Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/323430353a396463303a3a2f33322d3438203d3e2030.roa
File:                     323430353a396463303a3a2f33322d3438203d3e2030.roa (raw, json)
Hash identifier:          87SHYJZrlZx+zvDtRhoCkbQiWL3WOiSm9u94h0dvpQE=
Subject key identifier:   F9:30:FB:BD:96:E2:FB:3D:AB:98:D3:67:F8:23:88:CC:48:5F:C6:C6
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       53BD2EC8E1DB1833D9840C65068B3617BD8CD308
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/323430353a396463303a3a2f33322d3438203d3e2030.roa
Signing time:             Mon 31 Jan 2022 03:53:39 +0000
ROA not before:           Mon 31 Jan 2022 03:48:39 +0000
ROA not after:            Tue 31 Jan 2023 03:53:39 +0000
asID:                     0
IP address blocks:        2405:9dc0::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:bd:2e:c8:e1:db:18:33:d9:84:0c:65:06:8b:36:17:bd:8c:d3:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Jan 31 03:48:39 2022 GMT
            Not After : Jan 31 03:53:39 2023 GMT
        Subject: CN=3082010A0282010100BCB11B70484FD31D92C53BD33D3B842D9FBAA5BADBCD3A2B9A3D333D703AADBE70BBCE820F979AB09E0F8D1D8CF4EA314983470D1395331A5448EF306BFB5798B12B46DC453260642341379D1CF50F360819A5CB7A6BB917B8FD8BBD1BA82C21E46FC8E6227A35121020E8A90278DE72CF5BCD7DF99A27E4556C95E1846289F47C05FA07960A6A674388D7C0E45514CB5021DAE55EA017602F58CE90557B8D404D56DB212B90AC2026C5D943841C6FE22451D8F478AC003CF7679A0703B0D2CA8CC21C15607AB4BA2E5FBC5F81DFE82D640A8D74B5B161907DD0C63D5752BBE521D842906388E2C6A1C48308C96183D4467E7AE7E07FEEB7457A11FA2F8824EF0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:b1:1b:70:48:4f:d3:1d:92:c5:3b:d3:3d:3b:
                    84:2d:9f:ba:a5:ba:db:cd:3a:2b:9a:3d:33:3d:70:
                    3a:ad:be:70:bb:ce:82:0f:97:9a:b0:9e:0f:8d:1d:
                    8c:f4:ea:31:49:83:47:0d:13:95:33:1a:54:48:ef:
                    30:6b:fb:57:98:b1:2b:46:dc:45:32:60:64:23:41:
                    37:9d:1c:f5:0f:36:08:19:a5:cb:7a:6b:b9:17:b8:
                    fd:8b:bd:1b:a8:2c:21:e4:6f:c8:e6:22:7a:35:12:
                    10:20:e8:a9:02:78:de:72:cf:5b:cd:7d:f9:9a:27:
                    e4:55:6c:95:e1:84:62:89:f4:7c:05:fa:07:96:0a:
                    6a:67:43:88:d7:c0:e4:55:14:cb:50:21:da:e5:5e:
                    a0:17:60:2f:58:ce:90:55:7b:8d:40:4d:56:db:21:
                    2b:90:ac:20:26:c5:d9:43:84:1c:6f:e2:24:51:d8:
                    f4:78:ac:00:3c:f7:67:9a:07:03:b0:d2:ca:8c:c2:
                    1c:15:60:7a:b4:ba:2e:5f:bc:5f:81:df:e8:2d:64:
                    0a:8d:74:b5:b1:61:90:7d:d0:c6:3d:57:52:bb:e5:
                    21:d8:42:90:63:88:e2:c6:a1:c4:83:08:c9:61:83:
                    d4:46:7e:7a:e7:e0:7f:ee:b7:45:7a:11:fa:2f:88:
                    24:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:30:FB:BD:96:E2:FB:3D:AB:98:D3:67:F8:23:88:CC:48:5F:C6:C6
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/323430353a396463303a3a2f33322d3438203d3e2030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2405:9dc0::/32

    Signature Algorithm: sha256WithRSAEncryption
         73:c5:c6:33:db:94:2a:a1:97:b7:43:ce:41:4b:37:d3:e6:90:
         59:7c:d2:d5:69:20:d0:5a:c7:60:16:49:cf:f2:69:79:6e:a0:
         d4:c0:85:f1:5d:64:b7:9a:4e:19:3d:2e:8f:71:44:5b:7f:52:
         0a:a4:ba:f1:d9:84:cc:7b:3c:39:78:40:2d:ef:80:5e:e0:8a:
         a7:df:72:34:0f:62:13:3b:5c:c3:93:59:11:de:eb:f4:bd:28:
         bc:38:7c:c8:a2:3c:5d:32:a0:7e:dc:65:e8:3c:f5:ba:41:6e:
         7f:79:a4:91:d4:21:5a:f8:85:0e:58:d6:69:24:75:fc:12:7f:
         32:f3:fb:70:90:9a:d7:c2:a7:9a:9e:03:5b:41:25:84:a3:31:
         44:de:4c:8d:28:76:fa:6b:db:cb:69:8a:08:55:ee:56:01:b0:
         0e:a8:3a:ed:78:17:2d:e5:d6:8c:58:ab:86:fc:b1:7e:f7:9d:
         cb:05:03:5b:46:fd:70:86:89:14:e5:06:09:c2:77:bf:53:3a:
         9b:91:ba:e0:da:53:a5:79:df:c1:d8:88:62:1d:de:cc:34:9f:
         bd:cb:75:91:fc:d9:f2:20:d3:80:27:0a:4d:00:7b:bf:b2:35:
         67:24:9d:a4:c0:ed:db:58:54:c4:0b:bb:8c:5a:7a:fa:4f:57:
         fb:90:4a:f2
-----BEGIN CERTIFICATE-----
MIIG/jCCBeagAwIBAgIUU70uyOHbGDPZhAxlBos2F72M0wgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIyMDEzMTAzNDgzOVoX
DTIzMDEzMTAzNTMzOVowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBCQ0IxMUI3MDQ4NEZEMzFEOTJDNTNCRDMzRDNCODQyRDlGQkFBNUJBREJD
RDNBMkI5QTNEMzMzRDcwM0FBREJFNzBCQkNFODIwRjk3OUFCMDlFMEY4RDFEOENG
NEVBMzE0OTgzNDcwRDEzOTUzMzFBNTQ0OEVGMzA2QkZCNTc5OEIxMkI0NkRDNDUz
MjYwNjQyMzQxMzc5RDFDRjUwRjM2MDgxOUE1Q0I3QTZCQjkxN0I4RkQ4QkJEMUJB
ODJDMjFFNDZGQzhFNjIyN0EzNTEyMTAyMEU4QTkwMjc4REU3MkNGNUJDRDdERjk5
QTI3RTQ1NTZDOTVFMTg0NjI4OUY0N0MwNUZBMDc5NjBBNkE2NzQzODhEN0MwRTQ1
NTE0Q0I1MDIxREFFNTVFQTAxNzYwMkY1OENFOTA1NTdCOEQ0MDRENTZEQjIxMkI5
MEFDMjAyNkM1RDk0Mzg0MUM2RkUyMjQ1MUQ4RjQ3OEFDMDAzQ0Y3Njc5QTA3MDNC
MEQyQ0E4Q0MyMUMxNTYwN0FCNEJBMkU1RkJDNUY4MURGRTgyRDY0MEE4RDc0QjVC
MTYxOTA3REQwQzYzRDU3NTJCQkU1MjFEODQyOTA2Mzg4RTJDNkExQzQ4MzA4Qzk2
MTgzRDQ0NjdFN0FFN0UwN0ZFRUI3NDU3QTExRkEyRjg4MjRFRjAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8sRtwSE/THZLFO9M9O4Qt
n7qlutvNOiuaPTM9cDqtvnC7zoIPl5qwng+NHYz06jFJg0cNE5UzGlRI7zBr+1eY
sStG3EUyYGQjQTedHPUPNggZpct6a7kXuP2LvRuoLCHkb8jmIno1EhAg6KkCeN5y
z1vNffmaJ+RVbJXhhGKJ9HwF+geWCmpnQ4jXwORVFMtQIdrlXqAXYC9YzpBVe41A
TVbbISuQrCAmxdlDhBxv4iRR2PR4rAA892eaBwOw0sqMwhwVYHq0ui5fvF+B3+gt
ZAqNdLWxYZB90MY9V1K75SHYQpBjiOLGocSDCMlhg9RGfnrn4H/ut0V6EfoviCTv
AgMBAAGjggH1MIIB8TAdBgNVHQ4EFgQU+TD7vZbi+z2rmNNn+COIzEhfxsYwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjB4BggrBgEF
BQcBCwRsMGowaAYIKwYBBQUHMAuGXHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5l
dC9yZXBvL0lETklDLUlELzIvMzIzNDMwMzUzYTM5NjQ2MzMwM2EzYTJmMzMzMjJk
MzQzODIwM2QzZTIwMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYI
KwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkBZ3AMA0GCSqGSIb3DQEBCwUAA4IB
AQBzxcYz25QqoZe3Q85BSzfT5pBZfNLVaSDQWsdgFknP8ml5bqDUwIXxXWS3mk4Z
PS6PcURbf1IKpLrx2YTMezw5eEAt74Be4Iqn33I0D2ITO1zDk1kR3uv0vSi8OHzI
ojxdMqB+3GXoPPW6QW5/eaSR1CFa+IUOWNZpJHX8En8y8/twkJrXwqeangNbQSWE
ozFE3kyNKHb6a9vLaYoIVe5WAbAOqDrteBct5daMWKuG/LF+953LBQNbRv1whokU
5QYJwne/Uzqbkbrg2lOled/B2IhiHd7MNJ+9y3WR/NnyINOAJwpNAHu/sjVnJJ2k
wO3bWFTEC7uMWnr6T1f7kEry
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:12 2024 by rpki-client on console-fra.rpki-client.org