Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3230322e36352e3232342e302f32302d3234203d3e2030.roa
File:                     3230322e36352e3232342e302f32302d3234203d3e2030.roa (raw, json)
Hash identifier:          MUKgKurs6M2NcSiy/o8N+JlhwZXH0sKcVVX6sZF2gQs=
Subject key identifier:   DE:D6:CD:03:20:E6:89:F3:D6:85:EF:B2:00:FD:FC:33:65:39:DB:67
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       73F43C9D9C0B8945349E255C350C321A4583BD1B
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3230322e36352e3232342e302f32302d3234203d3e2030.roa
Signing time:             Tue 08 Feb 2022 09:50:13 +0000
ROA not before:           Tue 08 Feb 2022 09:45:13 +0000
ROA not after:            Wed 08 Feb 2023 09:50:13 +0000
asID:                     0
IP address blocks:        202.65.224.0/20 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:f4:3c:9d:9c:0b:89:45:34:9e:25:5c:35:0c:32:1a:45:83:bd:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Feb  8 09:45:13 2022 GMT
            Not After : Feb  8 09:50:13 2023 GMT
        Subject: CN=3082010A0282010100CC2220AF1484DC761E28AF00F0E2B9FE7BEA29AFC2DF54D28308056093A87710963A69D5E35336D76F352726192B899089D6FD9A0FDA695E1133634027AD5A1AADC0F4DF3EF744236012DE1942DAF538AC9433FCFBE9DED30C329013A72A1DE2A6D0137D0BB60CF261C6BE9A297CABD0E0B7B31CEC8EBDE988B39F94B24529BF86B76E51AE38462BBFDD9E856F306C7F449D5534E0BDC82EFC3B62DCA3F6FFDBCCA2CD130E4B87E114EF36A45BEFF0086F33823F5AA5B76B65089AABAD2BCE336D1FB9F6C466C649D2F09BF820E1DAEA95E50C976D8EF93168B890BC32BA4D006F30E2F85A26E2ABBF800C7697D075A9C8D4AB48AE142E1D096572F13A4D670F0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:22:20:af:14:84:dc:76:1e:28:af:00:f0:e2:
                    b9:fe:7b:ea:29:af:c2:df:54:d2:83:08:05:60:93:
                    a8:77:10:96:3a:69:d5:e3:53:36:d7:6f:35:27:26:
                    19:2b:89:90:89:d6:fd:9a:0f:da:69:5e:11:33:63:
                    40:27:ad:5a:1a:ad:c0:f4:df:3e:f7:44:23:60:12:
                    de:19:42:da:f5:38:ac:94:33:fc:fb:e9:de:d3:0c:
                    32:90:13:a7:2a:1d:e2:a6:d0:13:7d:0b:b6:0c:f2:
                    61:c6:be:9a:29:7c:ab:d0:e0:b7:b3:1c:ec:8e:bd:
                    e9:88:b3:9f:94:b2:45:29:bf:86:b7:6e:51:ae:38:
                    46:2b:bf:dd:9e:85:6f:30:6c:7f:44:9d:55:34:e0:
                    bd:c8:2e:fc:3b:62:dc:a3:f6:ff:db:cc:a2:cd:13:
                    0e:4b:87:e1:14:ef:36:a4:5b:ef:f0:08:6f:33:82:
                    3f:5a:a5:b7:6b:65:08:9a:ab:ad:2b:ce:33:6d:1f:
                    b9:f6:c4:66:c6:49:d2:f0:9b:f8:20:e1:da:ea:95:
                    e5:0c:97:6d:8e:f9:31:68:b8:90:bc:32:ba:4d:00:
                    6f:30:e2:f8:5a:26:e2:ab:bf:80:0c:76:97:d0:75:
                    a9:c8:d4:ab:48:ae:14:2e:1d:09:65:72:f1:3a:4d:
                    67:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:D6:CD:03:20:E6:89:F3:D6:85:EF:B2:00:FD:FC:33:65:39:DB:67
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3230322e36352e3232342e302f32302d3234203d3e2030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.65.224.0/20

    Signature Algorithm: sha256WithRSAEncryption
         7b:41:72:2a:0d:55:17:ec:0a:5e:74:17:e8:93:1f:e4:e3:55:
         c5:e6:27:a6:cd:f5:3d:eb:98:5c:d2:2a:69:20:a4:a3:fe:1c:
         5b:66:a6:30:4f:ca:9a:32:bc:bb:c1:11:78:3a:17:61:d6:c7:
         ad:a2:25:0e:ee:e3:0f:24:e5:9d:a1:a5:0b:6c:e2:8d:7c:e2:
         d0:d6:a9:8f:25:28:be:b6:d9:de:a0:70:b6:40:34:29:47:e4:
         90:57:50:81:2a:48:dc:80:6e:0f:84:80:02:25:fc:64:9f:4b:
         85:60:02:cf:2c:9d:ce:eb:27:74:da:3f:84:50:76:b9:a9:cb:
         e7:4c:1c:f1:31:0c:f9:7a:27:28:e3:79:7c:e5:3f:1d:3f:a7:
         57:fd:c4:05:66:c2:0e:b9:6a:2b:31:fc:1a:d5:8c:c1:19:af:
         90:85:18:cf:cb:fd:0a:3b:49:99:56:55:8d:2c:b4:e2:a9:58:
         70:52:0d:8f:ec:18:44:ef:6e:a5:2f:c3:c4:62:17:ab:0c:dc:
         0b:e2:b8:19:65:38:76:cd:9c:63:cb:e0:af:27:5d:39:d1:5e:
         3e:bd:20:ed:48:de:e6:00:90:31:19:cf:cf:00:50:ff:2d:8a:
         ed:aa:af:4c:ee:00:a5:78:bf:a3:6c:c8:a6:fe:94:fc:11:fe:
         e5:23:53:8c
-----BEGIN CERTIFICATE-----
MIIG/zCCBeegAwIBAgIUc/Q8nZwLiUU0niVcNQwyGkWDvRswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIyMDIwODA5NDUxM1oX
DTIzMDIwODA5NTAxM1owggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBDQzIyMjBBRjE0ODREQzc2MUUyOEFGMDBGMEUyQjlGRTdCRUEyOUFGQzJE
RjU0RDI4MzA4MDU2MDkzQTg3NzEwOTYzQTY5RDVFMzUzMzZENzZGMzUyNzI2MTky
Qjg5OTA4OUQ2RkQ5QTBGREE2OTVFMTEzMzYzNDAyN0FENUExQUFEQzBGNERGM0VG
NzQ0MjM2MDEyREUxOTQyREFGNTM4QUM5NDMzRkNGQkU5REVEMzBDMzI5MDEzQTcy
QTFERTJBNkQwMTM3RDBCQjYwQ0YyNjFDNkJFOUEyOTdDQUJEMEUwQjdCMzFDRUM4
RUJERTk4OEIzOUY5NEIyNDUyOUJGODZCNzZFNTFBRTM4NDYyQkJGREQ5RTg1NkYz
MDZDN0Y0NDlENTUzNEUwQkRDODJFRkMzQjYyRENBM0Y2RkZEQkNDQTJDRDEzMEU0
Qjg3RTExNEVGMzZBNDVCRUZGMDA4NkYzMzgyM0Y1QUE1Qjc2QjY1MDg5QUFCQUQy
QkNFMzM2RDFGQjlGNkM0NjZDNjQ5RDJGMDlCRjgyMEUxREFFQTk1RTUwQzk3NkQ4
RUY5MzE2OEI4OTBCQzMyQkE0RDAwNkYzMEUyRjg1QTI2RTJBQkJGODAwQzc2OTdE
MDc1QTlDOEQ0QUI0OEFFMTQyRTFEMDk2NTcyRjEzQTRENjcwRjAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMIiCvFITcdh4orwDw4rn+
e+opr8LfVNKDCAVgk6h3EJY6adXjUzbXbzUnJhkriZCJ1v2aD9ppXhEzY0AnrVoa
rcD03z73RCNgEt4ZQtr1OKyUM/z76d7TDDKQE6cqHeKm0BN9C7YM8mHGvpopfKvQ
4LezHOyOvemIs5+UskUpv4a3blGuOEYrv92ehW8wbH9EnVU04L3ILvw7Ytyj9v/b
zKLNEw5Lh+EU7zakW+/wCG8zgj9apbdrZQiaq60rzjNtH7n2xGbGSdLwm/gg4drq
leUMl22O+TFouJC8MrpNAG8w4vhaJuKrv4AMdpfQdanI1KtIrhQuHQllcvE6TWcP
AgMBAAGjggH2MIIB8jAdBgNVHQ4EFgQU3tbNAyDmifPWhe+yAP38M2U522cwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjB6BggrBgEF
BQcBCwRuMGwwagYIKwYBBQUHMAuGXnJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5l
dC9yZXBvL0lETklDLUlELzIvMzIzMDMyMmUzNjM1MmUzMjMyMzQyZTMwMmYzMjMw
MmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMpB4DANBgkqhkiG9w0BAQsFAAOC
AQEAe0FyKg1VF+wKXnQX6JMf5ONVxeYnps31PeuYXNIqaSCko/4cW2amME/KmjK8
u8EReDoXYdbHraIlDu7jDyTlnaGlC2zijXzi0NapjyUovrbZ3qBwtkA0KUfkkFdQ
gSpI3IBuD4SAAiX8ZJ9LhWACzyydzusndNo/hFB2uanL50wc8TEM+XonKON5fOU/
HT+nV/3EBWbCDrlqKzH8GtWMwRmvkIUYz8v9CjtJmVZVjSy04qlYcFINj+wYRO9u
pS/DxGIXqwzcC+K4GWU4ds2cY8vgryddOdFePr0g7Uje5gCQMRnPzwBQ/y2K7aqv
TO4ApXi/o2zIpv6U/BH+5SNTjA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:48 2024 by rpki-client on console-ams.rpki-client.org