Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/323430333a333534303a3a2f33322d3438203d3e20313337333730.roa
File:                     323430333a333534303a3a2f33322d3438203d3e20313337333730.roa (raw, json)
Hash identifier:          pnmSXTuXYi30XM/JaSkcripuAyIFyHKisfe4sFOBlWo=
Subject key identifier:   FD:2E:B7:8C:86:91:73:DB:16:DA:C7:2A:92:1F:D7:D4:A2:72:50:6B
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       6BC350609E13E20C6FBFC312C7936E99BEEF7898
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/323430333a333534303a3a2f33322d3438203d3e20313337333730.roa
Signing time:             Sat 26 Feb 2022 10:00:01 +0000
ROA not before:           Sat 26 Feb 2022 09:55:01 +0000
ROA not after:            Sun 26 Feb 2023 10:00:01 +0000
asID:                     137370
IP address blocks:        2403:3540::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:c3:50:60:9e:13:e2:0c:6f:bf:c3:12:c7:93:6e:99:be:ef:78:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Feb 26 09:55:01 2022 GMT
            Not After : Feb 26 10:00:01 2023 GMT
        Subject: CN=3082010A0282010100AA31F2384F66E2317B6613E680639D072D75F2DCD00CFE819AC02127079EB6AF2EE2B2B991261F76F632B8651C9C17A6C58FF947F9C2A0825FE3CE6E36E2A76F27D64D8F054781CE0A12F113E8D9DC8CFA043F1267100A32012DE7B9AA7632E163660B0B05939A770AC01F17D8B97F16CBD53B355965523F97C014363DF0948B5E5BEB4B29E767B2736E22EE2815BA68D014B2FE52064C6B4873EB89FDBAFA8652B31507508709615546530FADCCFA01DA74C2AC2B5F802C1333C19E332020311FE1EF2A4F0C4047030A83FD8999FBF7F3C36F647D3A5A9C152D1981078DB415BEA5E54C42A54D179EE76492A40D7466CE9E954EC422F78FB4BA330F260898090203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:31:f2:38:4f:66:e2:31:7b:66:13:e6:80:63:
                    9d:07:2d:75:f2:dc:d0:0c:fe:81:9a:c0:21:27:07:
                    9e:b6:af:2e:e2:b2:b9:91:26:1f:76:f6:32:b8:65:
                    1c:9c:17:a6:c5:8f:f9:47:f9:c2:a0:82:5f:e3:ce:
                    6e:36:e2:a7:6f:27:d6:4d:8f:05:47:81:ce:0a:12:
                    f1:13:e8:d9:dc:8c:fa:04:3f:12:67:10:0a:32:01:
                    2d:e7:b9:aa:76:32:e1:63:66:0b:0b:05:93:9a:77:
                    0a:c0:1f:17:d8:b9:7f:16:cb:d5:3b:35:59:65:52:
                    3f:97:c0:14:36:3d:f0:94:8b:5e:5b:eb:4b:29:e7:
                    67:b2:73:6e:22:ee:28:15:ba:68:d0:14:b2:fe:52:
                    06:4c:6b:48:73:eb:89:fd:ba:fa:86:52:b3:15:07:
                    50:87:09:61:55:46:53:0f:ad:cc:fa:01:da:74:c2:
                    ac:2b:5f:80:2c:13:33:c1:9e:33:20:20:31:1f:e1:
                    ef:2a:4f:0c:40:47:03:0a:83:fd:89:99:fb:f7:f3:
                    c3:6f:64:7d:3a:5a:9c:15:2d:19:81:07:8d:b4:15:
                    be:a5:e5:4c:42:a5:4d:17:9e:e7:64:92:a4:0d:74:
                    66:ce:9e:95:4e:c4:22:f7:8f:b4:ba:33:0f:26:08:
                    98:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:2E:B7:8C:86:91:73:DB:16:DA:C7:2A:92:1F:D7:D4:A2:72:50:6B
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/323430333a333534303a3a2f33322d3438203d3e20313337333730.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2403:3540::/32

    Signature Algorithm: sha256WithRSAEncryption
         05:f1:9d:85:10:2a:ce:e0:16:db:d1:cc:f1:94:be:eb:9c:d0:
         90:ea:95:9f:01:c9:d8:3b:95:b9:a4:e0:70:03:5d:e4:82:80:
         f9:fb:07:b5:ec:76:e9:a6:2e:e0:d2:12:12:0d:7c:d6:af:46:
         e2:2c:87:c8:1c:53:36:4e:0e:a4:0e:cd:f7:72:81:5c:33:48:
         cf:87:23:fa:fe:bf:f9:12:93:c6:34:b8:13:53:a1:9c:b4:6d:
         bf:12:5e:f7:73:4d:c2:6e:b9:11:e3:39:b9:83:bc:3a:d6:b3:
         34:bc:ec:3c:8d:33:65:f5:65:0c:eb:cf:4e:63:34:41:a1:0f:
         36:e1:e8:8d:1a:96:ac:91:bf:d4:10:d9:3a:46:7b:a1:cb:25:
         6f:8f:ae:11:ea:e7:37:3d:8a:7c:78:8d:7a:de:b7:ce:e1:36:
         4d:37:92:b5:e3:7a:22:ba:58:fb:1c:73:8a:43:97:de:6d:43:
         51:f1:cc:09:af:f3:b2:91:f4:ff:1d:a0:94:5f:ca:2b:bd:e0:
         48:0e:f1:d9:bd:d6:53:20:c6:61:78:97:16:66:2a:67:9c:b4:
         78:8b:9b:fa:fd:a8:8c:11:9a:a7:0d:1a:58:04:e9:71:dc:5f:
         44:38:21:5e:12:e8:eb:ea:79:04:d1:bc:aa:1b:51:77:42:05:
         84:a1:0e:22
-----BEGIN CERTIFICATE-----
MIIHCTCCBfGgAwIBAgIUa8NQYJ4T4gxvv8MSx5Numb7veJgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIyMDIyNjA5NTUwMVoX
DTIzMDIyNjEwMDAwMVowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBBQTMxRjIzODRGNjZFMjMxN0I2NjEzRTY4MDYzOUQwNzJENzVGMkRDRDAw
Q0ZFODE5QUMwMjEyNzA3OUVCNkFGMkVFMkIyQjk5MTI2MUY3NkY2MzJCODY1MUM5
QzE3QTZDNThGRjk0N0Y5QzJBMDgyNUZFM0NFNkUzNkUyQTc2RjI3RDY0RDhGMDU0
NzgxQ0UwQTEyRjExM0U4RDlEQzhDRkEwNDNGMTI2NzEwMEEzMjAxMkRFN0I5QUE3
NjMyRTE2MzY2MEIwQjA1OTM5QTc3MEFDMDFGMTdEOEI5N0YxNkNCRDUzQjM1NTk2
NTUyM0Y5N0MwMTQzNjNERjA5NDhCNUU1QkVCNEIyOUU3NjdCMjczNkUyMkVFMjgx
NUJBNjhEMDE0QjJGRTUyMDY0QzZCNDg3M0VCODlGREJBRkE4NjUyQjMxNTA3NTA4
NzA5NjE1NTQ2NTMwRkFEQ0NGQTAxREE3NEMyQUMyQjVGODAyQzEzMzNDMTlFMzMy
MDIwMzExRkUxRUYyQTRGMEM0MDQ3MDMwQTgzRkQ4OTk5RkJGN0YzQzM2RjY0N0Qz
QTVBOUMxNTJEMTk4MTA3OERCNDE1QkVBNUU1NEM0MkE1NEQxNzlFRTc2NDkyQTQw
RDc0NjZDRTlFOTU0RUM0MjJGNzhGQjRCQTMzMEYyNjA4OTgwOTAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqMfI4T2biMXtmE+aAY50H
LXXy3NAM/oGawCEnB562ry7isrmRJh929jK4ZRycF6bFj/lH+cKggl/jzm424qdv
J9ZNjwVHgc4KEvET6NncjPoEPxJnEAoyAS3nuap2MuFjZgsLBZOadwrAHxfYuX8W
y9U7NVllUj+XwBQ2PfCUi15b60sp52eyc24i7igVumjQFLL+UgZMa0hz64n9uvqG
UrMVB1CHCWFVRlMPrcz6Adp0wqwrX4AsEzPBnjMgIDEf4e8qTwxARwMKg/2Jmfv3
88NvZH06WpwVLRmBB420Fb6l5UxCpU0XnudkkqQNdGbOnpVOxCL3j7S6Mw8mCJgJ
AgMBAAGjggIAMIIB/DAdBgNVHQ4EFgQU/S63jIaRc9sW2scqkh/X1KJyUGswHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBggYIKwYB
BQUHAQsEdjB0MHIGCCsGAQUFBzALhmZyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMyMzQzMDMzM2EzMzM1MzQzMDNhM2EyZjMzMzIy
ZDM0MzgyMDNkM2UyMDMxMzMzNzMzMzczMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQDNUAwDQYJKoZI
hvcNAQELBQADggEBAAXxnYUQKs7gFtvRzPGUvuuc0JDqlZ8Bydg7lbmk4HADXeSC
gPn7B7XsdummLuDSEhINfNavRuIsh8gcUzZODqQOzfdygVwzSM+HI/r+v/kSk8Y0
uBNToZy0bb8SXvdzTcJuuRHjObmDvDrWszS87DyNM2X1ZQzrz05jNEGhDzbh6I0a
lqyRv9QQ2TpGe6HLJW+PrhHq5zc9inx4jXret87hNk03krXjeiK6WPscc4pDl95t
Q1HxzAmv87KR9P8doJRfyiu94EgO8dm91lMgxmF4lxZmKmectHiLm/r9qIwRmqcN
GlgE6XHcX0Q4IV4S6OvqeQTRvKobUXdCBYShDiI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:12 2024 by rpki-client on console-fra.rpki-client.org