Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3230322e3136342e3232302e302f32322d3234203d3e203435323838.roa
File:                     3230322e3136342e3232302e302f32322d3234203d3e203435323838.roa (raw, json)
Hash identifier:          oLHQxnVtb3fLDyqRON1geIW2arhz/I8IM9VqXIUeprU=
Subject key identifier:   5D:59:4B:AE:59:99:F2:42:9A:BE:A0:8F:BF:8C:E8:06:BE:65:BA:B0
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       6D0FBF778ACE193733298401497A8116D08F6F23
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3230322e3136342e3232302e302f32322d3234203d3e203435323838.roa
Signing time:             Tue 14 Sep 2021 09:50:00 +0000
ROA not before:           Tue 14 Sep 2021 09:45:00 +0000
ROA not after:            Wed 14 Sep 2022 09:50:00 +0000
asID:                     45288
IP address blocks:        202.164.220.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:0f:bf:77:8a:ce:19:37:33:29:84:01:49:7a:81:16:d0:8f:6f:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Sep 14 09:45:00 2021 GMT
            Not After : Sep 14 09:50:00 2022 GMT
        Subject: CN=3082010A0282010100E856C3846C7A5447588F80732A321C8592B89F48A70E3CA65CB4A899A213CA4FDCC85B80A7C65E1CCE50F81901B0DE0B40D5E39099D2C1D32035194AD32B4BAA545BC366F2CFA4D7C471EBA04F48660968A77C229E879BFDE37B027E9E242E3948F18332D1C55A82C49DF45A2B9375517EE2E04BB90194F42F54961BFDC067A586B1416473006CDFFABD7EE2B33D20CCF04C43BC673B19D5EAA4FDBA95A0E8A393DD80F205758FEF6CFA5F41BEF87261E897CE2FCE5CB59E0846516D3DC74FC5A2223CF05873A338A623B3AB7B670CEBCDBBE253CB236D5B7B37EA8BB1C87C804FA8BD8520B695E187112C9D9E05B7E269AFB421FCA65121EDE730C90D6741A50203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:56:c3:84:6c:7a:54:47:58:8f:80:73:2a:32:
                    1c:85:92:b8:9f:48:a7:0e:3c:a6:5c:b4:a8:99:a2:
                    13:ca:4f:dc:c8:5b:80:a7:c6:5e:1c:ce:50:f8:19:
                    01:b0:de:0b:40:d5:e3:90:99:d2:c1:d3:20:35:19:
                    4a:d3:2b:4b:aa:54:5b:c3:66:f2:cf:a4:d7:c4:71:
                    eb:a0:4f:48:66:09:68:a7:7c:22:9e:87:9b:fd:e3:
                    7b:02:7e:9e:24:2e:39:48:f1:83:32:d1:c5:5a:82:
                    c4:9d:f4:5a:2b:93:75:51:7e:e2:e0:4b:b9:01:94:
                    f4:2f:54:96:1b:fd:c0:67:a5:86:b1:41:64:73:00:
                    6c:df:fa:bd:7e:e2:b3:3d:20:cc:f0:4c:43:bc:67:
                    3b:19:d5:ea:a4:fd:ba:95:a0:e8:a3:93:dd:80:f2:
                    05:75:8f:ef:6c:fa:5f:41:be:f8:72:61:e8:97:ce:
                    2f:ce:5c:b5:9e:08:46:51:6d:3d:c7:4f:c5:a2:22:
                    3c:f0:58:73:a3:38:a6:23:b3:ab:7b:67:0c:eb:cd:
                    bb:e2:53:cb:23:6d:5b:7b:37:ea:8b:b1:c8:7c:80:
                    4f:a8:bd:85:20:b6:95:e1:87:11:2c:9d:9e:05:b7:
                    e2:69:af:b4:21:fc:a6:51:21:ed:e7:30:c9:0d:67:
                    41:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:59:4B:AE:59:99:F2:42:9A:BE:A0:8F:BF:8C:E8:06:BE:65:BA:B0
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3230322e3136342e3232302e302f32322d3234203d3e203435323838.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.164.220.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2a:59:50:45:98:ed:c0:41:05:95:3b:86:5b:5f:8a:93:b5:a5:
         36:f8:05:7a:b8:c5:da:ef:58:e1:65:dc:ea:e7:33:22:d0:df:
         14:8d:78:e3:69:19:70:05:27:3c:6b:8f:bf:c2:0b:19:f5:f0:
         9b:9e:53:ff:8c:da:bb:79:ff:6a:0b:dd:67:b3:ec:bd:65:1a:
         85:c9:65:3b:78:8d:32:34:b2:da:be:5f:a4:c2:be:c2:f4:0c:
         dc:c5:41:44:82:74:72:8a:3f:2d:8d:be:78:65:09:4f:71:92:
         51:39:7f:9d:af:08:82:31:b2:3d:a2:37:7a:08:91:6d:c0:e4:
         d9:99:39:34:01:ac:b2:b8:e0:4c:2a:a0:58:58:9b:68:92:7f:
         c0:69:9a:ee:75:9d:c1:6d:5c:a3:37:2f:25:91:c4:7e:88:35:
         40:dd:ef:69:66:c4:52:d6:58:35:f1:a3:3a:96:14:b1:d7:b3:
         81:66:4e:18:fe:6e:6e:cd:d8:a3:41:c3:ab:cd:cc:ce:14:c6:
         d2:84:b5:d5:7d:ad:1b:41:f9:b5:e3:e4:d2:5a:ca:f7:68:36:
         bf:c4:5c:92:90:7f:32:33:6e:55:5e:5f:7b:6c:2b:42:77:8d:
         9b:ce:5d:36:2a:e7:f2:36:3f:cc:76:01:86:25:0d:d5:6d:cf:
         7e:7f:25:24
-----BEGIN CERTIFICATE-----
MIIHCjCCBfKgAwIBAgIUbQ+/d4rOGTczKYQBSXqBFtCPbyMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIxMDkxNDA5NDUwMFoX
DTIyMDkxNDA5NTAwMFowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBFODU2QzM4NDZDN0E1NDQ3NTg4RjgwNzMyQTMyMUM4NTkyQjg5RjQ4QTcw
RTNDQTY1Q0I0QTg5OUEyMTNDQTRGRENDODVCODBBN0M2NUUxQ0NFNTBGODE5MDFC
MERFMEI0MEQ1RTM5MDk5RDJDMUQzMjAzNTE5NEFEMzJCNEJBQTU0NUJDMzY2RjJD
RkE0RDdDNDcxRUJBMDRGNDg2NjA5NjhBNzdDMjI5RTg3OUJGREUzN0IwMjdFOUUy
NDJFMzk0OEYxODMzMkQxQzU1QTgyQzQ5REY0NUEyQjkzNzU1MTdFRTJFMDRCQjkw
MTk0RjQyRjU0OTYxQkZEQzA2N0E1ODZCMTQxNjQ3MzAwNkNERkZBQkQ3RUUyQjMz
RDIwQ0NGMDRDNDNCQzY3M0IxOUQ1RUFBNEZEQkE5NUEwRThBMzkzREQ4MEYyMDU3
NThGRUY2Q0ZBNUY0MUJFRjg3MjYxRTg5N0NFMkZDRTVDQjU5RTA4NDY1MTZEM0RD
NzRGQzVBMjIyM0NGMDU4NzNBMzM4QTYyM0IzQUI3QjY3MENFQkNEQkJFMjUzQ0Iy
MzZENUI3QjM3RUE4QkIxQzg3QzgwNEZBOEJEODUyMEI2OTVFMTg3MTEyQzlEOUUw
NUI3RTI2OUFGQjQyMUZDQTY1MTIxRURFNzMwQzkwRDY3NDFBNTAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoVsOEbHpUR1iPgHMqMhyF
krifSKcOPKZctKiZohPKT9zIW4Cnxl4czlD4GQGw3gtA1eOQmdLB0yA1GUrTK0uq
VFvDZvLPpNfEceugT0hmCWinfCKeh5v943sCfp4kLjlI8YMy0cVagsSd9Fork3VR
fuLgS7kBlPQvVJYb/cBnpYaxQWRzAGzf+r1+4rM9IMzwTEO8ZzsZ1eqk/bqVoOij
k92A8gV1j+9s+l9BvvhyYeiXzi/OXLWeCEZRbT3HT8WiIjzwWHOjOKYjs6t7Zwzr
zbviU8sjbVt7N+qLsch8gE+ovYUgtpXhhxEsnZ4Ft+Jpr7Qh/KZRIe3nMMkNZ0Gl
AgMBAAGjggIBMIIB/TAdBgNVHQ4EFgQUXVlLrlmZ8kKavqCPv4zoBr5lurAwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBhAYIKwYB
BQUHAQsEeDB2MHQGCCsGAQUFBzALhmhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMyMzAzMjJlMzEzNjM0MmUzMjMyMzAyZTMwMmYz
MjMyMmQzMjM0MjAzZDNlMjAzNDM1MzIzODM4LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCyqTcMA0GCSqG
SIb3DQEBCwUAA4IBAQAqWVBFmO3AQQWVO4ZbX4qTtaU2+AV6uMXa71jhZdzq5zMi
0N8UjXjjaRlwBSc8a4+/wgsZ9fCbnlP/jNq7ef9qC91ns+y9ZRqFyWU7eI0yNLLa
vl+kwr7C9AzcxUFEgnRyij8tjb54ZQlPcZJROX+drwiCMbI9ojd6CJFtwOTZmTk0
AayyuOBMKqBYWJtokn/AaZrudZ3BbVyjNy8lkcR+iDVA3e9pZsRS1lg18aM6lhSx
17OBZk4Y/m5uzdijQcOrzczOFMbShLXVfa0bQfm14+TSWsr3aDa/xFySkH8yM25V
Xl97bCtCd42bzl02KufyNj/MdgGGJQ3Vbc9+fyUk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:48 2024 by rpki-client on console-ams.rpki-client.org