Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/34332e3234332e3135322e302f32322d3234203d3e2030.roa
File:                     34332e3234332e3135322e302f32322d3234203d3e2030.roa (raw, json)
Hash identifier:          3k4wWAsX7mXWpB2nQsXA0VwayJQ5gpozSoOSsxbQy68=
Subject key identifier:   A2:17:55:38:65:DF:FA:F2:47:2A:58:2F:1F:76:C4:00:F6:3B:81:07
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       6B0330EC64E5D7C4C635110743C1CC8300F71774
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/34332e3234332e3135322e302f32322d3234203d3e2030.roa
Signing time:             Wed 19 May 2021 08:21:44 +0000
ROA not before:           Wed 19 May 2021 08:16:44 +0000
ROA not after:            Thu 19 May 2022 08:21:44 +0000
asID:                     0
IP address blocks:        43.243.152.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:03:30:ec:64:e5:d7:c4:c6:35:11:07:43:c1:cc:83:00:f7:17:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: May 19 08:16:44 2021 GMT
            Not After : May 19 08:21:44 2022 GMT
        Subject: CN=3082010A0282010100E2A5254B986E2D8D4F815842B015AE7BBBD8E015572B4BE1CACAA573D8E2C4ECF12451ABFAA704429B9D4320381B5FD0B832B7DEA00CEDE1B2C7F55B9946D98E7C042F2F2301E411F1C09BA0EA295C91081487432CDC84B656AD26DC097A4A83F61F9F6FCC2BE05DFA91ABDF3280F51C35CBBFB16B5B524832D96EE874B82FB958C92D36FDAE25E6D2D9DA4BE301E48EB21FE49A5E6EA6AD971A37B64BD239F2315FEFBEE57F9B8FAC17474B4FADA548ADC674042B9F8F5704A5B58846E66E9CFF5005D953E70B76175CCC66D18422627F1FBFD60E943EAF1108B2C9A6B4ECE8192C46BD739BDE5A67A7C3208A7F3CC8EA2099F99E893E6548B10CCEB82C8C690203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:a5:25:4b:98:6e:2d:8d:4f:81:58:42:b0:15:
                    ae:7b:bb:d8:e0:15:57:2b:4b:e1:ca:ca:a5:73:d8:
                    e2:c4:ec:f1:24:51:ab:fa:a7:04:42:9b:9d:43:20:
                    38:1b:5f:d0:b8:32:b7:de:a0:0c:ed:e1:b2:c7:f5:
                    5b:99:46:d9:8e:7c:04:2f:2f:23:01:e4:11:f1:c0:
                    9b:a0:ea:29:5c:91:08:14:87:43:2c:dc:84:b6:56:
                    ad:26:dc:09:7a:4a:83:f6:1f:9f:6f:cc:2b:e0:5d:
                    fa:91:ab:df:32:80:f5:1c:35:cb:bf:b1:6b:5b:52:
                    48:32:d9:6e:e8:74:b8:2f:b9:58:c9:2d:36:fd:ae:
                    25:e6:d2:d9:da:4b:e3:01:e4:8e:b2:1f:e4:9a:5e:
                    6e:a6:ad:97:1a:37:b6:4b:d2:39:f2:31:5f:ef:be:
                    e5:7f:9b:8f:ac:17:47:4b:4f:ad:a5:48:ad:c6:74:
                    04:2b:9f:8f:57:04:a5:b5:88:46:e6:6e:9c:ff:50:
                    05:d9:53:e7:0b:76:17:5c:cc:66:d1:84:22:62:7f:
                    1f:bf:d6:0e:94:3e:af:11:08:b2:c9:a6:b4:ec:e8:
                    19:2c:46:bd:73:9b:de:5a:67:a7:c3:20:8a:7f:3c:
                    c8:ea:20:99:f9:9e:89:3e:65:48:b1:0c:ce:b8:2c:
                    8c:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:17:55:38:65:DF:FA:F2:47:2A:58:2F:1F:76:C4:00:F6:3B:81:07
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/34332e3234332e3135322e302f32322d3234203d3e2030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.243.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         77:5e:e5:74:34:88:3f:c2:2e:50:47:e1:9e:60:53:68:ee:5a:
         20:8c:e4:de:6e:b2:ff:6a:5f:ca:fa:16:16:da:28:bd:34:89:
         b4:e5:f5:07:17:22:15:6a:ce:87:b7:44:4d:a7:6a:7a:9b:dc:
         78:f8:6b:b4:b1:5f:37:af:32:60:a7:1f:de:cb:19:5a:7d:e3:
         59:a5:91:5d:7c:d3:1a:9a:bb:05:25:70:5e:b4:2d:3a:da:09:
         15:26:73:4a:65:64:bd:33:6b:5d:d7:d7:7d:ec:6c:af:83:13:
         3a:8d:d3:e0:41:8c:86:41:b1:db:05:26:ab:ab:1d:cd:55:8e:
         5e:c6:6d:ab:5f:a3:b6:40:b4:2b:7c:e3:ee:03:a7:fa:ad:40:
         03:0f:13:ab:26:fa:29:61:ea:63:da:20:83:f9:c5:dd:8b:2a:
         48:6c:45:83:85:71:1f:c8:c1:15:cd:7d:3f:c0:81:5d:b9:5b:
         02:11:07:be:c1:b1:c8:6d:89:ff:ee:0a:0f:d3:12:7f:30:dd:
         79:58:cc:40:3c:7b:ce:d7:28:ee:e8:6b:74:ad:cc:14:08:cf:
         fd:7f:3c:f2:dc:44:21:db:16:b2:cf:a3:c4:45:32:a2:c8:c0:
         63:d8:da:7c:47:32:1b:5f:b3:e0:9b:20:ec:cf:f9:1a:89:30:
         9d:69:bf:c9
-----BEGIN CERTIFICATE-----
MIIG/zCCBeegAwIBAgIUawMw7GTl18TGNREHQ8HMgwD3F3QwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIxMDUxOTA4MTY0NFoX
DTIyMDUxOTA4MjE0NFowggItMYICKTCCAiUGA1UEAxOCAhwzMDgyMDEwQTAyODIw
MTAxMDBFMkE1MjU0Qjk4NkUyRDhENEY4MTU4NDJCMDE1QUU3QkJCRDhFMDE1NTcy
QjRCRTFDQUNBQTU3M0Q4RTJDNEVDRjEyNDUxQUJGQUE3MDQ0MjlCOUQ0MzIwMzgx
QjVGRDBCODMyQjdERUEwMENFREUxQjJDN0Y1NUI5OTQ2RDk4RTdDMDQyRjJGMjMw
MUU0MTFGMUMwOUJBMEVBMjk1QzkxMDgxNDg3NDMyQ0RDODRCNjU2QUQyNkRDMDk3
QTRBODNGNjFGOUY2RkNDMkJFMDVERkE5MUFCREYzMjgwRjUxQzM1Q0JCRkIxNkI1
QjUyNDgzMkQ5NkVFODc0QjgyRkI5NThDOTJEMzZGREFFMjVFNkQyRDlEQTRCRTMw
MUU0OEVCMjFGRTQ5QTVFNkVBNkFEOTcxQTM3QjY0QkQyMzlGMjMxNUZFRkJFRTU3
RjlCOEZBQzE3NDc0QjRGQURBNTQ4QURDNjc0MDQyQjlGOEY1NzA0QTVCNTg4NDZF
NjZFOUNGRjUwMDVEOTUzRTcwQjc2MTc1Q0NDNjZEMTg0MjI2MjdGMUZCRkQ2MEU5
NDNFQUYxMTA4QjJDOUE2QjRFQ0U4MTkyQzQ2QkQ3MzlCREU1QTY3QTdDMzIwOEE3
RjNDQzhFQTIwOTlGOTlFODkzRTY1NDhCMTBDQ0VCODJDOEM2OTAyMDMwMTAwMDEw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDipSVLmG4tjU+BWEKwFa57
u9jgFVcrS+HKyqVz2OLE7PEkUav6pwRCm51DIDgbX9C4MrfeoAzt4bLH9VuZRtmO
fAQvLyMB5BHxwJug6ilckQgUh0Ms3IS2Vq0m3Al6SoP2H59vzCvgXfqRq98ygPUc
Ncu/sWtbUkgy2W7odLgvuVjJLTb9riXm0tnaS+MB5I6yH+SaXm6mrZcaN7ZL0jny
MV/vvuV/m4+sF0dLT62lSK3GdAQrn49XBKW1iEbmbpz/UAXZU+cLdhdczGbRhCJi
fx+/1g6UPq8RCLLJprTs6BksRr1zm95aZ6fDIIp/PMjqIJn5nok+ZUixDM64LIxp
AgMBAAGjggH2MIIB8jAdBgNVHQ4EFgQUohdVOGXf+vJHKlgvH3bEAPY7gQcwHwYD
VR0jBBgwFoAUuo930h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgeAMGkG
A1UdHwRiMGAwXqBcoFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgz
Mzc2Qi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvdW85MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjB6BggrBgEF
BQcBCwRuMGwwagYIKwYBBQUHMAuGXnJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5l
dC9yZXBvL0lETklDLUlELzIvMzQzMzJlMzIzNDMzMmUzMTM1MzIyZTMwMmYzMjMy
MmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAivzmDANBgkqhkiG9w0BAQsFAAOC
AQEAd17ldDSIP8IuUEfhnmBTaO5aIIzk3m6y/2pfyvoWFtoovTSJtOX1BxciFWrO
h7dETadqepvcePhrtLFfN68yYKcf3ssZWn3jWaWRXXzTGpq7BSVwXrQtOtoJFSZz
SmVkvTNrXdfXfexsr4MTOo3T4EGMhkGx2wUmq6sdzVWOXsZtq1+jtkC0K3zj7gOn
+q1AAw8Tqyb6KWHqY9ogg/nF3YsqSGxFg4VxH8jBFc19P8CBXblbAhEHvsGxyG2J
/+4KD9MSfzDdeVjMQDx7ztco7uhrdK3MFAjP/X888txEIdsWss+jxEUyosjAY9ja
fEcyG1+z4Jsg7M/5GokwnWm/yQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:12 2024 by rpki-client on console-fra.rpki-client.org