Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3230322e38302e3231342e302f32332d3234203d3e203137363730.roa
File:                     3230322e38302e3231342e302f32332d3234203d3e203137363730.roa (raw, json)
Hash identifier:          /P3CVlNnY7SzVOrf7tzKF9gUYqjBwc1onp5HQIbBBvU=
Subject key identifier:   74:64:2F:08:B7:35:90:E4:60:5C:A1:AB:50:05:C8:7E:CF:97:BC:13
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       73E4D783607F58DB81B5FAB8D04975FF0BF1F916
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3230322e38302e3231342e302f32332d3234203d3e203137363730.roa
Signing time:             Fri 07 May 2021 11:21:16 +0000
ROA not before:           Fri 07 May 2021 11:16:16 +0000
ROA not after:            Sat 07 May 2022 11:21:16 +0000
asID:                     17670
IP address blocks:        202.80.214.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:e4:d7:83:60:7f:58:db:81:b5:fa:b8:d0:49:75:ff:0b:f1:f9:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: May  7 11:16:16 2021 GMT
            Not After : May  7 11:21:16 2022 GMT
        Subject: CN=3082010A0282010100A28094C241CFB13B8181D27DB8F7C2351002C2FEE8C600BB1DD5775AD676C552D0653BC498C55F585FBDE3E96B9DD338EB82CE12EE3E26F2C9A0C79D1959A3C60D17B1B9670E853CAFB6CE8B0671C960DB3EDB2779F71755BDE60B9D59CAA1EE55DF6ACD3AA237EFD767B22B1897E229F4D5695DDFD976FE4CCB4A170CA4F79F67EFAD1CAC7FB6A6FD6680EBD016B5F672AB7F1AB5BE819635FFC0CE30AB0C28BEB01125C230ACF63693C614EAE0F312EFDD77AF96A48C2CE5CC3F2ECC529AA88B3860E6B04379EBB664CB9023671C2907A33E70F99C3CFFAED110571C91928E2E332703549693945F60D36EC3341315C8EC5160F3B7AE2F60597E590AF3B5330203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:80:94:c2:41:cf:b1:3b:81:81:d2:7d:b8:f7:
                    c2:35:10:02:c2:fe:e8:c6:00:bb:1d:d5:77:5a:d6:
                    76:c5:52:d0:65:3b:c4:98:c5:5f:58:5f:bd:e3:e9:
                    6b:9d:d3:38:eb:82:ce:12:ee:3e:26:f2:c9:a0:c7:
                    9d:19:59:a3:c6:0d:17:b1:b9:67:0e:85:3c:af:b6:
                    ce:8b:06:71:c9:60:db:3e:db:27:79:f7:17:55:bd:
                    e6:0b:9d:59:ca:a1:ee:55:df:6a:cd:3a:a2:37:ef:
                    d7:67:b2:2b:18:97:e2:29:f4:d5:69:5d:df:d9:76:
                    fe:4c:cb:4a:17:0c:a4:f7:9f:67:ef:ad:1c:ac:7f:
                    b6:a6:fd:66:80:eb:d0:16:b5:f6:72:ab:7f:1a:b5:
                    be:81:96:35:ff:c0:ce:30:ab:0c:28:be:b0:11:25:
                    c2:30:ac:f6:36:93:c6:14:ea:e0:f3:12:ef:dd:77:
                    af:96:a4:8c:2c:e5:cc:3f:2e:cc:52:9a:a8:8b:38:
                    60:e6:b0:43:79:eb:b6:64:cb:90:23:67:1c:29:07:
                    a3:3e:70:f9:9c:3c:ff:ae:d1:10:57:1c:91:92:8e:
                    2e:33:27:03:54:96:93:94:5f:60:d3:6e:c3:34:13:
                    15:c8:ec:51:60:f3:b7:ae:2f:60:59:7e:59:0a:f3:
                    b5:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:64:2F:08:B7:35:90:E4:60:5C:A1:AB:50:05:C8:7E:CF:97:BC:13
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3230322e38302e3231342e302f32332d3234203d3e203137363730.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.80.214.0/23

    Signature Algorithm: sha256WithRSAEncryption
         18:1f:b3:2e:de:55:12:d7:3c:8a:ea:dd:6f:b7:ff:85:c7:e4:
         b1:5c:36:b6:44:c2:0e:17:11:ec:15:1b:fc:df:87:90:6d:36:
         13:73:77:3a:71:73:18:32:4f:dc:d9:21:48:12:bc:d5:61:cd:
         c4:6f:34:e7:11:dc:f8:91:52:c0:b7:0a:88:bf:e9:7b:d4:88:
         7a:6d:d7:c7:53:b2:37:a7:6a:12:17:38:e3:cb:82:30:70:a6:
         f8:9a:bc:89:7b:c2:12:c5:93:cf:fd:9c:16:1c:89:34:19:a2:
         b0:fa:51:a3:0a:6d:02:72:bf:cb:1f:ba:d9:37:43:e3:c5:8f:
         42:26:80:91:a9:c7:ef:a0:ca:ee:81:e9:be:23:2b:79:9b:0a:
         8f:60:5a:1f:34:f8:a8:69:f8:fb:ab:94:cc:55:d8:20:c6:dc:
         dc:d4:19:46:52:a4:62:69:09:7f:a7:56:4a:4f:9c:32:0b:57:
         65:24:70:e7:a9:22:23:c2:3f:1b:bd:22:07:22:b1:b0:74:83:
         31:e9:9e:72:21:27:ba:2e:df:30:1d:33:c3:99:1e:72:6d:18:
         42:d3:9c:e0:f9:d5:30:9c:cc:e4:3e:1b:2e:dd:14:f1:03:3c:
         6d:8d:17:72:55:e7:83:d4:c8:ad:ac:68:4c:c5:2e:1e:77:85:
         d0:e2:36:9e
-----BEGIN CERTIFICATE-----
MIIHCDCCBfCgAwIBAgIUc+TXg2B/WNuBtfq40El1/wvx+RYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIxMDUwNzExMTYxNloX
DTIyMDUwNzExMjExNlowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBBMjgwOTRDMjQxQ0ZCMTNCODE4MUQyN0RCOEY3QzIzNTEwMDJDMkZFRThD
NjAwQkIxREQ1Nzc1QUQ2NzZDNTUyRDA2NTNCQzQ5OEM1NUY1ODVGQkRFM0U5NkI5
REQzMzhFQjgyQ0UxMkVFM0UyNkYyQzlBMEM3OUQxOTU5QTNDNjBEMTdCMUI5Njcw
RTg1M0NBRkI2Q0U4QjA2NzFDOTYwREIzRURCMjc3OUY3MTc1NUJERTYwQjlENTlD
QUExRUU1NURGNkFDRDNBQTIzN0VGRDc2N0IyMkIxODk3RTIyOUY0RDU2OTVEREZE
OTc2RkU0Q0NCNEExNzBDQTRGNzlGNjdFRkFEMUNBQzdGQjZBNkZENjY4MEVCRDAx
NkI1RjY3MkFCN0YxQUI1QkU4MTk2MzVGRkMwQ0UzMEFCMEMyOEJFQjAxMTI1QzIz
MEFDRjYzNjkzQzYxNEVBRTBGMzEyRUZERDc3QUY5NkE0OEMyQ0U1Q0MzRjJFQ0M1
MjlBQTg4QjM4NjBFNkIwNDM3OUVCQjY2NENCOTAyMzY3MUMyOTA3QTMzRTcwRjk5
QzNDRkZBRUQxMTA1NzFDOTE5MjhFMkUzMzI3MDM1NDk2OTM5NDVGNjBEMzZFQzMz
NDEzMTVDOEVDNTE2MEYzQjdBRTJGNjA1OTdFNTkwQUYzQjUzMzAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCigJTCQc+xO4GB0n2498I1
EALC/ujGALsd1Xda1nbFUtBlO8SYxV9YX73j6Wud0zjrgs4S7j4m8smgx50ZWaPG
DRexuWcOhTyvts6LBnHJYNs+2yd59xdVveYLnVnKoe5V32rNOqI379dnsisYl+Ip
9NVpXd/Zdv5My0oXDKT3n2fvrRysf7am/WaA69AWtfZyq38atb6BljX/wM4wqwwo
vrARJcIwrPY2k8YU6uDzEu/dd6+WpIws5cw/LsxSmqiLOGDmsEN567Zky5AjZxwp
B6M+cPmcPP+u0RBXHJGSji4zJwNUlpOUX2DTbsM0ExXI7FFg87euL2BZflkK87Uz
AgMBAAGjggH/MIIB+zAdBgNVHQ4EFgQUdGQvCLc1kORgXKGrUAXIfs+XvBMwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBggYIKwYB
BQUHAQsEdjB0MHIGCCsGAQUFBzALhmZyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMyMzAzMjJlMzgzMDJlMzIzMTM0MmUzMDJmMzIz
MzJkMzIzNDIwM2QzZTIwMzEzNzM2MzczMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcpQ1jANBgkqhkiG
9w0BAQsFAAOCAQEAGB+zLt5VEtc8iurdb7f/hcfksVw2tkTCDhcR7BUb/N+HkG02
E3N3OnFzGDJP3NkhSBK81WHNxG805xHc+JFSwLcKiL/pe9SIem3Xx1OyN6dqEhc4
48uCMHCm+Jq8iXvCEsWTz/2cFhyJNBmisPpRowptAnK/yx+62TdD48WPQiaAkanH
76DK7oHpviMreZsKj2BaHzT4qGn4+6uUzFXYIMbc3NQZRlKkYmkJf6dWSk+cMgtX
ZSRw56kiI8I/G70iByKxsHSDMemeciEnui7fMB0zw5kecm0YQtOc4PnVMJzM5D4b
Lt0U8QM8bY0XclXng9TIraxoTMUuHneF0OI2ng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:48 2024 by rpki-client on console-ams.rpki-client.org