Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3230322e3132322e382e302f32312d3234203d3e203234323039.roa
File:                     3230322e3132322e382e302f32312d3234203d3e203234323039.roa (raw, json)
Hash identifier:          rnsbUhADi0gGhbCtq0hYopMmtnuFQZBFVLQ/uYwUiq4=
Subject key identifier:   23:2B:62:A6:F7:4F:47:FD:9B:76:4C:B5:C5:19:36:B1:66:9F:A8:A6
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       08DED4465A180AEFBEEB75793E327BFD37756052
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3230322e3132322e382e302f32312d3234203d3e203234323039.roa
Signing time:             Thu 13 Jan 2022 06:44:19 +0000
ROA not before:           Thu 13 Jan 2022 06:39:19 +0000
ROA not after:            Fri 13 Jan 2023 06:44:19 +0000
asID:                     24209
IP address blocks:        202.122.8.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:de:d4:46:5a:18:0a:ef:be:eb:75:79:3e:32:7b:fd:37:75:60:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Jan 13 06:39:19 2022 GMT
            Not After : Jan 13 06:44:19 2023 GMT
        Subject: CN=3082010A0282010100C835AF7613FFF1DD6387C360FDFF0701F34686F5815F4F00EE516E162D8A6829795F5CF7944883574F74F85F742C7553FE6B6C8B2B4AFB29F0D8A1D4B5858EBCC41BE71BC73F06CC8BF90FCC67ED08DC46D94DA5CE8C7CE330C6903FAA6C17019314B62EE18EAC6027908A33DBC41D1BD6FE87F561539E2610892F2EDC11B0376CA8E02BE33595DA1E4A3EFD21850CA51399A049E8A125FA2E19B7D4E1A071DF5031E5FA3FEE1028E7B42363BD7994E424F99DB3E2E076F5F712AE65283FB0740BCD7A48F7E7A49040D26ED8B0213B0C1118266E8E2390C33F3DDE866100ABDEF15372E8E89A4656F383F81CDE8074131A2BE4FAEA7933628AA0F338008255990203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:35:af:76:13:ff:f1:dd:63:87:c3:60:fd:ff:
                    07:01:f3:46:86:f5:81:5f:4f:00:ee:51:6e:16:2d:
                    8a:68:29:79:5f:5c:f7:94:48:83:57:4f:74:f8:5f:
                    74:2c:75:53:fe:6b:6c:8b:2b:4a:fb:29:f0:d8:a1:
                    d4:b5:85:8e:bc:c4:1b:e7:1b:c7:3f:06:cc:8b:f9:
                    0f:cc:67:ed:08:dc:46:d9:4d:a5:ce:8c:7c:e3:30:
                    c6:90:3f:aa:6c:17:01:93:14:b6:2e:e1:8e:ac:60:
                    27:90:8a:33:db:c4:1d:1b:d6:fe:87:f5:61:53:9e:
                    26:10:89:2f:2e:dc:11:b0:37:6c:a8:e0:2b:e3:35:
                    95:da:1e:4a:3e:fd:21:85:0c:a5:13:99:a0:49:e8:
                    a1:25:fa:2e:19:b7:d4:e1:a0:71:df:50:31:e5:fa:
                    3f:ee:10:28:e7:b4:23:63:bd:79:94:e4:24:f9:9d:
                    b3:e2:e0:76:f5:f7:12:ae:65:28:3f:b0:74:0b:cd:
                    7a:48:f7:e7:a4:90:40:d2:6e:d8:b0:21:3b:0c:11:
                    18:26:6e:8e:23:90:c3:3f:3d:de:86:61:00:ab:de:
                    f1:53:72:e8:e8:9a:46:56:f3:83:f8:1c:de:80:74:
                    13:1a:2b:e4:fa:ea:79:33:62:8a:a0:f3:38:00:82:
                    55:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:2B:62:A6:F7:4F:47:FD:9B:76:4C:B5:C5:19:36:B1:66:9F:A8:A6
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3230322e3132322e382e302f32312d3234203d3e203234323039.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.122.8.0/21

    Signature Algorithm: sha256WithRSAEncryption
         3b:96:b7:df:29:9c:06:55:12:7f:75:a7:32:f4:50:8f:40:2b:
         4f:1d:8f:ef:e9:13:6c:51:5e:86:1b:d8:61:f6:66:50:e9:dc:
         fe:c2:41:42:26:ab:40:04:ca:e7:06:14:fd:5d:61:44:41:86:
         56:5a:5f:a0:3e:76:db:46:82:a3:25:34:20:86:d6:8e:f4:6a:
         49:d6:a3:f6:19:aa:60:9f:f8:b0:51:e4:c8:2e:4c:de:dd:6d:
         01:32:2d:eb:02:75:c6:ba:c3:31:25:f5:1f:27:84:7f:24:86:
         4e:c1:ba:61:f5:50:67:7f:38:04:20:c4:c8:9b:22:99:21:9c:
         9d:6d:46:c8:41:41:29:15:ff:da:2e:5d:af:c7:0a:aa:9a:cd:
         f9:f0:18:d3:c4:c3:33:86:b5:e1:b3:72:30:56:fa:0a:e4:97:
         29:58:62:c1:9c:d2:08:77:be:b7:fb:a3:64:eb:9b:de:6a:84:
         15:76:d0:a5:57:74:cf:09:8b:c0:b0:de:a6:57:53:03:cb:2b:
         a3:ea:66:e9:ae:3a:ca:22:ba:c4:e6:e2:bd:10:c1:c9:09:3b:
         30:a8:fb:dd:fb:fc:a4:95:ad:42:ab:94:93:7c:5c:ca:7c:5f:
         a9:82:f9:9f:c6:4c:0b:3d:e8:56:91:8e:1a:77:27:59:47:88:
         12:a9:c2:65
-----BEGIN CERTIFICATE-----
MIIHBjCCBe6gAwIBAgIUCN7URloYCu++63V5PjJ7/Td1YFIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIyMDExMzA2MzkxOVoX
DTIzMDExMzA2NDQxOVowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBDODM1QUY3NjEzRkZGMURENjM4N0MzNjBGREZGMDcwMUYzNDY4NkY1ODE1
RjRGMDBFRTUxNkUxNjJEOEE2ODI5Nzk1RjVDRjc5NDQ4ODM1NzRGNzRGODVGNzQy
Qzc1NTNGRTZCNkM4QjJCNEFGQjI5RjBEOEExRDRCNTg1OEVCQ0M0MUJFNzFCQzcz
RjA2Q0M4QkY5MEZDQzY3RUQwOERDNDZEOTREQTVDRThDN0NFMzMwQzY5MDNGQUE2
QzE3MDE5MzE0QjYyRUUxOEVBQzYwMjc5MDhBMzNEQkM0MUQxQkQ2RkU4N0Y1NjE1
MzlFMjYxMDg5MkYyRURDMTFCMDM3NkNBOEUwMkJFMzM1OTVEQTFFNEEzRUZEMjE4
NTBDQTUxMzk5QTA0OUU4QTEyNUZBMkUxOUI3RDRFMUEwNzFERjUwMzFFNUZBM0ZF
RTEwMjhFN0I0MjM2M0JENzk5NEU0MjRGOTlEQjNFMkUwNzZGNUY3MTJBRTY1Mjgz
RkIwNzQwQkNEN0E0OEY3RTdBNDkwNDBEMjZFRDhCMDIxM0IwQzExMTgyNjZFOEUy
MzkwQzMzRjNEREU4NjYxMDBBQkRFRjE1MzcyRThFODlBNDY1NkYzODNGODFDREU4
MDc0MTMxQTJCRTRGQUVBNzkzMzYyOEFBMEYzMzgwMDgyNTU5OTAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDINa92E//x3WOHw2D9/wcB
80aG9YFfTwDuUW4WLYpoKXlfXPeUSINXT3T4X3QsdVP+a2yLK0r7KfDYodS1hY68
xBvnG8c/BsyL+Q/MZ+0I3EbZTaXOjHzjMMaQP6psFwGTFLYu4Y6sYCeQijPbxB0b
1v6H9WFTniYQiS8u3BGwN2yo4CvjNZXaHko+/SGFDKUTmaBJ6KEl+i4Zt9ThoHHf
UDHl+j/uECjntCNjvXmU5CT5nbPi4Hb19xKuZSg/sHQLzXpI9+ekkEDSbtiwITsM
ERgmbo4jkMM/Pd6GYQCr3vFTcujomkZW84P4HN6AdBMaK+T66nkzYoqg8zgAglWZ
AgMBAAGjggH9MIIB+TAdBgNVHQ4EFgQUIytipvdPR/2bdky1xRk2sWafqKYwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBgAYIKwYB
BQUHAQsEdDByMHAGCCsGAQUFBzALhmRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMyMzAzMjJlMzEzMjMyMmUzODJlMzAyZjMyMzEy
ZDMyMzQyMDNkM2UyMDMyMzQzMjMwMzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPKeggwDQYJKoZIhvcN
AQELBQADggEBADuWt98pnAZVEn91pzL0UI9AK08dj+/pE2xRXoYb2GH2ZlDp3P7C
QUImq0AEyucGFP1dYURBhlZaX6A+dttGgqMlNCCG1o70aknWo/YZqmCf+LBR5Mgu
TN7dbQEyLesCdca6wzEl9R8nhH8khk7BumH1UGd/OAQgxMibIpkhnJ1tRshBQSkV
/9ouXa/HCqqazfnwGNPEwzOGteGzcjBW+grklylYYsGc0gh3vrf7o2Trm95qhBV2
0KVXdM8Ji8Cw3qZXUwPLK6PqZumuOsoiusTm4r0QwckJOzCo+937/KSVrUKrlJN8
XMp8X6mC+Z/GTAs96FaRjhp3J1lHiBKpwmU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:48 2024 by rpki-client on console-ams.rpki-client.org