Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149405.roa
File:                     AS149405.roa (raw, json)
Hash identifier:          nNL49o6BNTMG2FCOL9OZNXxWY5ljNm5SINy6Ownlxio=
Subject key identifier:   4C:05:64:B6:80:9B:9B:6A:2C:50:5D:8D:21:55:3B:9B:97:3D:9E:86
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       7BBD7519DBF12FEE48910204577885BA6DCB928F
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149405.roa
Signing time:             Thu 20 Apr 2023 07:00:00 +0000
ROA not before:           Thu 20 Apr 2023 06:55:00 +0000
ROA not after:            Thu 18 Apr 2024 07:00:00 +0000
asID:                     149405
IP address blocks:        103.183.56.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:bd:75:19:db:f1:2f:ee:48:91:02:04:57:78:85:ba:6d:cb:92:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Apr 20 06:55:00 2023 GMT
            Not After : Apr 18 07:00:00 2024 GMT
        Subject: CN=4C0564B6809B9B6A2C505D8D21553B9B973D9E86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:36:b9:dc:e8:3f:b7:18:8f:4d:96:3b:08:ab:
                    bf:28:57:c0:e6:36:3d:0a:de:4b:f2:1d:13:bd:65:
                    b2:31:34:cb:18:a0:4b:31:41:ba:fa:f4:d7:cd:33:
                    bb:7d:57:8a:3c:6b:3d:cd:bd:d3:9c:1c:27:6d:24:
                    97:ad:e3:8d:79:18:24:4d:4d:2e:f6:20:c8:d6:30:
                    a3:ad:66:aa:8d:ca:c8:3d:29:42:29:d0:3d:60:26:
                    17:be:b3:10:d4:12:45:0b:e1:89:2e:59:cc:1e:0d:
                    b4:82:d9:b6:37:b3:7c:d2:d8:a1:18:86:d8:47:1a:
                    aa:e8:1b:ea:eb:ee:87:ca:be:55:f8:fb:c9:a0:dd:
                    0a:71:c0:39:99:6a:6f:a4:99:0a:13:fb:e2:ce:8a:
                    3c:aa:55:63:aa:9b:51:2e:75:bf:71:e2:a5:fb:fd:
                    ea:fc:43:82:b0:ad:ac:f0:68:d7:2f:ff:de:de:73:
                    f1:3e:49:29:b1:fe:83:71:38:ed:d8:45:8c:ca:3e:
                    bc:4c:3d:05:47:b3:45:c3:ce:d6:61:1b:ff:e9:e1:
                    4d:c6:29:ea:50:62:3d:49:56:81:73:cb:2b:a7:be:
                    bc:0c:65:e7:6e:d0:9c:1c:f3:68:d2:de:b5:7c:b5:
                    48:f4:10:22:d7:d4:f7:c9:0a:e2:21:48:09:07:9e:
                    57:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:05:64:B6:80:9B:9B:6A:2C:50:5D:8D:21:55:3B:9B:97:3D:9E:86
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149405.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.183.56.0/23

    Signature Algorithm: sha256WithRSAEncryption
         15:b9:dc:2a:db:cf:b9:03:df:fe:a5:72:1a:15:68:8f:b5:35:
         e6:1c:8d:ab:7f:1a:d5:37:b2:7b:22:86:78:7f:5f:9e:b8:76:
         a2:17:ba:ce:29:7c:9d:4f:4d:46:06:b7:5c:ea:92:07:76:ec:
         a4:60:15:f4:b8:6f:3e:57:66:19:4b:ec:46:3f:89:cd:4b:94:
         db:24:03:69:ee:4b:22:c6:dd:33:3a:1f:e3:48:5b:61:c0:d2:
         5f:eb:0a:27:39:6f:a5:ed:4a:6f:9a:59:c4:73:11:f1:7a:4e:
         a4:a1:34:80:32:cc:1b:c1:80:af:68:5b:86:bf:4f:b6:a5:11:
         11:83:04:85:6d:a8:60:b7:d8:af:22:cf:bb:dd:8d:8b:bb:f5:
         27:df:3a:a5:96:fe:ca:b3:1b:3e:da:a8:49:ef:85:53:f3:3e:
         ce:04:14:d7:24:f7:8e:d8:02:9c:40:f5:af:27:35:f3:04:68:
         e6:2b:3c:2a:63:56:8c:d9:0a:e1:8f:78:10:1e:38:ca:9b:c7:
         25:ab:c1:19:4b:04:e7:20:84:38:6a:40:2b:cd:f1:f1:52:30:
         63:e8:e7:b2:09:ef:02:fb:87:57:f1:8b:ba:30:4e:b2:7d:bd:
         e7:25:3b:cf:dd:71:3c:a4:64:e6:0d:16:f2:d2:92:53:a4:50:
         76:3e:a6:6a
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUe711GdvxL+5IkQIEV3iFum3Lko8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMDQyMDA2NTUwMFoX
DTI0MDQxODA3MDAwMFowMzExMC8GA1UEAxMoNEMwNTY0QjY4MDlCOUI2QTJDNTA1
RDhEMjE1NTNCOUI5NzNEOUU4NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMM2udzoP7cYj02WOwirvyhXwOY2PQreS/IdE71lsjE0yxigSzFBuvr0180z
u31XijxrPc2905wcJ20kl63jjXkYJE1NLvYgyNYwo61mqo3KyD0pQinQPWAmF76z
ENQSRQvhiS5ZzB4NtILZtjezfNLYoRiG2Ecaqugb6uvuh8q+Vfj7yaDdCnHAOZlq
b6SZChP74s6KPKpVY6qbUS51v3Hipfv96vxDgrCtrPBo1y//3t5z8T5JKbH+g3E4
7dhFjMo+vEw9BUezRcPO1mEb/+nhTcYp6lBiPUlWgXPLK6e+vAxl527QnBzzaNLe
tXy1SPQQItfU98kK4iFICQeeV6UCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRMBWS2
gJubaixQXY0hVTublz2ehjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTQwNS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAWe3ODANBgkqhkiG9w0BAQsFAAOCAQEAFbncKtvPuQPf/qVyGhVo
j7U15hyNq38a1TeyeyKGeH9fnrh2ohe6zil8nU9NRga3XOqSB3bspGAV9LhvPldm
GUvsRj+JzUuU2yQDae5LIsbdMzof40hbYcDSX+sKJzlvpe1Kb5pZxHMR8XpOpKE0
gDLMG8GAr2hbhr9PtqUREYMEhW2oYLfYryLPu92Ni7v1J986pZb+yrMbPtqoSe+F
U/M+zgQU1yT3jtgCnED1ryc18wRo5is8KmNWjNkK4Y94EB44ypvHJavBGUsE5yCE
OGpAK83x8VIwY+jnsgnvAvuHV/GLujBOsn295yU7z91xPKRk5g0W8tKSU6RQdj6m
ag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:13 2024 by rpki-client on console-fra.rpki-client.org