Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3131362e36382e3137312e302f32342d3234203d3e203536323436.roa
File:                     3131362e36382e3137312e302f32342d3234203d3e203536323436.roa (raw, json)
Hash identifier:          Kkqfy/dk3zCgTn/0i7xT/BWclkUbNuGXBVbcpBf16lQ=
Subject key identifier:   8E:AF:BC:CE:B5:C4:AC:06:18:42:87:4B:94:6E:CF:51:CC:E5:C0:33
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       645BB2AAAA3AA7EB1AF6CA1EE3C8572B852BC099
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3131362e36382e3137312e302f32342d3234203d3e203536323436.roa
Signing time:             Thu 24 Feb 2022 09:00:01 +0000
ROA not before:           Thu 24 Feb 2022 08:55:01 +0000
ROA not after:            Fri 24 Feb 2023 09:00:01 +0000
asID:                     56246
IP address blocks:        116.68.171.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            64:5b:b2:aa:aa:3a:a7:eb:1a:f6:ca:1e:e3:c8:57:2b:85:2b:c0:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Feb 24 08:55:01 2022 GMT
            Not After : Feb 24 09:00:01 2023 GMT
        Subject: CN=3082010A0282010100EDC29085B85D1359EED28FA1198A3ECF7A0E6904F231FB5AB7287C3FD615E2D27C3AECAF6D7989C04571F08CE6030C1AB6D04C62737B9FB1AFA96A220AE71A26BC2FB187AFD0DC609F73A59F5E52432029E2B2E7601A0997283573D5B15E3A715FE04A40B46B84F8BDC3FA0A92ACA3AF7471218062625A4E0576FEDA34C92B23E32E9F10E263BA8F03C3444C4D3472D7F0BFB4BB738F2A8EF6BEB6C4343826FC7BDF2FC73F6636AD98A2623EA23D1DA17FDA13437DE3CACD4C2F9EA02EB52CC38A75E24B859E16699A55B5880FDDF8CFB3467DC968259A5611D8BFF4B40B373C0C2BCCF33040147D239F091A7E32BAC930ED128EACE744EE014E05DCC75629090203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:c2:90:85:b8:5d:13:59:ee:d2:8f:a1:19:8a:
                    3e:cf:7a:0e:69:04:f2:31:fb:5a:b7:28:7c:3f:d6:
                    15:e2:d2:7c:3a:ec:af:6d:79:89:c0:45:71:f0:8c:
                    e6:03:0c:1a:b6:d0:4c:62:73:7b:9f:b1:af:a9:6a:
                    22:0a:e7:1a:26:bc:2f:b1:87:af:d0:dc:60:9f:73:
                    a5:9f:5e:52:43:20:29:e2:b2:e7:60:1a:09:97:28:
                    35:73:d5:b1:5e:3a:71:5f:e0:4a:40:b4:6b:84:f8:
                    bd:c3:fa:0a:92:ac:a3:af:74:71:21:80:62:62:5a:
                    4e:05:76:fe:da:34:c9:2b:23:e3:2e:9f:10:e2:63:
                    ba:8f:03:c3:44:4c:4d:34:72:d7:f0:bf:b4:bb:73:
                    8f:2a:8e:f6:be:b6:c4:34:38:26:fc:7b:df:2f:c7:
                    3f:66:36:ad:98:a2:62:3e:a2:3d:1d:a1:7f:da:13:
                    43:7d:e3:ca:cd:4c:2f:9e:a0:2e:b5:2c:c3:8a:75:
                    e2:4b:85:9e:16:69:9a:55:b5:88:0f:dd:f8:cf:b3:
                    46:7d:c9:68:25:9a:56:11:d8:bf:f4:b4:0b:37:3c:
                    0c:2b:cc:f3:30:40:14:7d:23:9f:09:1a:7e:32:ba:
                    c9:30:ed:12:8e:ac:e7:44:ee:01:4e:05:dc:c7:56:
                    29:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:AF:BC:CE:B5:C4:AC:06:18:42:87:4B:94:6E:CF:51:CC:E5:C0:33
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3131362e36382e3137312e302f32342d3234203d3e203536323436.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  116.68.171.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:aa:91:dc:a0:e5:20:02:f8:8b:82:70:58:dd:65:83:ed:5f:
         83:16:94:49:1a:5f:44:84:45:d6:61:d7:65:1a:64:ab:f2:2a:
         31:3a:78:a4:b7:c6:b8:34:57:b7:ee:93:1e:20:60:80:db:6d:
         3a:63:72:37:3a:a0:87:6c:06:7f:57:c7:ff:69:59:86:aa:47:
         28:ef:be:50:bf:31:e8:a0:cf:7c:53:28:d1:5a:89:32:c1:38:
         ec:ff:89:cf:08:ac:03:95:c1:35:69:46:20:e4:f7:a3:36:b3:
         ad:08:43:4f:55:08:72:cc:4f:5c:69:53:1d:3b:9c:a6:97:42:
         da:cf:a6:07:5f:3d:04:3f:80:68:46:40:59:81:d7:4c:57:b2:
         f5:bb:55:84:bb:96:ca:bb:e1:93:34:f8:58:69:a4:d8:58:df:
         b5:d1:34:8f:cc:fa:3d:e2:8e:ad:67:98:11:9b:66:0d:80:a5:
         9d:e1:4b:5f:51:36:fc:b8:27:4e:c7:13:bd:c6:4c:4f:68:96:
         3e:11:95:5f:91:f1:09:91:c4:85:42:14:39:d5:8d:60:84:59:
         09:88:d6:1a:90:5f:60:6e:15:f4:d5:14:07:38:33:1a:2c:a4:
         b5:cc:0c:3c:b4:1e:9d:3f:78:5b:ec:a0:9a:c6:cb:db:08:73:
         08:33:cf:51
-----BEGIN CERTIFICATE-----
MIIHCDCCBfCgAwIBAgIUZFuyqqo6p+sa9soe48hXK4UrwJkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIyMDIyNDA4NTUwMVoX
DTIzMDIyNDA5MDAwMVowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBFREMyOTA4NUI4NUQxMzU5RUVEMjhGQTExOThBM0VDRjdBMEU2OTA0RjIz
MUZCNUFCNzI4N0MzRkQ2MTVFMkQyN0MzQUVDQUY2RDc5ODlDMDQ1NzFGMDhDRTYw
MzBDMUFCNkQwNEM2MjczN0I5RkIxQUZBOTZBMjIwQUU3MUEyNkJDMkZCMTg3QUZE
MERDNjA5RjczQTU5RjVFNTI0MzIwMjlFMkIyRTc2MDFBMDk5NzI4MzU3M0Q1QjE1
RTNBNzE1RkUwNEE0MEI0NkI4NEY4QkRDM0ZBMEE5MkFDQTNBRjc0NzEyMTgwNjI2
MjVBNEUwNTc2RkVEQTM0QzkyQjIzRTMyRTlGMTBFMjYzQkE4RjAzQzM0NDRDNEQz
NDcyRDdGMEJGQjRCQjczOEYyQThFRjZCRUI2QzQzNDM4MjZGQzdCREYyRkM3M0Y2
NjM2QUQ5OEEyNjIzRUEyM0QxREExN0ZEQTEzNDM3REUzQ0FDRDRDMkY5RUEwMkVC
NTJDQzM4QTc1RTI0Qjg1OUUxNjY5OUE1NUI1ODgwRkRERjhDRkIzNDY3REM5Njgy
NTlBNTYxMUQ4QkZGNEI0MEIzNzNDMEMyQkNDRjMzMDQwMTQ3RDIzOUYwOTFBN0Uz
MkJBQzkzMEVEMTI4RUFDRTc0NEVFMDE0RTA1RENDNzU2MjkwOTAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtwpCFuF0TWe7Sj6EZij7P
eg5pBPIx+1q3KHw/1hXi0nw67K9teYnARXHwjOYDDBq20Exic3ufsa+paiIK5xom
vC+xh6/Q3GCfc6WfXlJDICnisudgGgmXKDVz1bFeOnFf4EpAtGuE+L3D+gqSrKOv
dHEhgGJiWk4Fdv7aNMkrI+MunxDiY7qPA8NETE00ctfwv7S7c48qjva+tsQ0OCb8
e98vxz9mNq2YomI+oj0doX/aE0N948rNTC+eoC61LMOKdeJLhZ4WaZpVtYgP3fjP
s0Z9yWglmlYR2L/0tAs3PAwrzPMwQBR9I58JGn4yuskw7RKOrOdE7gFOBdzHVikJ
AgMBAAGjggH/MIIB+zAdBgNVHQ4EFgQUjq+8zrXErAYYQodLlG7PUczlwDMwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBggYIKwYB
BQUHAQsEdjB0MHIGCCsGAQUFBzALhmZyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMxMzEzNjJlMzYzODJlMzEzNzMxMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzUzNjMyMzQzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHREqzANBgkqhkiG
9w0BAQsFAAOCAQEAY6qR3KDlIAL4i4JwWN1lg+1fgxaUSRpfRIRF1mHXZRpkq/Iq
MTp4pLfGuDRXt+6THiBggNttOmNyNzqgh2wGf1fH/2lZhqpHKO++UL8x6KDPfFMo
0VqJMsE47P+JzwisA5XBNWlGIOT3ozazrQhDT1UIcsxPXGlTHTucppdC2s+mB189
BD+AaEZAWYHXTFey9btVhLuWyrvhkzT4WGmk2FjftdE0j8z6PeKOrWeYEZtmDYCl
neFLX1E2/LgnTscTvcZMT2iWPhGVX5HxCZHEhUIUOdWNYIRZCYjWGpBfYG4V9NUU
BzgzGiyktcwMPLQenT94W+ygmsbL2whzCDPPUQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:48 2024 by rpki-client on console-ams.rpki-client.org