Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/323430373a373463303a3a2f33322d3438203d3e20313338383634.roa
File:                     323430373a373463303a3a2f33322d3438203d3e20313338383634.roa (raw, json)
Hash identifier:          MRO4zgydR4takZnmeVp/1KFAHFlJI8JZhj7gslC8SAg=
Subject key identifier:   15:87:3F:F3:49:57:CB:79:C7:41:B1:7E:66:25:77:E0:10:D6:B5:47
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       0CD1D737BFB34CEE287689A89724D06195493641
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/323430373a373463303a3a2f33322d3438203d3e20313338383634.roa
Signing time:             Thu 03 Jun 2021 08:46:14 +0000
ROA not before:           Thu 03 Jun 2021 08:41:14 +0000
ROA not after:            Fri 03 Jun 2022 08:46:14 +0000
asID:                     138864
IP address blocks:        2407:74c0::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:d1:d7:37:bf:b3:4c:ee:28:76:89:a8:97:24:d0:61:95:49:36:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Jun  3 08:41:14 2021 GMT
            Not After : Jun  3 08:46:14 2022 GMT
        Subject: CN=3082010A0282010100CAC3B22E864ACE8B5D0165D4CD66A23F869E2B63754417B518D463E135280B1982025FEDF500E6C222CF0EF0D9F85C4FF2A6F0BFDA13CDF3884CA5C955D7B71E07F1B2D1820D57E800C0A2C6FF8963F5091AFA520ED9720EE9C43C178F0EBA1CC29169DAB01A35828D6E55CB7A30B2AD12B3532ACA83651F0A8A4355A452FF8D1AE73BC3C7B91140EF57C44D4941F7F04F8F4BE4DDB8E222894DD07DB83F4B3E21021D8436A431DDF1893B8D137E336CA462FEEFE9805B0224C2ED5F44DDF49841B8FC7119AB4C4A2183AB8E77E987DB0FBDC1728C719103DA9CD08045227CA96FEFC89A094B673E9ED2A5B537F73F74AAE8B95CD68978418F7C4EDDE55905670203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:c3:b2:2e:86:4a:ce:8b:5d:01:65:d4:cd:66:
                    a2:3f:86:9e:2b:63:75:44:17:b5:18:d4:63:e1:35:
                    28:0b:19:82:02:5f:ed:f5:00:e6:c2:22:cf:0e:f0:
                    d9:f8:5c:4f:f2:a6:f0:bf:da:13:cd:f3:88:4c:a5:
                    c9:55:d7:b7:1e:07:f1:b2:d1:82:0d:57:e8:00:c0:
                    a2:c6:ff:89:63:f5:09:1a:fa:52:0e:d9:72:0e:e9:
                    c4:3c:17:8f:0e:ba:1c:c2:91:69:da:b0:1a:35:82:
                    8d:6e:55:cb:7a:30:b2:ad:12:b3:53:2a:ca:83:65:
                    1f:0a:8a:43:55:a4:52:ff:8d:1a:e7:3b:c3:c7:b9:
                    11:40:ef:57:c4:4d:49:41:f7:f0:4f:8f:4b:e4:dd:
                    b8:e2:22:89:4d:d0:7d:b8:3f:4b:3e:21:02:1d:84:
                    36:a4:31:dd:f1:89:3b:8d:13:7e:33:6c:a4:62:fe:
                    ef:e9:80:5b:02:24:c2:ed:5f:44:dd:f4:98:41:b8:
                    fc:71:19:ab:4c:4a:21:83:ab:8e:77:e9:87:db:0f:
                    bd:c1:72:8c:71:91:03:da:9c:d0:80:45:22:7c:a9:
                    6f:ef:c8:9a:09:4b:67:3e:9e:d2:a5:b5:37:f7:3f:
                    74:aa:e8:b9:5c:d6:89:78:41:8f:7c:4e:dd:e5:59:
                    05:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:87:3F:F3:49:57:CB:79:C7:41:B1:7E:66:25:77:E0:10:D6:B5:47
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/323430373a373463303a3a2f33322d3438203d3e20313338383634.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2407:74c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         40:a9:6a:21:54:dd:77:15:9b:85:81:3e:ed:3b:d3:db:50:9a:
         e8:09:d9:ae:b4:50:3f:b0:5c:81:73:c9:23:a7:f2:8d:09:cb:
         30:81:e3:c4:ed:fb:ba:0c:17:09:2a:57:a3:2b:aa:e3:01:26:
         b7:8f:99:2b:e7:bf:d6:85:d4:45:82:37:c1:be:14:bb:f3:84:
         9b:18:78:cb:8b:33:8a:7f:aa:07:d1:f2:3b:33:96:fb:de:09:
         ec:99:ac:36:9d:1c:eb:c5:98:c9:fc:44:0e:67:a7:5c:03:8c:
         55:20:12:61:9c:84:e1:e0:21:af:29:0f:b3:e7:0c:aa:0a:f3:
         67:63:4e:29:88:57:ab:b5:43:3e:0e:ba:b5:16:dc:71:72:52:
         cd:dd:55:15:0f:da:eb:7a:6b:82:29:8b:fe:8f:98:1b:f0:a0:
         f4:cc:08:65:c4:06:8b:db:c3:cb:83:a1:e2:0b:32:01:e3:34:
         35:78:a9:19:3a:eb:48:ad:26:d0:89:f5:ab:5d:95:86:5e:ba:
         18:e4:79:03:b6:75:57:6c:f4:57:f3:c4:ce:b2:7c:9c:c2:fb:
         e1:36:f7:b8:62:f8:f0:8c:b0:b9:e1:db:db:ef:75:d6:d3:9a:
         fd:15:3b:6e:8b:ec:60:f8:c7:57:8b:36:92:03:1f:6c:ff:3d:
         fb:ed:46:5a
-----BEGIN CERTIFICATE-----
MIIHCTCCBfGgAwIBAgIUDNHXN7+zTO4odomolyTQYZVJNkEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIxMDYwMzA4NDExNFoX
DTIyMDYwMzA4NDYxNFowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBDQUMzQjIyRTg2NEFDRThCNUQwMTY1RDRDRDY2QTIzRjg2OUUyQjYzNzU0
NDE3QjUxOEQ0NjNFMTM1MjgwQjE5ODIwMjVGRURGNTAwRTZDMjIyQ0YwRUYwRDlG
ODVDNEZGMkE2RjBCRkRBMTNDREYzODg0Q0E1Qzk1NUQ3QjcxRTA3RjFCMkQxODIw
RDU3RTgwMEMwQTJDNkZGODk2M0Y1MDkxQUZBNTIwRUQ5NzIwRUU5QzQzQzE3OEYw
RUJBMUNDMjkxNjlEQUIwMUEzNTgyOEQ2RTU1Q0I3QTMwQjJBRDEyQjM1MzJBQ0E4
MzY1MUYwQThBNDM1NUE0NTJGRjhEMUFFNzNCQzNDN0I5MTE0MEVGNTdDNDRENDk0
MUY3RjA0RjhGNEJFNEREQjhFMjIyODk0REQwN0RCODNGNEIzRTIxMDIxRDg0MzZB
NDMxRERGMTg5M0I4RDEzN0UzMzZDQTQ2MkZFRUZFOTgwNUIwMjI0QzJFRDVGNDRE
REY0OTg0MUI4RkM3MTE5QUI0QzRBMjE4M0FCOEU3N0U5ODdEQjBGQkRDMTcyOEM3
MTkxMDNEQTlDRDA4MDQ1MjI3Q0E5NkZFRkM4OUEwOTRCNjczRTlFRDJBNUI1MzdG
NzNGNzRBQUU4Qjk1Q0Q2ODk3ODQxOEY3QzRFRERFNTU5MDU2NzAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKw7IuhkrOi10BZdTNZqI/
hp4rY3VEF7UY1GPhNSgLGYICX+31AObCIs8O8Nn4XE/ypvC/2hPN84hMpclV17ce
B/Gy0YINV+gAwKLG/4lj9Qka+lIO2XIO6cQ8F48OuhzCkWnasBo1go1uVct6MLKt
ErNTKsqDZR8KikNVpFL/jRrnO8PHuRFA71fETUlB9/BPj0vk3bjiIolN0H24P0s+
IQIdhDakMd3xiTuNE34zbKRi/u/pgFsCJMLtX0Td9JhBuPxxGatMSiGDq4536Yfb
D73BcoxxkQPanNCARSJ8qW/vyJoJS2c+ntKltTf3P3Sq6Llc1ol4QY98Tt3lWQVn
AgMBAAGjggIAMIIB/DAdBgNVHQ4EFgQUFYc/80lXy3nHQbF+ZiV34BDWtUcwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCBggYIKwYB
BQUHAQsEdjB0MHIGCCsGAQUFBzALhmZyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9JRE5JQy1JRC8yLzMyMzQzMDM3M2EzNzM0NjMzMDNhM2EyZjMzMzIy
ZDM0MzgyMDNkM2UyMDMxMzMzODM4MzYzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQHdMAwDQYJKoZI
hvcNAQELBQADggEBAECpaiFU3XcVm4WBPu0709tQmugJ2a60UD+wXIFzySOn8o0J
yzCB48Tt+7oMFwkqV6MrquMBJrePmSvnv9aF1EWCN8G+FLvzhJsYeMuLM4p/qgfR
8jszlvveCeyZrDadHOvFmMn8RA5np1wDjFUgEmGchOHgIa8pD7PnDKoK82djTimI
V6u1Qz4OurUW3HFyUs3dVRUP2ut6a4Ipi/6PmBvwoPTMCGXEBovbw8uDoeILMgHj
NDV4qRk660itJtCJ9atdlYZeuhjkeQO2dVds9FfzxM6yfJzC++E297hi+PCMsLnh
29vvddbTmv0VO26L7GD4x1eLNpIDH2z/PfvtRlo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:49 2024 by rpki-client on console-ams.rpki-client.org