Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/323430363a656634303a3a2f33322d3438203d3e20313333383131.roa
File:                     323430363a656634303a3a2f33322d3438203d3e20313333383131.roa (raw, json)
Hash identifier:          wicfVsuMrLQvpMtJIIcLufQejbzmo3ETJxGtC6M9k80=
Subject key identifier:   97:4F:2A:40:75:09:95:33:4A:5C:2D:03:2E:2C:C8:99:0E:EE:4A:44
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       0605F9378A0AE85A049BFAADCDF877A8CFEDD087
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/323430363a656634303a3a2f33322d3438203d3e20313333383131.roa
Signing time:             Fri 28 Jan 2022 04:00:01 +0000
ROA not before:           Fri 28 Jan 2022 03:55:01 +0000
ROA not after:            Sat 28 Jan 2023 04:00:01 +0000
asID:                     133811
IP address blocks:        2406:ef40::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:05:f9:37:8a:0a:e8:5a:04:9b:fa:ad:cd:f8:77:a8:cf:ed:d0:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Jan 28 03:55:01 2022 GMT
            Not After : Jan 28 04:00:01 2023 GMT
        Subject: CN=3082010A0282010100EA139A6238773E983401A716AA8BD6186242DE6F8ABB13949D27871799B56BC8D4E15CBB8CD69BCE37A9CE5B66798C6FEFF01E4CD065DC1C6197C68962D0C1E712E56FAE7AC1ECEC83BF0B6340A755FBBC6042C59ABFAD083C4028F28C0BAAE1B879B5BDE98F29C0AB42755FDCD1599894739C80B70E4C3372B40FF36BE445C02EC6EC2BED39E7BC5004084D124DFE6F7C9096641F13224D22F494005EC5FB9E5A4EB2327C6A88CFE8FC2350C9D552F6377A5B3BD84EE6D0023B5999CA9F05AC15B9A86DCD22D327EFF01AB21317AA04656390AD00B81FC6FBDA0526A4A06F9AD3BFEC9F45CD624B73EDBF7F5C4C13BC35AE7B57ACA7A3116DE4B039F9412C150203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:13:9a:62:38:77:3e:98:34:01:a7:16:aa:8b:
                    d6:18:62:42:de:6f:8a:bb:13:94:9d:27:87:17:99:
                    b5:6b:c8:d4:e1:5c:bb:8c:d6:9b:ce:37:a9:ce:5b:
                    66:79:8c:6f:ef:f0:1e:4c:d0:65:dc:1c:61:97:c6:
                    89:62:d0:c1:e7:12:e5:6f:ae:7a:c1:ec:ec:83:bf:
                    0b:63:40:a7:55:fb:bc:60:42:c5:9a:bf:ad:08:3c:
                    40:28:f2:8c:0b:aa:e1:b8:79:b5:bd:e9:8f:29:c0:
                    ab:42:75:5f:dc:d1:59:98:94:73:9c:80:b7:0e:4c:
                    33:72:b4:0f:f3:6b:e4:45:c0:2e:c6:ec:2b:ed:39:
                    e7:bc:50:04:08:4d:12:4d:fe:6f:7c:90:96:64:1f:
                    13:22:4d:22:f4:94:00:5e:c5:fb:9e:5a:4e:b2:32:
                    7c:6a:88:cf:e8:fc:23:50:c9:d5:52:f6:37:7a:5b:
                    3b:d8:4e:e6:d0:02:3b:59:99:ca:9f:05:ac:15:b9:
                    a8:6d:cd:22:d3:27:ef:f0:1a:b2:13:17:aa:04:65:
                    63:90:ad:00:b8:1f:c6:fb:da:05:26:a4:a0:6f:9a:
                    d3:bf:ec:9f:45:cd:62:4b:73:ed:bf:7f:5c:4c:13:
                    bc:35:ae:7b:57:ac:a7:a3:11:6d:e4:b0:39:f9:41:
                    2c:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:4F:2A:40:75:09:95:33:4A:5C:2D:03:2E:2C:C8:99:0E:EE:4A:44
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/323430363a656634303a3a2f33322d3438203d3e20313333383131.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:ef40::/32

    Signature Algorithm: sha256WithRSAEncryption
         7a:b1:e2:46:42:9f:e3:a8:56:83:c8:93:f7:26:4d:52:0b:5e:
         2f:43:c1:25:72:ec:6b:04:7c:01:1f:e8:5a:b1:f1:4d:61:86:
         dc:d6:e9:86:e4:a6:84:bc:3c:a9:65:bd:9c:fe:8a:08:f4:d9:
         12:6e:7f:0b:a4:54:b5:3c:57:a5:fb:29:3d:7e:03:8a:d1:49:
         0b:06:36:7e:13:56:48:94:a6:eb:42:23:35:72:dd:2c:8a:9b:
         76:fc:23:7a:5c:a0:46:2f:00:15:4f:be:41:af:64:1c:e9:2c:
         79:29:c4:3b:e0:37:33:42:33:16:a9:70:d1:de:39:a5:72:77:
         c6:48:42:66:6a:1c:38:71:79:d0:5b:dc:b9:ff:31:8d:12:3e:
         37:ea:27:4c:b3:4f:4a:66:0d:dc:38:37:44:c2:63:ae:56:29:
         11:cd:74:b3:04:c0:77:3e:4f:54:bc:e2:47:14:2e:43:24:6c:
         15:54:27:69:aa:f0:65:e4:93:e3:d3:0a:77:6b:84:29:f9:41:
         04:5b:01:8c:a3:96:88:b6:ac:58:ea:5a:35:98:bf:54:b7:a2:
         1e:d0:d0:43:61:21:02:a0:41:31:ed:df:63:35:29:92:86:89:
         c2:fb:b9:96:2a:fc:21:c5:09:9f:bb:bc:7f:00:d1:66:80:67:
         5b:e2:d3:26
-----BEGIN CERTIFICATE-----
MIIHCTCCBfGgAwIBAgIUBgX5N4oK6FoEm/qtzfh3qM/t0IcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIyMDEyODAzNTUwMVoX
DTIzMDEyODA0MDAwMVowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBFQTEzOUE2MjM4NzczRTk4MzQwMUE3MTZBQThCRDYxODYyNDJERTZGOEFC
QjEzOTQ5RDI3ODcxNzk5QjU2QkM4RDRFMTVDQkI4Q0Q2OUJDRTM3QTlDRTVCNjY3
OThDNkZFRkYwMUU0Q0QwNjVEQzFDNjE5N0M2ODk2MkQwQzFFNzEyRTU2RkFFN0FD
MUVDRUM4M0JGMEI2MzQwQTc1NUZCQkM2MDQyQzU5QUJGQUQwODNDNDAyOEYyOEMw
QkFBRTFCODc5QjVCREU5OEYyOUMwQUI0Mjc1NUZEQ0QxNTk5ODk0NzM5QzgwQjcw
RTRDMzM3MkI0MEZGMzZCRTQ0NUMwMkVDNkVDMkJFRDM5RTdCQzUwMDQwODREMTI0
REZFNkY3QzkwOTY2NDFGMTMyMjREMjJGNDk0MDA1RUM1RkI5RTVBNEVCMjMyN0M2
QTg4Q0ZFOEZDMjM1MEM5RDU1MkY2Mzc3QTVCM0JEODRFRTZEMDAyM0I1OTk5Q0E5
RjA1QUMxNUI5QTg2RENEMjJEMzI3RUZGMDFBQjIxMzE3QUEwNDY1NjM5MEFEMDBC
ODFGQzZGQkRBMDUyNkE0QTA2RjlBRDNCRkVDOUY0NUNENjI0QjczRURCRjdGNUM0
QzEzQkMzNUFFN0I1N0FDQTdBMzExNkRFNEIwMzlGOTQxMkMxNTAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqE5piOHc+mDQBpxaqi9YY
YkLeb4q7E5SdJ4cXmbVryNThXLuM1pvON6nOW2Z5jG/v8B5M0GXcHGGXxoli0MHn
EuVvrnrB7OyDvwtjQKdV+7xgQsWav60IPEAo8owLquG4ebW96Y8pwKtCdV/c0VmY
lHOcgLcOTDNytA/za+RFwC7G7CvtOee8UAQITRJN/m98kJZkHxMiTSL0lABexfue
Wk6yMnxqiM/o/CNQydVS9jd6WzvYTubQAjtZmcqfBawVuahtzSLTJ+/wGrITF6oE
ZWOQrQC4H8b72gUmpKBvmtO/7J9FzWJLc+2/f1xME7w1rntXrKejEW3ksDn5QSwV
AgMBAAGjggIAMIIB/DAdBgNVHQ4EFgQUl08qQHUJlTNKXC0DLizImQ7uSkQwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBggYIKwYB
BQUHAQsEdjB0MHIGCCsGAQUFBzALhmZyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMyMzQzMDM2M2E2NTY2MzQzMDNhM2EyZjMzMzIy
ZDM0MzgyMDNkM2UyMDMxMzMzMzM4MzEzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQG70AwDQYJKoZI
hvcNAQELBQADggEBAHqx4kZCn+OoVoPIk/cmTVILXi9DwSVy7GsEfAEf6Fqx8U1h
htzW6YbkpoS8PKllvZz+igj02RJufwukVLU8V6X7KT1+A4rRSQsGNn4TVkiUputC
IzVy3SyKm3b8I3pcoEYvABVPvkGvZBzpLHkpxDvgNzNCMxapcNHeOaVyd8ZIQmZq
HDhxedBb3Ln/MY0SPjfqJ0yzT0pmDdw4N0TCY65WKRHNdLMEwHc+T1S84kcULkMk
bBVUJ2mq8GXkk+PTCndrhCn5QQRbAYyjloi2rFjqWjWYv1S3oh7Q0ENhIQKgQTHt
32M1KZKGicL7uZYq/CHFCZ+7vH8A0WaAZ1vi0yY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:12 2024 by rpki-client on console-fra.rpki-client.org