Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/323430323a343130303a3a2f33322d3438203d3e2039333236.roa
File:                     323430323a343130303a3a2f33322d3438203d3e2039333236.roa (raw, json)
Hash identifier:          pFkO+YM4qvoEd0JKT85MAt1NwlDkPjQwLoATkgKEtfQ=
Subject key identifier:   C1:82:26:51:EC:AB:F2:63:3B:92:29:A3:99:1A:71:E8:D9:08:CA:6A
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       66F33316E312DD3D2E927A189FC4F5C08DE14707
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/323430323a343130303a3a2f33322d3438203d3e2039333236.roa
Signing time:             Wed 28 Apr 2021 03:07:46 +0000
ROA not before:           Wed 28 Apr 2021 03:02:46 +0000
ROA not after:            Thu 28 Apr 2022 03:07:46 +0000
asID:                     9326
IP address blocks:        2402:4100::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:f3:33:16:e3:12:dd:3d:2e:92:7a:18:9f:c4:f5:c0:8d:e1:47:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Apr 28 03:02:46 2021 GMT
            Not After : Apr 28 03:07:46 2022 GMT
        Subject: CN=3082010A0282010100BD433AC55222370661A443780E42940816459FD3ACE7E9B046BD4B34543F0EDA3F3CE51D401A55A979896E185086D4F30EAB83A1D4BAAA3C31D2C11626949170171D19ABA6CBA1054551207F9C449DE4AE0B49923842D606F45C498133DADF02E52248BCD834CE09F6408EB0994F38B646A28E5EB6B0E16A12D7DB87DBC2685C45D7C8B3C85B0388997E77B198ED4DF1057C0B8E92D529EFC2D6FE0CB4973FA5CD83F3B16B73FAA6EB606037778630D4998ED6EB43BFC1E1F22CB4EBCD794F07B32DFE68244F0A454374874FD99C2D431B384C7F81ED98E8DB8B7C4688A9D7F8C0E9B751CB38545CC47CAC63A473E37E7E81BE8B2225CE281C8C4DB62D3142A30203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:43:3a:c5:52:22:37:06:61:a4:43:78:0e:42:
                    94:08:16:45:9f:d3:ac:e7:e9:b0:46:bd:4b:34:54:
                    3f:0e:da:3f:3c:e5:1d:40:1a:55:a9:79:89:6e:18:
                    50:86:d4:f3:0e:ab:83:a1:d4:ba:aa:3c:31:d2:c1:
                    16:26:94:91:70:17:1d:19:ab:a6:cb:a1:05:45:51:
                    20:7f:9c:44:9d:e4:ae:0b:49:92:38:42:d6:06:f4:
                    5c:49:81:33:da:df:02:e5:22:48:bc:d8:34:ce:09:
                    f6:40:8e:b0:99:4f:38:b6:46:a2:8e:5e:b6:b0:e1:
                    6a:12:d7:db:87:db:c2:68:5c:45:d7:c8:b3:c8:5b:
                    03:88:99:7e:77:b1:98:ed:4d:f1:05:7c:0b:8e:92:
                    d5:29:ef:c2:d6:fe:0c:b4:97:3f:a5:cd:83:f3:b1:
                    6b:73:fa:a6:eb:60:60:37:77:86:30:d4:99:8e:d6:
                    eb:43:bf:c1:e1:f2:2c:b4:eb:cd:79:4f:07:b3:2d:
                    fe:68:24:4f:0a:45:43:74:87:4f:d9:9c:2d:43:1b:
                    38:4c:7f:81:ed:98:e8:db:8b:7c:46:88:a9:d7:f8:
                    c0:e9:b7:51:cb:38:54:5c:c4:7c:ac:63:a4:73:e3:
                    7e:7e:81:be:8b:22:25:ce:28:1c:8c:4d:b6:2d:31:
                    42:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:82:26:51:EC:AB:F2:63:3B:92:29:A3:99:1A:71:E8:D9:08:CA:6A
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/323430323a343130303a3a2f33322d3438203d3e2039333236.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2402:4100::/32

    Signature Algorithm: sha256WithRSAEncryption
         7e:12:ba:90:c8:ec:43:f8:6e:f8:7e:0f:18:6b:14:82:1a:16:
         e5:6b:38:48:b1:d2:99:b7:18:c3:cd:f9:ef:e9:f5:fe:a9:2d:
         c7:ed:65:5f:46:20:e4:b0:9c:e0:3b:b0:d0:0a:64:de:b6:5a:
         fa:5d:5f:dd:d1:22:5f:f1:06:2e:3f:50:54:f3:35:db:eb:77:
         92:3f:64:db:c6:70:17:1e:07:37:29:68:3d:c8:61:bd:62:93:
         e5:1c:22:14:75:85:29:d0:02:73:3d:4c:86:01:39:e1:19:0e:
         7f:c0:8f:5e:d2:70:90:aa:47:17:8b:9a:7c:c9:7e:c0:02:9a:
         b7:02:20:34:61:56:3c:34:8d:35:cb:9d:09:90:2e:03:ec:8d:
         ff:2a:bf:0e:dd:07:dd:b0:23:41:cd:d7:15:69:ef:ea:fb:58:
         79:8e:8a:38:6b:b2:c5:c2:1d:c9:8b:1d:86:8f:5a:05:13:3f:
         88:f5:af:cd:dd:64:2f:2b:25:b7:d0:d3:b5:e2:ba:72:1f:ed:
         c3:ca:14:5a:7a:31:07:1f:f8:f5:50:26:36:57:e0:14:a2:12:
         9b:08:f6:68:08:30:32:f4:14:7d:9c:26:25:8b:66:b5:fc:59:
         3c:f9:71:2b:3a:aa:c5:fc:63:44:09:9c:c2:55:29:72:cb:22:
         c5:e7:ea:0f
-----BEGIN CERTIFICATE-----
MIIHBDCCBeygAwIBAgIUZvMzFuMS3T0uknoYn8T1wI3hRwcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIxMDQyODAzMDI0NloX
DTIyMDQyODAzMDc0NlowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBCRDQzM0FDNTUyMjIzNzA2NjFBNDQzNzgwRTQyOTQwODE2NDU5RkQzQUNF
N0U5QjA0NkJENEIzNDU0M0YwRURBM0YzQ0U1MUQ0MDFBNTVBOTc5ODk2RTE4NTA4
NkQ0RjMwRUFCODNBMUQ0QkFBQTNDMzFEMkMxMTYyNjk0OTE3MDE3MUQxOUFCQTZD
QkExMDU0NTUxMjA3RjlDNDQ5REU0QUUwQjQ5OTIzODQyRDYwNkY0NUM0OTgxMzNE
QURGMDJFNTIyNDhCQ0Q4MzRDRTA5RjY0MDhFQjA5OTRGMzhCNjQ2QTI4RTVFQjZC
MEUxNkExMkQ3REI4N0RCQzI2ODVDNDVEN0M4QjNDODVCMDM4ODk5N0U3N0IxOThF
RDRERjEwNTdDMEI4RTkyRDUyOUVGQzJENkZFMENCNDk3M0ZBNUNEODNGM0IxNkI3
M0ZBQTZFQjYwNjAzNzc3ODYzMEQ0OTk4RUQ2RUI0M0JGQzFFMUYyMkNCNEVCQ0Q3
OTRGMDdCMzJERkU2ODI0NEYwQTQ1NDM3NDg3NEZEOTlDMkQ0MzFCMzg0QzdGODFF
RDk4RThEQjhCN0M0Njg4QTlEN0Y4QzBFOUI3NTFDQjM4NTQ1Q0M0N0NBQzYzQTQ3
M0UzN0U3RTgxQkU4QjIyMjVDRTI4MUM4QzREQjYyRDMxNDJBMzAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9QzrFUiI3BmGkQ3gOQpQI
FkWf06zn6bBGvUs0VD8O2j885R1AGlWpeYluGFCG1PMOq4Oh1LqqPDHSwRYmlJFw
Fx0Zq6bLoQVFUSB/nESd5K4LSZI4QtYG9FxJgTPa3wLlIki82DTOCfZAjrCZTzi2
RqKOXraw4WoS19uH28JoXEXXyLPIWwOImX53sZjtTfEFfAuOktUp78LW/gy0lz+l
zYPzsWtz+qbrYGA3d4Yw1JmO1utDv8Hh8iy06815TwezLf5oJE8KRUN0h0/ZnC1D
GzhMf4HtmOjbi3xGiKnX+MDpt1HLOFRcxHysY6Rz435+gb6LIiXOKByMTbYtMUKj
AgMBAAGjggH7MIIB9zAdBgNVHQ4EFgQUwYImUeyr8mM7kimjmRpx6NkIymowHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjB+BggrBgEF
BQcBCwRyMHAwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5l
dC9yZXBvL0lETklDLUlELzIvMzIzNDMwMzIzYTM0MzEzMDMwM2EzYTJmMzMzMjJk
MzQzODIwM2QzZTIwMzkzMzMyMzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAkEAMA0GCSqGSIb3DQEB
CwUAA4IBAQB+ErqQyOxD+G74fg8YaxSCGhblazhIsdKZtxjDzfnv6fX+qS3H7WVf
RiDksJzgO7DQCmTetlr6XV/d0SJf8QYuP1BU8zXb63eSP2TbxnAXHgc3KWg9yGG9
YpPlHCIUdYUp0AJzPUyGATnhGQ5/wI9e0nCQqkcXi5p8yX7AApq3AiA0YVY8NI01
y50JkC4D7I3/Kr8O3QfdsCNBzdcVae/q+1h5joo4a7LFwh3Jix2Gj1oFEz+I9a/N
3WQvKyW30NO14rpyH+3DyhRaejEHH/j1UCY2V+AUohKbCPZoCDAy9BR9nCYli2a1
/Fk8+XErOqrF/GNECZzCVSlyyyLF5+oP
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:12 2024 by rpki-client on console-fra.rpki-client.org