Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS147086.roa
File:                     AS147086.roa (raw, json)
Hash identifier:          2kpFYzLqE43HOZuN9F6V4MO6wp2d01psfwoO71V+D0g=
Subject key identifier:   35:7A:A4:7E:C5:90:BD:0A:E6:85:51:37:74:D7:A8:DE:F4:D4:83:14
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       0A8473939D688FDCEB7036C2B022089219A3DFB8
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS147086.roa
Signing time:             Thu 24 Mar 2022 06:33:46 +0000
ROA not before:           Thu 24 Mar 2022 06:28:46 +0000
ROA not after:            Thu 23 Mar 2023 06:33:46 +0000
asID:                     147086
IP address blocks:        103.172.242.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:84:73:93:9d:68:8f:dc:eb:70:36:c2:b0:22:08:92:19:a3:df:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Mar 24 06:28:46 2022 GMT
            Not After : Mar 23 06:33:46 2023 GMT
        Subject: CN=357AA47EC590BD0AE685513774D7A8DEF4D48314
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:b6:a6:b4:d3:a4:0d:c1:63:a3:27:fd:0e:92:
                    ad:e0:b2:19:20:42:b4:44:cc:e5:99:e2:30:a5:e3:
                    41:fc:c8:9b:f1:48:b5:eb:54:d0:f3:23:c3:58:21:
                    25:d2:7f:45:4b:42:4c:77:08:68:c7:a3:38:37:fa:
                    19:c7:c4:c8:77:d7:28:05:c7:c0:5f:80:61:bc:64:
                    f1:d5:95:6c:85:f3:84:8f:3b:f5:90:91:9a:e5:1d:
                    26:c0:b8:aa:98:8c:0a:bc:2b:5e:a0:19:3b:4b:8b:
                    52:f2:b6:9d:cb:0f:40:ef:9b:eb:39:35:89:68:cd:
                    c0:4d:99:94:fd:0a:59:63:2a:ec:ca:18:41:57:29:
                    a7:cb:b0:1c:23:8a:87:ab:7b:7d:80:ad:1e:d3:1a:
                    dc:64:de:69:c0:e9:f6:78:18:3c:e5:a6:9d:53:af:
                    19:4f:db:d3:6e:f2:f3:38:1e:01:94:9e:53:aa:10:
                    25:ab:bb:ab:e1:00:65:28:aa:46:9e:8a:11:0c:1a:
                    66:1d:fb:11:56:d8:79:71:2b:fe:82:f8:5a:c0:4f:
                    a8:9d:c7:31:bd:a5:ad:ec:b9:39:05:00:16:c0:20:
                    08:3e:73:43:b0:4b:ab:97:cd:b9:94:26:80:dc:e8:
                    85:99:b7:44:c9:fb:36:91:65:11:46:7a:99:0b:72:
                    59:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:7A:A4:7E:C5:90:BD:0A:E6:85:51:37:74:D7:A8:DE:F4:D4:83:14
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS147086.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.172.242.0/23

    Signature Algorithm: sha256WithRSAEncryption
         46:0a:f6:84:b1:86:5b:17:7a:df:22:a3:f5:dc:45:fb:bd:8d:
         46:2e:e8:02:e5:0b:6d:e1:d6:da:7c:91:24:36:9b:6e:a2:13:
         35:06:ef:95:57:a6:31:2c:e4:db:39:3c:de:27:2f:e6:0a:d9:
         28:b4:a1:32:c4:1b:ad:6c:ef:67:fe:df:ac:5d:fd:80:19:c1:
         d7:d9:c1:43:35:57:c8:50:f9:96:ea:51:f2:77:c4:f1:ad:59:
         7c:b4:98:3c:3a:8a:92:02:bd:91:4e:e6:1d:17:11:a9:75:44:
         74:45:4e:49:87:ea:2a:48:b0:e4:bd:aa:88:c4:25:5d:eb:8e:
         72:67:3b:fd:cb:d5:9c:74:e2:7c:56:5c:4e:e7:77:14:02:3b:
         0f:10:47:d3:f9:c0:66:cd:9a:52:df:ac:2e:60:94:61:20:b0:
         fb:9d:d9:39:a8:f9:cd:9e:1a:44:5f:6f:57:51:e9:1f:d7:9e:
         46:b4:3e:08:cc:a8:7c:e2:b5:03:3e:b4:82:a3:31:f9:e9:6c:
         1a:4e:9d:76:51:71:4e:7b:6c:6f:8c:ab:b7:2e:e7:11:46:e0:
         75:bb:ed:09:64:1a:46:ef:a3:04:21:71:ea:1a:c2:2b:20:84:
         4a:16:b3:47:00:a3:d1:40:1f:11:26:13:9e:f0:d2:84:f3:80:
         44:c8:6e:52
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUCoRzk51oj9zrcDbCsCIIkhmj37gwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIyMDMyNDA2Mjg0NloX
DTIzMDMyMzA2MzM0NlowMzExMC8GA1UEAxMoMzU3QUE0N0VDNTkwQkQwQUU2ODU1
MTM3NzREN0E4REVGNEQ0ODMxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM22prTTpA3BY6Mn/Q6SreCyGSBCtETM5ZniMKXjQfzIm/FItetU0PMjw1gh
JdJ/RUtCTHcIaMejODf6GcfEyHfXKAXHwF+AYbxk8dWVbIXzhI879ZCRmuUdJsC4
qpiMCrwrXqAZO0uLUvK2ncsPQO+b6zk1iWjNwE2ZlP0KWWMq7MoYQVcpp8uwHCOK
h6t7fYCtHtMa3GTeacDp9ngYPOWmnVOvGU/b027y8zgeAZSeU6oQJau7q+EAZSiq
Rp6KEQwaZh37EVbYeXEr/oL4WsBPqJ3HMb2lrey5OQUAFsAgCD5zQ7BLq5fNuZQm
gNzohZm3RMn7NpFlEUZ6mQtyWe8CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQ1eqR+
xZC9CuaFUTd016je9NSDFDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0NzA4Ni5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAWes8jANBgkqhkiG9w0BAQsFAAOCAQEARgr2hLGGWxd63yKj9dxF
+72NRi7oAuULbeHW2nyRJDabbqITNQbvlVemMSzk2zk83icv5grZKLShMsQbrWzv
Z/7frF39gBnB19nBQzVXyFD5lupR8nfE8a1ZfLSYPDqKkgK9kU7mHRcRqXVEdEVO
SYfqKkiw5L2qiMQlXeuOcmc7/cvVnHTifFZcTud3FAI7DxBH0/nAZs2aUt+sLmCU
YSCw+53ZOaj5zZ4aRF9vV1HpH9eeRrQ+CMyofOK1Az60gqMx+elsGk6ddlFxTnts
b4yrty7nEUbgdbvtCWQaRu+jBCFx6hrCKyCEShazRwCj0UAfESYTnvDShPOARMhu
Ug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:13 2024 by rpki-client on console-fra.rpki-client.org