Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e32392e3232382e302f32322d3234203d3e2030.roa
File:                     3130332e32392e3232382e302f32322d3234203d3e2030.roa (raw, json)
Hash identifier:          toRVpGxiT1cWAcmwcEvXi82DEJSnF4V5oa37sCoY9lU=
Subject key identifier:   C0:EA:F0:CE:C6:F4:49:34:97:7C:49:E1:61:72:84:B9:89:3D:90:92
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       5E4754BE0202BF1823202281934F44B9EE049567
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e32392e3232382e302f32322d3234203d3e2030.roa
Signing time:             Mon 31 Jan 2022 04:02:45 +0000
ROA not before:           Mon 31 Jan 2022 03:57:45 +0000
ROA not after:            Tue 31 Jan 2023 04:02:45 +0000
asID:                     0
IP address blocks:        103.29.228.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:47:54:be:02:02:bf:18:23:20:22:81:93:4f:44:b9:ee:04:95:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Jan 31 03:57:45 2022 GMT
            Not After : Jan 31 04:02:45 2023 GMT
        Subject: CN=3082010A0282010100A20F2B2B7FEEAB5CB3CB32F340C42824E8C2DDB60A937197A0F6D6A2453612ADBBF290830DE7693BF030B2F48B1650D6305B26B2862559F4D080722A76207D0FCFDE967DEEC9490B7F305B661661108B5C22C3E9E11A4FC841EFD2B4A0C53DD0054AAE0FC64177F1B89907513AB277ED4D45D61802D5F8053FED70597FB4A29282DB74FF61BDCB38F647CB0521C4187D71FE3DECDD5015B3FDCED614AAF796806A4843D91B1C91A4F92522A72E22CE915C64BCDB54E6A5BA9ECF2202AEC191A910CFDAA66B1E5FD38D2696DF42EDE3A2BB1EF390714BCCE864F5E35E81520DC1947560BA108934F81EA34A11F07787BF4B8E05B0431453F2C1B98F1462CFAB230203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:0f:2b:2b:7f:ee:ab:5c:b3:cb:32:f3:40:c4:
                    28:24:e8:c2:dd:b6:0a:93:71:97:a0:f6:d6:a2:45:
                    36:12:ad:bb:f2:90:83:0d:e7:69:3b:f0:30:b2:f4:
                    8b:16:50:d6:30:5b:26:b2:86:25:59:f4:d0:80:72:
                    2a:76:20:7d:0f:cf:de:96:7d:ee:c9:49:0b:7f:30:
                    5b:66:16:61:10:8b:5c:22:c3:e9:e1:1a:4f:c8:41:
                    ef:d2:b4:a0:c5:3d:d0:05:4a:ae:0f:c6:41:77:f1:
                    b8:99:07:51:3a:b2:77:ed:4d:45:d6:18:02:d5:f8:
                    05:3f:ed:70:59:7f:b4:a2:92:82:db:74:ff:61:bd:
                    cb:38:f6:47:cb:05:21:c4:18:7d:71:fe:3d:ec:dd:
                    50:15:b3:fd:ce:d6:14:aa:f7:96:80:6a:48:43:d9:
                    1b:1c:91:a4:f9:25:22:a7:2e:22:ce:91:5c:64:bc:
                    db:54:e6:a5:ba:9e:cf:22:02:ae:c1:91:a9:10:cf:
                    da:a6:6b:1e:5f:d3:8d:26:96:df:42:ed:e3:a2:bb:
                    1e:f3:90:71:4b:cc:e8:64:f5:e3:5e:81:52:0d:c1:
                    94:75:60:ba:10:89:34:f8:1e:a3:4a:11:f0:77:87:
                    bf:4b:8e:05:b0:43:14:53:f2:c1:b9:8f:14:62:cf:
                    ab:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:EA:F0:CE:C6:F4:49:34:97:7C:49:E1:61:72:84:B9:89:3D:90:92
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e32392e3232382e302f32322d3234203d3e2030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.29.228.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8a:b9:5d:ac:c5:68:24:95:bf:d3:e3:17:cc:d9:60:86:67:a8:
         07:bc:b2:c9:2e:3a:bc:c2:98:22:a4:31:19:d8:29:d4:ac:ed:
         50:e8:08:53:f6:84:70:38:05:7f:c1:8c:c2:d6:23:77:dd:ea:
         d6:27:07:a2:38:ea:78:18:36:bc:0b:9b:54:6d:98:03:cb:63:
         89:57:ca:bc:47:3e:32:0e:b0:4f:f3:11:8a:51:67:57:48:5c:
         83:6c:4a:73:1c:ea:dd:24:45:c0:69:14:d0:81:28:4b:8a:f4:
         3d:84:cf:76:36:41:ea:01:e8:7a:b5:a8:94:82:93:94:26:35:
         bb:f0:7d:a6:01:d8:5d:fd:a0:bb:bf:6a:c3:45:33:16:19:bb:
         23:9e:a0:7b:1a:97:02:fe:dc:a8:61:12:ae:0f:55:74:d9:71:
         d7:3e:35:c4:88:52:9a:b2:b6:33:78:41:49:00:76:d2:0b:c2:
         be:db:86:7f:6e:8f:49:49:25:b0:3b:93:fe:80:45:98:b6:a1:
         fa:36:03:0e:64:68:aa:1c:42:bc:97:5d:dd:ad:bd:68:d0:55:
         75:78:dd:67:c1:06:4c:bb:c8:f2:27:94:77:fa:9b:49:82:b4:
         67:87:35:8f:73:c6:fe:58:61:3b:d3:57:f5:46:43:52:a6:c1:
         1b:25:ca:e7
-----BEGIN CERTIFICATE-----
MIIG/zCCBeegAwIBAgIUXkdUvgICvxgjICKBk09Eue4ElWcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIyMDEzMTAzNTc0NVoX
DTIzMDEzMTA0MDI0NVowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBBMjBGMkIyQjdGRUVBQjVDQjNDQjMyRjM0MEM0MjgyNEU4QzJEREI2MEE5
MzcxOTdBMEY2RDZBMjQ1MzYxMkFEQkJGMjkwODMwREU3NjkzQkYwMzBCMkY0OEIx
NjUwRDYzMDVCMjZCMjg2MjU1OUY0RDA4MDcyMkE3NjIwN0QwRkNGREU5NjdERUVD
OTQ5MEI3RjMwNUI2NjE2NjExMDhCNUMyMkMzRTlFMTFBNEZDODQxRUZEMkI0QTBD
NTNERDAwNTRBQUUwRkM2NDE3N0YxQjg5OTA3NTEzQUIyNzdFRDRENDVENjE4MDJE
NUY4MDUzRkVENzA1OTdGQjRBMjkyODJEQjc0RkY2MUJEQ0IzOEY2NDdDQjA1MjFD
NDE4N0Q3MUZFM0RFQ0RENTAxNUIzRkRDRUQ2MTRBQUY3OTY4MDZBNDg0M0Q5MUIx
QzkxQTRGOTI1MjJBNzJFMjJDRTkxNUM2NEJDREI1NEU2QTVCQTlFQ0YyMjAyQUVD
MTkxQTkxMENGREFBNjZCMUU1RkQzOEQyNjk2REY0MkVERTNBMkJCMUVGMzkwNzE0
QkNDRTg2NEY1RTM1RTgxNTIwREMxOTQ3NTYwQkExMDg5MzRGODFFQTM0QTExRjA3
Nzg3QkY0QjhFMDVCMDQzMTQ1M0YyQzFCOThGMTQ2MkNGQUIyMzAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiDysrf+6rXLPLMvNAxCgk
6MLdtgqTcZeg9taiRTYSrbvykIMN52k78DCy9IsWUNYwWyayhiVZ9NCAcip2IH0P
z96Wfe7JSQt/MFtmFmEQi1wiw+nhGk/IQe/StKDFPdAFSq4PxkF38biZB1E6snft
TUXWGALV+AU/7XBZf7SikoLbdP9hvcs49kfLBSHEGH1x/j3s3VAVs/3O1hSq95aA
akhD2RsckaT5JSKnLiLOkVxkvNtU5qW6ns8iAq7BkakQz9qmax5f040mlt9C7eOi
ux7zkHFLzOhk9eNegVINwZR1YLoQiTT4HqNKEfB3h79LjgWwQxRT8sG5jxRiz6sj
AgMBAAGjggH2MIIB8jAdBgNVHQ4EFgQUwOrwzsb0STSXfEnhYXKEuYk9kJIwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjB6BggrBgEF
BQcBCwRuMGwwagYIKwYBBQUHMAuGXnJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5l
dC9yZXBvL0lETklDLUlELzIvMzEzMDMzMmUzMjM5MmUzMjMyMzgyZTMwMmYzMjMy
MmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmcd5DANBgkqhkiG9w0BAQsFAAOC
AQEAirldrMVoJJW/0+MXzNlghmeoB7yyyS46vMKYIqQxGdgp1KztUOgIU/aEcDgF
f8GMwtYjd93q1icHojjqeBg2vAubVG2YA8tjiVfKvEc+Mg6wT/MRilFnV0hcg2xK
cxzq3SRFwGkU0IEoS4r0PYTPdjZB6gHoerWolIKTlCY1u/B9pgHYXf2gu79qw0Uz
Fhm7I56gexqXAv7cqGESrg9VdNlx1z41xIhSmrK2M3hBSQB20gvCvtuGf26PSUkl
sDuT/oBFmLah+jYDDmRoqhxCvJdd3a29aNBVdXjdZ8EGTLvI8ieUd/qbSYK0Z4c1
j3PG/lhhO9NX9UZDUqbBGyXK5w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:11 2024 by rpki-client on console-fra.rpki-client.org