Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3135352e3132352e302f32342d3234203d3e20313431303539.roa
File:                     3130332e3135352e3132352e302f32342d3234203d3e20313431303539.roa (raw, json)
Hash identifier:          kZH/OzhL2iN0y3y2PVnAUomYtAu8m0yZlDFhtBZvAOM=
Subject key identifier:   4A:5D:DE:5D:6D:7C:EB:B1:74:35:5C:CC:43:30:36:C9:56:D6:16:55
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       676406A6AC7457FD0D48E69364124ADACCD28C58
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3135352e3132352e302f32342d3234203d3e20313431303539.roa
Signing time:             Thu 26 Aug 2021 04:15:53 +0000
ROA not before:           Thu 26 Aug 2021 04:10:53 +0000
ROA not after:            Fri 26 Aug 2022 04:15:53 +0000
asID:                     141059
IP address blocks:        103.155.125.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:64:06:a6:ac:74:57:fd:0d:48:e6:93:64:12:4a:da:cc:d2:8c:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Aug 26 04:10:53 2021 GMT
            Not After : Aug 26 04:15:53 2022 GMT
        Subject: CN=3082010A0282010100C7F2F0774B38311744C294249520AF4AD323608ABF0FA2D390B7BDF20D83B24FD304878D93DCF565CF5D317AB2AD271D489284E6C8CD1817F0BDFFCDC726A75F0E9B69B5C2E2EF5CDCB5A26D09E378AA953DFB206E227FC80FC58A1E0F3E61E71360BE2E1C4A64F3E4736EB9CC31DA86908A438624B79136F49C4692D0F954F90F1DC949B5DB30F9C4806ADDD0C78BEBEFBFBDC92F5C39F3445BD00790C47C9FD5F75AD5A2EFD50BCC0AAB3FE06D37FAA98BE9D093F67CD9E7FF2D5F3945FA7DD43954C9B7A5675B19F6641EA2C17C288DF00A07041272E25D463635D04E6051F247AC65B0A5A38F12DC2DFD6BC7AD73C76D40E714FB6CD1D08959A9FD4FAEE30203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:f2:f0:77:4b:38:31:17:44:c2:94:24:95:20:
                    af:4a:d3:23:60:8a:bf:0f:a2:d3:90:b7:bd:f2:0d:
                    83:b2:4f:d3:04:87:8d:93:dc:f5:65:cf:5d:31:7a:
                    b2:ad:27:1d:48:92:84:e6:c8:cd:18:17:f0:bd:ff:
                    cd:c7:26:a7:5f:0e:9b:69:b5:c2:e2:ef:5c:dc:b5:
                    a2:6d:09:e3:78:aa:95:3d:fb:20:6e:22:7f:c8:0f:
                    c5:8a:1e:0f:3e:61:e7:13:60:be:2e:1c:4a:64:f3:
                    e4:73:6e:b9:cc:31:da:86:90:8a:43:86:24:b7:91:
                    36:f4:9c:46:92:d0:f9:54:f9:0f:1d:c9:49:b5:db:
                    30:f9:c4:80:6a:dd:d0:c7:8b:eb:ef:bf:bd:c9:2f:
                    5c:39:f3:44:5b:d0:07:90:c4:7c:9f:d5:f7:5a:d5:
                    a2:ef:d5:0b:cc:0a:ab:3f:e0:6d:37:fa:a9:8b:e9:
                    d0:93:f6:7c:d9:e7:ff:2d:5f:39:45:fa:7d:d4:39:
                    54:c9:b7:a5:67:5b:19:f6:64:1e:a2:c1:7c:28:8d:
                    f0:0a:07:04:12:72:e2:5d:46:36:35:d0:4e:60:51:
                    f2:47:ac:65:b0:a5:a3:8f:12:dc:2d:fd:6b:c7:ad:
                    73:c7:6d:40:e7:14:fb:6c:d1:d0:89:59:a9:fd:4f:
                    ae:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:5D:DE:5D:6D:7C:EB:B1:74:35:5C:CC:43:30:36:C9:56:D6:16:55
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3135352e3132352e302f32342d3234203d3e20313431303539.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.155.125.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:d3:6e:88:16:8a:9a:b4:eb:1a:f7:e5:08:2c:ca:7e:d2:36:
         7b:c1:03:8e:b6:82:58:2d:0e:3c:30:d2:69:39:02:7e:29:58:
         51:35:7a:af:b1:43:6a:86:0f:d5:78:3c:c4:00:1f:9d:84:68:
         ac:e9:68:23:19:5b:d8:47:e2:b5:57:5a:8d:5e:8e:21:b1:7e:
         5a:79:d3:cc:fc:25:d5:c6:5e:83:f4:4e:db:de:b0:3e:18:bc:
         38:09:2d:27:39:39:49:c0:ee:25:a9:b6:7d:27:05:0f:04:31:
         b5:aa:b6:71:cd:e1:cc:65:af:fe:cf:98:30:0a:f4:2e:b4:1f:
         b2:d7:0a:9b:95:0e:5a:bc:65:f6:52:c7:3c:ad:11:8d:4e:5e:
         98:f4:19:57:11:83:26:15:8b:42:40:27:63:64:78:50:b0:63:
         10:ad:38:a5:4c:5f:9d:ca:9c:e0:73:87:99:1e:d1:20:42:82:
         6c:a3:aa:9c:93:78:64:db:5e:30:19:c0:96:d8:b5:b2:0a:c5:
         5a:9c:98:db:ad:48:b4:d1:1a:7e:88:7c:5e:e0:da:f9:0d:2b:
         ef:5c:6b:94:25:07:b7:65:83:de:10:5f:18:9c:98:2c:0a:39:
         8c:a1:a3:ca:ed:7a:c6:a5:4e:1d:91:85:37:97:93:8d:d2:b1:
         7c:d4:44:10
-----BEGIN CERTIFICATE-----
MIIHDDCCBfSgAwIBAgIUZ2QGpqx0V/0NSOaTZBJK2szSjFgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIxMDgyNjA0MTA1M1oX
DTIyMDgyNjA0MTU1M1owggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBDN0YyRjA3NzRCMzgzMTE3NDRDMjk0MjQ5NTIwQUY0QUQzMjM2MDhBQkYw
RkEyRDM5MEI3QkRGMjBEODNCMjRGRDMwNDg3OEQ5M0RDRjU2NUNGNUQzMTdBQjJB
RDI3MUQ0ODkyODRFNkM4Q0QxODE3RjBCREZGQ0RDNzI2QTc1RjBFOUI2OUI1QzJF
MkVGNUNEQ0I1QTI2RDA5RTM3OEFBOTUzREZCMjA2RTIyN0ZDODBGQzU4QTFFMEYz
RTYxRTcxMzYwQkUyRTFDNEE2NEYzRTQ3MzZFQjlDQzMxREE4NjkwOEE0Mzg2MjRC
NzkxMzZGNDlDNDY5MkQwRjk1NEY5MEYxREM5NDlCNURCMzBGOUM0ODA2QURERDBD
NzhCRUJFRkJGQkRDOTJGNUMzOUYzNDQ1QkQwMDc5MEM0N0M5RkQ1Rjc1QUQ1QTJF
RkQ1MEJDQzBBQUIzRkUwNkQzN0ZBQTk4QkU5RDA5M0Y2N0NEOUU3RkYyRDVGMzk0
NUZBN0RENDM5NTRDOUI3QTU2NzVCMTlGNjY0MUVBMkMxN0MyODhERjAwQTA3MDQx
MjcyRTI1RDQ2MzYzNUQwNEU2MDUxRjI0N0FDNjVCMEE1QTM4RjEyREMyREZENkJD
N0FENzNDNzZENDBFNzE0RkI2Q0QxRDA4OTU5QTlGRDRGQUVFMzAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDH8vB3SzgxF0TClCSVIK9K
0yNgir8PotOQt73yDYOyT9MEh42T3PVlz10xerKtJx1IkoTmyM0YF/C9/83HJqdf
DptptcLi71zctaJtCeN4qpU9+yBuIn/ID8WKHg8+YecTYL4uHEpk8+RzbrnMMdqG
kIpDhiS3kTb0nEaS0PlU+Q8dyUm12zD5xIBq3dDHi+vvv73JL1w580Rb0AeQxHyf
1fda1aLv1QvMCqs/4G03+qmL6dCT9nzZ5/8tXzlF+n3UOVTJt6VnWxn2ZB6iwXwo
jfAKBwQScuJdRjY10E5gUfJHrGWwpaOPEtwt/WvHrXPHbUDnFPts0dCJWan9T67j
AgMBAAGjggIDMIIB/zAdBgNVHQ4EFgQUSl3eXW1867F0NVzMQzA2yVbWFlUwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBhgYIKwYB
BQUHAQsEejB4MHYGCCsGAQUFBzALhmpyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMxMzAzMzJlMzEzNTM1MmUzMTMyMzUyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM0MzEzMDM1Mzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnm30wDQYJ
KoZIhvcNAQELBQADggEBAJnTbogWipq06xr35Qgsyn7SNnvBA462glgtDjww0mk5
An4pWFE1eq+xQ2qGD9V4PMQAH52EaKzpaCMZW9hH4rVXWo1ejiGxflp508z8JdXG
XoP0TtvesD4YvDgJLSc5OUnA7iWptn0nBQ8EMbWqtnHN4cxlr/7PmDAK9C60H7LX
CpuVDlq8ZfZSxzytEY1OXpj0GVcRgyYVi0JAJ2NkeFCwYxCtOKVMX53KnOBzh5ke
0SBCgmyjqpyTeGTbXjAZwJbYtbIKxVqcmNutSLTRGn6IfF7g2vkNK+9ca5QlB7dl
g94QXxicmCwKOYyho8rtesalTh2RhTeXk43SsXzURBA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:44 2024 by rpki-client on console-ams.rpki-client.org