Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3130343a3a2f34382d3438203d3e203539323832.roa
File:                     323430303a643638303a3130343a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier:          J2OKCXZZBeg+52MRTSv0nO8Bbtx2AQypDR9GyZsBMg4=
Subject key identifier:   77:37:BC:A0:0A:33:6D:AD:50:19:46:25:AE:8B:95:66:65:99:C9:CF
Certificate issuer:       /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial:       642A8A6A45E5E9C6D5304F417E1D54D95F60F516
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3130343a3a2f34382d3438203d3e203539323832.roa
Signing time:             Mon 26 Sep 2022 08:01:34 +0000
ROA not before:           Mon 26 Sep 2022 07:56:34 +0000
ROA not after:            Mon 25 Sep 2023 08:01:34 +0000
asID:                     59282
IP address blocks:        2400:d680:104::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            64:2a:8a:6a:45:e5:e9:c6:d5:30:4f:41:7e:1d:54:d9:5f:60:f5:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
        Validity
            Not Before: Sep 26 07:56:34 2022 GMT
            Not After : Sep 25 08:01:34 2023 GMT
        Subject: CN=7737BCA00A336DAD50194625AE8B95666599C9CF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:81:83:1d:1f:97:c6:29:10:d0:fa:ff:a4:1b:
                    97:03:51:f5:ec:89:0c:8e:4a:e4:c0:f6:a1:f3:d0:
                    89:83:a7:b0:97:f8:c8:42:56:ce:3a:6d:5c:38:f4:
                    e4:bb:db:6b:66:aa:ea:d7:77:c9:31:9f:34:e9:4e:
                    f3:3b:46:9e:04:39:97:86:8c:4b:59:96:87:94:df:
                    b2:cb:a6:a9:bd:ec:c2:7a:08:ac:6c:89:a9:83:4b:
                    34:89:49:88:69:36:aa:c0:af:a0:97:a8:b1:ca:79:
                    49:eb:5a:48:67:f6:56:f2:37:3b:b2:e7:06:55:b0:
                    80:a9:06:ea:36:07:cc:f2:b5:26:96:39:e5:3f:0d:
                    2f:68:4f:bf:9c:17:55:42:2f:83:84:54:b3:41:47:
                    f9:e3:14:78:b4:11:39:b7:39:23:57:7c:22:f2:37:
                    5f:e2:40:3b:da:1d:77:8f:55:99:8e:d6:d5:94:84:
                    50:5e:88:2c:ed:7c:39:b8:08:86:50:ef:b2:01:5a:
                    26:47:86:ce:a1:d3:ff:bb:7a:8e:bc:a5:89:5e:3c:
                    19:07:b0:a5:b3:f4:cd:62:75:c9:3c:b0:66:9f:5b:
                    0e:af:3a:2d:af:b7:51:84:39:0d:fa:96:c0:76:d8:
                    75:d9:21:aa:80:80:3c:ce:df:2a:cb:e9:63:38:51:
                    c3:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:37:BC:A0:0A:33:6D:AD:50:19:46:25:AE:8B:95:66:65:99:C9:CF
            X509v3 Authority Key Identifier:
                keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3130343a3a2f34382d3438203d3e203539323832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:d680:104::/48

    Signature Algorithm: sha256WithRSAEncryption
         19:18:de:ab:4b:70:4e:bf:78:cb:b6:37:06:76:49:fc:5e:50:
         60:97:f8:9b:5a:bb:2a:63:4c:f5:72:1e:bf:2f:38:2f:af:0c:
         be:7d:86:43:cc:ce:9f:f0:ca:9e:8c:12:28:e0:f3:27:98:0c:
         68:cd:38:8f:94:76:33:bd:da:fb:ed:05:66:c7:b9:92:70:1f:
         df:d4:60:44:af:de:5f:9f:e2:a6:5f:b2:2c:c4:90:cf:1a:e8:
         8a:1e:1f:27:ef:ff:87:40:66:75:c1:ba:31:3e:b7:2c:34:68:
         21:a7:af:43:42:72:87:18:31:e4:ba:84:1a:0a:f7:47:fc:a7:
         3f:cf:50:cc:d4:a4:c3:12:bc:c0:c5:ee:50:3d:a9:c0:ee:53:
         18:ed:04:50:e9:8a:a2:b7:b8:ff:44:a0:19:3a:18:6b:83:fd:
         e9:65:46:9d:d8:53:5b:86:bc:36:2f:4e:80:60:67:d3:a9:dc:
         33:92:24:fc:0c:ef:11:91:cc:e7:60:fe:4d:0c:00:91:18:d0:
         89:1f:9a:c6:c0:41:f3:c1:47:db:76:e9:13:f6:ba:65:91:d3:
         33:66:02:96:ad:37:fb:ec:03:66:76:42:f9:f0:e2:01:2c:21:
         25:e1:69:a8:7e:cb:d0:1a:d5:56:08:58:14:6d:56:09:14:12:
         fe:88:f1:86
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUZCqKakXl6cbVME9Bfh1U2V9g9RYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yMjA5MjYwNzU2MzRaFw0yMzA5MjUwODAxMzRaMDMxMTAvBgNV
BAMTKDc3MzdCQ0EwMEEzMzZEQUQ1MDE5NDYyNUFFOEI5NTY2NjU5OUM5Q0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFgYMdH5fGKRDQ+v+kG5cDUfXs
iQyOSuTA9qHz0ImDp7CX+MhCVs46bVw49OS722tmqurXd8kxnzTpTvM7Rp4EOZeG
jEtZloeU37LLpqm97MJ6CKxsiamDSzSJSYhpNqrAr6CXqLHKeUnrWkhn9lbyNzuy
5wZVsICpBuo2B8zytSaWOeU/DS9oT7+cF1VCL4OEVLNBR/njFHi0ETm3OSNXfCLy
N1/iQDvaHXePVZmO1tWUhFBeiCztfDm4CIZQ77IBWiZHhs6h0/+7eo68pYlePBkH
sKWz9M1idck8sGafWw6vOi2vt1GEOQ36lsB22HXZIaqAgDzO3yrL6WM4UcMnAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUdze8oAozba1QGUYlrouVZmWZyc8wHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhMzEzMDM0M2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzUzOTMyMzgzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQA1oAB
BDANBgkqhkiG9w0BAQsFAAOCAQEAGRjeq0twTr94y7Y3BnZJ/F5QYJf4m1q7KmNM
9XIevy84L68Mvn2GQ8zOn/DKnowSKODzJ5gMaM04j5R2M73a++0FZse5knAf39Rg
RK/eX5/ipl+yLMSQzxroih4fJ+//h0BmdcG6MT63LDRoIaevQ0Jyhxgx5LqEGgr3
R/ynP89QzNSkwxK8wMXuUD2pwO5TGO0EUOmKore4/0SgGToYa4P96WVGndhTW4a8
Ni9OgGBn06ncM5Ik/AzvEZHM52D+TQwAkRjQiR+axsBB88FH23bpE/a6ZZHTM2YC
lq03++wDZnZC+fDiASwhJeFpqH7L0BrVVghYFG1WCRQS/ojxhg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:49 2024 by rpki-client on console-ams.rpki-client.org