Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149702.roa
File:                     AS149702.roa (raw, json)
Hash identifier:          ahqZCOGLvznZskblJTfk0aTQbBLlNK+HXA5nvPCNo+4=
Subject key identifier:   89:E3:83:E1:1D:2E:7E:44:3C:68:C4:10:5E:23:7E:FA:B6:D8:2C:0C
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       4D901007546C21A481536964B1F53C5D72FBB63C
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149702.roa
Signing time:             Mon 17 Oct 2022 07:10:21 +0000
ROA not before:           Mon 17 Oct 2022 07:05:21 +0000
ROA not after:            Mon 16 Oct 2023 07:10:21 +0000
asID:                     149702
IP address blocks:        103.181.80.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:90:10:07:54:6c:21:a4:81:53:69:64:b1:f5:3c:5d:72:fb:b6:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Oct 17 07:05:21 2022 GMT
            Not After : Oct 16 07:10:21 2023 GMT
        Subject: CN=89E383E11D2E7E443C68C4105E237EFAB6D82C0C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:09:06:cc:e7:f7:8e:c0:42:8d:25:b4:34:0e:
                    14:37:2b:40:6b:26:84:6e:ea:81:3e:67:cf:61:c6:
                    2b:6e:ae:2f:c3:03:89:ae:55:33:23:72:cb:da:7f:
                    af:cc:c5:06:9e:cb:9f:d5:1f:df:00:29:14:4f:92:
                    67:0b:34:62:fc:79:cd:b7:5c:35:5b:d5:4a:20:48:
                    26:4d:37:5d:a4:c2:55:6a:d1:a6:95:82:c3:11:5c:
                    ef:86:95:c8:b4:57:91:37:03:bd:61:1c:81:6b:db:
                    a3:fd:45:04:ee:d9:51:8b:fb:59:2c:50:04:65:a2:
                    cc:db:3e:93:f7:ff:38:23:0b:c4:61:34:91:9f:cd:
                    c8:a3:93:26:f3:c2:71:99:eb:fd:b1:31:2a:48:2a:
                    be:9e:e2:31:42:bf:7d:83:f6:6d:cd:ac:ef:6e:16:
                    b1:5f:c8:48:83:ec:8f:1b:54:42:f5:d6:9d:22:32:
                    81:69:e4:51:76:8f:dc:5b:c5:47:38:0a:ea:7d:e1:
                    56:7c:39:7d:71:69:c5:ac:e4:ad:da:43:9b:41:50:
                    c8:93:8d:7c:db:7b:bf:dd:42:ee:a5:19:1d:ca:29:
                    fd:65:31:78:51:a3:80:83:84:43:da:0c:4c:1d:18:
                    0d:5c:8a:0d:8f:89:6e:87:1d:57:2f:34:78:f0:17:
                    50:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:E3:83:E1:1D:2E:7E:44:3C:68:C4:10:5E:23:7E:FA:B6:D8:2C:0C
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149702.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.181.80.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:ca:61:f8:49:e0:cb:29:26:bd:90:ac:80:35:5c:5f:7d:94:
         1d:6e:7b:68:78:cf:ce:58:47:b3:53:f8:c2:e9:2e:96:6c:72:
         df:71:89:14:56:b5:51:e8:0a:67:58:e8:d6:5b:4e:f6:69:67:
         dc:f1:18:ea:d2:61:3c:65:e8:fe:e8:e2:fc:f0:e0:ac:13:49:
         a6:e7:c9:b4:0c:24:bc:31:83:42:1f:30:25:47:d7:3a:31:94:
         55:97:d0:f0:83:4b:c1:74:25:1a:2a:93:98:c1:4f:95:83:71:
         a8:32:db:b6:b4:50:42:2a:39:17:ca:8a:fc:5f:d1:1d:ad:3d:
         aa:a1:99:64:e5:09:c5:8b:95:bf:7e:b5:17:a3:b3:b5:f4:24:
         71:df:e8:e7:67:66:dd:28:4c:7d:42:c5:09:7c:df:b6:be:47:
         9f:11:e4:a1:6a:dc:c6:f7:54:d7:af:30:b7:d8:6f:79:cd:f8:
         67:c2:f7:3d:1d:f0:0d:cc:44:03:3e:ca:55:6e:2c:df:cc:b2:
         06:4c:a3:7e:29:79:d8:64:14:c7:ce:85:28:b3:2d:07:a6:8e:
         84:2b:ec:39:10:f0:2b:0d:af:c5:60:ff:b7:38:ad:8f:d5:d6:
         19:82:b5:ca:ed:51:65:4b:31:e5:80:fd:40:70:2e:4b:6d:9d:
         d4:62:30:e2
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUTZAQB1RsIaSBU2lksfU8XXL7tjwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIyMTAxNzA3MDUyMVoX
DTIzMTAxNjA3MTAyMVowMzExMC8GA1UEAxMoODlFMzgzRTExRDJFN0U0NDNDNjhD
NDEwNUUyMzdFRkFCNkQ4MkMwQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMkJBszn947AQo0ltDQOFDcrQGsmhG7qgT5nz2HGK26uL8MDia5VMyNyy9p/
r8zFBp7Ln9Uf3wApFE+SZws0Yvx5zbdcNVvVSiBIJk03XaTCVWrRppWCwxFc74aV
yLRXkTcDvWEcgWvbo/1FBO7ZUYv7WSxQBGWizNs+k/f/OCMLxGE0kZ/NyKOTJvPC
cZnr/bExKkgqvp7iMUK/fYP2bc2s724WsV/ISIPsjxtUQvXWnSIygWnkUXaP3FvF
RzgK6n3hVnw5fXFpxazkrdpDm0FQyJONfNt7v91C7qUZHcop/WUxeFGjgIOEQ9oM
TB0YDVyKDY+JbocdVy80ePAXUHcCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSJ44Ph
HS5+RDxoxBBeI376ttgsDDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTcwMi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAGe1UDANBgkqhkiG9w0BAQsFAAOCAQEAGMph+EngyykmvZCsgDVc
X32UHW57aHjPzlhHs1P4wukulmxy33GJFFa1UegKZ1jo1ltO9mln3PEY6tJhPGXo
/uji/PDgrBNJpufJtAwkvDGDQh8wJUfXOjGUVZfQ8INLwXQlGiqTmMFPlYNxqDLb
trRQQio5F8qK/F/RHa09qqGZZOUJxYuVv361F6OztfQkcd/o52dm3ShMfULFCXzf
tr5HnxHkoWrcxvdU168wt9hvec34Z8L3PR3wDcxEAz7KVW4s38yyBkyjfil52GQU
x86FKLMtB6aOhCvsORDwKw2vxWD/tzitj9XWGYK1yu1RZUsx5YD9QHAuS22d1GIw
4g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:49 2024 by rpki-client on console-ams.rpki-client.org