Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150509.roa
File:                     AS150509.roa (raw, json)
Hash identifier:          hV8bpHRd8RAzGoirZiFPUAk0K1aBO2QiwbB4y5uEDe4=
Subject key identifier:   70:8D:77:03:27:E9:BA:5C:B3:D2:27:31:39:57:B4:81:F5:BF:27:55
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       30C5362C42023EF1D64324895755D31EE185E144
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150509.roa
Signing time:             Thu 16 Feb 2023 09:26:57 +0000
ROA not before:           Thu 16 Feb 2023 09:21:57 +0000
ROA not after:            Thu 15 Feb 2024 09:26:57 +0000
asID:                     150509
IP address blocks:        103.61.16.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:c5:36:2c:42:02:3e:f1:d6:43:24:89:57:55:d3:1e:e1:85:e1:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Feb 16 09:21:57 2023 GMT
            Not After : Feb 15 09:26:57 2024 GMT
        Subject: CN=708D770327E9BA5CB3D227313957B481F5BF2755
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:f6:eb:88:6b:d2:71:47:37:99:3a:57:f6:36:
                    0a:7d:7f:61:d8:70:13:9b:83:13:20:34:f4:8e:b0:
                    ba:99:f0:72:b0:1c:9d:b3:66:18:fb:d5:6c:e6:4a:
                    c3:4d:30:83:4f:28:c5:01:62:cf:1a:fb:ac:dc:16:
                    31:1a:03:cc:07:01:f3:15:bf:f5:a6:22:92:96:e4:
                    e9:de:1a:ab:e6:02:0e:e9:a8:41:81:04:10:6a:7d:
                    25:4b:43:9e:2c:9c:e6:5a:2a:ef:d0:d8:6a:8c:31:
                    45:de:3a:9d:03:56:1f:97:8a:84:57:1e:a0:e0:7f:
                    07:d9:b8:53:e0:ca:80:70:3f:74:30:a6:ec:23:85:
                    22:a2:c5:31:4f:87:62:d1:14:f5:e7:44:da:f7:55:
                    cc:ee:14:d9:64:42:3d:77:30:46:45:02:9a:6a:32:
                    79:01:81:ce:8b:b1:72:53:e8:ea:f8:de:cd:08:fa:
                    e8:c9:62:e9:66:98:24:17:11:f2:46:d4:c7:ee:66:
                    e7:f2:ce:4f:25:40:2f:11:84:5a:c0:5f:4b:6f:fe:
                    d9:7c:22:78:02:39:c9:d6:34:ca:e6:50:79:34:95:
                    2e:dc:04:32:9f:a2:42:4c:29:36:8a:0a:6f:0e:4c:
                    f5:70:fb:48:dc:89:d8:ac:e1:84:92:cb:07:4c:39:
                    36:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:8D:77:03:27:E9:BA:5C:B3:D2:27:31:39:57:B4:81:F5:BF:27:55
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150509.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.61.16.0/23

    Signature Algorithm: sha256WithRSAEncryption
         48:d6:20:5c:eb:e2:25:48:58:4f:33:f8:d1:7c:61:20:b6:e7:
         ef:b9:15:34:fd:99:d5:0a:c4:66:9f:31:63:b7:23:e3:b5:8b:
         0d:5a:d1:0f:d8:34:66:2f:c0:4b:de:35:ae:52:8e:30:58:b3:
         f0:74:01:8e:cf:25:e5:38:43:ea:db:86:70:e5:5c:d9:ae:36:
         08:95:f4:61:c2:83:a6:00:0a:d1:bf:b2:65:0b:aa:17:b5:0a:
         4a:86:a7:e8:ac:5e:c7:e0:07:bf:80:da:06:d6:63:dc:54:f1:
         5e:19:b6:27:87:d7:f2:a3:30:3c:99:06:c7:21:c3:ab:49:b4:
         3d:11:6b:65:31:36:af:1c:fe:a4:bf:1a:85:6a:ed:d3:f2:b4:
         48:93:39:82:65:18:b5:14:af:64:6b:00:8d:4d:dd:a1:39:06:
         40:c2:c6:ae:b7:25:93:1e:4e:67:62:b2:5b:6b:c7:d4:75:ec:
         0d:f5:fe:80:ae:06:64:9d:c7:ac:5f:8b:ab:95:15:f8:c7:5a:
         21:59:c1:67:71:46:3f:ba:b4:4b:c1:08:e4:5e:93:18:40:ab:
         86:45:b3:09:e1:55:57:94:8c:ff:35:fc:10:9a:5a:31:e8:d3:
         5b:28:53:c9:67:1d:c9:54:a8:97:b2:8d:81:90:74:6a:71:0a:
         ff:87:5c:8f
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUMMU2LEICPvHWQySJV1XTHuGF4UQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMDIxNjA5MjE1N1oX
DTI0MDIxNTA5MjY1N1owMzExMC8GA1UEAxMoNzA4RDc3MDMyN0U5QkE1Q0IzRDIy
NzMxMzk1N0I0ODFGNUJGMjc1NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANr264hr0nFHN5k6V/Y2Cn1/YdhwE5uDEyA09I6wupnwcrAcnbNmGPvVbOZK
w00wg08oxQFizxr7rNwWMRoDzAcB8xW/9aYikpbk6d4aq+YCDumoQYEEEGp9JUtD
niyc5loq79DYaowxRd46nQNWH5eKhFceoOB/B9m4U+DKgHA/dDCm7COFIqLFMU+H
YtEU9edE2vdVzO4U2WRCPXcwRkUCmmoyeQGBzouxclPo6vjezQj66Mli6WaYJBcR
8kbUx+5m5/LOTyVALxGEWsBfS2/+2XwieAI5ydY0yuZQeTSVLtwEMp+iQkwpNooK
bw5M9XD7SNyJ2KzhhJLLB0w5NoUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRwjXcD
J+m6XLPSJzE5V7SB9b8nVTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MDUwOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAWc9EDANBgkqhkiG9w0BAQsFAAOCAQEASNYgXOviJUhYTzP40Xxh
ILbn77kVNP2Z1QrEZp8xY7cj47WLDVrRD9g0Zi/AS941rlKOMFiz8HQBjs8l5ThD
6tuGcOVc2a42CJX0YcKDpgAK0b+yZQuqF7UKSoan6Kxex+AHv4DaBtZj3FTxXhm2
J4fX8qMwPJkGxyHDq0m0PRFrZTE2rxz+pL8ahWrt0/K0SJM5gmUYtRSvZGsAjU3d
oTkGQMLGrrclkx5OZ2KyW2vH1HXsDfX+gK4GZJ3HrF+Lq5UV+MdaIVnBZ3FGP7q0
S8EI5F6TGECrhkWzCeFVV5SM/zX8EJpaMejTWyhTyWcdyVSol7KNgZB0anEK/4dc
jw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:13 2024 by rpki-client on console-fra.rpki-client.org