Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3136382e3130362e302f32332d3234203d3e2039383735.roa
File:                     3130332e3136382e3130362e302f32332d3234203d3e2039383735.roa (raw, json)
Hash identifier:          +iN8sssTksdUio+3H2yd6GSmHftLXrtJiI9bJE/9dNc=
Subject key identifier:   15:28:01:03:4D:8F:42:B1:C3:31:7A:DC:8F:EA:0D:87:9D:B9:4A:24
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       790321BA89D1CBB6DAB2E8237876F7B31BC21DCD
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3136382e3130362e302f32332d3234203d3e2039383735.roa
Signing time:             Thu 17 Jun 2021 01:44:36 +0000
ROA not before:           Thu 17 Jun 2021 01:39:36 +0000
ROA not after:            Fri 17 Jun 2022 01:44:36 +0000
asID:                     9875
IP address blocks:        103.168.106.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:03:21:ba:89:d1:cb:b6:da:b2:e8:23:78:76:f7:b3:1b:c2:1d:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Jun 17 01:39:36 2021 GMT
            Not After : Jun 17 01:44:36 2022 GMT
        Subject: CN=3082010A0282010100BB00BE3CCD7459D065455573D9B164CA8EF4A9C166093D47A72A49E9F718CC90C79E1A36C9ECAB8CDDB9A131065B3F4B94BC37A49E5C574CEDE2F9C2C3D8115D625FF7B90FA348F35512627DB570A39D48810F10AEECEB1C7E5378FE00DBF4476AADF34584ADE10BE31B85583F2A20EA3E60C5F1B77D593538882AE0C318C01D02504EDAF8BF9EF3497CFC020EFC0F23AF71FC047BFD791B78DE86172D6ED3AD13F461E7EF4B7F52A55EE514E6B59742A53EDDFB5505FA651BB4DF389797D5BCFCC884CA8E19B6D9B880E9ACF4DEBC13E2D572EA04C939E9A4952FC1A8D0A0C2A9C671376E9BE675C80B8A3CDD4AC038593A6526A3A0152036560EFB256EB2490203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:00:be:3c:cd:74:59:d0:65:45:55:73:d9:b1:
                    64:ca:8e:f4:a9:c1:66:09:3d:47:a7:2a:49:e9:f7:
                    18:cc:90:c7:9e:1a:36:c9:ec:ab:8c:dd:b9:a1:31:
                    06:5b:3f:4b:94:bc:37:a4:9e:5c:57:4c:ed:e2:f9:
                    c2:c3:d8:11:5d:62:5f:f7:b9:0f:a3:48:f3:55:12:
                    62:7d:b5:70:a3:9d:48:81:0f:10:ae:ec:eb:1c:7e:
                    53:78:fe:00:db:f4:47:6a:ad:f3:45:84:ad:e1:0b:
                    e3:1b:85:58:3f:2a:20:ea:3e:60:c5:f1:b7:7d:59:
                    35:38:88:2a:e0:c3:18:c0:1d:02:50:4e:da:f8:bf:
                    9e:f3:49:7c:fc:02:0e:fc:0f:23:af:71:fc:04:7b:
                    fd:79:1b:78:de:86:17:2d:6e:d3:ad:13:f4:61:e7:
                    ef:4b:7f:52:a5:5e:e5:14:e6:b5:97:42:a5:3e:dd:
                    fb:55:05:fa:65:1b:b4:df:38:97:97:d5:bc:fc:c8:
                    84:ca:8e:19:b6:d9:b8:80:e9:ac:f4:de:bc:13:e2:
                    d5:72:ea:04:c9:39:e9:a4:95:2f:c1:a8:d0:a0:c2:
                    a9:c6:71:37:6e:9b:e6:75:c8:0b:8a:3c:dd:4a:c0:
                    38:59:3a:65:26:a3:a0:15:20:36:56:0e:fb:25:6e:
                    b2:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:28:01:03:4D:8F:42:B1:C3:31:7A:DC:8F:EA:0D:87:9D:B9:4A:24
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3136382e3130362e302f32332d3234203d3e2039383735.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.168.106.0/23

    Signature Algorithm: sha256WithRSAEncryption
         23:de:53:76:21:e3:55:eb:77:b4:60:4c:f6:ef:2a:9a:46:67:
         06:9c:9f:b1:8f:95:34:35:6e:b3:3f:4a:6e:14:2b:aa:8c:e3:
         3e:fa:67:df:3b:7a:91:27:1b:16:2b:6f:ae:8a:65:bc:2a:75:
         01:1e:c8:07:85:4f:63:f1:c6:05:b7:cc:bd:1b:16:ea:1e:bb:
         37:45:f6:d8:cc:61:49:2f:a6:5f:3a:b2:2e:28:8b:d0:19:41:
         ce:39:17:b8:4d:02:c3:f4:76:44:0b:ba:ca:82:04:f2:36:c9:
         0b:64:c4:93:4c:16:81:76:3a:84:62:71:6b:9d:99:61:09:30:
         0f:ca:e3:64:cc:67:4f:11:5c:56:2b:37:40:00:13:31:87:3f:
         a3:84:ad:e4:d4:ff:33:cf:d5:b6:51:fa:e0:be:55:44:0a:50:
         9b:ad:c7:6f:13:8f:76:2c:f8:1a:bd:30:55:39:85:51:cb:29:
         e7:93:4a:ec:8c:91:d5:0b:3e:03:3b:06:ce:c6:ae:55:b4:e7:
         bc:52:79:b5:74:15:1f:d0:20:c8:fa:04:98:cc:8b:2f:ae:3b:
         ec:b6:16:82:36:a3:8b:17:58:c7:86:40:4e:71:0b:7e:d0:58:
         08:04:20:2e:1e:b8:52:20:fe:e6:7e:58:09:86:74:3c:61:de:
         58:b4:12:27
-----BEGIN CERTIFICATE-----
MIIHCDCCBfCgAwIBAgIUeQMhuonRy7basugjeHb3sxvCHc0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIxMDYxNzAxMzkzNloX
DTIyMDYxNzAxNDQzNlowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBCQjAwQkUzQ0NENzQ1OUQwNjU0NTU1NzNEOUIxNjRDQThFRjRBOUMxNjYw
OTNENDdBNzJBNDlFOUY3MThDQzkwQzc5RTFBMzZDOUVDQUI4Q0REQjlBMTMxMDY1
QjNGNEI5NEJDMzdBNDlFNUM1NzRDRURFMkY5QzJDM0Q4MTE1RDYyNUZGN0I5MEZB
MzQ4RjM1NTEyNjI3REI1NzBBMzlENDg4MTBGMTBBRUVDRUIxQzdFNTM3OEZFMDBE
QkY0NDc2QUFERjM0NTg0QURFMTBCRTMxQjg1NTgzRjJBMjBFQTNFNjBDNUYxQjc3
RDU5MzUzODg4MkFFMEMzMThDMDFEMDI1MDRFREFGOEJGOUVGMzQ5N0NGQzAyMEVG
QzBGMjNBRjcxRkMwNDdCRkQ3OTFCNzhERTg2MTcyRDZFRDNBRDEzRjQ2MUU3RUY0
QjdGNTJBNTVFRTUxNEU2QjU5NzQyQTUzRURERkI1NTA1RkE2NTFCQjRERjM4OTc5
N0Q1QkNGQ0M4ODRDQThFMTlCNkQ5Qjg4MEU5QUNGNERFQkMxM0UyRDU3MkVBMDRD
OTM5RTlBNDk1MkZDMUE4RDBBMEMyQTlDNjcxMzc2RTlCRTY3NUM4MEI4QTNDREQ0
QUMwMzg1OTNBNjUyNkEzQTAxNTIwMzY1NjBFRkIyNTZFQjI0OTAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7AL48zXRZ0GVFVXPZsWTK
jvSpwWYJPUenKknp9xjMkMeeGjbJ7KuM3bmhMQZbP0uUvDeknlxXTO3i+cLD2BFd
Yl/3uQ+jSPNVEmJ9tXCjnUiBDxCu7OscflN4/gDb9EdqrfNFhK3hC+MbhVg/KiDq
PmDF8bd9WTU4iCrgwxjAHQJQTtr4v57zSXz8Ag78DyOvcfwEe/15G3jehhctbtOt
E/Rh5+9Lf1KlXuUU5rWXQqU+3ftVBfplG7TfOJeX1bz8yITKjhm22biA6az03rwT
4tVy6gTJOemklS/BqNCgwqnGcTdum+Z1yAuKPN1KwDhZOmUmo6AVIDZWDvslbrJJ
AgMBAAGjggH/MIIB+zAdBgNVHQ4EFgQUFSgBA02PQrHDMXrcj+oNh525SiQwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBggYIKwYB
BQUHAQsEdjB0MHIGCCsGAQUFBzALhmZyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMxMzAzMzJlMzEzNjM4MmUzMTMwMzYyZTMwMmYz
MjMzMmQzMjM0MjAzZDNlMjAzOTM4MzczNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWeoajANBgkqhkiG
9w0BAQsFAAOCAQEAI95TdiHjVet3tGBM9u8qmkZnBpyfsY+VNDVusz9KbhQrqozj
Pvpn3zt6kScbFitvroplvCp1AR7IB4VPY/HGBbfMvRsW6h67N0X22MxhSS+mXzqy
LiiL0BlBzjkXuE0Cw/R2RAu6yoIE8jbJC2TEk0wWgXY6hGJxa52ZYQkwD8rjZMxn
TxFcVis3QAATMYc/o4St5NT/M8/VtlH64L5VRApQm63HbxOPdiz4Gr0wVTmFUcsp
55NK7IyR1Qs+AzsGzsauVbTnvFJ5tXQVH9AgyPoEmMyLL6477LYWgjajixdYx4ZA
TnELftBYCAQgLh64UiD+5n5YCYZ0PGHeWLQSJw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:11 2024 by rpki-client on console-fra.rpki-client.org