Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3132332e3235332e32382e302f32322d3234203d3e203538343034.roa
File:                     3132332e3235332e32382e302f32322d3234203d3e203538343034.roa (raw, json)
Hash identifier:          wW1OwVjDLAiA2m6TV9shO3++rhD30Lrcgxnof6zI8zs=
Subject key identifier:   AC:1F:C0:43:04:8C:49:60:B9:A2:07:9C:0B:2F:45:38:3F:BA:D0:64
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       0B253057352A5BA8DF80719C4CA9C31A88766C10
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3132332e3235332e32382e302f32322d3234203d3e203538343034.roa
Signing time:             Sat 20 Nov 2021 04:00:01 +0000
ROA not before:           Sat 20 Nov 2021 03:55:01 +0000
ROA not after:            Sun 20 Nov 2022 04:00:01 +0000
asID:                     58404
IP address blocks:        123.253.28.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:25:30:57:35:2a:5b:a8:df:80:71:9c:4c:a9:c3:1a:88:76:6c:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Nov 20 03:55:01 2021 GMT
            Not After : Nov 20 04:00:01 2022 GMT
        Subject: CN=3082010A0282010100B80515E27F5FF87F49269BC66A29962972C95D661228910AE6AD07793CFD3CEDBAE1333FDA86280DC285861383D5CA57C076B8346AF1A5F2574517475C0F2DD41E04EB19857E6803FB84219F65BEE3FF6D53672D09F40484DEE91E6330F3684B2C72B64F1B57B854D5BBC0D9E7A592826D0FDE1BE54FEAE4C40E9E795E5BBCF13B78A42A0670FAADCEEB22C3CAA79C2AAA2305D7A3082E7290DB1247ED89B05C8D1840DCD54127FA2FC7E5DEDAC8FC2A70831631AFBA1A2FCBE40540B5C2A0BFF505E9CAC632BB92C6EE53A857D7668D7CA3FC31BA5C146F21A3D216C65701BBCF994696F7F4E1FB8A2DDC321C832ADBC3CADFC92D826BF57550F7661EECFDB10203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:05:15:e2:7f:5f:f8:7f:49:26:9b:c6:6a:29:
                    96:29:72:c9:5d:66:12:28:91:0a:e6:ad:07:79:3c:
                    fd:3c:ed:ba:e1:33:3f:da:86:28:0d:c2:85:86:13:
                    83:d5:ca:57:c0:76:b8:34:6a:f1:a5:f2:57:45:17:
                    47:5c:0f:2d:d4:1e:04:eb:19:85:7e:68:03:fb:84:
                    21:9f:65:be:e3:ff:6d:53:67:2d:09:f4:04:84:de:
                    e9:1e:63:30:f3:68:4b:2c:72:b6:4f:1b:57:b8:54:
                    d5:bb:c0:d9:e7:a5:92:82:6d:0f:de:1b:e5:4f:ea:
                    e4:c4:0e:9e:79:5e:5b:bc:f1:3b:78:a4:2a:06:70:
                    fa:ad:ce:eb:22:c3:ca:a7:9c:2a:aa:23:05:d7:a3:
                    08:2e:72:90:db:12:47:ed:89:b0:5c:8d:18:40:dc:
                    d5:41:27:fa:2f:c7:e5:de:da:c8:fc:2a:70:83:16:
                    31:af:ba:1a:2f:cb:e4:05:40:b5:c2:a0:bf:f5:05:
                    e9:ca:c6:32:bb:92:c6:ee:53:a8:57:d7:66:8d:7c:
                    a3:fc:31:ba:5c:14:6f:21:a3:d2:16:c6:57:01:bb:
                    cf:99:46:96:f7:f4:e1:fb:8a:2d:dc:32:1c:83:2a:
                    db:c3:ca:df:c9:2d:82:6b:f5:75:50:f7:66:1e:ec:
                    fd:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:1F:C0:43:04:8C:49:60:B9:A2:07:9C:0B:2F:45:38:3F:BA:D0:64
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3132332e3235332e32382e302f32322d3234203d3e203538343034.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.253.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         16:c7:15:a3:d6:0b:64:bf:1c:0c:b1:d7:2e:68:63:63:60:4c:
         e5:b5:b5:59:2b:7f:63:83:21:fe:b4:28:e3:00:d5:14:82:e2:
         cb:7e:ff:3d:af:20:f0:17:c8:3c:20:c1:2d:b3:b5:32:82:1d:
         6a:21:8c:67:cc:0b:ef:58:32:86:97:52:2e:09:0b:04:d6:93:
         95:b0:14:8c:5f:0e:b8:4a:f4:94:37:a4:47:fe:03:84:6f:09:
         e6:56:bf:2f:85:e6:3d:59:e1:9d:dc:0c:7b:f6:60:f7:bd:18:
         4a:42:84:a5:b4:ad:b6:4a:f3:97:1f:12:5b:79:da:ef:85:8d:
         86:0d:85:5f:c8:ee:eb:ef:cf:be:96:04:ed:aa:b9:7b:35:90:
         e4:32:50:72:5a:ba:87:f8:29:52:73:9a:02:5c:0c:f8:8e:d3:
         53:e5:eb:ff:32:13:8f:33:92:58:6b:fb:0a:cc:9e:cb:e2:51:
         d8:10:69:93:cd:3e:b3:8d:31:db:65:f9:d3:52:27:aa:5b:d5:
         93:64:81:23:a2:ce:49:8c:f7:82:34:d5:8c:b3:fb:92:ed:c7:
         94:a5:3c:e7:73:56:5d:8b:85:10:e2:db:4b:94:d6:12:14:97:
         f3:91:ab:9a:2c:87:40:90:64:b3:4e:73:72:2e:61:f1:05:d5:
         1c:f6:54:6a
-----BEGIN CERTIFICATE-----
MIIHCDCCBfCgAwIBAgIUCyUwVzUqW6jfgHGcTKnDGoh2bBAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIxMTEyMDAzNTUwMVoX
DTIyMTEyMDA0MDAwMVowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBCODA1MTVFMjdGNUZGODdGNDkyNjlCQzY2QTI5OTYyOTcyQzk1RDY2MTIy
ODkxMEFFNkFEMDc3OTNDRkQzQ0VEQkFFMTMzM0ZEQTg2MjgwREMyODU4NjEzODNE
NUNBNTdDMDc2QjgzNDZBRjFBNUYyNTc0NTE3NDc1QzBGMkRENDFFMDRFQjE5ODU3
RTY4MDNGQjg0MjE5RjY1QkVFM0ZGNkQ1MzY3MkQwOUY0MDQ4NERFRTkxRTYzMzBG
MzY4NEIyQzcyQjY0RjFCNTdCODU0RDVCQkMwRDlFN0E1OTI4MjZEMEZERTFCRTU0
RkVBRTRDNDBFOUU3OTVFNUJCQ0YxM0I3OEE0MkEwNjcwRkFBRENFRUIyMkMzQ0FB
NzlDMkFBQTIzMDVEN0EzMDgyRTcyOTBEQjEyNDdFRDg5QjA1QzhEMTg0MERDRDU0
MTI3RkEyRkM3RTVERURBQzhGQzJBNzA4MzE2MzFBRkJBMUEyRkNCRTQwNTQwQjVD
MkEwQkZGNTA1RTlDQUM2MzJCQjkyQzZFRTUzQTg1N0Q3NjY4RDdDQTNGQzMxQkE1
QzE0NkYyMUEzRDIxNkM2NTcwMUJCQ0Y5OTQ2OTZGN0Y0RTFGQjhBMkREQzMyMUM4
MzJBREJDM0NBREZDOTJEODI2QkY1NzU1MEY3NjYxRUVDRkRCMTAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4BRXif1/4f0kmm8ZqKZYp
csldZhIokQrmrQd5PP087brhMz/ahigNwoWGE4PVylfAdrg0avGl8ldFF0dcDy3U
HgTrGYV+aAP7hCGfZb7j/21TZy0J9ASE3ukeYzDzaEsscrZPG1e4VNW7wNnnpZKC
bQ/eG+VP6uTEDp55Xlu88Tt4pCoGcPqtzusiw8qnnCqqIwXXowgucpDbEkftibBc
jRhA3NVBJ/ovx+Xe2sj8KnCDFjGvuhovy+QFQLXCoL/1BenKxjK7ksbuU6hX12aN
fKP8MbpcFG8ho9IWxlcBu8+ZRpb39OH7ii3cMhyDKtvDyt/JLYJr9XVQ92Ye7P2x
AgMBAAGjggH/MIIB+zAdBgNVHQ4EFgQUrB/AQwSMSWC5ogecCy9FOD+60GQwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBggYIKwYB
BQUHAQsEdjB0MHIGCCsGAQUFBzALhmZyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMxMzIzMzJlMzIzNTMzMmUzMjM4MmUzMDJmMzIz
MjJkMzIzNDIwM2QzZTIwMzUzODM0MzAzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAnv9HDANBgkqhkiG
9w0BAQsFAAOCAQEAFscVo9YLZL8cDLHXLmhjY2BM5bW1WSt/Y4Mh/rQo4wDVFILi
y37/Pa8g8BfIPCDBLbO1MoIdaiGMZ8wL71gyhpdSLgkLBNaTlbAUjF8OuEr0lDek
R/4DhG8J5la/L4XmPVnhndwMe/Zg970YSkKEpbSttkrzlx8SW3na74WNhg2FX8ju
6+/PvpYE7aq5ezWQ5DJQclq6h/gpUnOaAlwM+I7TU+Xr/zITjzOSWGv7Csyey+JR
2BBpk80+s40x22X501InqlvVk2SBI6LOSYz3gjTVjLP7ku3HlKU853NWXYuFEOLb
S5TWEhSX85GrmiyHQJBks05zci5h8QXVHPZUag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:12 2024 by rpki-client on console-fra.rpki-client.org