Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/a7fdf43e-4a4c-4dbc-b785-dd7cbf1a67b7/0/3132302e38392e39302e302f32342d3234203d3e20313335343737.roa
File:                     3132302e38392e39302e302f32342d3234203d3e20313335343737.roa (raw, json)
Hash identifier:          mveO8z0DPA3OrSGGPRwJOLHVnSK6rp8K6Gx2yJQtwBk=
Subject key identifier:   64:36:C3:00:85:DC:2F:C4:E9:00:3B:6A:56:1D:08:36:B7:E8:7A:7E
Certificate issuer:       /CN=80A57D92B8D4C3FF17E71C0305D9AD829B9410E9
Certificate serial:       2F72124263C5395270BDC26F1FACA7AE9D65E004
Authority key identifier: 80:A5:7D:92:B8:D4:C3:FF:17:E7:1C:03:05:D9:AD:82:9B:94:10:E9
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/80A57D92B8D4C3FF17E71C0305D9AD829B9410E9.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a7fdf43e-4a4c-4dbc-b785-dd7cbf1a67b7/0/3132302e38392e39302e302f32342d3234203d3e20313335343737.roa
Signing time:             Wed 19 Jan 2022 08:00:01 +0000
ROA not before:           Wed 19 Jan 2022 07:55:01 +0000
ROA not after:            Thu 19 Jan 2023 08:00:01 +0000
asID:                     135477
IP address blocks:        120.89.90.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:72:12:42:63:c5:39:52:70:bd:c2:6f:1f:ac:a7:ae:9d:65:e0:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80A57D92B8D4C3FF17E71C0305D9AD829B9410E9
        Validity
            Not Before: Jan 19 07:55:01 2022 GMT
            Not After : Jan 19 08:00:01 2023 GMT
        Subject: CN=3082010A0282010100B237B3B5BC3C90F23D51DBB96C90A577E4DFEEECD07B12CF2A70890B7C7348C393C8407AFECDC2C0B05426EF823A6F39623F5BA0B8143DF3E16C2539C28CB3830D19ACD4E4C41BEB579400AC4F70C277FD80B16B685BF8416B2A15784DDB13639B38336CC6948AEEF6B75B5778E29620EAEF2D04AC9704E5F4CFB3EB39094DB8D23643ADD01DC2A6C7CE398BB019A19530BB28B309C4F49D3EC0B5F88CC4D705544016C855075164B50F5B5C7549A36AE80E6E930D22C29B6CCEF61C6BDD4E8353167E611E8021EDE84BE7E1A2890952FE80DF88D168A76B19BF0D1C96645A26B2E23324D73AFDBE17997AEC6F672AE49D365E1C6D88E53DDE9ED6EE5493A6D10203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:37:b3:b5:bc:3c:90:f2:3d:51:db:b9:6c:90:
                    a5:77:e4:df:ee:ec:d0:7b:12:cf:2a:70:89:0b:7c:
                    73:48:c3:93:c8:40:7a:fe:cd:c2:c0:b0:54:26:ef:
                    82:3a:6f:39:62:3f:5b:a0:b8:14:3d:f3:e1:6c:25:
                    39:c2:8c:b3:83:0d:19:ac:d4:e4:c4:1b:eb:57:94:
                    00:ac:4f:70:c2:77:fd:80:b1:6b:68:5b:f8:41:6b:
                    2a:15:78:4d:db:13:63:9b:38:33:6c:c6:94:8a:ee:
                    f6:b7:5b:57:78:e2:96:20:ea:ef:2d:04:ac:97:04:
                    e5:f4:cf:b3:eb:39:09:4d:b8:d2:36:43:ad:d0:1d:
                    c2:a6:c7:ce:39:8b:b0:19:a1:95:30:bb:28:b3:09:
                    c4:f4:9d:3e:c0:b5:f8:8c:c4:d7:05:54:40:16:c8:
                    55:07:51:64:b5:0f:5b:5c:75:49:a3:6a:e8:0e:6e:
                    93:0d:22:c2:9b:6c:ce:f6:1c:6b:dd:4e:83:53:16:
                    7e:61:1e:80:21:ed:e8:4b:e7:e1:a2:89:09:52:fe:
                    80:df:88:d1:68:a7:6b:19:bf:0d:1c:96:64:5a:26:
                    b2:e2:33:24:d7:3a:fd:be:17:99:7a:ec:6f:67:2a:
                    e4:9d:36:5e:1c:6d:88:e5:3d:de:9e:d6:ee:54:93:
                    a6:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:36:C3:00:85:DC:2F:C4:E9:00:3B:6A:56:1D:08:36:B7:E8:7A:7E
            X509v3 Authority Key Identifier:
                keyid:80:A5:7D:92:B8:D4:C3:FF:17:E7:1C:03:05:D9:AD:82:9B:94:10:E9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a7fdf43e-4a4c-4dbc-b785-dd7cbf1a67b7/0/80A57D92B8D4C3FF17E71C0305D9AD829B9410E9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/80A57D92B8D4C3FF17E71C0305D9AD829B9410E9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a7fdf43e-4a4c-4dbc-b785-dd7cbf1a67b7/0/3132302e38392e39302e302f32342d3234203d3e20313335343737.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  120.89.90.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:5b:d6:5d:23:4f:be:38:e2:d9:15:8f:73:c4:a4:8b:eb:7b:
         57:9d:0d:62:26:4c:95:61:6b:35:9d:9c:a2:84:a1:c2:b7:c9:
         74:45:bb:84:ab:d9:5b:5d:82:6c:e0:94:3a:ce:aa:c6:89:89:
         e8:4b:d6:c4:49:f0:2b:de:92:86:42:49:a2:6c:41:75:a7:59:
         fb:af:e2:0b:10:a7:1e:64:b5:d7:3e:2e:fe:c0:c3:a3:eb:01:
         cc:0b:0c:bb:b0:fd:94:39:f0:33:f5:ff:e4:51:85:be:29:3e:
         f4:0a:96:37:77:7c:48:18:3f:83:31:7e:12:e6:c3:62:d2:6a:
         aa:e7:f4:b8:dc:e3:e1:bd:37:20:da:a7:cd:8a:6e:7a:55:0a:
         62:8e:3a:94:38:f7:eb:ca:ef:5d:2b:84:cc:10:ff:2e:a2:b1:
         26:11:85:4b:41:c6:98:42:46:bd:1e:44:4a:19:c1:1f:b1:18:
         86:86:c9:71:41:cc:55:b7:1a:11:71:a6:ad:47:ea:eb:f7:ca:
         96:d8:18:d8:1d:3d:02:74:68:e6:8d:6a:5a:27:6d:c9:78:6c:
         e9:59:b7:6f:f5:e0:37:1f:61:7d:be:b9:83:06:48:f6:de:fa:
         ef:5e:d1:bc:27:c1:dc:12:e2:6c:12:43:a9:62:9c:8e:7b:71:
         ea:86:70:96
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUL3ISQmPFOVJwvcJvH6ynrp1l4AQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODBBNTdEOTJCOEQ0QzNGRjE3RTcxQzAzMDVEOUFEODI5
Qjk0MTBFOTAeFw0yMjAxMTkwNzU1MDFaFw0yMzAxMTkwODAwMDFaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQjIzN0IzQjVCQzNDOTBGMjNE
NTFEQkI5NkM5MEE1NzdFNERGRUVFQ0QwN0IxMkNGMkE3MDg5MEI3QzczNDhDMzkz
Qzg0MDdBRkVDREMyQzBCMDU0MjZFRjgyM0E2RjM5NjIzRjVCQTBCODE0M0RGM0Ux
NkMyNTM5QzI4Q0IzODMwRDE5QUNENEU0QzQxQkVCNTc5NDAwQUM0RjcwQzI3N0ZE
ODBCMTZCNjg1QkY4NDE2QjJBMTU3ODREREIxMzYzOUIzODMzNkNDNjk0OEFFRUY2
Qjc1QjU3NzhFMjk2MjBFQUVGMkQwNEFDOTcwNEU1RjRDRkIzRUIzOTA5NERCOEQy
MzY0M0FERDAxREMyQTZDN0NFMzk4QkIwMTlBMTk1MzBCQjI4QjMwOUM0RjQ5RDNF
QzBCNUY4OENDNEQ3MDU1NDQwMTZDODU1MDc1MTY0QjUwRjVCNUM3NTQ5QTM2QUU4
MEU2RTkzMEQyMkMyOUI2Q0NFRjYxQzZCREQ0RTgzNTMxNjdFNjExRTgwMjFFREU4
NEJFN0UxQTI4OTA5NTJGRTgwREY4OEQxNjhBNzZCMTlCRjBEMUM5NjY0NUEyNkIy
RTIzMzI0RDczQUZEQkUxNzk5N0FFQzZGNjcyQUU0OUQzNjVFMUM2RDg4RTUzRERF
OUVENkVFNTQ5M0E2RDEwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAsjeztbw8kPI9Udu5bJCld+Tf7uzQexLPKnCJC3xzSMOTyEB6/s3C
wLBUJu+COm85Yj9boLgUPfPhbCU5woyzgw0ZrNTkxBvrV5QArE9wwnf9gLFraFv4
QWsqFXhN2xNjmzgzbMaUiu72t1tXeOKWIOrvLQSslwTl9M+z6zkJTbjSNkOt0B3C
psfOOYuwGaGVMLsoswnE9J0+wLX4jMTXBVRAFshVB1FktQ9bXHVJo2roDm6TDSLC
m2zO9hxr3U6DUxZ+YR6AIe3oS+fhookJUv6A34jRaKdrGb8NHJZkWiay4jMk1zr9
vheZeuxvZyrknTZeHG2I5T3entbuVJOm0QIDAQABo4ICMjCCAi4wHQYDVR0OBBYE
FGQ2wwCF3C/E6QA7alYdCDa36Hp+MB8GA1UdIwQYMBaAFIClfZK41MP/F+ccAwXZ
rYKblBDpMA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTdmZGY0M2UtNGE0Yy00ZGJjLWI3
ODUtZGQ3Y2JmMWE2N2I3LzAvODBBNTdEOTJCOEQ0QzNGRjE3RTcxQzAzMDVEOUFE
ODI5Qjk0MTBFOS5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yLzgwQTU3RDky
QjhENEMzRkYxN0U3MUMwMzA1RDlBRDgyOUI5NDEwRTkuY2VyMIGiBggrBgEFBQcB
CwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9hN2ZkZjQzZS00YTRjLTRkYmMtYjc4NS1kZDdjYmYxYTY3YjcvMC8z
MTMyMzAyZTM4MzkyZTM5MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzUz
NDM3Mzcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBAB4WVowDQYJKoZIhvcNAQELBQADggEBAFFb1l0jT744
4tkVj3PEpIvre1edDWImTJVhazWdnKKEocK3yXRFu4Sr2VtdgmzglDrOqsaJiehL
1sRJ8CvekoZCSaJsQXWnWfuv4gsQpx5ktdc+Lv7Aw6PrAcwLDLuw/ZQ58DP1/+RR
hb4pPvQKljd3fEgYP4MxfhLmw2LSaqrn9Ljc4+G9NyDap82KbnpVCmKOOpQ49+vK
710rhMwQ/y6isSYRhUtBxphCRr0eREoZwR+xGIaGyXFBzFW3GhFxpq1H6uv3ypbY
GNgdPQJ0aOaNalonbcl4bOlZt2/14DcfYX2+uYMGSPbe+u9e0bwnwdwS4mwSQ6li
nI57ceqGcJY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:13 2024 by rpki-client on console-fra.rpki-client.org