Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/323430303a343665303a3a2f33322d3438203d3e203633383738.roa
File:                     323430303a343665303a3a2f33322d3438203d3e203633383738.roa (raw, json)
Hash identifier:          Yd6wTHrHJVK7CLLoodIDXZ/qO9JXfkj3aoY7hmMPm6E=
Subject key identifier:   32:2B:52:CA:58:03:D6:3B:8E:86:07:82:18:89:5E:5E:1E:F6:42:64
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       53D4B568172645303DD16745C13C1B492887A269
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/323430303a343665303a3a2f33322d3438203d3e203633383738.roa
Signing time:             Mon 27 Dec 2021 03:13:41 +0000
ROA not before:           Mon 27 Dec 2021 03:08:41 +0000
ROA not after:            Tue 27 Dec 2022 03:13:41 +0000
asID:                     63878
IP address blocks:        2400:46e0::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:d4:b5:68:17:26:45:30:3d:d1:67:45:c1:3c:1b:49:28:87:a2:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Dec 27 03:08:41 2021 GMT
            Not After : Dec 27 03:13:41 2022 GMT
        Subject: CN=3082010A0282010100C994A1208551ADD4D5CAB51DFF890253D715B7FE0A6F6B372675E1657D8E1861DAC2B1F269142147C45A0D27474C2118617125B90B301E4A0BDAF5E29D0A90CD05ABA3C91FCE5AE3F21A3A7EDFF4114E5DE41CD76B3A1A99D50E3B16A0C8CBE29CF20B24C300CEEE8BA448F53117CCB152A2330BB5F30D0D9B14330888001235840F4BC999529B4719A4E536B667BDE84441FEB76C224E68009F3547E78446DEF6E34BCA12C1349986F5DF377C4BF2E9E51684DC9EBB9F1DF1179FAE91FE893AC6705AED2155C340E58EBEDB82B904BDBCCF4D394144FA3A4CC4312D97A692A4DB4BCD2CD4D3D85C53C4B159E4859350F00DDD62DA92DD31B4A195E97D1E01590203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:94:a1:20:85:51:ad:d4:d5:ca:b5:1d:ff:89:
                    02:53:d7:15:b7:fe:0a:6f:6b:37:26:75:e1:65:7d:
                    8e:18:61:da:c2:b1:f2:69:14:21:47:c4:5a:0d:27:
                    47:4c:21:18:61:71:25:b9:0b:30:1e:4a:0b:da:f5:
                    e2:9d:0a:90:cd:05:ab:a3:c9:1f:ce:5a:e3:f2:1a:
                    3a:7e:df:f4:11:4e:5d:e4:1c:d7:6b:3a:1a:99:d5:
                    0e:3b:16:a0:c8:cb:e2:9c:f2:0b:24:c3:00:ce:ee:
                    8b:a4:48:f5:31:17:cc:b1:52:a2:33:0b:b5:f3:0d:
                    0d:9b:14:33:08:88:00:12:35:84:0f:4b:c9:99:52:
                    9b:47:19:a4:e5:36:b6:67:bd:e8:44:41:fe:b7:6c:
                    22:4e:68:00:9f:35:47:e7:84:46:de:f6:e3:4b:ca:
                    12:c1:34:99:86:f5:df:37:7c:4b:f2:e9:e5:16:84:
                    dc:9e:bb:9f:1d:f1:17:9f:ae:91:fe:89:3a:c6:70:
                    5a:ed:21:55:c3:40:e5:8e:be:db:82:b9:04:bd:bc:
                    cf:4d:39:41:44:fa:3a:4c:c4:31:2d:97:a6:92:a4:
                    db:4b:cd:2c:d4:d3:d8:5c:53:c4:b1:59:e4:85:93:
                    50:f0:0d:dd:62:da:92:dd:31:b4:a1:95:e9:7d:1e:
                    01:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:2B:52:CA:58:03:D6:3B:8E:86:07:82:18:89:5E:5E:1E:F6:42:64
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/323430303a343665303a3a2f33322d3438203d3e203633383738.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:46e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         55:62:e1:8a:e6:97:3b:9b:6d:2f:01:eb:f1:b5:b7:b8:ca:78:
         07:2e:79:82:89:3b:40:bc:dd:c3:d3:05:b9:6f:56:55:46:f0:
         ef:ed:40:48:b1:be:1d:49:cd:7c:64:22:58:f4:35:7b:55:41:
         2d:f6:3a:8d:84:e9:cd:91:2c:9a:3e:e8:03:cc:e6:9a:aa:3e:
         e9:01:a9:f6:8f:6e:1a:9c:38:0e:9e:95:ba:43:60:71:96:54:
         a5:16:59:f6:f4:dc:8f:38:ad:f6:23:a0:97:2d:60:22:c3:5b:
         b2:ac:6d:76:bc:a9:0e:8c:59:6d:0d:36:61:62:aa:0b:45:b9:
         51:5e:ba:85:b3:d5:36:d0:6f:ef:3f:39:5f:65:1d:a9:f7:84:
         37:67:eb:cf:d7:37:a9:65:a2:f5:12:f5:50:7d:e8:43:98:61:
         5f:55:22:57:27:f8:3a:62:d3:a1:24:6c:6e:9d:6d:36:d5:a9:
         f0:4d:fa:93:3e:96:26:a1:89:da:29:65:e2:23:32:0c:06:d7:
         08:ff:e9:60:31:e1:e3:65:0d:03:95:db:60:3c:3f:ea:b8:92:
         70:bc:95:ec:e0:d2:4b:28:2b:7b:29:5e:41:a2:26:de:20:60:
         a4:c3:bc:17:a8:8b:e2:95:29:01:0f:6b:5e:4c:76:97:b5:e9:
         4c:46:1b:b8
-----BEGIN CERTIFICATE-----
MIIHBzCCBe+gAwIBAgIUU9S1aBcmRTA90WdFwTwbSSiHomkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIxMTIyNzAzMDg0MVoX
DTIyMTIyNzAzMTM0MVowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBDOTk0QTEyMDg1NTFBREQ0RDVDQUI1MURGRjg5MDI1M0Q3MTVCN0ZFMEE2
RjZCMzcyNjc1RTE2NTdEOEUxODYxREFDMkIxRjI2OTE0MjE0N0M0NUEwRDI3NDc0
QzIxMTg2MTcxMjVCOTBCMzAxRTRBMEJEQUY1RTI5RDBBOTBDRDA1QUJBM0M5MUZD
RTVBRTNGMjFBM0E3RURGRjQxMTRFNURFNDFDRDc2QjNBMUE5OUQ1MEUzQjE2QTBD
OENCRTI5Q0YyMEIyNEMzMDBDRUVFOEJBNDQ4RjUzMTE3Q0NCMTUyQTIzMzBCQjVG
MzBEMEQ5QjE0MzMwODg4MDAxMjM1ODQwRjRCQzk5OTUyOUI0NzE5QTRFNTM2QjY2
N0JERTg0NDQxRkVCNzZDMjI0RTY4MDA5RjM1NDdFNzg0NDZERUY2RTM0QkNBMTJD
MTM0OTk4NkY1REYzNzdDNEJGMkU5RTUxNjg0REM5RUJCOUYxREYxMTc5RkFFOTFG
RTg5M0FDNjcwNUFFRDIxNTVDMzQwRTU4RUJFREI4MkI5MDRCREJDQ0Y0RDM5NDE0
NEZBM0E0Q0M0MzEyRDk3QTY5MkE0REI0QkNEMkNENEQzRDg1QzUzQzRCMTU5RTQ4
NTkzNTBGMDBEREQ2MkRBOTJERDMxQjRBMTk1RTk3RDFFMDE1OTAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJlKEghVGt1NXKtR3/iQJT
1xW3/gpvazcmdeFlfY4YYdrCsfJpFCFHxFoNJ0dMIRhhcSW5CzAeSgva9eKdCpDN
BaujyR/OWuPyGjp+3/QRTl3kHNdrOhqZ1Q47FqDIy+Kc8gskwwDO7oukSPUxF8yx
UqIzC7XzDQ2bFDMIiAASNYQPS8mZUptHGaTlNrZnvehEQf63bCJOaACfNUfnhEbe
9uNLyhLBNJmG9d83fEvy6eUWhNyeu58d8RefrpH+iTrGcFrtIVXDQOWOvtuCuQS9
vM9NOUFE+jpMxDEtl6aSpNtLzSzU09hcU8SxWeSFk1DwDd1i2pLdMbShlel9HgFZ
AgMBAAGjggH+MIIB+jAdBgNVHQ4EFgQUMitSylgD1juOhgeCGIleXh72QmQwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBgAYIKwYB
BQUHAQsEdDByMHAGCCsGAQUFBzALhmRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMyMzQzMDMwM2EzNDM2NjUzMDNhM2EyZjMzMzIy
ZDM0MzgyMDNkM2UyMDM2MzMzODM3Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAEbgMA0GCSqGSIb3
DQEBCwUAA4IBAQBVYuGK5pc7m20vAevxtbe4yngHLnmCiTtAvN3D0wW5b1ZVRvDv
7UBIsb4dSc18ZCJY9DV7VUEt9jqNhOnNkSyaPugDzOaaqj7pAan2j24anDgOnpW6
Q2BxllSlFln29NyPOK32I6CXLWAiw1uyrG12vKkOjFltDTZhYqoLRblRXrqFs9U2
0G/vPzlfZR2p94Q3Z+vP1zepZaL1EvVQfehDmGFfVSJXJ/g6YtOhJGxunW021anw
TfqTPpYmoYnaKWXiIzIMBtcI/+lgMeHjZQ0DldtgPD/quJJwvJXs4NJLKCt7KV5B
oibeIGCkw7wXqIvilSkBD2teTHaXtelMRhu4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:49 2024 by rpki-client on console-ams.rpki-client.org