Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3136352e3133382e302f32332d3234203d3e203137393935.roa
File:                     3130332e3136352e3133382e302f32332d3234203d3e203137393935.roa (raw, json)
Hash identifier:          w7ZUBG5GILN3CelG2+K8KdaOCOGu7JshMIlfjp5hH/A=
Subject key identifier:   6D:74:24:68:A4:44:66:99:E9:BB:8E:A1:18:D3:56:89:47:35:85:62
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       425FAB4A2303437D33DD1347FF1BBD3AF0C54081
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3136352e3133382e302f32332d3234203d3e203137393935.roa
Signing time:             Tue 02 Nov 2021 00:43:15 +0000
ROA not before:           Tue 02 Nov 2021 00:38:15 +0000
ROA not after:            Wed 02 Nov 2022 00:43:15 +0000
asID:                     17995
IP address blocks:        103.165.138.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:5f:ab:4a:23:03:43:7d:33:dd:13:47:ff:1b:bd:3a:f0:c5:40:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Nov  2 00:38:15 2021 GMT
            Not After : Nov  2 00:43:15 2022 GMT
        Subject: CN=3082010A0282010100E41D9F470BC4A1B007E35BBD4CF5420DC63D5B6A6480220C60D195FFA338B85AD8D0927C83665C63CE0B7F9E0F1ADBAB489C16A31DE03A53ACA23C32BD148CD42F52859C8F9BA49D8DA12B9078F9F7E564D2C12434F848273B5B00CC4C730C8898392E56E913688BAF6CECA997AF1667968E043048762E6758A9BCB6416E8852EAFFD48F27E4B275F1FB227F1499644BB305E21FE35CC50ADD85D3729A1A6C0CEAFF8D50FD40AA072AFA58C775D717624312870F6BB691C65DEF220B2F1DDD33C3C62EDA6FA0D48A703FC498E4519C604A0E2B3266D1E763BABCF512703EA20AF2A5C2A72A9D5E4C049CBE9E3EACF3E9C3A17FBF6DBF566C889EBAB1B606316F0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:1d:9f:47:0b:c4:a1:b0:07:e3:5b:bd:4c:f5:
                    42:0d:c6:3d:5b:6a:64:80:22:0c:60:d1:95:ff:a3:
                    38:b8:5a:d8:d0:92:7c:83:66:5c:63:ce:0b:7f:9e:
                    0f:1a:db:ab:48:9c:16:a3:1d:e0:3a:53:ac:a2:3c:
                    32:bd:14:8c:d4:2f:52:85:9c:8f:9b:a4:9d:8d:a1:
                    2b:90:78:f9:f7:e5:64:d2:c1:24:34:f8:48:27:3b:
                    5b:00:cc:4c:73:0c:88:98:39:2e:56:e9:13:68:8b:
                    af:6c:ec:a9:97:af:16:67:96:8e:04:30:48:76:2e:
                    67:58:a9:bc:b6:41:6e:88:52:ea:ff:d4:8f:27:e4:
                    b2:75:f1:fb:22:7f:14:99:64:4b:b3:05:e2:1f:e3:
                    5c:c5:0a:dd:85:d3:72:9a:1a:6c:0c:ea:ff:8d:50:
                    fd:40:aa:07:2a:fa:58:c7:75:d7:17:62:43:12:87:
                    0f:6b:b6:91:c6:5d:ef:22:0b:2f:1d:dd:33:c3:c6:
                    2e:da:6f:a0:d4:8a:70:3f:c4:98:e4:51:9c:60:4a:
                    0e:2b:32:66:d1:e7:63:ba:bc:f5:12:70:3e:a2:0a:
                    f2:a5:c2:a7:2a:9d:5e:4c:04:9c:be:9e:3e:ac:f3:
                    e9:c3:a1:7f:bf:6d:bf:56:6c:88:9e:ba:b1:b6:06:
                    31:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:74:24:68:A4:44:66:99:E9:BB:8E:A1:18:D3:56:89:47:35:85:62
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3136352e3133382e302f32332d3234203d3e203137393935.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.165.138.0/23

    Signature Algorithm: sha256WithRSAEncryption
         18:38:83:fa:dd:e8:f9:53:46:5a:79:3f:bc:6c:95:e9:68:dd:
         75:66:e4:ae:55:04:0f:cc:90:b9:33:fe:86:51:05:55:a2:93:
         1a:56:38:29:7a:2a:19:b7:6a:a1:44:12:ec:88:9e:b0:e5:17:
         b1:b9:13:39:74:80:4f:e6:b1:03:04:0b:ed:59:80:9c:ab:6e:
         c4:fc:83:69:c0:a7:25:ab:4a:d6:10:67:c5:ce:53:b3:c0:b6:
         1a:d6:c7:ca:18:e0:84:16:30:c1:6e:d0:06:db:6c:23:7d:6b:
         46:72:c5:99:8b:61:06:09:12:62:8f:fb:ae:96:dd:61:7e:45:
         65:7e:b7:c0:77:7f:c6:5c:ac:ac:7c:dd:30:bb:e3:aa:61:7a:
         d7:e7:8c:d4:2e:66:b9:fd:49:a9:3f:23:81:c0:ee:b1:3a:4f:
         54:1c:df:cc:68:58:d6:74:ca:9c:da:92:88:db:a8:e6:6b:b9:
         0a:cc:40:80:c9:24:ba:34:f9:42:9d:44:8d:91:fe:92:d4:c1:
         87:72:c7:67:36:74:57:ba:58:a2:0f:fb:4a:91:4b:fd:bf:62:
         a6:97:14:fe:b1:0c:8c:7a:05:98:61:f3:44:2f:e5:22:5a:21:
         60:55:05:0e:d7:76:15:f7:f6:ea:11:a4:97:0d:f8:09:1e:23:
         28:9c:47:cc
-----BEGIN CERTIFICATE-----
MIIHCjCCBfKgAwIBAgIUQl+rSiMDQ30z3RNH/xu9OvDFQIEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIxMTEwMjAwMzgxNVoX
DTIyMTEwMjAwNDMxNVowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBFNDFEOUY0NzBCQzRBMUIwMDdFMzVCQkQ0Q0Y1NDIwREM2M0Q1QjZBNjQ4
MDIyMEM2MEQxOTVGRkEzMzhCODVBRDhEMDkyN0M4MzY2NUM2M0NFMEI3RjlFMEYx
QURCQUI0ODlDMTZBMzFERTAzQTUzQUNBMjNDMzJCRDE0OENENDJGNTI4NTlDOEY5
QkE0OUQ4REExMkI5MDc4RjlGN0U1NjREMkMxMjQzNEY4NDgyNzNCNUIwMENDNEM3
MzBDODg5ODM5MkU1NkU5MTM2ODhCQUY2Q0VDQTk5N0FGMTY2Nzk2OEUwNDMwNDg3
NjJFNjc1OEE5QkNCNjQxNkU4ODUyRUFGRkQ0OEYyN0U0QjI3NUYxRkIyMjdGMTQ5
OTY0NEJCMzA1RTIxRkUzNUNDNTBBREQ4NUQzNzI5QTFBNkMwQ0VBRkY4RDUwRkQ0
MEFBMDcyQUZBNThDNzc1RDcxNzYyNDMxMjg3MEY2QkI2OTFDNjVERUYyMjBCMkYx
REREMzNDM0M2MkVEQTZGQTBENDhBNzAzRkM0OThFNDUxOUM2MDRBMEUyQjMyNjZE
MUU3NjNCQUJDRjUxMjcwM0VBMjBBRjJBNUMyQTcyQTlENUU0QzA0OUNCRTlFM0VB
Q0YzRTlDM0ExN0ZCRjZEQkY1NjZDODg5RUJBQjFCNjA2MzE2RjAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkHZ9HC8ShsAfjW71M9UIN
xj1bamSAIgxg0ZX/ozi4WtjQknyDZlxjzgt/ng8a26tInBajHeA6U6yiPDK9FIzU
L1KFnI+bpJ2NoSuQePn35WTSwSQ0+EgnO1sAzExzDIiYOS5W6RNoi69s7KmXrxZn
lo4EMEh2LmdYqby2QW6IUur/1I8n5LJ18fsifxSZZEuzBeIf41zFCt2F03KaGmwM
6v+NUP1Aqgcq+ljHddcXYkMShw9rtpHGXe8iCy8d3TPDxi7ab6DUinA/xJjkUZxg
Sg4rMmbR52O6vPUScD6iCvKlwqcqnV5MBJy+nj6s8+nDoX+/bb9WbIieurG2BjFv
AgMBAAGjggIBMIIB/TAdBgNVHQ4EFgQUbXQkaKREZpnpu46hGNNWiUc1hWIwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBhAYIKwYB
BQUHAQsEeDB2MHQGCCsGAQUFBzALhmhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMxMzAzMzJlMzEzNjM1MmUzMTMzMzgyZTMwMmYz
MjMzMmQzMjM0MjAzZDNlMjAzMTM3MzkzOTM1LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ6WKMA0GCSqG
SIb3DQEBCwUAA4IBAQAYOIP63ej5U0ZaeT+8bJXpaN11ZuSuVQQPzJC5M/6GUQVV
opMaVjgpeioZt2qhRBLsiJ6w5RexuRM5dIBP5rEDBAvtWYCcq27E/INpwKclq0rW
EGfFzlOzwLYa1sfKGOCEFjDBbtAG22wjfWtGcsWZi2EGCRJij/uult1hfkVlfrfA
d3/GXKysfN0wu+OqYXrX54zULma5/UmpPyOBwO6xOk9UHN/MaFjWdMqc2pKI26jm
a7kKzECAySS6NPlCnUSNkf6S1MGHcsdnNnRXuliiD/tKkUv9v2KmlxT+sQyMegWY
YfNEL+UiWiFgVQUO13YV9/bqEaSXDfgJHiMonEfM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:45 2024 by rpki-client on console-ams.rpki-client.org