Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3136342e3232382e302f32332d3234203d3e20313431393137.roa
File:                     3130332e3136342e3232382e302f32332d3234203d3e20313431393137.roa (raw, json)
Hash identifier:          XN8/0prtIJHZTpdv9sBs28ZpICFbY7N6UNTZ9H1XqRU=
Subject key identifier:   0A:95:4F:61:05:63:86:C1:E1:6B:C5:03:D1:F1:FD:1E:7B:2E:4D:CC
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       68AAA455B15DD3A1EC33730B619DAF2157A2810B
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3136342e3232382e302f32332d3234203d3e20313431393137.roa
Signing time:             Wed 21 Apr 2021 08:24:46 +0000
ROA not before:           Wed 21 Apr 2021 08:19:46 +0000
ROA not after:            Thu 21 Apr 2022 08:24:46 +0000
asID:                     141917
IP address blocks:        103.164.228.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:aa:a4:55:b1:5d:d3:a1:ec:33:73:0b:61:9d:af:21:57:a2:81:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Apr 21 08:19:46 2021 GMT
            Not After : Apr 21 08:24:46 2022 GMT
        Subject: CN=3082010A0282010100A2B313C609DF6DC34116A3C747B7F75EEBE4EB8C6682EE0ADCB72DDA597FE57999DD8585AB064868DABD843E14804CA1DA54D919ECD6EECA5F2AB79AC0EAB43E3CB6FAAFC27F3A0849EE7746231659A23F7D089790491B6B52628D8F6802E3A6EEAF536B3815F1AF9EC94B1ED6D770149998A454983A47C01B321B6942053E36D77B789B35755B5DC5056093E3193E7160A642997570C2984D9CAF639EB1C1A7ACAAE081E5F6CB5C2D871AB551853FE1B2621B7A8E4A2CF8F42426FA446238826C1F9946D71D5B45AF661C3A98172B4539CB9AD1F0EF8FD3003BC77C36A6BDD20EDC4664B3CD70A18435ACB1133CB9D90D1F2A73FFB5739C98F436ABDD03AE8F0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:b3:13:c6:09:df:6d:c3:41:16:a3:c7:47:b7:
                    f7:5e:eb:e4:eb:8c:66:82:ee:0a:dc:b7:2d:da:59:
                    7f:e5:79:99:dd:85:85:ab:06:48:68:da:bd:84:3e:
                    14:80:4c:a1:da:54:d9:19:ec:d6:ee:ca:5f:2a:b7:
                    9a:c0:ea:b4:3e:3c:b6:fa:af:c2:7f:3a:08:49:ee:
                    77:46:23:16:59:a2:3f:7d:08:97:90:49:1b:6b:52:
                    62:8d:8f:68:02:e3:a6:ee:af:53:6b:38:15:f1:af:
                    9e:c9:4b:1e:d6:d7:70:14:99:98:a4:54:98:3a:47:
                    c0:1b:32:1b:69:42:05:3e:36:d7:7b:78:9b:35:75:
                    5b:5d:c5:05:60:93:e3:19:3e:71:60:a6:42:99:75:
                    70:c2:98:4d:9c:af:63:9e:b1:c1:a7:ac:aa:e0:81:
                    e5:f6:cb:5c:2d:87:1a:b5:51:85:3f:e1:b2:62:1b:
                    7a:8e:4a:2c:f8:f4:24:26:fa:44:62:38:82:6c:1f:
                    99:46:d7:1d:5b:45:af:66:1c:3a:98:17:2b:45:39:
                    cb:9a:d1:f0:ef:8f:d3:00:3b:c7:7c:36:a6:bd:d2:
                    0e:dc:46:64:b3:cd:70:a1:84:35:ac:b1:13:3c:b9:
                    d9:0d:1f:2a:73:ff:b5:73:9c:98:f4:36:ab:dd:03:
                    ae:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:95:4F:61:05:63:86:C1:E1:6B:C5:03:D1:F1:FD:1E:7B:2E:4D:CC
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3136342e3232382e302f32332d3234203d3e20313431393137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.164.228.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0d:4f:50:d4:b0:2f:09:ff:cb:cf:e7:65:0f:dd:9a:80:7d:f5:
         b8:23:9f:67:88:b6:23:4e:5c:11:c8:fa:5f:e9:7a:2a:96:79:
         76:8c:95:1a:6c:8c:cc:13:1b:5d:ff:01:58:96:ee:19:0b:38:
         40:13:a1:d7:4e:17:0c:d7:90:07:ab:17:af:fb:7b:69:f4:ac:
         8a:5f:38:e9:cc:13:df:e2:af:b5:1d:5f:14:88:4e:fc:6f:6a:
         e6:82:4e:ef:ac:8b:e0:ee:30:d2:cc:32:d4:d9:b7:2e:64:7a:
         2e:e9:6b:fe:c4:0a:8e:4b:46:4d:69:8b:a1:93:38:7e:ed:24:
         c1:c9:03:c1:52:50:c7:f7:c3:05:f8:7a:83:bd:db:3a:c1:ce:
         09:af:0b:aa:3d:cb:dc:6e:1e:41:dd:f3:a7:cd:a2:f4:29:34:
         f7:b0:76:b5:77:c7:c5:60:ea:49:da:fc:a9:30:a3:f4:11:20:
         1f:83:92:5b:ae:24:a3:27:c2:76:b0:3d:a4:1d:d9:4e:45:20:
         1f:59:a3:7a:a7:26:77:e9:7a:76:5f:9e:55:97:89:49:fe:06:
         f9:1e:46:8d:80:dd:0b:be:93:dd:0f:ab:92:7f:c6:1e:43:56:
         f5:49:13:3a:f9:fe:43:12:e2:38:a3:43:7c:bb:de:da:d9:a9:
         af:99:67:ba
-----BEGIN CERTIFICATE-----
MIIHDDCCBfSgAwIBAgIUaKqkVbFd06HsM3MLYZ2vIVeigQswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIxMDQyMTA4MTk0NloX
DTIyMDQyMTA4MjQ0NlowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBBMkIzMTNDNjA5REY2REMzNDExNkEzQzc0N0I3Rjc1RUVCRTRFQjhDNjY4
MkVFMEFEQ0I3MkREQTU5N0ZFNTc5OTlERDg1ODVBQjA2NDg2OERBQkQ4NDNFMTQ4
MDRDQTFEQTU0RDkxOUVDRDZFRUNBNUYyQUI3OUFDMEVBQjQzRTNDQjZGQUFGQzI3
RjNBMDg0OUVFNzc0NjIzMTY1OUEyM0Y3RDA4OTc5MDQ5MUI2QjUyNjI4RDhGNjgw
MkUzQTZFRUFGNTM2QjM4MTVGMUFGOUVDOTRCMUVENkQ3NzAxNDk5OThBNDU0OTgz
QTQ3QzAxQjMyMUI2OTQyMDUzRTM2RDc3Qjc4OUIzNTc1NUI1REM1MDU2MDkzRTMx
OTNFNzE2MEE2NDI5OTc1NzBDMjk4NEQ5Q0FGNjM5RUIxQzFBN0FDQUFFMDgxRTVG
NkNCNUMyRDg3MUFCNTUxODUzRkUxQjI2MjFCN0E4RTRBMkNGOEY0MjQyNkZBNDQ2
MjM4ODI2QzFGOTk0NkQ3MUQ1QjQ1QUY2NjFDM0E5ODE3MkI0NTM5Q0I5QUQxRjBF
RjhGRDMwMDNCQzc3QzM2QTZCREQyMEVEQzQ2NjRCM0NENzBBMTg0MzVBQ0IxMTMz
Q0I5RDkwRDFGMkE3M0ZGQjU3MzlDOThGNDM2QUJERDAzQUU4RjAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCisxPGCd9tw0EWo8dHt/de
6+TrjGaC7grcty3aWX/leZndhYWrBkho2r2EPhSATKHaVNkZ7Nbuyl8qt5rA6rQ+
PLb6r8J/OghJ7ndGIxZZoj99CJeQSRtrUmKNj2gC46bur1NrOBXxr57JSx7W13AU
mZikVJg6R8AbMhtpQgU+Ntd7eJs1dVtdxQVgk+MZPnFgpkKZdXDCmE2cr2OescGn
rKrggeX2y1wthxq1UYU/4bJiG3qOSiz49CQm+kRiOIJsH5lG1x1bRa9mHDqYFytF
Ocua0fDvj9MAO8d8Nqa90g7cRmSzzXChhDWssRM8udkNHypz/7VznJj0NqvdA66P
AgMBAAGjggIDMIIB/zAdBgNVHQ4EFgQUCpVPYQVjhsHha8UD0fH9HnsuTcwwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBhgYIKwYB
BQUHAQsEejB4MHYGCCsGAQUFBzALhmpyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMxMzAzMzJlMzEzNjM0MmUzMjMyMzgyZTMwMmYz
MjMzMmQzMjM0MjAzZDNlMjAzMTM0MzEzOTMxMzcucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnpOQwDQYJ
KoZIhvcNAQELBQADggEBAA1PUNSwLwn/y8/nZQ/dmoB99bgjn2eItiNOXBHI+l/p
eiqWeXaMlRpsjMwTG13/AViW7hkLOEAToddOFwzXkAerF6/7e2n0rIpfOOnME9/i
r7UdXxSITvxvauaCTu+si+DuMNLMMtTZty5kei7pa/7ECo5LRk1pi6GTOH7tJMHJ
A8FSUMf3wwX4eoO92zrBzgmvC6o9y9xuHkHd86fNovQpNPewdrV3x8Vg6kna/Kkw
o/QRIB+DkluuJKMnwnawPaQd2U5FIB9Zo3qnJnfpenZfnlWXiUn+BvkeRo2A3Qu+
k90Pq5J/xh5DVvVJEzr5/kMS4jijQ3y73trZqa+ZZ7o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:10 2024 by rpki-client on console-fra.rpki-client.org