Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3131342e3134312e38382e302f32312d3234203d3e203338373733.roa
File:                     3131342e3134312e38382e302f32312d3234203d3e203338373733.roa (raw, json)
Hash identifier:          qGuTllZcVFkxUtxU6UtpgAKUTX2YnnIOP2jRa3WKw9s=
Subject key identifier:   F5:4D:1B:47:B3:D2:91:32:88:48:15:7E:F4:06:7C:8A:07:9E:20:BD
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       7B48D5F2BD2E68111F24B0A3205D7D8564890F6B
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3131342e3134312e38382e302f32312d3234203d3e203338373733.roa
Signing time:             Mon 05 Apr 2021 08:06:20 +0000
ROA not before:           Mon 05 Apr 2021 08:01:20 +0000
ROA not after:            Tue 05 Apr 2022 08:06:20 +0000
asID:                     38773
IP address blocks:        114.141.88.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:48:d5:f2:bd:2e:68:11:1f:24:b0:a3:20:5d:7d:85:64:89:0f:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Apr  5 08:01:20 2021 GMT
            Not After : Apr  5 08:06:20 2022 GMT
        Subject: CN=3082010A0282010100DB7C90E32F2C4439F941565D7CCDF15173CAD487E27AFD4426E94465468B1AA4D26C498629BD4722CD2554E5BCF2A2AC5127AFCE987BAFF19334226315155780BD630724718989F450919B00DD590D9FC3E4CBFF1E2D496E91CB4C16147C1FBDA124884533DFD380C3F3B7786CBC8E12BC1F676CB49BCA30A8D96D58E8A98B6E7D189C14016CD57A0E3BB873CDCC4B0676B0EB4BD02CCF5531C88D94A2D1A619D3AF084E64945C811B0C1CC342756C05F63497B17FB16A7D17549B5AB52C880581C9DD7426550803FB995B4FCA560E8F5ED010EDD5F73BF26C85A9355C254B61E4A76789377B97159EFCE5B3F363865D5EA441A58A71D651D1F6662E049A36FF0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:7c:90:e3:2f:2c:44:39:f9:41:56:5d:7c:cd:
                    f1:51:73:ca:d4:87:e2:7a:fd:44:26:e9:44:65:46:
                    8b:1a:a4:d2:6c:49:86:29:bd:47:22:cd:25:54:e5:
                    bc:f2:a2:ac:51:27:af:ce:98:7b:af:f1:93:34:22:
                    63:15:15:57:80:bd:63:07:24:71:89:89:f4:50:91:
                    9b:00:dd:59:0d:9f:c3:e4:cb:ff:1e:2d:49:6e:91:
                    cb:4c:16:14:7c:1f:bd:a1:24:88:45:33:df:d3:80:
                    c3:f3:b7:78:6c:bc:8e:12:bc:1f:67:6c:b4:9b:ca:
                    30:a8:d9:6d:58:e8:a9:8b:6e:7d:18:9c:14:01:6c:
                    d5:7a:0e:3b:b8:73:cd:cc:4b:06:76:b0:eb:4b:d0:
                    2c:cf:55:31:c8:8d:94:a2:d1:a6:19:d3:af:08:4e:
                    64:94:5c:81:1b:0c:1c:c3:42:75:6c:05:f6:34:97:
                    b1:7f:b1:6a:7d:17:54:9b:5a:b5:2c:88:05:81:c9:
                    dd:74:26:55:08:03:fb:99:5b:4f:ca:56:0e:8f:5e:
                    d0:10:ed:d5:f7:3b:f2:6c:85:a9:35:5c:25:4b:61:
                    e4:a7:67:89:37:7b:97:15:9e:fc:e5:b3:f3:63:86:
                    5d:5e:a4:41:a5:8a:71:d6:51:d1:f6:66:2e:04:9a:
                    36:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:4D:1B:47:B3:D2:91:32:88:48:15:7E:F4:06:7C:8A:07:9E:20:BD
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3131342e3134312e38382e302f32312d3234203d3e203338373733.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  114.141.88.0/21

    Signature Algorithm: sha256WithRSAEncryption
         1a:55:85:c8:79:a4:75:c7:ce:7f:07:bc:51:ad:d6:2b:7b:23:
         93:f3:65:71:2a:94:14:7e:c9:4e:e4:ed:34:65:7f:eb:f2:7e:
         b2:4a:a1:59:99:81:f4:eb:e5:9e:30:1d:f4:3d:98:62:15:58:
         a7:fa:c8:df:71:0a:3d:b8:74:36:fc:d6:f8:c5:1c:b9:2a:4e:
         8d:11:1f:74:04:73:89:ac:67:69:ab:ba:e6:5c:98:ee:4a:34:
         ad:b7:8a:c6:9f:73:02:15:4a:38:e7:a9:2e:52:3e:72:51:db:
         bd:73:b9:aa:a2:74:5c:4b:db:70:e3:2f:23:92:d5:95:67:7d:
         46:32:26:03:56:46:27:e6:fa:4c:7c:57:b2:8e:18:6a:c9:91:
         36:b5:1c:5a:cf:f4:50:b4:49:02:f6:6c:f7:42:d2:bb:fc:e3:
         b5:d0:78:e6:e3:49:20:37:56:b5:95:85:17:df:e3:e2:51:26:
         24:40:d8:47:58:b6:51:2e:f9:70:2f:99:ce:b4:5c:c2:8d:2c:
         4f:6a:a3:1a:78:37:1b:d9:06:64:80:7f:1c:e0:1d:3b:77:99:
         86:cf:84:aa:29:4a:75:7d:cf:00:c8:43:f3:82:c6:2f:36:09:
         cc:41:25:80:06:7b:25:55:70:0e:8b:a2:14:98:c1:47:b8:74:
         3b:e3:8d:9f
-----BEGIN CERTIFICATE-----
MIIHCDCCBfCgAwIBAgIUe0jV8r0uaBEfJLCjIF19hWSJD2swDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIxMDQwNTA4MDEyMFoX
DTIyMDQwNTA4MDYyMFowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBEQjdDOTBFMzJGMkM0NDM5Rjk0MTU2NUQ3Q0NERjE1MTczQ0FENDg3RTI3
QUZENDQyNkU5NDQ2NTQ2OEIxQUE0RDI2QzQ5ODYyOUJENDcyMkNEMjU1NEU1QkNG
MkEyQUM1MTI3QUZDRTk4N0JBRkYxOTMzNDIyNjMxNTE1NTc4MEJENjMwNzI0NzE4
OTg5RjQ1MDkxOUIwMERENTkwRDlGQzNFNENCRkYxRTJENDk2RTkxQ0I0QzE2MTQ3
QzFGQkRBMTI0ODg0NTMzREZEMzgwQzNGM0I3Nzg2Q0JDOEUxMkJDMUY2NzZDQjQ5
QkNBMzBBOEQ5NkQ1OEU4QTk4QjZFN0QxODlDMTQwMTZDRDU3QTBFM0JCODczQ0RD
QzRCMDY3NkIwRUI0QkQwMkNDRjU1MzFDODhEOTRBMkQxQTYxOUQzQUYwODRFNjQ5
NDVDODExQjBDMUNDMzQyNzU2QzA1RjYzNDk3QjE3RkIxNkE3RDE3NTQ5QjVBQjUy
Qzg4MDU4MUM5REQ3NDI2NTUwODAzRkI5OTVCNEZDQTU2MEU4RjVFRDAxMEVERDVG
NzNCRjI2Qzg1QTkzNTVDMjU0QjYxRTRBNzY3ODkzNzdCOTcxNTlFRkNFNUIzRjM2
Mzg2NUQ1RUE0NDFBNThBNzFENjUxRDFGNjY2MkUwNDlBMzZGRjAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbfJDjLyxEOflBVl18zfFR
c8rUh+J6/UQm6URlRosapNJsSYYpvUcizSVU5bzyoqxRJ6/OmHuv8ZM0ImMVFVeA
vWMHJHGJifRQkZsA3VkNn8Pky/8eLUlukctMFhR8H72hJIhFM9/TgMPzt3hsvI4S
vB9nbLSbyjCo2W1Y6KmLbn0YnBQBbNV6Dju4c83MSwZ2sOtL0CzPVTHIjZSi0aYZ
068ITmSUXIEbDBzDQnVsBfY0l7F/sWp9F1SbWrUsiAWByd10JlUIA/uZW0/KVg6P
XtAQ7dX3O/Jshak1XCVLYeSnZ4k3e5cVnvzls/Njhl1epEGlinHWUdH2Zi4Emjb/
AgMBAAGjggH/MIIB+zAdBgNVHQ4EFgQU9U0bR7PSkTKISBV+9AZ8igeeIL0wHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBggYIKwYB
BQUHAQsEdjB0MHIGCCsGAQUFBzALhmZyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMxMzEzNDJlMzEzNDMxMmUzODM4MmUzMDJmMzIz
MTJkMzIzNDIwM2QzZTIwMzMzODM3MzczMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3KNWDANBgkqhkiG
9w0BAQsFAAOCAQEAGlWFyHmkdcfOfwe8Ua3WK3sjk/NlcSqUFH7JTuTtNGV/6/J+
skqhWZmB9OvlnjAd9D2YYhVYp/rI33EKPbh0NvzW+MUcuSpOjREfdARziaxnaau6
5lyY7ko0rbeKxp9zAhVKOOepLlI+clHbvXO5qqJ0XEvbcOMvI5LVlWd9RjImA1ZG
J+b6THxXso4YasmRNrUcWs/0ULRJAvZs90LSu/zjtdB45uNJIDdWtZWFF9/j4lEm
JEDYR1i2US75cC+ZzrRcwo0sT2qjGng3G9kGZIB/HOAdO3eZhs+EqilKdX3PAMhD
84LGLzYJzEElgAZ7JVVwDouiFJjBR7h0O+ONnw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:12 2024 by rpki-client on console-fra.rpki-client.org