOITH5wCeMbj
4cqCfEP7YIQRJf90Q7AxgfWbRV2bll9C2czk08phKOQwSFumfiKAj3YZ+gC0k9Ra
uKyJxmMFQR9L01LsSAtkbeDzgxAb/CmOYqXtJy9w4lkLVc0dYOljv9r1YbjXmw3j
jhR+xbIssnAURDVFfZrKarHOuYBzF72Q98wBiy5FS7ArPTFMJNglbP4kg2xp8oNh
czTUYIVJkXl2PMSxjI+bcrJAvOa+MYEZFAxUPBUMpdHZUScSlUW8cBGmWV7OYQ7a
ysiKeUobRQRNzLauCFa3zn+OCBtJvK+/FCQmWaU1pD/lSzeMbF3gcuVsl6Dallfl
AgMBAAGjggIDMIIB/zAdBgNVHQ4EFgQUCq/tThmfnVL/lrhIUFBV6g4zKQgwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBhgYIKwYB
BQUHAQsEejB4MHYGCCsGAQUFBzALhmpyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMxMzAzMzJlMzEzNTMyMmUzMTM0MzAyZTMwMmYz
MjMzMmQzMjM0MjAzZDNlMjAzMTM0MzAzNDM4MzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnmIwwDQYJ
KoZIhvcNAQELBQADggEBACIRxvd7Tv7Yt/wzaaRmh1rZbYqfQz63FEuL6hQH1+EX
owZ7hJJHf48VLHpSFBArPOK8SwX4h0iVSNrEEIc4ACgZuu5QyAL/9Mky9i3qk1UR
Rs5ltG3xC4sTeIegaFXK/DeZBMmLLIgOzUSJjFei6C5VYo7QNEN+ZF2mzKrFHxuv
zQHYUlVq2kXboV6bfBaZ25z5bmVRpwTyrj1dU1cN+Gooda36TuPq5ZNLkVVX0Ky2
aacSJSQJXbDca3lqQMvrFJKpA44B7wySN4nw7g6IkH5HVEbqLTVPymdI2bSjisX8
ob9NdZH7agcGzeQQhyH3mPIfwTMlJlXVb5smEScBEjM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:43 2024 by rpki-client on console-ams.rpki-client.org