Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3230332e3135332e32302e302f32322d3234203d3e20313331373639.roa
File:                     3230332e3135332e32302e302f32322d3234203d3e20313331373639.roa (raw, json)
Hash identifier:          8LzRLoqQaBdbM93G2qNoCJO98wyZ0MiFmBNAbUxkNBg=
Subject key identifier:   A9:9C:0A:32:2C:4F:BA:40:B5:20:3D:A4:D4:28:97:46:C0:67:B9:95
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       5AE61D6BF00D05D764FEE7599A0D4FF63C88AEF1
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3230332e3135332e32302e302f32322d3234203d3e20313331373639.roa
Signing time:             Tue 13 Apr 2021 08:01:58 +0000
ROA not before:           Tue 13 Apr 2021 07:56:58 +0000
ROA not after:            Wed 13 Apr 2022 08:01:58 +0000
asID:                     131769
IP address blocks:        203.153.20.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:e6:1d:6b:f0:0d:05:d7:64:fe:e7:59:9a:0d:4f:f6:3c:88:ae:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Apr 13 07:56:58 2021 GMT
            Not After : Apr 13 08:01:58 2022 GMT
        Subject: CN=3082010A0282010100A0224E6E592991677D27CCB36138BA66057758BFF24C3FDF1D23BE36AC3A2410542D023A032006D2F66A840434BFCC3513CC7FE054ADA66227674B685CCA1F1AACE08B48F64E0EDACF2BDD8F081EA2D7DB12D9D6EA227CB5B2515E5999204C2895389BA6DA67EFD3F964C77C3DD18D06E22F49A1F03EF3EB015D1752978384E4EB496B5FE395C642F7B9F6264E5D7FA0B22F3500B8ABD471C7421480B63430EA4F5658AC01BF58AACF2870AC1DA919683CE95585998DB1B007D204B25C61FF177D1E272F6B40075BDABA91AD6F1F084B1664668AA8AE60B540B56A161C06EC33B9C4A22EFFA79F6D0E51CDD3C5AF3A8A693BD01BE556BCD47194BC0F491C62970203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:22:4e:6e:59:29:91:67:7d:27:cc:b3:61:38:
                    ba:66:05:77:58:bf:f2:4c:3f:df:1d:23:be:36:ac:
                    3a:24:10:54:2d:02:3a:03:20:06:d2:f6:6a:84:04:
                    34:bf:cc:35:13:cc:7f:e0:54:ad:a6:62:27:67:4b:
                    68:5c:ca:1f:1a:ac:e0:8b:48:f6:4e:0e:da:cf:2b:
                    dd:8f:08:1e:a2:d7:db:12:d9:d6:ea:22:7c:b5:b2:
                    51:5e:59:99:20:4c:28:95:38:9b:a6:da:67:ef:d3:
                    f9:64:c7:7c:3d:d1:8d:06:e2:2f:49:a1:f0:3e:f3:
                    eb:01:5d:17:52:97:83:84:e4:eb:49:6b:5f:e3:95:
                    c6:42:f7:b9:f6:26:4e:5d:7f:a0:b2:2f:35:00:b8:
                    ab:d4:71:c7:42:14:80:b6:34:30:ea:4f:56:58:ac:
                    01:bf:58:aa:cf:28:70:ac:1d:a9:19:68:3c:e9:55:
                    85:99:8d:b1:b0:07:d2:04:b2:5c:61:ff:17:7d:1e:
                    27:2f:6b:40:07:5b:da:ba:91:ad:6f:1f:08:4b:16:
                    64:66:8a:a8:ae:60:b5:40:b5:6a:16:1c:06:ec:33:
                    b9:c4:a2:2e:ff:a7:9f:6d:0e:51:cd:d3:c5:af:3a:
                    8a:69:3b:d0:1b:e5:56:bc:d4:71:94:bc:0f:49:1c:
                    62:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:9C:0A:32:2C:4F:BA:40:B5:20:3D:A4:D4:28:97:46:C0:67:B9:95
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3230332e3135332e32302e302f32322d3234203d3e20313331373639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.153.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0d:60:c5:89:ae:15:0c:e9:ae:69:ee:45:63:ee:11:dc:bf:f6:
         1a:94:21:ab:6a:17:19:8f:a7:23:a9:a9:b1:30:eb:45:7c:d6:
         f4:7e:73:f2:45:88:64:b7:ad:a2:9b:f2:b5:fc:ee:a9:76:dd:
         c8:6c:f4:0b:c5:90:a4:b9:20:a6:ed:cb:1c:99:81:cf:8a:fd:
         11:7a:4a:bd:ec:26:18:e0:68:d9:17:ce:8a:e6:cd:8c:4b:ec:
         c1:c5:cf:ed:3a:55:7c:ca:64:8a:da:12:a6:4d:02:07:b7:9a:
         7f:59:98:0a:36:ba:4a:c9:b2:da:e4:c3:0a:ca:3e:7b:37:1b:
         13:e1:54:a1:66:08:59:60:09:08:ce:9d:cd:78:54:8c:67:e6:
         09:70:fa:82:86:6b:28:d5:83:db:6e:d9:93:46:2e:f6:d0:fe:
         6f:59:a7:49:7f:a7:ea:01:6e:77:61:28:10:b7:fc:ae:4e:89:
         cf:96:7f:10:b4:a1:87:49:6b:d1:71:dd:bb:fd:ca:29:33:c6:
         54:c7:50:45:69:10:86:a4:01:de:5a:e7:08:56:77:6a:93:30:
         c8:d7:ef:d0:79:62:21:26:ed:f2:98:e4:3a:45:34:aa:26:fe:
         0b:74:50:fc:2a:43:1f:c3:e8:b1:e8:2a:32:93:18:ea:fd:e4:
         91:78:13:88
-----BEGIN CERTIFICATE-----
MIIHCjCCBfKgAwIBAgIUWuYda/ANBddk/udZmg1P9jyIrvEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIxMDQxMzA3NTY1OFoX
DTIyMDQxMzA4MDE1OFowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBBMDIyNEU2RTU5Mjk5MTY3N0QyN0NDQjM2MTM4QkE2NjA1Nzc1OEJGRjI0
QzNGREYxRDIzQkUzNkFDM0EyNDEwNTQyRDAyM0EwMzIwMDZEMkY2NkE4NDA0MzRC
RkNDMzUxM0NDN0ZFMDU0QURBNjYyMjc2NzRCNjg1Q0NBMUYxQUFDRTA4QjQ4RjY0
RTBFREFDRjJCREQ4RjA4MUVBMkQ3REIxMkQ5RDZFQTIyN0NCNUIyNTE1RTU5OTky
MDRDMjg5NTM4OUJBNkRBNjdFRkQzRjk2NEM3N0MzREQxOEQwNkUyMkY0OUExRjAz
RUYzRUIwMTVEMTc1Mjk3ODM4NEU0RUI0OTZCNUZFMzk1QzY0MkY3QjlGNjI2NEU1
RDdGQTBCMjJGMzUwMEI4QUJENDcxQzc0MjE0ODBCNjM0MzBFQTRGNTY1OEFDMDFC
RjU4QUFDRjI4NzBBQzFEQTkxOTY4M0NFOTU1ODU5OThEQjFCMDA3RDIwNEIyNUM2
MUZGMTc3RDFFMjcyRjZCNDAwNzVCREFCQTkxQUQ2RjFGMDg0QjE2NjQ2NjhBQThB
RTYwQjU0MEI1NkExNjFDMDZFQzMzQjlDNEEyMkVGRkE3OUY2RDBFNTFDREQzQzVB
RjNBOEE2OTNCRDAxQkU1NTZCQ0Q0NzE5NEJDMEY0OTFDNjI5NzAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgIk5uWSmRZ30nzLNhOLpm
BXdYv/JMP98dI742rDokEFQtAjoDIAbS9mqEBDS/zDUTzH/gVK2mYidnS2hcyh8a
rOCLSPZODtrPK92PCB6i19sS2dbqIny1slFeWZkgTCiVOJum2mfv0/lkx3w90Y0G
4i9JofA+8+sBXRdSl4OE5OtJa1/jlcZC97n2Jk5df6CyLzUAuKvUccdCFIC2NDDq
T1ZYrAG/WKrPKHCsHakZaDzpVYWZjbGwB9IEslxh/xd9Hicva0AHW9q6ka1vHwhL
FmRmiqiuYLVAtWoWHAbsM7nEoi7/p59tDlHN08WvOoppO9Ab5Va81HGUvA9JHGKX
AgMBAAGjggIBMIIB/TAdBgNVHQ4EFgQUqZwKMixPukC1ID2k1CiXRsBnuZUwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBhAYIKwYB
BQUHAQsEeDB2MHQGCCsGAQUFBzALhmhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMyMzAzMzJlMzEzNTMzMmUzMjMwMmUzMDJmMzIz
MjJkMzIzNDIwM2QzZTIwMzEzMzMxMzczNjM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCy5kUMA0GCSqG
SIb3DQEBCwUAA4IBAQANYMWJrhUM6a5p7kVj7hHcv/YalCGrahcZj6cjqamxMOtF
fNb0fnPyRYhkt62im/K1/O6pdt3IbPQLxZCkuSCm7cscmYHPiv0Rekq97CYY4GjZ
F86K5s2MS+zBxc/tOlV8ymSK2hKmTQIHt5p/WZgKNrpKybLa5MMKyj57NxsT4VSh
ZghZYAkIzp3NeFSMZ+YJcPqChmso1YPbbtmTRi720P5vWadJf6fqAW53YSgQt/yu
TonPln8QtKGHSWvRcd27/copM8ZUx1BFaRCGpAHeWucIVndqkzDI1+/QeWIhJu3y
mOQ6RTSqJv4LdFD8KkMfw+ix6Coykxjq/eSReBOI
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:12 2024 by rpki-client on console-fra.rpki-client.org