Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3230322e34362e3135362e302f32322d3234203d3e203633343930.roa
File:                     3230322e34362e3135362e302f32322d3234203d3e203633343930.roa (raw, json)
Hash identifier:          EzLcS5B8f48Iz3Q5PO6WbdvjxMpSPu/XhBcG8HjZmgo=
Subject key identifier:   2A:7C:FD:9C:F3:F6:3B:57:1A:8F:E8:53:74:EA:C1:36:92:26:7D:59
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       0B87FEC91246453DACC27818F31E34DB541734D8
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3230322e34362e3135362e302f32322d3234203d3e203633343930.roa
Signing time:             Fri 30 Apr 2021 08:23:11 +0000
ROA not before:           Fri 30 Apr 2021 08:18:11 +0000
ROA not after:            Sat 30 Apr 2022 08:23:11 +0000
asID:                     63490
IP address blocks:        202.46.156.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:87:fe:c9:12:46:45:3d:ac:c2:78:18:f3:1e:34:db:54:17:34:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Apr 30 08:18:11 2021 GMT
            Not After : Apr 30 08:23:11 2022 GMT
        Subject: CN=3082010A0282010100CE6582ED8E13096FD861183C4F26562878590887615D1F882DB45614126400D720B001D990014D2DAF0AA032607B58ADE7AA5763D276AC783AE310CE53479B20B2CEA8F8E7516745E4B3A8D11832FC363AE09250513DBD3F8DC49E684D99D27E50A1DE7C6097A6ED2EDE11E771867D539AC7E1E2E1119226ED05BF2ABD005EB3278EE9100643B0978F85AF2E396EDB5137A130669DD0BA8D9A7EA0E603ABF8B05292182BE3A53A8970B88F2BEC93D105FD1E65D5AC5EEA08702F5CBFED102A8ED33151661ACBE5623F1D43BD04C70DD3B1110548021AEE6500BE38674CD2838082FFF6D3C2B397DE881B174629D1DB064950091958FF0DFEA3A0BB11934134CD0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:65:82:ed:8e:13:09:6f:d8:61:18:3c:4f:26:
                    56:28:78:59:08:87:61:5d:1f:88:2d:b4:56:14:12:
                    64:00:d7:20:b0:01:d9:90:01:4d:2d:af:0a:a0:32:
                    60:7b:58:ad:e7:aa:57:63:d2:76:ac:78:3a:e3:10:
                    ce:53:47:9b:20:b2:ce:a8:f8:e7:51:67:45:e4:b3:
                    a8:d1:18:32:fc:36:3a:e0:92:50:51:3d:bd:3f:8d:
                    c4:9e:68:4d:99:d2:7e:50:a1:de:7c:60:97:a6:ed:
                    2e:de:11:e7:71:86:7d:53:9a:c7:e1:e2:e1:11:92:
                    26:ed:05:bf:2a:bd:00:5e:b3:27:8e:e9:10:06:43:
                    b0:97:8f:85:af:2e:39:6e:db:51:37:a1:30:66:9d:
                    d0:ba:8d:9a:7e:a0:e6:03:ab:f8:b0:52:92:18:2b:
                    e3:a5:3a:89:70:b8:8f:2b:ec:93:d1:05:fd:1e:65:
                    d5:ac:5e:ea:08:70:2f:5c:bf:ed:10:2a:8e:d3:31:
                    51:66:1a:cb:e5:62:3f:1d:43:bd:04:c7:0d:d3:b1:
                    11:05:48:02:1a:ee:65:00:be:38:67:4c:d2:83:80:
                    82:ff:f6:d3:c2:b3:97:de:88:1b:17:46:29:d1:db:
                    06:49:50:09:19:58:ff:0d:fe:a3:a0:bb:11:93:41:
                    34:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:7C:FD:9C:F3:F6:3B:57:1A:8F:E8:53:74:EA:C1:36:92:26:7D:59
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3230322e34362e3135362e302f32322d3234203d3e203633343930.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.46.156.0/22

    Signature Algorithm: sha256WithRSAEncryption
         23:7c:44:c6:91:e4:61:13:38:12:6b:ab:bf:39:3e:a3:24:3f:
         78:e4:54:7b:c9:3e:9e:a9:a4:43:6b:b6:26:c4:8c:63:e8:87:
         44:e0:e5:1d:04:24:5a:19:0a:87:15:ce:c9:62:56:56:67:5f:
         b1:74:ae:33:9c:36:ba:1e:ea:30:0b:62:bb:6b:e0:89:f2:ae:
         c2:21:a2:7c:ff:0a:41:68:66:78:c4:68:55:a7:eb:27:8d:11:
         99:84:1b:17:41:83:b5:43:b0:95:b4:d8:24:ce:d4:85:35:a6:
         96:62:83:51:59:d9:dc:6a:f1:3d:35:bf:76:c6:f5:ab:6d:0e:
         ac:eb:23:40:f5:46:b6:af:34:98:a0:2c:02:ed:02:6b:18:98:
         87:98:69:aa:ab:8f:c2:32:be:ca:a3:08:63:55:1a:d7:21:ac:
         58:13:17:67:3f:9e:75:c2:52:01:f9:9f:58:35:cd:8f:fb:99:
         f9:4b:88:fe:c9:95:99:df:68:50:a1:bc:5e:a4:83:c6:58:14:
         4d:0e:21:49:26:5a:16:a5:43:47:f3:ad:f7:cd:30:5f:df:51:
         da:78:88:11:c0:8f:f3:be:f1:2f:37:9c:3e:3b:c1:03:ef:a7:
         e2:35:e3:51:20:09:a4:85:bd:49:a3:bc:8b:a7:b7:3c:55:49:
         85:97:5d:62
-----BEGIN CERTIFICATE-----
MIIHCDCCBfCgAwIBAgIUC4f+yRJGRT2swngY8x4021QXNNgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIxMDQzMDA4MTgxMVoX
DTIyMDQzMDA4MjMxMVowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBDRTY1ODJFRDhFMTMwOTZGRDg2MTE4M0M0RjI2NTYyODc4NTkwODg3NjE1
RDFGODgyREI0NTYxNDEyNjQwMEQ3MjBCMDAxRDk5MDAxNEQyREFGMEFBMDMyNjA3
QjU4QURFN0FBNTc2M0QyNzZBQzc4M0FFMzEwQ0U1MzQ3OUIyMEIyQ0VBOEY4RTc1
MTY3NDVFNEIzQThEMTE4MzJGQzM2M0FFMDkyNTA1MTNEQkQzRjhEQzQ5RTY4NEQ5
OUQyN0U1MEExREU3QzYwOTdBNkVEMkVERTExRTc3MTg2N0Q1MzlBQzdFMUUyRTEx
MTkyMjZFRDA1QkYyQUJEMDA1RUIzMjc4RUU5MTAwNjQzQjA5NzhGODVBRjJFMzk2
RURCNTEzN0ExMzA2NjlERDBCQThEOUE3RUEwRTYwM0FCRjhCMDUyOTIxODJCRTNB
NTNBODk3MEI4OEYyQkVDOTNEMTA1RkQxRTY1RDVBQzVFRUEwODcwMkY1Q0JGRUQx
MDJBOEVEMzMxNTE2NjFBQ0JFNTYyM0YxRDQzQkQwNEM3MEREM0IxMTEwNTQ4MDIx
QUVFNjUwMEJFMzg2NzRDRDI4MzgwODJGRkY2RDNDMkIzOTdERTg4MUIxNzQ2MjlE
MURCMDY0OTUwMDkxOTU4RkYwREZFQTNBMEJCMTE5MzQxMzRDRDAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOZYLtjhMJb9hhGDxPJlYo
eFkIh2FdH4gttFYUEmQA1yCwAdmQAU0trwqgMmB7WK3nqldj0naseDrjEM5TR5sg
ss6o+OdRZ0Xks6jRGDL8NjrgklBRPb0/jcSeaE2Z0n5Qod58YJem7S7eEedxhn1T
msfh4uERkibtBb8qvQBesyeO6RAGQ7CXj4WvLjlu21E3oTBmndC6jZp+oOYDq/iw
UpIYK+OlOolwuI8r7JPRBf0eZdWsXuoIcC9cv+0QKo7TMVFmGsvlYj8dQ70Exw3T
sREFSAIa7mUAvjhnTNKDgIL/9tPCs5feiBsXRinR2wZJUAkZWP8N/qOguxGTQTTN
AgMBAAGjggH/MIIB+zAdBgNVHQ4EFgQUKnz9nPP2O1caj+hTdOrBNpImfVkwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBggYIKwYB
BQUHAQsEdjB0MHIGCCsGAQUFBzALhmZyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMyMzAzMjJlMzQzNjJlMzEzNTM2MmUzMDJmMzIz
MjJkMzIzNDIwM2QzZTIwMzYzMzM0MzkzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsounDANBgkqhkiG
9w0BAQsFAAOCAQEAI3xExpHkYRM4Emurvzk+oyQ/eORUe8k+nqmkQ2u2JsSMY+iH
RODlHQQkWhkKhxXOyWJWVmdfsXSuM5w2uh7qMAtiu2vgifKuwiGifP8KQWhmeMRo
VafrJ40RmYQbF0GDtUOwlbTYJM7UhTWmlmKDUVnZ3GrxPTW/dsb1q20OrOsjQPVG
tq80mKAsAu0CaxiYh5hpqquPwjK+yqMIY1Ua1yGsWBMXZz+edcJSAfmfWDXNj/uZ
+UuI/smVmd9oUKG8XqSDxlgUTQ4hSSZaFqVDR/Ot980wX99R2niIEcCP877xLzec
PjvBA++n4jXjUSAJpIW9SaO8i6e3PFVJhZddYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:12 2024 by rpki-client on console-fra.rpki-client.org