Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140454.roa
File:                     AS140454.roa (raw, json)
Hash identifier:          WjDwi6HVcDyaD3kLnLCAk4az6zYj7AtWqpfL5HBjJD0=
Subject key identifier:   E6:45:79:B1:CE:F2:DD:9B:5D:92:3B:9F:D5:00:78:2D:EB:DE:AE:1D
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       5C66F5C13C46FAB4FEA336C46E8411A80E3E28E5
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140454.roa
Signing time:             Wed 31 May 2023 02:38:56 +0000
ROA not before:           Wed 31 May 2023 02:33:56 +0000
ROA not after:            Wed 29 May 2024 02:38:56 +0000
asID:                     140454
IP address blocks:        103.108.156.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:66:f5:c1:3c:46:fa:b4:fe:a3:36:c4:6e:84:11:a8:0e:3e:28:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: May 31 02:33:56 2023 GMT
            Not After : May 29 02:38:56 2024 GMT
        Subject: CN=E64579B1CEF2DD9B5D923B9FD500782DEBDEAE1D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:32:7d:88:62:df:c2:3d:a2:b1:d7:29:19:7f:
                    99:97:7f:1e:52:0d:b6:6d:b4:0d:4d:37:38:16:85:
                    4d:f0:a6:fc:d5:ac:c6:a0:db:3e:9f:12:1b:30:5d:
                    ee:5e:bf:6f:cf:76:69:f4:1d:9f:ad:7f:9d:2c:53:
                    92:b9:6a:5a:b9:49:b7:04:1c:08:d5:4b:95:d5:34:
                    9d:fb:2c:2e:f5:2c:e1:36:c3:0d:64:bd:1a:92:2a:
                    e3:eb:29:e3:e5:17:6d:8d:c7:ea:dc:24:8d:b3:53:
                    65:48:f5:a2:04:05:7d:97:8c:2d:08:ac:66:1a:09:
                    5d:a8:a3:9f:23:f2:e1:0d:b8:e4:55:da:5f:bf:ee:
                    b0:3b:60:9a:39:04:82:49:d3:3a:77:a8:a5:84:71:
                    5e:31:62:41:b8:56:06:44:fd:57:7f:59:b9:98:64:
                    5b:55:ee:3c:e9:08:ba:be:94:0e:83:99:5a:07:1d:
                    99:9f:8e:77:cd:9b:5d:7e:fd:cd:ab:9e:8c:e2:33:
                    3d:f6:d3:5c:fb:30:41:11:ed:d0:16:3a:92:35:15:
                    67:b6:e5:96:c8:61:ea:8e:63:85:dd:8d:b1:d6:5c:
                    cf:55:be:17:3b:de:f3:0a:e9:18:b5:72:b1:a0:b8:
                    c9:36:2b:83:88:14:8d:c4:0c:ae:6c:a6:f6:3b:9f:
                    f2:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:45:79:B1:CE:F2:DD:9B:5D:92:3B:9F:D5:00:78:2D:EB:DE:AE:1D
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140454.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.108.156.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2d:b9:57:d8:dd:f5:ab:62:90:be:e6:20:f1:86:17:40:e9:a0:
         71:b4:95:5d:e1:74:7f:96:b4:9e:eb:6a:46:42:6f:41:a5:8c:
         cd:b9:af:61:5d:22:9b:ee:50:bc:f4:47:5f:88:ee:5e:9d:30:
         a5:7b:c5:f6:57:a2:0e:2d:6f:90:ac:4a:23:b3:56:08:c4:ea:
         8e:76:b8:79:10:52:53:d8:fe:a3:ee:40:be:39:78:bc:29:ec:
         b5:1c:43:3b:6f:18:1c:29:96:53:75:fe:2e:fe:fd:51:59:01:
         f0:52:98:2c:f5:79:ce:ae:57:50:fd:02:bb:0f:54:ef:8d:34:
         42:b9:ea:64:c7:9c:fc:7b:82:1e:f8:48:c4:a5:d0:ca:35:ae:
         25:38:76:f7:b0:1f:38:2b:ee:7c:84:b8:cc:52:55:4f:6c:0e:
         6d:b4:4e:5a:6f:ad:7d:21:45:9c:57:f4:07:74:5b:3f:95:c9:
         6b:0e:5d:d8:05:ff:df:14:be:f3:f7:04:58:39:0e:1a:bf:8e:
         10:0f:c6:a6:19:26:0b:90:ab:1e:03:06:87:f3:60:e4:d6:b5:
         4c:36:e5:ad:bd:e3:23:ec:8f:f7:23:46:58:a7:cb:09:3a:97:
         44:9a:27:fa:7d:51:9a:a5:0a:7d:ef:08:d2:40:6b:f5:38:d5:
         f9:b1:b0:f5
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUXGb1wTxG+rT+ozbEboQRqA4+KOUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMDUzMTAyMzM1NloX
DTI0MDUyOTAyMzg1NlowMzExMC8GA1UEAxMoRTY0NTc5QjFDRUYyREQ5QjVEOTIz
QjlGRDUwMDc4MkRFQkRFQUUxRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANAyfYhi38I9orHXKRl/mZd/HlINtm20DU03OBaFTfCm/NWsxqDbPp8SGzBd
7l6/b892afQdn61/nSxTkrlqWrlJtwQcCNVLldU0nfssLvUs4TbDDWS9GpIq4+sp
4+UXbY3H6twkjbNTZUj1ogQFfZeMLQisZhoJXaijnyPy4Q245FXaX7/usDtgmjkE
gknTOneopYRxXjFiQbhWBkT9V39ZuZhkW1XuPOkIur6UDoOZWgcdmZ+Od82bXX79
zauejOIzPfbTXPswQRHt0BY6kjUVZ7bllshh6o5jhd2NsdZcz1W+Fzve8wrpGLVy
saC4yTYrg4gUjcQMrmym9juf8o8CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTmRXmx
zvLdm12SO5/VAHgt696uHTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MDQ1NC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAmdsnDANBgkqhkiG9w0BAQsFAAOCAQEALblX2N31q2KQvuYg8YYX
QOmgcbSVXeF0f5a0nutqRkJvQaWMzbmvYV0im+5QvPRHX4juXp0wpXvF9leiDi1v
kKxKI7NWCMTqjna4eRBSU9j+o+5Avjl4vCnstRxDO28YHCmWU3X+Lv79UVkB8FKY
LPV5zq5XUP0Cuw9U7400QrnqZMec/HuCHvhIxKXQyjWuJTh297AfOCvufIS4zFJV
T2wObbROWm+tfSFFnFf0B3RbP5XJaw5d2AX/3xS+8/cEWDkOGr+OEA/GphkmC5Cr
HgMGh/Ng5Na1TDblrb3jI+yP9yNGWKfLCTqXRJon+n1RmqUKfe8I0kBr9TjV+bGw
9Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:49 2024 by rpki-client on console-ams.rpki-client.org