Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3135372e38322e302f32332d3234203d3e203538333639.roa
File:                     3130332e3135372e38322e302f32332d3234203d3e203538333639.roa (raw, json)
Hash identifier:          DKgh8Rv88KXyXbnpCfdhnTG5WzHBVQmzDwd4LzDlAVw=
Subject key identifier:   89:D6:C0:1E:99:D2:18:13:DF:29:A0:EC:AF:C5:F7:9E:9B:BE:D9:77
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       02E71CCA3259DFD1B669E40BF00367F679B7E3CA
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3135372e38322e302f32332d3234203d3e203538333639.roa
Signing time:             Mon 23 Aug 2021 03:54:05 +0000
ROA not before:           Mon 23 Aug 2021 03:49:05 +0000
ROA not after:            Tue 23 Aug 2022 03:54:05 +0000
asID:                     58369
IP address blocks:        103.157.82.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:e7:1c:ca:32:59:df:d1:b6:69:e4:0b:f0:03:67:f6:79:b7:e3:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Aug 23 03:49:05 2021 GMT
            Not After : Aug 23 03:54:05 2022 GMT
        Subject: CN=3082010A0282010100D9EAE5EC25BCD662CA708374C91421EA347349B69C8AEF3570DFB8912953DF7DD18E085C8763FAC562A8E488EA2D24FC4900C9631E86F6F2E6A8E8A11DFB1B98680CBC17E47BCD1085989182C7F839C0FC01B859F57C307F79198AED7906FEDEB9DE40C3800CCA5666BD94E5AE1934BC9913491F456DB1CD0E12259E547DD9225ACC23219A96CC7BF29532D346966861652801FBED0ABA18CC4DF9E3BCB058DFCFCD817645BEC2DE8A0D89CDDFB36C38C4F3B22348947596B4870D84963F0EF1BC279B0CB9C66DEA2AEC9113AFD20BB5365303657B4D65FE380F22D10E1BD8770A015C698167F07900EB1D717FAFD2FC572B6E4D0B6D0CB78D3773A055C3A4BF0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:ea:e5:ec:25:bc:d6:62:ca:70:83:74:c9:14:
                    21:ea:34:73:49:b6:9c:8a:ef:35:70:df:b8:91:29:
                    53:df:7d:d1:8e:08:5c:87:63:fa:c5:62:a8:e4:88:
                    ea:2d:24:fc:49:00:c9:63:1e:86:f6:f2:e6:a8:e8:
                    a1:1d:fb:1b:98:68:0c:bc:17:e4:7b:cd:10:85:98:
                    91:82:c7:f8:39:c0:fc:01:b8:59:f5:7c:30:7f:79:
                    19:8a:ed:79:06:fe:de:b9:de:40:c3:80:0c:ca:56:
                    66:bd:94:e5:ae:19:34:bc:99:13:49:1f:45:6d:b1:
                    cd:0e:12:25:9e:54:7d:d9:22:5a:cc:23:21:9a:96:
                    cc:7b:f2:95:32:d3:46:96:68:61:65:28:01:fb:ed:
                    0a:ba:18:cc:4d:f9:e3:bc:b0:58:df:cf:cd:81:76:
                    45:be:c2:de:8a:0d:89:cd:df:b3:6c:38:c4:f3:b2:
                    23:48:94:75:96:b4:87:0d:84:96:3f:0e:f1:bc:27:
                    9b:0c:b9:c6:6d:ea:2a:ec:91:13:af:d2:0b:b5:36:
                    53:03:65:7b:4d:65:fe:38:0f:22:d1:0e:1b:d8:77:
                    0a:01:5c:69:81:67:f0:79:00:eb:1d:71:7f:af:d2:
                    fc:57:2b:6e:4d:0b:6d:0c:b7:8d:37:73:a0:55:c3:
                    a4:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:D6:C0:1E:99:D2:18:13:DF:29:A0:EC:AF:C5:F7:9E:9B:BE:D9:77
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3135372e38322e302f32332d3234203d3e203538333639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.157.82.0/23

    Signature Algorithm: sha256WithRSAEncryption
         00:70:85:57:c1:02:3d:5a:86:3a:57:ba:ea:ac:de:5b:c9:ae:
         72:1f:71:22:02:4e:71:18:7d:66:54:5f:81:68:ea:fc:3b:9c:
         10:97:40:3c:d5:47:5d:9d:53:4e:14:41:8e:b7:22:10:be:aa:
         12:4d:77:21:3d:a3:dd:eb:93:4a:53:b4:23:1c:6f:ab:49:9a:
         f7:00:8a:11:5d:a9:5d:54:ee:a6:a2:6e:93:88:4a:66:f8:5a:
         a2:e5:6f:74:dd:c0:33:6a:cf:61:ca:e0:9f:9b:67:b1:bb:51:
         cc:c1:e9:96:7b:0b:89:10:a5:54:46:f5:7c:cd:64:7a:b3:c3:
         3e:95:4d:31:0f:71:53:f0:d4:8d:50:4e:d9:35:97:fb:f3:4e:
         d7:bf:78:1f:3c:37:99:59:8e:f2:71:1f:d8:47:2e:63:41:6d:
         9f:87:32:a1:38:18:12:96:06:53:fd:1b:44:df:56:5d:b7:e9:
         72:64:8f:28:a7:5a:3e:fe:3c:13:e2:fb:f2:6b:46:c8:0b:fc:
         88:ef:ab:e8:90:ab:ec:2c:ef:76:81:52:4c:fa:e6:2b:f6:d8:
         26:71:a4:1a:64:83:50:14:c2:88:d3:a3:7f:61:b2:80:5a:d3:
         a3:1b:28:14:26:05:30:b0:2b:ac:e0:d2:9d:68:a5:88:00:9a:
         7f:68:a6:7e
-----BEGIN CERTIFICATE-----
MIIHCDCCBfCgAwIBAgIUAuccyjJZ39G2aeQL8ANn9nm348owDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIxMDgyMzAzNDkwNVoX
DTIyMDgyMzAzNTQwNVowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBEOUVBRTVFQzI1QkNENjYyQ0E3MDgzNzRDOTE0MjFFQTM0NzM0OUI2OUM4
QUVGMzU3MERGQjg5MTI5NTNERjdERDE4RTA4NUM4NzYzRkFDNTYyQThFNDg4RUEy
RDI0RkM0OTAwQzk2MzFFODZGNkYyRTZBOEU4QTExREZCMUI5ODY4MENCQzE3RTQ3
QkNEMTA4NTk4OTE4MkM3RjgzOUMwRkMwMUI4NTlGNTdDMzA3Rjc5MTk4QUVENzkw
NkZFREVCOURFNDBDMzgwMENDQTU2NjZCRDk0RTVBRTE5MzRCQzk5MTM0OTFGNDU2
REIxQ0QwRTEyMjU5RTU0N0REOTIyNUFDQzIzMjE5QTk2Q0M3QkYyOTUzMkQzNDY5
NjY4NjE2NTI4MDFGQkVEMEFCQTE4Q0M0REY5RTNCQ0IwNThERkNGQ0Q4MTc2NDVC
RUMyREU4QTBEODlDRERGQjM2QzM4QzRGM0IyMjM0ODk0NzU5NkI0ODcwRDg0OTYz
RjBFRjFCQzI3OUIwQ0I5QzY2REVBMkFFQzkxMTNBRkQyMEJCNTM2NTMwMzY1N0I0
RDY1RkUzODBGMjJEMTBFMUJEODc3MEEwMTVDNjk4MTY3RjA3OTAwRUIxRDcxN0ZB
RkQyRkM1NzJCNkU0RDBCNkQwQ0I3OEQzNzczQTA1NUMzQTRCRjAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ6uXsJbzWYspwg3TJFCHq
NHNJtpyK7zVw37iRKVPffdGOCFyHY/rFYqjkiOotJPxJAMljHob28uao6KEd+xuY
aAy8F+R7zRCFmJGCx/g5wPwBuFn1fDB/eRmK7XkG/t653kDDgAzKVma9lOWuGTS8
mRNJH0Vtsc0OEiWeVH3ZIlrMIyGalsx78pUy00aWaGFlKAH77Qq6GMxN+eO8sFjf
z82BdkW+wt6KDYnN37NsOMTzsiNIlHWWtIcNhJY/DvG8J5sMucZt6irskROv0gu1
NlMDZXtNZf44DyLRDhvYdwoBXGmBZ/B5AOsdcX+v0vxXK25NC20Mt403c6BVw6S/
AgMBAAGjggH/MIIB+zAdBgNVHQ4EFgQUidbAHpnSGBPfKaDsr8X3npu+2XcwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBggYIKwYB
BQUHAQsEdjB0MHIGCCsGAQUFBzALhmZyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMxMzAzMzJlMzEzNTM3MmUzODMyMmUzMDJmMzIz
MzJkMzIzNDIwM2QzZTIwMzUzODMzMzYzOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWedUjANBgkqhkiG
9w0BAQsFAAOCAQEAAHCFV8ECPVqGOle66qzeW8much9xIgJOcRh9ZlRfgWjq/Duc
EJdAPNVHXZ1TThRBjrciEL6qEk13IT2j3euTSlO0Ixxvq0ma9wCKEV2pXVTupqJu
k4hKZvhaouVvdN3AM2rPYcrgn5tnsbtRzMHplnsLiRClVEb1fM1kerPDPpVNMQ9x
U/DUjVBO2TWX+/NO1794Hzw3mVmO8nEf2EcuY0Ftn4cyoTgYEpYGU/0bRN9WXbfp
cmSPKKdaPv48E+L78mtGyAv8iO+r6JCr7CzvdoFSTPrmK/bYJnGkGmSDUBTCiNOj
f2GygFrToxsoFCYFMLArrODSnWiliACaf2imfg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:45 2024 by rpki-client on console-ams.rpki-client.org