Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/323030313a6466333a646330303a3a2f34382d3438203d3e2030.roa
File:                     323030313a6466333a646330303a3a2f34382d3438203d3e2030.roa (raw, json)
Hash identifier:          Mrym1bWCvLRHikaeD2zgx38sgdfHpmov4D1K8CHheG0=
Subject key identifier:   50:E6:C5:A1:AB:52:19:40:90:64:F2:AA:84:46:25:41:6C:C8:A8:4C
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       3AD59887C5B6A3AC0F8B1940A4D0103CD3200EC0
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/323030313a6466333a646330303a3a2f34382d3438203d3e2030.roa
Signing time:             Wed 02 Feb 2022 06:18:41 +0000
ROA not before:           Wed 02 Feb 2022 06:13:41 +0000
ROA not after:            Thu 02 Feb 2023 06:18:41 +0000
asID:                     0
IP address blocks:        2001:df3:dc00::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:d5:98:87:c5:b6:a3:ac:0f:8b:19:40:a4:d0:10:3c:d3:20:0e:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Feb  2 06:13:41 2022 GMT
            Not After : Feb  2 06:18:41 2023 GMT
        Subject: CN=3082010A0282010100B154D0F33B1067C61C5DF6FC5CEBEBB2FDD0FF035E3B65BE27D47812AFE972A65532B628C90488D28C330715BD1F34A70B7939E9C7030E609616418782029269AD15A4642ABF4AA5FF7F9A88FBA78832D65B87962330F93EDB798B8C431E34B2004FD573FB810EA774B739EAC7FEE516E2CCE2E89C4DFFDEB393F2B10178B64C2181C7C655F3A0B77D7B74D83418DF0D23F2548CCAA55276BF5FBF4ADFD000FEB09D74E06CB26E99026394E31463E18FCB8CBE230B9B219B8B9BF11A064C3A3DEAC0BF3B524F9E89777DCA4ACC16A8663E2CE0D47F3EE7417A30B37D11C1BB35B5314ADB053378AE67CF9B6CE178C9CE13514BAA65AFA63850F57C30253AD97B0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:54:d0:f3:3b:10:67:c6:1c:5d:f6:fc:5c:eb:
                    eb:b2:fd:d0:ff:03:5e:3b:65:be:27:d4:78:12:af:
                    e9:72:a6:55:32:b6:28:c9:04:88:d2:8c:33:07:15:
                    bd:1f:34:a7:0b:79:39:e9:c7:03:0e:60:96:16:41:
                    87:82:02:92:69:ad:15:a4:64:2a:bf:4a:a5:ff:7f:
                    9a:88:fb:a7:88:32:d6:5b:87:96:23:30:f9:3e:db:
                    79:8b:8c:43:1e:34:b2:00:4f:d5:73:fb:81:0e:a7:
                    74:b7:39:ea:c7:fe:e5:16:e2:cc:e2:e8:9c:4d:ff:
                    de:b3:93:f2:b1:01:78:b6:4c:21:81:c7:c6:55:f3:
                    a0:b7:7d:7b:74:d8:34:18:df:0d:23:f2:54:8c:ca:
                    a5:52:76:bf:5f:bf:4a:df:d0:00:fe:b0:9d:74:e0:
                    6c:b2:6e:99:02:63:94:e3:14:63:e1:8f:cb:8c:be:
                    23:0b:9b:21:9b:8b:9b:f1:1a:06:4c:3a:3d:ea:c0:
                    bf:3b:52:4f:9e:89:77:7d:ca:4a:cc:16:a8:66:3e:
                    2c:e0:d4:7f:3e:e7:41:7a:30:b3:7d:11:c1:bb:35:
                    b5:31:4a:db:05:33:78:ae:67:cf:9b:6c:e1:78:c9:
                    ce:13:51:4b:aa:65:af:a6:38:50:f5:7c:30:25:3a:
                    d9:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:E6:C5:A1:AB:52:19:40:90:64:F2:AA:84:46:25:41:6C:C8:A8:4C
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/323030313a6466333a646330303a3a2f34382d3438203d3e2030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df3:dc00::/48

    Signature Algorithm: sha256WithRSAEncryption
         36:e8:63:b9:8c:31:ac:09:2f:75:4d:79:f1:0f:90:9a:22:2d:
         0b:08:77:66:b7:67:c4:20:cb:be:5e:c1:84:81:19:44:2c:57:
         0e:4f:8c:3b:4f:38:bd:62:48:14:3a:f5:9e:7d:aa:2b:9d:af:
         af:19:17:f5:23:5f:e0:30:f3:ee:04:69:dc:1f:24:b5:06:03:
         6e:6b:df:0c:93:23:4a:92:e6:8c:1b:b9:da:2d:2c:c1:b9:b7:
         c9:31:dd:75:56:3e:12:e7:6d:a2:e8:88:5e:5e:57:5c:c1:76:
         cf:3a:db:43:0d:b4:7d:bd:69:f3:c2:c0:5a:38:b5:b6:67:de:
         53:a3:5f:9f:e9:c1:f6:f5:6f:c4:17:ba:6d:73:0f:89:d0:55:
         ce:bb:8b:aa:39:f7:f1:6e:ce:2b:f8:9a:3e:62:9d:4b:0e:64:
         4a:b8:bb:09:9d:53:8e:c5:73:e7:10:aa:49:e8:6b:05:55:7a:
         d4:ef:d6:eb:81:d7:d2:5e:b5:aa:4b:2f:40:87:a5:20:de:ba:
         68:3a:67:60:06:fd:57:3a:b4:99:a6:47:95:f5:19:02:82:ce:
         01:d9:01:f6:71:83:32:da:ec:13:9d:1d:19:bb:24:dc:c0:5c:
         6c:b2:9a:cb:93:df:64:c4:66:14:37:1c:08:f4:4d:ff:a8:65:
         31:aa:83:b6
-----BEGIN CERTIFICATE-----
MIIHCTCCBfGgAwIBAgIUOtWYh8W2o6wPixlApNAQPNMgDsAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIyMDIwMjA2MTM0MVoX
DTIzMDIwMjA2MTg0MVowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBCMTU0RDBGMzNCMTA2N0M2MUM1REY2RkM1Q0VCRUJCMkZERDBGRjAzNUUz
QjY1QkUyN0Q0NzgxMkFGRTk3MkE2NTUzMkI2MjhDOTA0ODhEMjhDMzMwNzE1QkQx
RjM0QTcwQjc5MzlFOUM3MDMwRTYwOTYxNjQxODc4MjAyOTI2OUFEMTVBNDY0MkFC
RjRBQTVGRjdGOUE4OEZCQTc4ODMyRDY1Qjg3OTYyMzMwRjkzRURCNzk4QjhDNDMx
RTM0QjIwMDRGRDU3M0ZCODEwRUE3NzRCNzM5RUFDN0ZFRTUxNkUyQ0NFMkU4OUM0
REZGREVCMzkzRjJCMTAxNzhCNjRDMjE4MUM3QzY1NUYzQTBCNzdEN0I3NEQ4MzQx
OERGMEQyM0YyNTQ4Q0NBQTU1Mjc2QkY1RkJGNEFERkQwMDBGRUIwOUQ3NEUwNkNC
MjZFOTkwMjYzOTRFMzE0NjNFMThGQ0I4Q0JFMjMwQjlCMjE5QjhCOUJGMTFBMDY0
QzNBM0RFQUMwQkYzQjUyNEY5RTg5Nzc3RENBNEFDQzE2QTg2NjNFMkNFMEQ0N0Yz
RUU3NDE3QTMwQjM3RDExQzFCQjM1QjUzMTRBREIwNTMzNzhBRTY3Q0Y5QjZDRTE3
OEM5Q0UxMzUxNEJBQTY1QUZBNjM4NTBGNTdDMzAyNTNBRDk3QjAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxVNDzOxBnxhxd9vxc6+uy
/dD/A147Zb4n1HgSr+lyplUytijJBIjSjDMHFb0fNKcLeTnpxwMOYJYWQYeCApJp
rRWkZCq/SqX/f5qI+6eIMtZbh5YjMPk+23mLjEMeNLIAT9Vz+4EOp3S3OerH/uUW
4szi6JxN/96zk/KxAXi2TCGBx8ZV86C3fXt02DQY3w0j8lSMyqVSdr9fv0rf0AD+
sJ104GyybpkCY5TjFGPhj8uMviMLmyGbi5vxGgZMOj3qwL87Uk+eiXd9ykrMFqhm
Pizg1H8+50F6MLN9EcG7NbUxStsFM3iuZ8+bbOF4yc4TUUuqZa+mOFD1fDAlOtl7
AgMBAAGjggIAMIIB/DAdBgNVHQ4EFgQUUObFoatSGUCQZPKqhEYlQWzIqEwwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBgAYIKwYB
BQUHAQsEdDByMHAGCCsGAQUFBzALhmRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMyMzAzMDMxM2E2NDY2MzMzYTY0NjMzMDMwM2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAgAQ3z3AAwDQYJKoZI
hvcNAQELBQADggEBADboY7mMMawJL3VNefEPkJoiLQsId2a3Z8Qgy75ewYSBGUQs
Vw5PjDtPOL1iSBQ69Z59qiudr68ZF/UjX+Aw8+4EadwfJLUGA25r3wyTI0qS5owb
udotLMG5t8kx3XVWPhLnbaLoiF5eV1zBds8620MNtH29afPCwFo4tbZn3lOjX5/p
wfb1b8QXum1zD4nQVc67i6o59/Fuziv4mj5inUsOZEq4uwmdU47Fc+cQqknoawVV
etTv1uuB19JetapLL0CHpSDeumg6Z2AG/Vc6tJmmR5X1GQKCzgHZAfZxgzLa7BOd
HRm7JNzAXGyymsuT32TEZhQ3HAj0Tf+oZTGqg7Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:48 2024 by rpki-client on console-ams.rpki-client.org