Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3136352e3135322e302f32342d3234203d3e20333936393832.roa
File:                     3130332e3136352e3135322e302f32342d3234203d3e20333936393832.roa (raw, json)
Hash identifier:          Zg1MWg/BGhpwyisFiN519O4Ezqjd2gddSaj78zuTNgA=
Subject key identifier:   ED:3A:D9:44:C2:26:CD:03:F8:56:97:92:0D:8E:11:E6:43:9B:BB:CF
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       3FA024EA8B1BF6E497BD566007E928A6DB291D8C
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3136352e3135322e302f32342d3234203d3e20333936393832.roa
Signing time:             Thu 06 May 2021 04:12:12 +0000
ROA not before:           Thu 06 May 2021 04:07:12 +0000
ROA not after:            Fri 06 May 2022 04:12:12 +0000
asID:                     396982
IP address blocks:        103.165.152.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:a0:24:ea:8b:1b:f6:e4:97:bd:56:60:07:e9:28:a6:db:29:1d:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: May  6 04:07:12 2021 GMT
            Not After : May  6 04:12:12 2022 GMT
        Subject: CN=3082010A0282010100B7C1AE4A3D77BF8A492A61BB6C864BC9A044DE2892D9272AB81D047CDFDDDE894C4B74CBD18A0AF601F95B5B465E80D51D7263483116E871DCBDAEE8E4E34FE5593BE73EF30C5CA2965AF916267754914714D83B5091C3A5BEE4FBE929F3A0F227776F910AC5D9BE0A5DF8E3D72D87C8B2710417238B338631787A8DDCE3D88DED5C94632EB5613FA2271DAA92652D8048434BACBC05B43BB071ACDA1EC082BB3E75C0BFAD3D01D14DF0B63A1CD8C571508D11FBB427C3071D8F291111D50ED9291947DE1A283C74E40988FFC7B59DFB3E7BEA2BF702CFE0D995693EF685814EFCE6397ACF0D69AD12E7A3DD1725FE581E5737D8BF8207E13C2C5D292C1410E50203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:c1:ae:4a:3d:77:bf:8a:49:2a:61:bb:6c:86:
                    4b:c9:a0:44:de:28:92:d9:27:2a:b8:1d:04:7c:df:
                    dd:de:89:4c:4b:74:cb:d1:8a:0a:f6:01:f9:5b:5b:
                    46:5e:80:d5:1d:72:63:48:31:16:e8:71:dc:bd:ae:
                    e8:e4:e3:4f:e5:59:3b:e7:3e:f3:0c:5c:a2:96:5a:
                    f9:16:26:77:54:91:47:14:d8:3b:50:91:c3:a5:be:
                    e4:fb:e9:29:f3:a0:f2:27:77:6f:91:0a:c5:d9:be:
                    0a:5d:f8:e3:d7:2d:87:c8:b2:71:04:17:23:8b:33:
                    86:31:78:7a:8d:dc:e3:d8:8d:ed:5c:94:63:2e:b5:
                    61:3f:a2:27:1d:aa:92:65:2d:80:48:43:4b:ac:bc:
                    05:b4:3b:b0:71:ac:da:1e:c0:82:bb:3e:75:c0:bf:
                    ad:3d:01:d1:4d:f0:b6:3a:1c:d8:c5:71:50:8d:11:
                    fb:b4:27:c3:07:1d:8f:29:11:11:d5:0e:d9:29:19:
                    47:de:1a:28:3c:74:e4:09:88:ff:c7:b5:9d:fb:3e:
                    7b:ea:2b:f7:02:cf:e0:d9:95:69:3e:f6:85:81:4e:
                    fc:e6:39:7a:cf:0d:69:ad:12:e7:a3:dd:17:25:fe:
                    58:1e:57:37:d8:bf:82:07:e1:3c:2c:5d:29:2c:14:
                    10:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:3A:D9:44:C2:26:CD:03:F8:56:97:92:0D:8E:11:E6:43:9B:BB:CF
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3136352e3135322e302f32342d3234203d3e20333936393832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.165.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:13:e9:2a:b0:48:8b:77:5d:13:a2:cc:c9:a6:ab:72:5d:9c:
         2b:02:59:0f:bc:74:1a:d0:75:7e:05:13:e7:83:68:e1:95:9a:
         e6:5b:08:ef:12:10:63:18:3b:36:a2:be:36:b0:ca:b0:6e:cb:
         9d:0a:cd:a6:cf:92:5d:f1:3f:a5:05:e3:30:7a:45:d6:63:08:
         25:46:eb:03:81:a9:c4:86:4d:81:b9:01:a6:92:99:52:ff:17:
         25:4f:77:84:53:73:3e:77:50:aa:a0:99:ef:d4:0c:3f:d9:6c:
         20:b0:a5:d2:1d:50:88:5a:c7:1e:1a:74:37:81:4b:27:f5:e7:
         0c:77:e8:c9:f1:d9:02:92:d2:f0:26:cc:62:07:cc:51:a4:ed:
         ba:87:f1:c5:f6:06:9f:d9:01:da:95:11:74:1c:4b:f4:bd:d0:
         e4:f1:9e:c9:b1:3b:f7:1c:34:40:79:59:06:dc:9f:f1:17:64:
         af:d2:a7:78:1a:80:0d:cc:40:a0:92:0a:aa:15:17:9a:83:6b:
         d2:e2:3d:7e:e4:2d:03:26:c5:85:f8:b7:6b:ca:7c:12:1e:d0:
         38:45:21:43:7e:8b:57:31:cd:49:f5:ec:0e:bf:91:00:89:0d:
         b0:53:fd:36:b2:96:1e:8a:36:af:1f:aa:4a:5e:a2:89:6b:4d:
         49:f0:09:09
-----BEGIN CERTIFICATE-----
MIIHDDCCBfSgAwIBAgIUP6Ak6osb9uSXvVZgB+koptspHYwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIxMDUwNjA0MDcxMloX
DTIyMDUwNjA0MTIxMlowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBCN0MxQUU0QTNENzdCRjhBNDkyQTYxQkI2Qzg2NEJDOUEwNDRERTI4OTJE
OTI3MkFCODFEMDQ3Q0RGRERERTg5NEM0Qjc0Q0JEMThBMEFGNjAxRjk1QjVCNDY1
RTgwRDUxRDcyNjM0ODMxMTZFODcxRENCREFFRThFNEUzNEZFNTU5M0JFNzNFRjMw
QzVDQTI5NjVBRjkxNjI2Nzc1NDkxNDcxNEQ4M0I1MDkxQzNBNUJFRTRGQkU5MjlG
M0EwRjIyNzc3NkY5MTBBQzVEOUJFMEE1REY4RTNENzJEODdDOEIyNzEwNDE3MjM4
QjMzODYzMTc4N0E4RERDRTNEODhERUQ1Qzk0NjMyRUI1NjEzRkEyMjcxREFBOTI2
NTJEODA0ODQzNEJBQ0JDMDVCNDNCQjA3MUFDREExRUMwODJCQjNFNzVDMEJGQUQz
RDAxRDE0REYwQjYzQTFDRDhDNTcxNTA4RDExRkJCNDI3QzMwNzFEOEYyOTExMTFE
NTBFRDkyOTE5NDdERTFBMjgzQzc0RTQwOTg4RkZDN0I1OURGQjNFN0JFQTJCRjcw
MkNGRTBEOTk1NjkzRUY2ODU4MTRFRkNFNjM5N0FDRjBENjlBRDEyRTdBM0REMTcy
NUZFNTgxRTU3MzdEOEJGODIwN0UxM0MyQzVEMjkyQzE0MTBFNTAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3wa5KPXe/ikkqYbtshkvJ
oETeKJLZJyq4HQR8393eiUxLdMvRigr2AflbW0ZegNUdcmNIMRbocdy9rujk40/l
WTvnPvMMXKKWWvkWJndUkUcU2DtQkcOlvuT76SnzoPInd2+RCsXZvgpd+OPXLYfI
snEEFyOLM4YxeHqN3OPYje1clGMutWE/oicdqpJlLYBIQ0usvAW0O7BxrNoewIK7
PnXAv609AdFN8LY6HNjFcVCNEfu0J8MHHY8pERHVDtkpGUfeGig8dOQJiP/HtZ37
PnvqK/cCz+DZlWk+9oWBTvzmOXrPDWmtEuej3Rcl/lgeVzfYv4IH4TwsXSksFBDl
AgMBAAGjggIDMIIB/zAdBgNVHQ4EFgQU7TrZRMImzQP4VpeSDY4R5kObu88wHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBhgYIKwYB
BQUHAQsEejB4MHYGCCsGAQUFBzALhmpyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMxMzAzMzJlMzEzNjM1MmUzMTM1MzIyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMzM5MzYzOTM4MzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnpZgwDQYJ
KoZIhvcNAQELBQADggEBAHYT6SqwSIt3XROizMmmq3JdnCsCWQ+8dBrQdX4FE+eD
aOGVmuZbCO8SEGMYOzaivjawyrBuy50KzabPkl3xP6UF4zB6RdZjCCVG6wOBqcSG
TYG5AaaSmVL/FyVPd4RTcz53UKqgme/UDD/ZbCCwpdIdUIhaxx4adDeBSyf15wx3
6Mnx2QKS0vAmzGIHzFGk7bqH8cX2Bp/ZAdqVEXQcS/S90OTxnsmxO/ccNEB5WQbc
n/EXZK/Sp3gagA3MQKCSCqoVF5qDa9LiPX7kLQMmxYX4t2vKfBIe0DhFIUN+i1cx
zUn17A6/kQCJDbBT/Taylh6KNq8fqkpeoolrTUnwCQk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:45 2024 by rpki-client on console-ams.rpki-client.org