Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3233312e3137312e302f32342d3234203d3e20313430343832.roa
File:                     3130332e3233312e3137312e302f32342d3234203d3e20313430343832.roa (raw, json)
Hash identifier:          ZlH/U9/7EsAygCW8AMVccmkWkz0SQHXIgMziR46F2cM=
Subject key identifier:   B1:1E:2A:EF:C4:38:0D:C5:FD:4E:EF:0E:2E:FA:32:7F:08:CF:0D:E1
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       442B5E8880228E60339D6A1619C9A9F8C23F060A
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3233312e3137312e302f32342d3234203d3e20313430343832.roa
Signing time:             Tue 08 Feb 2022 02:00:05 +0000
ROA not before:           Tue 08 Feb 2022 01:55:05 +0000
ROA not after:            Wed 08 Feb 2023 02:00:05 +0000
asID:                     140482
IP address blocks:        103.231.171.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:2b:5e:88:80:22:8e:60:33:9d:6a:16:19:c9:a9:f8:c2:3f:06:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Feb  8 01:55:05 2022 GMT
            Not After : Feb  8 02:00:05 2023 GMT
        Subject: CN=3082010A0282010100B6A99BF884D1A2F48A083F5CE47ADACF054BDC7F5DD23787D876933E289FA565837F9A7EAEB694FACA34E3BD9DC2E488FF65FBD3E81371D00DC1386CB7ED63C5954EB834DC3BD91F9DDE399CB11A6ACEBABEB16E65D01D3256BCEFD1D571F69EEDE32F756A88B0C5F96D66176C108CCE81613D40491F6D3BDD38CE2CE77A0B330DE005D1C496DD0F3DA705955901933C96D32464EF2B907420B987FD034DB10DC09866520CD1005189E9C31FD9D771FF7B6F6694C2AE531DB37F7890CD9AE87B8E6DDA43D9D4D3682F8CB6A2ABF1C5460299EBBEDB0276AF196798206005763BDD8379E167CD91F918729B62A6CB4C0E774D0A37C775B3C25313EDBCDFBD5E7D0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:a9:9b:f8:84:d1:a2:f4:8a:08:3f:5c:e4:7a:
                    da:cf:05:4b:dc:7f:5d:d2:37:87:d8:76:93:3e:28:
                    9f:a5:65:83:7f:9a:7e:ae:b6:94:fa:ca:34:e3:bd:
                    9d:c2:e4:88:ff:65:fb:d3:e8:13:71:d0:0d:c1:38:
                    6c:b7:ed:63:c5:95:4e:b8:34:dc:3b:d9:1f:9d:de:
                    39:9c:b1:1a:6a:ce:ba:be:b1:6e:65:d0:1d:32:56:
                    bc:ef:d1:d5:71:f6:9e:ed:e3:2f:75:6a:88:b0:c5:
                    f9:6d:66:17:6c:10:8c:ce:81:61:3d:40:49:1f:6d:
                    3b:dd:38:ce:2c:e7:7a:0b:33:0d:e0:05:d1:c4:96:
                    dd:0f:3d:a7:05:95:59:01:93:3c:96:d3:24:64:ef:
                    2b:90:74:20:b9:87:fd:03:4d:b1:0d:c0:98:66:52:
                    0c:d1:00:51:89:e9:c3:1f:d9:d7:71:ff:7b:6f:66:
                    94:c2:ae:53:1d:b3:7f:78:90:cd:9a:e8:7b:8e:6d:
                    da:43:d9:d4:d3:68:2f:8c:b6:a2:ab:f1:c5:46:02:
                    99:eb:be:db:02:76:af:19:67:98:20:60:05:76:3b:
                    dd:83:79:e1:67:cd:91:f9:18:72:9b:62:a6:cb:4c:
                    0e:77:4d:0a:37:c7:75:b3:c2:53:13:ed:bc:df:bd:
                    5e:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:1E:2A:EF:C4:38:0D:C5:FD:4E:EF:0E:2E:FA:32:7F:08:CF:0D:E1
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e3233312e3137312e302f32342d3234203d3e20313430343832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.231.171.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:8e:bb:79:9e:31:ad:b1:0b:50:b5:13:b8:12:23:35:d5:cf:
         c5:ad:14:82:91:0d:96:ac:97:40:7e:b3:8b:83:29:6a:47:b9:
         7a:3d:6a:05:36:49:97:a2:ce:e0:75:e1:98:25:61:8d:79:21:
         df:92:bf:27:88:16:02:98:c8:1c:56:77:ca:91:0f:8b:6c:3b:
         ff:45:37:53:60:a5:5a:cc:7e:fd:f5:83:5c:ca:55:b6:a4:02:
         d8:30:a9:18:aa:b1:c3:30:c3:30:cf:fe:76:cf:d7:bb:0d:85:
         a5:df:3c:2c:ad:b6:70:7e:74:01:91:6c:51:77:3e:4f:74:c2:
         1f:de:e5:7e:73:8c:1a:b5:f4:a8:ca:eb:b3:3e:f5:b1:98:f7:
         fe:12:23:5a:df:3d:6a:f7:f9:af:5b:ce:04:02:12:34:a8:f1:
         5c:80:03:93:e8:07:ce:bb:e6:cf:c6:f9:66:10:94:3c:96:76:
         28:58:30:8e:9a:d4:a8:68:7d:67:2b:1b:1b:3a:e3:01:9a:0a:
         7c:6b:0e:dc:2d:67:46:4d:f4:2a:06:c4:e7:2e:30:29:a3:fc:
         6c:8b:29:38:9e:65:35:2b:2c:b7:e1:a6:10:13:94:0f:2b:04:
         10:db:5d:02:19:84:c9:fb:4b:ad:40:e1:d0:bd:3f:2d:4e:36:
         88:48:ad:3e
-----BEGIN CERTIFICATE-----
MIIHDDCCBfSgAwIBAgIURCteiIAijmAznWoWGcmp+MI/BgowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIyMDIwODAxNTUwNVoX
DTIzMDIwODAyMDAwNVowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBCNkE5OUJGODg0RDFBMkY0OEEwODNGNUNFNDdBREFDRjA1NEJEQzdGNURE
MjM3ODdEODc2OTMzRTI4OUZBNTY1ODM3RjlBN0VBRUI2OTRGQUNBMzRFM0JEOURD
MkU0ODhGRjY1RkJEM0U4MTM3MUQwMERDMTM4NkNCN0VENjNDNTk1NEVCODM0REMz
QkQ5MUY5RERFMzk5Q0IxMUE2QUNFQkFCRUIxNkU2NUQwMUQzMjU2QkNFRkQxRDU3
MUY2OUVFREUzMkY3NTZBODhCMEM1Rjk2RDY2MTc2QzEwOENDRTgxNjEzRDQwNDkx
RjZEM0JERDM4Q0UyQ0U3N0EwQjMzMERFMDA1RDFDNDk2REQwRjNEQTcwNTk1NTkw
MTkzM0M5NkQzMjQ2NEVGMkI5MDc0MjBCOTg3RkQwMzREQjEwREMwOTg2NjUyMENE
MTAwNTE4OUU5QzMxRkQ5RDc3MUZGN0I2RjY2OTRDMkFFNTMxREIzN0Y3ODkwQ0Q5
QUU4N0I4RTZEREE0M0Q5RDREMzY4MkY4Q0I2QTJBQkYxQzU0NjAyOTlFQkJFREIw
Mjc2QUYxOTY3OTgyMDYwMDU3NjNCREQ4Mzc5RTE2N0NEOTFGOTE4NzI5QjYyQTZD
QjRDMEU3NzREMEEzN0M3NzVCM0MyNTMxM0VEQkNERkJENUU3RDAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2qZv4hNGi9IoIP1zketrP
BUvcf13SN4fYdpM+KJ+lZYN/mn6utpT6yjTjvZ3C5Ij/ZfvT6BNx0A3BOGy37WPF
lU64NNw72R+d3jmcsRpqzrq+sW5l0B0yVrzv0dVx9p7t4y91aoiwxfltZhdsEIzO
gWE9QEkfbTvdOM4s53oLMw3gBdHElt0PPacFlVkBkzyW0yRk7yuQdCC5h/0DTbEN
wJhmUgzRAFGJ6cMf2ddx/3tvZpTCrlMds394kM2a6HuObdpD2dTTaC+MtqKr8cVG
ApnrvtsCdq8ZZ5ggYAV2O92DeeFnzZH5GHKbYqbLTA53TQo3x3WzwlMT7bzfvV59
AgMBAAGjggIDMIIB/zAdBgNVHQ4EFgQUsR4q78Q4DcX9Tu8OLvoyfwjPDeEwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBhgYIKwYB
BQUHAQsEejB4MHYGCCsGAQUFBzALhmpyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMxMzAzMzJlMzIzMzMxMmUzMTM3MzEyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM0MzAzNDM4MzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABn56swDQYJ
KoZIhvcNAQELBQADggEBADSOu3meMa2xC1C1E7gSIzXVz8WtFIKRDZasl0B+s4uD
KWpHuXo9agU2SZeizuB14ZglYY15Id+SvyeIFgKYyBxWd8qRD4tsO/9FN1NgpVrM
fv31g1zKVbakAtgwqRiqscMwwzDP/nbP17sNhaXfPCyttnB+dAGRbFF3Pk90wh/e
5X5zjBq19KjK67M+9bGY9/4SI1rfPWr3+a9bzgQCEjSo8VyAA5PoB8675s/G+WYQ
lDyWdihYMI6a1KhofWcrGxs64wGaCnxrDtwtZ0ZN9CoGxOcuMCmj/GyLKTieZTUr
LLfhphATlA8rBBDbXQIZhMn7S61A4dC9Py1ONohIrT4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:11 2024 by rpki-client on console-fra.rpki-client.org