Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3135372e39362e302f32332d3234203d3e203535363838.roa
File:                     3130332e3135372e39362e302f32332d3234203d3e203535363838.roa (raw, json)
Hash identifier:          hvorSWKWv2lKU9o5vENT4ie+SnWSxG5fIsHsBj7cOak=
Subject key identifier:   87:5D:41:AC:1F:F6:48:E1:3B:64:E5:97:6D:21:61:B2:A7:1E:8D:B3
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       76631901EC6DE9F306DA96ACF7D50435BCA326B8
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3135372e39362e302f32332d3234203d3e203535363838.roa
Signing time:             Thu 30 Sep 2021 06:11:10 +0000
ROA not before:           Thu 30 Sep 2021 06:06:10 +0000
ROA not after:            Fri 30 Sep 2022 06:11:10 +0000
asID:                     55688
IP address blocks:        103.157.96.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:63:19:01:ec:6d:e9:f3:06:da:96:ac:f7:d5:04:35:bc:a3:26:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Sep 30 06:06:10 2021 GMT
            Not After : Sep 30 06:11:10 2022 GMT
        Subject: CN=3082010A0282010100D41CD3737587D1818848B1C51396BCBD7C6D0881D12E848D0C7776808B6E0E1B7946EA60AB11A7482D241816AD12721DFECCEE77F050C60D020329BA55AB1406A01A01C953125E719B7647E31CEFA05CDFFEE0852C4A78B0816FA3972FC43DAE16A5B41B9C64D43232487809EF937231380FAC3E6BCF2ED5C66591BD5ABA6D09D1275749E99FF9D2C9EE50CD8031E4F526856831F70192D8CAFDA1D3E43400AA9F2AB6CF6EE71F1CC60BADE1BE5974CF548ADF55B975B9A6188698C3AAA97DEE678F168373B3840A288B37128BF8D64CB113FD57B1410A16170C2320BF98A5E39C1A2D0B8382364DFB9822F63C64008D4BF3A6342D2B2B316DF7DD30E8A3B8CD0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:1c:d3:73:75:87:d1:81:88:48:b1:c5:13:96:
                    bc:bd:7c:6d:08:81:d1:2e:84:8d:0c:77:76:80:8b:
                    6e:0e:1b:79:46:ea:60:ab:11:a7:48:2d:24:18:16:
                    ad:12:72:1d:fe:cc:ee:77:f0:50:c6:0d:02:03:29:
                    ba:55:ab:14:06:a0:1a:01:c9:53:12:5e:71:9b:76:
                    47:e3:1c:ef:a0:5c:df:fe:e0:85:2c:4a:78:b0:81:
                    6f:a3:97:2f:c4:3d:ae:16:a5:b4:1b:9c:64:d4:32:
                    32:48:78:09:ef:93:72:31:38:0f:ac:3e:6b:cf:2e:
                    d5:c6:65:91:bd:5a:ba:6d:09:d1:27:57:49:e9:9f:
                    f9:d2:c9:ee:50:cd:80:31:e4:f5:26:85:68:31:f7:
                    01:92:d8:ca:fd:a1:d3:e4:34:00:aa:9f:2a:b6:cf:
                    6e:e7:1f:1c:c6:0b:ad:e1:be:59:74:cf:54:8a:df:
                    55:b9:75:b9:a6:18:86:98:c3:aa:a9:7d:ee:67:8f:
                    16:83:73:b3:84:0a:28:8b:37:12:8b:f8:d6:4c:b1:
                    13:fd:57:b1:41:0a:16:17:0c:23:20:bf:98:a5:e3:
                    9c:1a:2d:0b:83:82:36:4d:fb:98:22:f6:3c:64:00:
                    8d:4b:f3:a6:34:2d:2b:2b:31:6d:f7:dd:30:e8:a3:
                    b8:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:5D:41:AC:1F:F6:48:E1:3B:64:E5:97:6D:21:61:B2:A7:1E:8D:B3
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3135372e39362e302f32332d3234203d3e203535363838.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.157.96.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5d:11:5e:55:70:c4:a7:3b:f4:aa:63:ef:48:e3:5f:bf:87:b4:
         d3:83:1b:7e:07:7d:6d:c3:d1:b9:da:c6:72:52:30:30:58:de:
         48:9e:a0:61:2a:15:2f:df:10:d3:16:1d:4a:24:5c:d4:07:65:
         bb:30:77:4b:20:25:47:48:b0:28:26:a0:e1:95:2c:29:ab:0b:
         36:c9:06:e4:b4:06:01:f0:1e:d9:c7:a1:36:a8:e6:a3:3f:cd:
         3a:77:6f:29:cf:93:10:f6:9c:5d:d5:c3:d8:1f:15:da:14:83:
         7a:10:27:41:59:62:66:37:6e:11:4d:35:a0:55:06:c4:fd:80:
         7e:84:e1:c5:b8:91:f3:d2:5e:9f:df:ef:a0:b5:76:dd:29:a9:
         4d:bd:43:07:17:95:a4:0d:27:82:72:75:d1:cf:a2:37:2a:7c:
         43:66:f1:7f:21:c3:e0:6a:67:19:c6:4e:09:34:6b:15:78:e0:
         bb:72:f9:82:42:94:9a:b8:9f:0e:8e:82:34:f9:e8:85:4c:e6:
         01:3f:cf:2e:17:c6:d9:4b:ee:b9:bc:18:89:95:61:16:fe:69:
         d2:63:f9:b1:0a:bb:df:2d:99:4a:be:0d:ac:c2:00:a3:ba:42:
         7b:60:c4:26:67:1e:ef:ec:65:b0:fc:4f:3e:1e:b8:51:4b:bc:
         08:3d:87:81
-----BEGIN CERTIFICATE-----
MIIHCDCCBfCgAwIBAgIUdmMZAext6fMG2pas99UENbyjJrgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIxMDkzMDA2MDYxMFoX
DTIyMDkzMDA2MTExMFowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBENDFDRDM3Mzc1ODdEMTgxODg0OEIxQzUxMzk2QkNCRDdDNkQwODgxRDEy
RTg0OEQwQzc3NzY4MDhCNkUwRTFCNzk0NkVBNjBBQjExQTc0ODJEMjQxODE2QUQx
MjcyMURGRUNDRUU3N0YwNTBDNjBEMDIwMzI5QkE1NUFCMTQwNkEwMUEwMUM5NTMx
MjVFNzE5Qjc2NDdFMzFDRUZBMDVDREZGRUUwODUyQzRBNzhCMDgxNkZBMzk3MkZD
NDNEQUUxNkE1QjQxQjlDNjRENDMyMzI0ODc4MDlFRjkzNzIzMTM4MEZBQzNFNkJD
RjJFRDVDNjY1OTFCRDVBQkE2RDA5RDEyNzU3NDlFOTlGRjlEMkM5RUU1MENEODAz
MUU0RjUyNjg1NjgzMUY3MDE5MkQ4Q0FGREExRDNFNDM0MDBBQTlGMkFCNkNGNkVF
NzFGMUNDNjBCQURFMUJFNTk3NENGNTQ4QURGNTVCOTc1QjlBNjE4ODY5OEMzQUFB
OTdERUU2NzhGMTY4MzczQjM4NDBBMjg4QjM3MTI4QkY4RDY0Q0IxMTNGRDU3QjE0
MTBBMTYxNzBDMjMyMEJGOThBNUUzOUMxQTJEMEI4MzgyMzY0REZCOTgyMkY2M0M2
NDAwOEQ0QkYzQTYzNDJEMkIyQjMxNkRGN0REMzBFOEEzQjhDRDAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUHNNzdYfRgYhIscUTlry9
fG0IgdEuhI0Md3aAi24OG3lG6mCrEadILSQYFq0Sch3+zO538FDGDQIDKbpVqxQG
oBoByVMSXnGbdkfjHO+gXN/+4IUsSniwgW+jly/EPa4WpbQbnGTUMjJIeAnvk3Ix
OA+sPmvPLtXGZZG9WrptCdEnV0npn/nSye5QzYAx5PUmhWgx9wGS2Mr9odPkNACq
nyq2z27nHxzGC63hvll0z1SK31W5dbmmGIaYw6qpfe5njxaDc7OECiiLNxKL+NZM
sRP9V7FBChYXDCMgv5il45waLQuDgjZN+5gi9jxkAI1L86Y0LSsrMW333TDoo7jN
AgMBAAGjggH/MIIB+zAdBgNVHQ4EFgQUh11BrB/2SOE7ZOWXbSFhsqcejbMwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBggYIKwYB
BQUHAQsEdjB0MHIGCCsGAQUFBzALhmZyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMxMzAzMzJlMzEzNTM3MmUzOTM2MmUzMDJmMzIz
MzJkMzIzNDIwM2QzZTIwMzUzNTM2MzgzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWedYDANBgkqhkiG
9w0BAQsFAAOCAQEAXRFeVXDEpzv0qmPvSONfv4e004Mbfgd9bcPRudrGclIwMFje
SJ6gYSoVL98Q0xYdSiRc1AdluzB3SyAlR0iwKCag4ZUsKasLNskG5LQGAfAe2ceh
Nqjmoz/NOndvKc+TEPacXdXD2B8V2hSDehAnQVliZjduEU01oFUGxP2AfoThxbiR
89Jen9/voLV23SmpTb1DBxeVpA0ngnJ10c+iNyp8Q2bxfyHD4GpnGcZOCTRrFXjg
u3L5gkKUmrifDo6CNPnohUzmAT/PLhfG2UvuubwYiZVhFv5p0mP5sQq73y2ZSr4N
rMIAo7pCe2DEJmce7+xlsPxPPh64UUu8CD2HgQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:45 2024 by rpki-client on console-ams.rpki-client.org