Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3230322e38302e3230382e302f32342d3234203d3e203137363730.roa
File:                     3230322e38302e3230382e302f32342d3234203d3e203137363730.roa (raw, json)
Hash identifier:          xnmmsrz2or8gZLd23wTHNPHw7rhFGiS1APE8rJIHYFY=
Subject key identifier:   B6:F9:6E:97:EF:E7:3C:41:53:7D:65:A6:95:1D:3C:F1:95:34:94:B3
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       658943686DD9CD8460DD062CB792E536D0C034F2
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3230322e38302e3230382e302f32342d3234203d3e203137363730.roa
Signing time:             Fri 07 May 2021 11:19:59 +0000
ROA not before:           Fri 07 May 2021 11:14:59 +0000
ROA not after:            Sat 07 May 2022 11:19:59 +0000
asID:                     17670
IP address blocks:        202.80.208.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:89:43:68:6d:d9:cd:84:60:dd:06:2c:b7:92:e5:36:d0:c0:34:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: May  7 11:14:59 2021 GMT
            Not After : May  7 11:19:59 2022 GMT
        Subject: CN=3082010A0282010100A7E9836CC3A6411CFB71EFFEC62B2CAC0AA755571491E769B005B50F7C98C9837106A59476908B00CC02DFA9F6C7D38C2D480F042301E1E376DEC10157AD7E39F4741F992BE3A5980FF79E5702857A4E999A6D2999101480B1267B1ED26AEACEB593BAE0C4B9A67DCDB98986923CD3F32C561E326FD59056E06D3CD5D36426DA0E8E1EBFD4F82E3A754D85FDB6B859989B852365B14E2C986013256B28A6D6238DDAC66B0FE70973A39BA17632AD91C62199479A235F8DE9044030FEA344B66CAAB766C97861F68595EEE621454A1D4F5CB6A90E03407F4BAB04FDCA9C1055B2B4097F9A49538E2C55C75BEA6F7CCDEB94CE82E27FFA709CECD100D3DBBE172D0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:e9:83:6c:c3:a6:41:1c:fb:71:ef:fe:c6:2b:
                    2c:ac:0a:a7:55:57:14:91:e7:69:b0:05:b5:0f:7c:
                    98:c9:83:71:06:a5:94:76:90:8b:00:cc:02:df:a9:
                    f6:c7:d3:8c:2d:48:0f:04:23:01:e1:e3:76:de:c1:
                    01:57:ad:7e:39:f4:74:1f:99:2b:e3:a5:98:0f:f7:
                    9e:57:02:85:7a:4e:99:9a:6d:29:99:10:14:80:b1:
                    26:7b:1e:d2:6a:ea:ce:b5:93:ba:e0:c4:b9:a6:7d:
                    cd:b9:89:86:92:3c:d3:f3:2c:56:1e:32:6f:d5:90:
                    56:e0:6d:3c:d5:d3:64:26:da:0e:8e:1e:bf:d4:f8:
                    2e:3a:75:4d:85:fd:b6:b8:59:98:9b:85:23:65:b1:
                    4e:2c:98:60:13:25:6b:28:a6:d6:23:8d:da:c6:6b:
                    0f:e7:09:73:a3:9b:a1:76:32:ad:91:c6:21:99:47:
                    9a:23:5f:8d:e9:04:40:30:fe:a3:44:b6:6c:aa:b7:
                    66:c9:78:61:f6:85:95:ee:e6:21:45:4a:1d:4f:5c:
                    b6:a9:0e:03:40:7f:4b:ab:04:fd:ca:9c:10:55:b2:
                    b4:09:7f:9a:49:53:8e:2c:55:c7:5b:ea:6f:7c:cd:
                    eb:94:ce:82:e2:7f:fa:70:9c:ec:d1:00:d3:db:be:
                    17:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:F9:6E:97:EF:E7:3C:41:53:7D:65:A6:95:1D:3C:F1:95:34:94:B3
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3230322e38302e3230382e302f32342d3234203d3e203137363730.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.80.208.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:a9:bf:1c:4c:22:64:d9:f1:1c:96:b9:c9:02:d8:be:bc:d8:
         bd:b2:ff:97:21:dc:40:8a:f6:7c:ba:0a:0b:45:3a:be:95:b3:
         08:40:27:67:d3:28:a7:fe:cc:df:b5:2e:4b:c0:f4:83:e2:19:
         9c:78:b4:ef:9b:6d:0b:70:b4:72:e7:a9:82:7b:7b:db:5d:e2:
         be:d8:47:76:0d:8a:1e:27:2b:b6:41:f4:29:44:4c:8a:68:be:
         66:a6:2a:5a:cd:fb:f8:3b:d4:98:b8:ae:d1:47:0c:1b:38:80:
         4e:30:ad:42:91:46:81:98:65:9c:3b:22:b5:53:09:d4:db:ad:
         b9:4e:f1:7b:21:2c:4c:91:43:02:da:41:5a:d4:82:ad:88:fe:
         40:63:5a:1b:b1:47:2f:3a:fb:e4:bc:76:df:98:c0:a7:ec:8b:
         0d:3f:96:bf:97:2d:3f:78:2b:6e:ec:da:86:11:35:53:8a:09:
         a1:3f:bb:5d:29:69:91:e3:4a:50:ed:3f:99:88:22:6e:c7:bc:
         cb:60:b6:1b:13:f6:ec:86:80:36:0c:c6:49:3e:fe:68:c3:49:
         a7:45:9c:04:e8:64:c0:a7:1c:6b:25:0a:be:a3:e7:6b:7c:28:
         e3:80:6d:ca:11:94:e5:c1:0e:2b:d2:74:98:2e:51:9d:9d:f8:
         35:a6:04:d0
-----BEGIN CERTIFICATE-----
MIIHCDCCBfCgAwIBAgIUZYlDaG3ZzYRg3QYst5LlNtDANPIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIxMDUwNzExMTQ1OVoX
DTIyMDUwNzExMTk1OVowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBBN0U5ODM2Q0MzQTY0MTFDRkI3MUVGRkVDNjJCMkNBQzBBQTc1NTU3MTQ5
MUU3NjlCMDA1QjUwRjdDOThDOTgzNzEwNkE1OTQ3NjkwOEIwMENDMDJERkE5RjZD
N0QzOEMyRDQ4MEYwNDIzMDFFMUUzNzZERUMxMDE1N0FEN0UzOUY0NzQxRjk5MkJF
M0E1OTgwRkY3OUU1NzAyODU3QTRFOTk5QTZEMjk5OTEwMTQ4MEIxMjY3QjFFRDI2
QUVBQ0VCNTkzQkFFMEM0QjlBNjdEQ0RCOTg5ODY5MjNDRDNGMzJDNTYxRTMyNkZE
NTkwNTZFMDZEM0NENUQzNjQyNkRBMEU4RTFFQkZENEY4MkUzQTc1NEQ4NUZEQjZC
ODU5OTg5Qjg1MjM2NUIxNEUyQzk4NjAxMzI1NkIyOEE2RDYyMzhEREFDNjZCMEZF
NzA5NzNBMzlCQTE3NjMyQUQ5MUM2MjE5OTQ3OUEyMzVGOERFOTA0NDAzMEZFQTM0
NEI2NkNBQUI3NjZDOTc4NjFGNjg1OTVFRUU2MjE0NTRBMUQ0RjVDQjZBOTBFMDM0
MDdGNEJBQjA0RkRDQTlDMTA1NUIyQjQwOTdGOUE0OTUzOEUyQzU1Qzc1QkVBNkY3
Q0NERUI5NENFODJFMjdGRkE3MDlDRUNEMTAwRDNEQkJFMTcyRDAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCn6YNsw6ZBHPtx7/7GKyys
CqdVVxSR52mwBbUPfJjJg3EGpZR2kIsAzALfqfbH04wtSA8EIwHh43bewQFXrX45
9HQfmSvjpZgP955XAoV6TpmabSmZEBSAsSZ7HtJq6s61k7rgxLmmfc25iYaSPNPz
LFYeMm/VkFbgbTzV02Qm2g6OHr/U+C46dU2F/ba4WZibhSNlsU4smGATJWsoptYj
jdrGaw/nCXOjm6F2Mq2RxiGZR5ojX43pBEAw/qNEtmyqt2bJeGH2hZXu5iFFSh1P
XLapDgNAf0urBP3KnBBVsrQJf5pJU44sVcdb6m98zeuUzoLif/pwnOzRANPbvhct
AgMBAAGjggH/MIIB+zAdBgNVHQ4EFgQUtvlul+/nPEFTfWWmlR088ZU0lLMwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBggYIKwYB
BQUHAQsEdjB0MHIGCCsGAQUFBzALhmZyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMyMzAzMjJlMzgzMDJlMzIzMDM4MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNzM2MzczMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMpQ0DANBgkqhkiG
9w0BAQsFAAOCAQEAQKm/HEwiZNnxHJa5yQLYvrzYvbL/lyHcQIr2fLoKC0U6vpWz
CEAnZ9Mop/7M37UuS8D0g+IZnHi075ttC3C0cuepgnt7213ivthHdg2KHicrtkH0
KURMimi+ZqYqWs37+DvUmLiu0UcMGziATjCtQpFGgZhlnDsitVMJ1NutuU7xeyEs
TJFDAtpBWtSCrYj+QGNaG7FHLzr75Lx235jAp+yLDT+Wv5ctP3grbuzahhE1U4oJ
oT+7XSlpkeNKUO0/mYgibse8y2C2GxP27IaANgzGST7+aMNJp0WcBOhkwKccayUK
vqPna3wo44BtyhGU5cEOK9J0mC5RnZ34NaYE0A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:48 2024 by rpki-client on console-ams.rpki-client.org