Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/a17598e4-2064-4ecb-98f6-b259a74996a1/0/3130332e35392e34342e302f32332d3233203d3e20313338383831.roa
File:                     3130332e35392e34342e302f32332d3233203d3e20313338383831.roa (raw, json)
Hash identifier:          7JBgz3RCJvI05xyUEOvmMq8zppAIi24TzG+FgYbmIWM=
Subject key identifier:   85:7A:3F:B5:0D:27:D9:2B:3F:27:07:52:C1:F2:DE:55:FF:0A:12:D2
Certificate issuer:       /CN=9A5A8760ADE68BFD3428CC06FE6DAC982728AE95
Certificate serial:       29DD41B4E428B6A0B9AFF5A3E6999D58F6F1AC5D
Authority key identifier: 9A:5A:87:60:AD:E6:8B:FD:34:28:CC:06:FE:6D:AC:98:27:28:AE:95
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9A5A8760ADE68BFD3428CC06FE6DAC982728AE95.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a17598e4-2064-4ecb-98f6-b259a74996a1/0/3130332e35392e34342e302f32332d3233203d3e20313338383831.roa
Signing time:             Wed 01 Feb 2023 04:56:45 +0000
ROA not before:           Wed 01 Feb 2023 04:51:45 +0000
ROA not after:            Wed 31 Jan 2024 04:56:45 +0000
asID:                     138881
IP address blocks:        103.59.44.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:dd:41:b4:e4:28:b6:a0:b9:af:f5:a3:e6:99:9d:58:f6:f1:ac:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9A5A8760ADE68BFD3428CC06FE6DAC982728AE95
        Validity
            Not Before: Feb  1 04:51:45 2023 GMT
            Not After : Jan 31 04:56:45 2024 GMT
        Subject: CN=857A3FB50D27D92B3F270752C1F2DE55FF0A12D2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:a6:c8:08:8a:19:76:80:de:67:c5:94:f6:f5:
                    59:b6:d5:6f:d7:a3:d2:19:22:04:e1:8b:31:59:26:
                    85:70:fb:98:ed:7e:25:6d:bb:ca:4f:92:52:65:d1:
                    90:71:fd:39:c9:ad:0c:8e:49:8a:e3:80:7f:ab:e4:
                    60:35:7e:58:d2:b7:9f:ac:db:7f:f5:ba:55:94:31:
                    22:b5:fd:08:16:36:88:1a:ef:0c:3e:5b:9a:76:fc:
                    a2:4f:c2:56:63:e7:f4:1a:82:a7:34:ea:2f:ab:33:
                    bc:23:91:6c:fb:7d:ad:fc:70:c7:42:3e:fb:f7:d1:
                    a9:a3:25:ba:e6:5f:9a:c9:25:09:f4:c1:10:7b:40:
                    8b:9d:0c:52:9e:36:83:29:c4:0c:2b:ae:32:bd:39:
                    b1:77:17:6d:aa:ad:8c:c9:e6:7d:84:a8:e3:02:c5:
                    2c:9c:21:4c:6e:7c:7a:e0:93:b2:93:17:bd:63:24:
                    18:1b:4d:7a:cd:5f:2e:c9:9e:74:89:24:2e:f9:01:
                    fb:a0:2e:3c:e2:66:6e:47:ee:43:bd:48:3b:c3:dc:
                    f6:14:fe:82:34:06:42:3e:8f:0c:34:1c:08:e4:08:
                    7b:24:82:18:67:85:e6:d5:22:57:fa:87:a9:37:a8:
                    d7:0e:7f:5b:ac:27:ce:e9:2d:64:18:1f:f4:c0:16:
                    40:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:7A:3F:B5:0D:27:D9:2B:3F:27:07:52:C1:F2:DE:55:FF:0A:12:D2
            X509v3 Authority Key Identifier:
                keyid:9A:5A:87:60:AD:E6:8B:FD:34:28:CC:06:FE:6D:AC:98:27:28:AE:95

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a17598e4-2064-4ecb-98f6-b259a74996a1/0/9A5A8760ADE68BFD3428CC06FE6DAC982728AE95.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9A5A8760ADE68BFD3428CC06FE6DAC982728AE95.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a17598e4-2064-4ecb-98f6-b259a74996a1/0/3130332e35392e34342e302f32332d3233203d3e20313338383831.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.59.44.0/23

    Signature Algorithm: sha256WithRSAEncryption
         23:d3:ed:5c:8b:22:ed:13:59:01:cd:08:ef:b0:bb:26:a6:f6:
         2f:ef:64:b4:61:ff:a4:62:25:84:60:d7:e1:b3:fc:58:d5:4f:
         03:25:e7:6a:2e:20:74:2c:0f:46:ab:a9:e8:13:7c:61:2f:d4:
         ed:d5:98:77:f8:fa:84:45:64:fa:2a:72:e7:00:5e:b9:04:eb:
         db:b1:48:5e:c9:6d:16:cc:b7:5f:22:d4:52:fd:45:cb:b7:cb:
         4d:cc:a7:15:d5:5e:62:4e:ad:a9:04:06:bf:5b:9f:e5:49:bb:
         b9:f1:5d:53:3a:6a:ba:f7:e8:82:c3:3c:e6:07:fa:ad:6d:d4:
         92:c9:a9:7f:a5:9f:d0:64:f6:72:e2:56:f9:d3:b2:ba:ff:d9:
         ba:5f:f9:63:9a:fd:7f:cb:29:15:de:43:c9:a8:01:82:4b:f2:
         c7:ce:fa:11:57:cb:5c:c7:2b:08:a1:24:1a:e1:2f:69:ce:03:
         d4:04:7a:69:d9:a1:10:9a:53:60:9a:32:30:e2:64:57:96:0b:
         f6:28:1e:2e:e3:0e:05:d5:64:49:29:0b:c7:44:c7:0b:9a:eb:
         8c:1a:07:db:01:a7:63:1f:ec:71:fb:42:d6:79:90:c3:1b:b3:
         1a:f3:1a:b0:8a:4f:87:32:79:9c:d6:6b:1f:98:21:9d:4d:81:
         88:f8:61:ac
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUKd1BtOQotqC5r/Wj5pmdWPbxrF0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUE1QTg3NjBBREU2OEJGRDM0MjhDQzA2RkU2REFDOTgy
NzI4QUU5NTAeFw0yMzAyMDEwNDUxNDVaFw0yNDAxMzEwNDU2NDVaMDMxMTAvBgNV
BAMTKDg1N0EzRkI1MEQyN0Q5MkIzRjI3MDc1MkMxRjJERTU1RkYwQTEyRDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBpsgIihl2gN5nxZT29Vm21W/X
o9IZIgThizFZJoVw+5jtfiVtu8pPklJl0ZBx/TnJrQyOSYrjgH+r5GA1fljSt5+s
23/1ulWUMSK1/QgWNoga7ww+W5p2/KJPwlZj5/Qagqc06i+rM7wjkWz7fa38cMdC
Pvv30amjJbrmX5rJJQn0wRB7QIudDFKeNoMpxAwrrjK9ObF3F22qrYzJ5n2EqOMC
xSycIUxufHrgk7KTF71jJBgbTXrNXy7JnnSJJC75AfugLjziZm5H7kO9SDvD3PYU
/oI0BkI+jww0HAjkCHskghhnhebVIlf6h6k3qNcOf1usJ87pLWQYH/TAFkB7AgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUhXo/tQ0n2Ss/JwdSwfLeVf8KEtIwHwYDVR0j
BBgwFoAUmlqHYK3mi/00KMwG/m2smCcorpUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
MTc1OThlNC0yMDY0LTRlY2ItOThmNi1iMjU5YTc0OTk2YTEvMC85QTVBODc2MEFE
RTY4QkZEMzQyOENDMDZGRTZEQUM5ODI3MjhBRTk1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOUE1QTg3NjBBREU2OEJGRDM0MjhDQzA2RkU2REFDOTgyNzI4
QUU5NS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2ExNzU5OGU0LTIwNjQtNGVjYi05
OGY2LWIyNTlhNzQ5OTZhMS8wLzMxMzAzMzJlMzUzOTJlMzQzNDJlMzAyZjMyMzMy
ZDMyMzMyMDNkM2UyMDMxMzMzODM4MzgzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWc7LDANBgkqhkiG
9w0BAQsFAAOCAQEAI9PtXIsi7RNZAc0I77C7Jqb2L+9ktGH/pGIlhGDX4bP8WNVP
AyXnai4gdCwPRqup6BN8YS/U7dWYd/j6hEVk+ipy5wBeuQTr27FIXsltFsy3XyLU
Uv1Fy7fLTcynFdVeYk6tqQQGv1uf5Um7ufFdUzpquvfogsM85gf6rW3Uksmpf6Wf
0GT2cuJW+dOyuv/Zul/5Y5r9f8spFd5DyagBgkvyx876EVfLXMcrCKEkGuEvac4D
1AR6admhEJpTYJoyMOJkV5YL9igeLuMOBdVkSSkLx0THC5rrjBoH2wGnYx/scftC
1nmQwxuzGvMasIpPhzJ5nNZrH5ghnU2BiPhhrA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:13 2024 by rpki-client on console-fra.rpki-client.org