Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e38352e36302e302f32322d3234203d3e20313331313131.roa
File:                     3130332e38352e36302e302f32322d3234203d3e20313331313131.roa (raw, json)
Hash identifier:          I0lUSiesxF4T/7Il4SkSpCfdKBE3+dqo+Fj6J5uCJ1A=
Subject key identifier:   84:EC:77:81:45:18:C2:BB:54:C7:2A:F7:A2:69:79:0E:79:E9:3F:FB
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       6713185CAFED396F83B1649C062F87F96F389D93
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e38352e36302e302f32322d3234203d3e20313331313131.roa
Signing time:             Tue 29 Jun 2021 09:03:07 +0000
ROA not before:           Tue 29 Jun 2021 08:58:07 +0000
ROA not after:            Wed 29 Jun 2022 09:03:07 +0000
asID:                     131111
IP address blocks:        103.85.60.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:13:18:5c:af:ed:39:6f:83:b1:64:9c:06:2f:87:f9:6f:38:9d:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Jun 29 08:58:07 2021 GMT
            Not After : Jun 29 09:03:07 2022 GMT
        Subject: CN=3082010A0282010100B2B704B90DB7E1B360E27D68A3EC118B6783B0ACCAA42EBEF4867E6CC05D4FA8D9B4797B71E93B7C35441770706D5148AEE854B8EB1A42A1A9E7E4978F2C452B6CFCA1A4AEEC7C19B913A73B1E7F992B5CC0A5CA2B24BDA6E6FD9B55AE356B16A824D0049AE8DAAC60458AD591A1128F759E13B31C95CA83C1CBA28ACCA3E85DB68DBF78654D0068C27198956AE24DD02BA5287A1A5C0EAD0EE23AAF458E1029AD2A027D19D70B0D805965E5A5BF57F6418C7514EF9A0663E85C577A10D6F01468A82F617E32B3092427B851302C786A982C3AE8A8DD7AF2F0E9256D0CA8308E881209DDF4DEB0E8C32741FE059DF86597A5274B5FAD308FCAEF2135FCA805DB0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:b7:04:b9:0d:b7:e1:b3:60:e2:7d:68:a3:ec:
                    11:8b:67:83:b0:ac:ca:a4:2e:be:f4:86:7e:6c:c0:
                    5d:4f:a8:d9:b4:79:7b:71:e9:3b:7c:35:44:17:70:
                    70:6d:51:48:ae:e8:54:b8:eb:1a:42:a1:a9:e7:e4:
                    97:8f:2c:45:2b:6c:fc:a1:a4:ae:ec:7c:19:b9:13:
                    a7:3b:1e:7f:99:2b:5c:c0:a5:ca:2b:24:bd:a6:e6:
                    fd:9b:55:ae:35:6b:16:a8:24:d0:04:9a:e8:da:ac:
                    60:45:8a:d5:91:a1:12:8f:75:9e:13:b3:1c:95:ca:
                    83:c1:cb:a2:8a:cc:a3:e8:5d:b6:8d:bf:78:65:4d:
                    00:68:c2:71:98:95:6a:e2:4d:d0:2b:a5:28:7a:1a:
                    5c:0e:ad:0e:e2:3a:af:45:8e:10:29:ad:2a:02:7d:
                    19:d7:0b:0d:80:59:65:e5:a5:bf:57:f6:41:8c:75:
                    14:ef:9a:06:63:e8:5c:57:7a:10:d6:f0:14:68:a8:
                    2f:61:7e:32:b3:09:24:27:b8:51:30:2c:78:6a:98:
                    2c:3a:e8:a8:dd:7a:f2:f0:e9:25:6d:0c:a8:30:8e:
                    88:12:09:dd:f4:de:b0:e8:c3:27:41:fe:05:9d:f8:
                    65:97:a5:27:4b:5f:ad:30:8f:ca:ef:21:35:fc:a8:
                    05:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:EC:77:81:45:18:C2:BB:54:C7:2A:F7:A2:69:79:0E:79:E9:3F:FB
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3130332e38352e36302e302f32322d3234203d3e20313331313131.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.85.60.0/22

    Signature Algorithm: sha256WithRSAEncryption
         57:2a:09:07:aa:0b:eb:e3:a7:ba:21:37:06:f2:04:b4:a2:3f:
         22:b7:12:d5:0e:40:c9:ce:94:fe:a3:10:22:84:04:98:04:d8:
         9c:c8:8e:c2:19:26:fe:86:7b:f2:bb:45:8f:ac:da:f6:f3:67:
         7f:18:8f:04:c9:43:eb:10:02:d6:0f:80:ef:ab:12:74:f8:5f:
         2e:17:0d:32:39:b7:57:3c:ab:c9:b6:d5:2e:43:a6:0b:72:3f:
         c0:39:3c:cd:92:01:be:4a:97:3a:a9:29:81:a6:ba:86:6d:42:
         16:05:d8:5b:2a:59:56:87:e9:d8:90:c4:e4:c7:86:3b:41:12:
         6a:e8:cc:6a:d0:eb:47:1b:d1:6a:56:d8:85:6d:4d:fd:dd:3f:
         8d:0f:6a:f7:39:8f:cc:5f:79:a0:bb:88:03:c6:a6:3d:06:cb:
         77:34:01:fe:41:24:8c:e4:42:b7:af:0f:d4:5c:b3:16:de:01:
         69:3e:0d:fb:db:56:19:ca:5b:0d:5b:34:e1:de:87:4c:5d:e3:
         d5:8d:86:38:a5:7e:2d:e7:92:d1:56:64:3b:75:9c:17:78:f9:
         5e:86:d0:0d:11:52:59:ab:ae:01:91:d2:ee:6d:ee:3c:fb:ad:
         54:e9:36:6b:19:c2:59:f4:b6:5c:12:7a:a9:54:97:05:e0:c3:
         59:8e:d6:b6
-----BEGIN CERTIFICATE-----
MIIHCDCCBfCgAwIBAgIUZxMYXK/tOW+DsWScBi+H+W84nZMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIxMDYyOTA4NTgwN1oX
DTIyMDYyOTA5MDMwN1owggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBCMkI3MDRCOTBEQjdFMUIzNjBFMjdENjhBM0VDMTE4QjY3ODNCMEFDQ0FB
NDJFQkVGNDg2N0U2Q0MwNUQ0RkE4RDlCNDc5N0I3MUU5M0I3QzM1NDQxNzcwNzA2
RDUxNDhBRUU4NTRCOEVCMUE0MkExQTlFN0U0OTc4RjJDNDUyQjZDRkNBMUE0QUVF
QzdDMTlCOTEzQTczQjFFN0Y5OTJCNUNDMEE1Q0EyQjI0QkRBNkU2RkQ5QjU1QUUz
NTZCMTZBODI0RDAwNDlBRThEQUFDNjA0NThBRDU5MUExMTI4Rjc1OUUxM0IzMUM5
NUNBODNDMUNCQTI4QUNDQTNFODVEQjY4REJGNzg2NTREMDA2OEMyNzE5ODk1NkFF
MjRERDAyQkE1Mjg3QTFBNUMwRUFEMEVFMjNBQUY0NThFMTAyOUFEMkEwMjdEMTlE
NzBCMEQ4MDU5NjVFNUE1QkY1N0Y2NDE4Qzc1MTRFRjlBMDY2M0U4NUM1NzdBMTBE
NkYwMTQ2OEE4MkY2MTdFMzJCMzA5MjQyN0I4NTEzMDJDNzg2QTk4MkMzQUU4QThE
RDdBRjJGMEU5MjU2RDBDQTgzMDhFODgxMjA5RERGNERFQjBFOEMzMjc0MUZFMDU5
REY4NjU5N0E1Mjc0QjVGQUQzMDhGQ0FFRjIxMzVGQ0E4MDVEQjAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCytwS5Dbfhs2DifWij7BGL
Z4OwrMqkLr70hn5swF1PqNm0eXtx6Tt8NUQXcHBtUUiu6FS46xpCoann5JePLEUr
bPyhpK7sfBm5E6c7Hn+ZK1zApcorJL2m5v2bVa41axaoJNAEmujarGBFitWRoRKP
dZ4TsxyVyoPBy6KKzKPoXbaNv3hlTQBownGYlWriTdArpSh6GlwOrQ7iOq9FjhAp
rSoCfRnXCw2AWWXlpb9X9kGMdRTvmgZj6FxXehDW8BRoqC9hfjKzCSQnuFEwLHhq
mCw66KjdevLw6SVtDKgwjogSCd303rDowydB/gWd+GWXpSdLX60wj8rvITX8qAXb
AgMBAAGjggH/MIIB+zAdBgNVHQ4EFgQUhOx3gUUYwrtUxyr3oml5DnnpP/swHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBggYIKwYB
BQUHAQsEdjB0MHIGCCsGAQUFBzALhmZyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMxMzAzMzJlMzgzNTJlMzYzMDJlMzAyZjMyMzIy
ZDMyMzQyMDNkM2UyMDMxMzMzMTMxMzEzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmdVPDANBgkqhkiG
9w0BAQsFAAOCAQEAVyoJB6oL6+OnuiE3BvIEtKI/IrcS1Q5Ayc6U/qMQIoQEmATY
nMiOwhkm/oZ78rtFj6za9vNnfxiPBMlD6xAC1g+A76sSdPhfLhcNMjm3VzyrybbV
LkOmC3I/wDk8zZIBvkqXOqkpgaa6hm1CFgXYWypZVofp2JDE5MeGO0ESaujMatDr
RxvRalbYhW1N/d0/jQ9q9zmPzF95oLuIA8amPQbLdzQB/kEkjORCt68P1FyzFt4B
aT4N+9tWGcpbDVs04d6HTF3j1Y2GOKV+LeeS0VZkO3WcF3j5XobQDRFSWauuAZHS
7m3uPPutVOk2axnCWfS2XBJ6qVSXBeDDWY7Wtg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:48 2024 by rpki-client on console-ams.rpki-client.org