Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3137322e3234342e302f32332d3234203d3e20313437303732.roa
File:                     3130332e3137322e3234342e302f32332d3234203d3e20313437303732.roa (raw, json)
Hash identifier:          jWpjR+aJWbSpI0CX6CaSBljrJzTZo42Zr5uYvWjwunk=
Subject key identifier:   8C:64:42:A4:D4:B3:30:DF:25:37:A6:D1:CF:94:02:C6:7E:55:C3:D3
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       5CD5EC662A5BB8075C653F28914C74088FF7F73F
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3137322e3234342e302f32332d3234203d3e20313437303732.roa
Signing time:             Tue 16 Nov 2021 07:05:06 +0000
ROA not before:           Tue 16 Nov 2021 07:00:06 +0000
ROA not after:            Wed 16 Nov 2022 07:05:06 +0000
asID:                     147072
IP address blocks:        103.172.244.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:d5:ec:66:2a:5b:b8:07:5c:65:3f:28:91:4c:74:08:8f:f7:f7:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Nov 16 07:00:06 2021 GMT
            Not After : Nov 16 07:05:06 2022 GMT
        Subject: CN=3082010A0282010100D0C744261F48A15BB95F1D806412EEF7BA8B216B33F8062B558A79CE8020657F56E48849C318476C5DC92DA0C2569C97F81626EDF53884C0DA979A1E718DA1A729858BB1D8E30A996D34B308BE2141D04078D00CDB1D9B5FF2AF2DD2B8B9AE912AE4FF678DDBA2034262816FA724756C4A5809368EDE8C477C0BBA85CBD13E0D73CA13A31E5087B6683F5982F393CEDF0E28FDC8244DFC1CC7C4E37500BC4CE1B8C953C692839968480F6B85DBEA69DCD2AC32634A76073C44F0205C6D1DBBEA610916DED21E77A6322FFE8F19A96F44418DFD85DD8E35FDBB0AFBCD8B5CAB5BC3A69EA78D63398CFB32F01F965B4F55CF5D4056050B7E7C30484CDC72A82F5D0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:c7:44:26:1f:48:a1:5b:b9:5f:1d:80:64:12:
                    ee:f7:ba:8b:21:6b:33:f8:06:2b:55:8a:79:ce:80:
                    20:65:7f:56:e4:88:49:c3:18:47:6c:5d:c9:2d:a0:
                    c2:56:9c:97:f8:16:26:ed:f5:38:84:c0:da:97:9a:
                    1e:71:8d:a1:a7:29:85:8b:b1:d8:e3:0a:99:6d:34:
                    b3:08:be:21:41:d0:40:78:d0:0c:db:1d:9b:5f:f2:
                    af:2d:d2:b8:b9:ae:91:2a:e4:ff:67:8d:db:a2:03:
                    42:62:81:6f:a7:24:75:6c:4a:58:09:36:8e:de:8c:
                    47:7c:0b:ba:85:cb:d1:3e:0d:73:ca:13:a3:1e:50:
                    87:b6:68:3f:59:82:f3:93:ce:df:0e:28:fd:c8:24:
                    4d:fc:1c:c7:c4:e3:75:00:bc:4c:e1:b8:c9:53:c6:
                    92:83:99:68:48:0f:6b:85:db:ea:69:dc:d2:ac:32:
                    63:4a:76:07:3c:44:f0:20:5c:6d:1d:bb:ea:61:09:
                    16:de:d2:1e:77:a6:32:2f:fe:8f:19:a9:6f:44:41:
                    8d:fd:85:dd:8e:35:fd:bb:0a:fb:cd:8b:5c:ab:5b:
                    c3:a6:9e:a7:8d:63:39:8c:fb:32:f0:1f:96:5b:4f:
                    55:cf:5d:40:56:05:0b:7e:7c:30:48:4c:dc:72:a8:
                    2f:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:64:42:A4:D4:B3:30:DF:25:37:A6:D1:CF:94:02:C6:7E:55:C3:D3
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3137322e3234342e302f32332d3234203d3e20313437303732.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.172.244.0/23

    Signature Algorithm: sha256WithRSAEncryption
         30:16:7f:37:0b:17:76:00:b6:ee:66:35:78:30:f2:7f:59:90:
         f7:c5:3c:f7:39:51:d7:2f:d5:5b:94:40:54:fa:8f:32:bb:76:
         ae:67:3d:a5:4c:d0:0f:61:30:38:b9:a9:81:e5:38:cf:15:f9:
         9f:92:f0:69:8d:ed:74:e8:ae:39:00:c4:50:94:35:a3:9e:74:
         cd:ed:bb:46:d8:c3:41:57:51:03:81:4a:08:16:2a:55:8b:02:
         43:5c:51:58:f2:58:9c:0d:89:69:d9:6e:0f:7d:b4:3c:51:a4:
         71:29:81:bd:98:8f:cf:38:a5:8b:9a:09:62:9e:f2:6a:b4:df:
         0a:ce:2d:ab:43:b2:71:d2:f2:07:69:83:09:58:c0:b4:cd:a0:
         82:2c:63:70:74:ad:f7:c1:fd:45:6e:24:91:b7:a5:ac:13:d7:
         27:db:f9:8c:2c:b0:46:7c:ea:a0:99:37:92:35:e1:58:52:2f:
         e8:dd:92:2b:1a:a2:29:67:0a:a1:c8:9d:f8:a5:c3:1c:e3:bc:
         db:6f:60:6e:f0:ad:0d:dd:7d:34:dd:98:41:0a:8c:0f:dd:dd:
         b6:fd:c9:fb:4e:9d:14:e5:e7:9c:ec:9f:1a:29:77:23:a2:79:
         e5:92:83:24:1e:8f:63:63:aa:3a:29:b7:c3:74:90:b5:56:2c:
         b6:5c:9f:05
-----BEGIN CERTIFICATE-----
MIIHDDCCBfSgAwIBAgIUXNXsZipbuAdcZT8okUx0CI/39z8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIxMTExNjA3MDAwNloX
DTIyMTExNjA3MDUwNlowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBEMEM3NDQyNjFGNDhBMTVCQjk1RjFEODA2NDEyRUVGN0JBOEIyMTZCMzNG
ODA2MkI1NThBNzlDRTgwMjA2NTdGNTZFNDg4NDlDMzE4NDc2QzVEQzkyREEwQzI1
NjlDOTdGODE2MjZFREY1Mzg4NEMwREE5NzlBMUU3MThEQTFBNzI5ODU4QkIxRDhF
MzBBOTk2RDM0QjMwOEJFMjE0MUQwNDA3OEQwMENEQjFEOUI1RkYyQUYyREQyQjhC
OUFFOTEyQUU0RkY2NzhEREJBMjAzNDI2MjgxNkZBNzI0NzU2QzRBNTgwOTM2OEVE
RThDNDc3QzBCQkE4NUNCRDEzRTBENzNDQTEzQTMxRTUwODdCNjY4M0Y1OTgyRjM5
M0NFREYwRTI4RkRDODI0NERGQzFDQzdDNEUzNzUwMEJDNENFMUI4Qzk1M0M2OTI4
Mzk5Njg0ODBGNkI4NURCRUE2OURDRDJBQzMyNjM0QTc2MDczQzQ0RjAyMDVDNkQx
REJCRUE2MTA5MTZERUQyMUU3N0E2MzIyRkZFOEYxOUE5NkY0NDQxOERGRDg1REQ4
RTM1RkRCQjBBRkJDRDhCNUNBQjVCQzNBNjlFQTc4RDYzMzk4Q0ZCMzJGMDFGOTY1
QjRGNTVDRjVENDA1NjA1MEI3RTdDMzA0ODRDREM3MkE4MkY1RDAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQx0QmH0ihW7lfHYBkEu73
uoshazP4BitVinnOgCBlf1bkiEnDGEdsXcktoMJWnJf4Fibt9TiEwNqXmh5xjaGn
KYWLsdjjCpltNLMIviFB0EB40AzbHZtf8q8t0ri5rpEq5P9njduiA0JigW+nJHVs
SlgJNo7ejEd8C7qFy9E+DXPKE6MeUIe2aD9ZgvOTzt8OKP3IJE38HMfE43UAvEzh
uMlTxpKDmWhID2uF2+pp3NKsMmNKdgc8RPAgXG0du+phCRbe0h53pjIv/o8ZqW9E
QY39hd2ONf27CvvNi1yrW8OmnqeNYzmM+zLwH5ZbT1XPXUBWBQt+fDBITNxyqC9d
AgMBAAGjggIDMIIB/zAdBgNVHQ4EFgQUjGRCpNSzMN8lN6bRz5QCxn5Vw9MwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBhgYIKwYB
BQUHAQsEejB4MHYGCCsGAQUFBzALhmpyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMxMzAzMzJlMzEzNzMyMmUzMjM0MzQyZTMwMmYz
MjMzMmQzMjM0MjAzZDNlMjAzMTM0MzczMDM3MzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnrPQwDQYJ
KoZIhvcNAQELBQADggEBADAWfzcLF3YAtu5mNXgw8n9ZkPfFPPc5Udcv1VuUQFT6
jzK7dq5nPaVM0A9hMDi5qYHlOM8V+Z+S8GmN7XTorjkAxFCUNaOedM3tu0bYw0FX
UQOBSggWKlWLAkNcUVjyWJwNiWnZbg99tDxRpHEpgb2Yj884pYuaCWKe8mq03wrO
LatDsnHS8gdpgwlYwLTNoIIsY3B0rffB/UVuJJG3pawT1yfb+YwssEZ86qCZN5I1
4VhSL+jdkisaoilnCqHInfilwxzjvNtvYG7wrQ3dfTTdmEEKjA/d3bb9yftOnRTl
55zsnxopdyOieeWSgyQej2Njqjopt8N0kLVWLLZcnwU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:11 2024 by rpki-client on console-fra.rpki-client.org