Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3131362e36382e3136342e302f32342d3234203d3e203538353532.roa
File:                     3131362e36382e3136342e302f32342d3234203d3e203538353532.roa (raw, json)
Hash identifier:          IPULBMYWiwRiHgpKdxboJ+TD6IDMDqTy7KmphAzXM8Q=
Subject key identifier:   D1:3F:25:DD:56:CA:D8:EB:0E:44:12:3B:CE:08:C3:CA:2C:23:33:3C
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       52D8138B54D1C7510EB812D9ABDC9D81864609D4
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3131362e36382e3136342e302f32342d3234203d3e203538353532.roa
Signing time:             Thu 24 Feb 2022 09:00:01 +0000
ROA not before:           Thu 24 Feb 2022 08:55:01 +0000
ROA not after:            Fri 24 Feb 2023 09:00:01 +0000
asID:                     58552
IP address blocks:        116.68.164.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:d8:13:8b:54:d1:c7:51:0e:b8:12:d9:ab:dc:9d:81:86:46:09:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Feb 24 08:55:01 2022 GMT
            Not After : Feb 24 09:00:01 2023 GMT
        Subject: CN=3082010A0282010100A64397131C11E0FA4EB2B1E14191598DA9300FA3F4B5F78A29581CE2FCA95CE8F3977504B31E3541BD07943D6F5E1329817CFE29600BA8164B9486BDDE6640DDB3625E6DD79F3BD726567356C70578F569621256FF8B19391E089C7A7E1D3E625976362F649C54E60D21449A6F32BBDB4E4B4FD4952ED5FDC39709B2B6467433F3FF4876C78C3EAC552BEF3F5485D3825BEAFBAA4712F30CE1B1A5BE047A933607BE4B0B23B1CD7818A17D151AB512C862775845A84826C73EBE2F62055D6D7525635A244A39ED53CB9F71C3A367BAD0DBC777BBD718905F6FC3BAD577D526D9049705C03E1262A03A89161EBF6FC9B4CB0E63DF9F45790B4C59809534B2171F0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:43:97:13:1c:11:e0:fa:4e:b2:b1:e1:41:91:
                    59:8d:a9:30:0f:a3:f4:b5:f7:8a:29:58:1c:e2:fc:
                    a9:5c:e8:f3:97:75:04:b3:1e:35:41:bd:07:94:3d:
                    6f:5e:13:29:81:7c:fe:29:60:0b:a8:16:4b:94:86:
                    bd:de:66:40:dd:b3:62:5e:6d:d7:9f:3b:d7:26:56:
                    73:56:c7:05:78:f5:69:62:12:56:ff:8b:19:39:1e:
                    08:9c:7a:7e:1d:3e:62:59:76:36:2f:64:9c:54:e6:
                    0d:21:44:9a:6f:32:bb:db:4e:4b:4f:d4:95:2e:d5:
                    fd:c3:97:09:b2:b6:46:74:33:f3:ff:48:76:c7:8c:
                    3e:ac:55:2b:ef:3f:54:85:d3:82:5b:ea:fb:aa:47:
                    12:f3:0c:e1:b1:a5:be:04:7a:93:36:07:be:4b:0b:
                    23:b1:cd:78:18:a1:7d:15:1a:b5:12:c8:62:77:58:
                    45:a8:48:26:c7:3e:be:2f:62:05:5d:6d:75:25:63:
                    5a:24:4a:39:ed:53:cb:9f:71:c3:a3:67:ba:d0:db:
                    c7:77:bb:d7:18:90:5f:6f:c3:ba:d5:77:d5:26:d9:
                    04:97:05:c0:3e:12:62:a0:3a:89:16:1e:bf:6f:c9:
                    b4:cb:0e:63:df:9f:45:79:0b:4c:59:80:95:34:b2:
                    17:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:3F:25:DD:56:CA:D8:EB:0E:44:12:3B:CE:08:C3:CA:2C:23:33:3C
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3131362e36382e3136342e302f32342d3234203d3e203538353532.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  116.68.164.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:65:d0:27:49:f0:ef:d9:03:fa:74:8f:05:aa:6b:00:93:97:
         e7:e9:4a:e3:34:1a:c4:16:59:7f:08:b7:a1:9b:c9:bf:48:f4:
         51:69:b1:3a:30:93:cf:29:55:e2:9c:2b:f2:4f:6a:a3:15:b8:
         5e:c7:fa:a8:0d:ba:9d:d0:09:66:ce:87:a9:8b:16:82:59:74:
         9a:ec:e5:f8:69:52:d9:91:06:4a:db:43:a5:e2:ae:00:a9:65:
         aa:a8:52:90:e8:2c:dc:85:4f:5b:84:71:d2:18:b7:6c:ef:8a:
         a9:94:16:b0:8f:17:84:83:33:db:0d:bb:82:b5:35:b3:65:7e:
         bc:28:f9:62:d9:a8:43:b6:dd:5d:57:7d:d1:22:2f:7f:4c:ac:
         09:b6:d0:17:72:c5:1b:4e:66:c0:f5:48:94:aa:07:7b:33:ab:
         5e:7d:5e:09:8f:94:5c:78:f7:f8:78:07:4c:1e:32:fa:2f:cc:
         44:72:2a:a6:73:52:12:c7:92:12:28:72:07:39:a2:d2:7f:b5:
         dc:5f:0a:65:97:16:11:af:1f:2f:f2:dc:8b:21:9b:46:b3:ed:
         1d:fd:cb:a0:25:15:41:b0:bf:fc:33:08:f9:32:4e:dd:f3:51:
         df:c7:f8:31:37:fb:b4:33:e6:b3:00:98:2a:50:7d:c6:b7:0d:
         d2:37:7f:bc
-----BEGIN CERTIFICATE-----
MIIHCDCCBfCgAwIBAgIUUtgTi1TRx1EOuBLZq9ydgYZGCdQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIyMDIyNDA4NTUwMVoX
DTIzMDIyNDA5MDAwMVowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBBNjQzOTcxMzFDMTFFMEZBNEVCMkIxRTE0MTkxNTk4REE5MzAwRkEzRjRC
NUY3OEEyOTU4MUNFMkZDQTk1Q0U4RjM5Nzc1MDRCMzFFMzU0MUJEMDc5NDNENkY1
RTEzMjk4MTdDRkUyOTYwMEJBODE2NEI5NDg2QkRERTY2NDBEREIzNjI1RTZERDc5
RjNCRDcyNjU2NzM1NkM3MDU3OEY1Njk2MjEyNTZGRjhCMTkzOTFFMDg5QzdBN0Ux
RDNFNjI1OTc2MzYyRjY0OUM1NEU2MEQyMTQ0OUE2RjMyQkJEQjRFNEI0RkQ0OTUy
RUQ1RkRDMzk3MDlCMkI2NDY3NDMzRjNGRjQ4NzZDNzhDM0VBQzU1MkJFRjNGNTQ4
NUQzODI1QkVBRkJBQTQ3MTJGMzBDRTFCMUE1QkUwNDdBOTMzNjA3QkU0QjBCMjNC
MUNENzgxOEExN0QxNTFBQjUxMkM4NjI3NzU4NDVBODQ4MjZDNzNFQkUyRjYyMDU1
RDZENzUyNTYzNUEyNDRBMzlFRDUzQ0I5RjcxQzNBMzY3QkFEMERCQzc3N0JCRDcx
ODkwNUY2RkMzQkFENTc3RDUyNkQ5MDQ5NzA1QzAzRTEyNjJBMDNBODkxNjFFQkY2
RkM5QjRDQjBFNjNERjlGNDU3OTBCNEM1OTgwOTUzNEIyMTcxRjAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmQ5cTHBHg+k6yseFBkVmN
qTAPo/S194opWBzi/Klc6POXdQSzHjVBvQeUPW9eEymBfP4pYAuoFkuUhr3eZkDd
s2JebdefO9cmVnNWxwV49WliElb/ixk5Hgicen4dPmJZdjYvZJxU5g0hRJpvMrvb
TktP1JUu1f3DlwmytkZ0M/P/SHbHjD6sVSvvP1SF04Jb6vuqRxLzDOGxpb4EepM2
B75LCyOxzXgYoX0VGrUSyGJ3WEWoSCbHPr4vYgVdbXUlY1okSjntU8ufccOjZ7rQ
28d3u9cYkF9vw7rVd9Um2QSXBcA+EmKgOokWHr9vybTLDmPfn0V5C0xZgJU0shcf
AgMBAAGjggH/MIIB+zAdBgNVHQ4EFgQU0T8l3VbK2OsORBI7zgjDyiwjMzwwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBggYIKwYB
BQUHAQsEdjB0MHIGCCsGAQUFBzALhmZyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMxMzEzNjJlMzYzODJlMzEzNjM0MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzUzODM1MzUzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHREpDANBgkqhkiG
9w0BAQsFAAOCAQEAHWXQJ0nw79kD+nSPBaprAJOX5+lK4zQaxBZZfwi3oZvJv0j0
UWmxOjCTzylV4pwr8k9qoxW4Xsf6qA26ndAJZs6HqYsWgll0muzl+GlS2ZEGSttD
peKuAKllqqhSkOgs3IVPW4Rx0hi3bO+KqZQWsI8XhIMz2w27grU1s2V+vCj5Ytmo
Q7bdXVd90SIvf0ysCbbQF3LFG05mwPVIlKoHezOrXn1eCY+UXHj3+HgHTB4y+i/M
RHIqpnNSEseSEihyBzmi0n+13F8KZZcWEa8fL/LciyGbRrPtHf3LoCUVQbC//DMI
+TJO3fNR38f4MTf7tDPmswCYKlB9xrcN0jd/vA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:12 2024 by rpki-client on console-fra.rpki-client.org