Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3130393a3a2f34382d3438203d3e203539323832.roa
File:                     323430303a643638303a3130393a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier:          Lx31/KZl/hl1nPgvQwdvBp1qJR9xjo64yE/+DaV6yhw=
Subject key identifier:   65:FB:49:52:FA:EA:6F:77:8A:C9:3A:8B:37:D4:D1:9F:46:D9:08:B0
Certificate issuer:       /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial:       7EE7117E19F5F61215048562430C97EF9E655F59
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3130393a3a2f34382d3438203d3e203539323832.roa
Signing time:             Mon 26 Sep 2022 08:02:00 +0000
ROA not before:           Mon 26 Sep 2022 07:57:00 +0000
ROA not after:            Mon 25 Sep 2023 08:02:00 +0000
asID:                     59282
IP address blocks:        2400:d680:109::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:e7:11:7e:19:f5:f6:12:15:04:85:62:43:0c:97:ef:9e:65:5f:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
        Validity
            Not Before: Sep 26 07:57:00 2022 GMT
            Not After : Sep 25 08:02:00 2023 GMT
        Subject: CN=65FB4952FAEA6F778AC93A8B37D4D19F46D908B0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:35:dc:c3:98:c7:bf:61:d2:7b:00:4b:af:62:
                    92:7e:96:0f:d5:37:b4:41:e0:bf:ae:4a:c9:63:61:
                    2e:cf:ba:81:06:9d:5a:42:a8:80:a9:84:d2:30:86:
                    f6:d8:8d:3d:c2:29:f6:12:08:85:22:9e:a7:47:a8:
                    a6:89:aa:ff:2e:fd:1f:f5:91:8e:a6:56:66:0a:1c:
                    ca:06:b0:91:da:41:82:e8:7a:95:07:7d:5e:3a:d1:
                    74:fd:43:af:d3:fb:2d:00:7d:46:bb:f9:42:74:63:
                    37:e2:06:87:9c:92:e4:25:30:81:e2:eb:d3:29:5e:
                    3c:ad:fe:29:a7:cd:9a:87:45:e6:3c:9b:04:95:02:
                    0e:ba:63:c8:60:9a:e4:7f:de:81:da:d2:20:c0:bb:
                    e7:d0:19:e3:35:2b:f9:2e:dd:ec:a9:69:97:8d:2a:
                    fa:93:5c:b5:a1:e9:74:a0:84:4e:61:f7:19:fb:aa:
                    9d:82:2a:25:b9:9c:40:09:85:9a:f8:11:52:49:44:
                    81:fb:64:35:f3:e9:8d:b4:0d:98:77:6b:58:4b:57:
                    ac:71:bc:f2:c6:93:e6:c9:90:ff:92:e3:fa:cb:dc:
                    62:b9:8f:c5:8e:cc:a6:e1:f3:8f:96:a0:6a:7e:43:
                    60:46:f7:7a:00:90:eb:66:56:d1:90:fd:b6:96:72:
                    9f:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:FB:49:52:FA:EA:6F:77:8A:C9:3A:8B:37:D4:D1:9F:46:D9:08:B0
            X509v3 Authority Key Identifier:
                keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3130393a3a2f34382d3438203d3e203539323832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:d680:109::/48

    Signature Algorithm: sha256WithRSAEncryption
         4d:1f:34:f7:16:d7:6e:7a:36:2e:f0:e1:c9:3a:2c:c3:bf:d3:
         92:7e:4d:e9:88:c2:32:14:fe:5f:5e:ac:59:ff:bd:9a:e7:d6:
         5d:7a:ec:c4:82:bd:60:19:a5:77:ea:f3:9b:fd:77:95:d5:02:
         97:57:17:5a:25:80:18:a8:e4:7c:00:7b:b0:be:58:47:1b:66:
         bb:ea:b6:3a:8d:16:72:a0:8f:f5:93:3b:c2:8e:00:d0:0b:9b:
         64:7a:60:e6:82:2c:e1:8b:6b:e4:3f:90:2c:ca:4b:3e:00:65:
         d9:2b:21:24:a7:fb:6f:6e:ac:80:d1:80:fd:bf:b4:9f:a5:5b:
         02:f6:7d:e9:e5:d9:75:c9:3a:0d:c4:6c:af:63:2f:7d:f7:2e:
         bd:c5:1c:a6:d6:d7:eb:61:7a:67:22:30:ea:e1:db:99:dd:24:
         9d:7d:ab:17:6e:05:a4:af:33:c0:10:85:63:96:f2:05:fa:5d:
         19:0a:6b:58:fd:a2:eb:5a:0f:21:e7:5b:e4:83:5b:04:1c:d1:
         2f:cf:63:6f:83:f8:86:a9:15:95:73:2d:71:2d:cc:ff:18:66:
         bc:a5:d0:15:2f:d8:47:b6:81:8f:7a:38:07:86:10:a7:bb:2f:
         fc:06:74:c9:10:10:e3:48:35:53:97:16:65:bb:98:47:13:59:
         95:20:e6:14
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUfucRfhn19hIVBIViQwyX755lX1kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yMjA5MjYwNzU3MDBaFw0yMzA5MjUwODAyMDBaMDMxMTAvBgNV
BAMTKDY1RkI0OTUyRkFFQTZGNzc4QUM5M0E4QjM3RDREMTlGNDZEOTA4QjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmNdzDmMe/YdJ7AEuvYpJ+lg/V
N7RB4L+uSsljYS7PuoEGnVpCqICphNIwhvbYjT3CKfYSCIUinqdHqKaJqv8u/R/1
kY6mVmYKHMoGsJHaQYLoepUHfV460XT9Q6/T+y0AfUa7+UJ0YzfiBoeckuQlMIHi
69MpXjyt/imnzZqHReY8mwSVAg66Y8hgmuR/3oHa0iDAu+fQGeM1K/ku3eypaZeN
KvqTXLWh6XSghE5h9xn7qp2CKiW5nEAJhZr4EVJJRIH7ZDXz6Y20DZh3a1hLV6xx
vPLGk+bJkP+S4/rL3GK5j8WOzKbh84+WoGp+Q2BG93oAkOtmVtGQ/baWcp+ZAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUZftJUvrqb3eKyTqLN9TRn0bZCLAwHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhMzEzMDM5M2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzUzOTMyMzgzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQA1oAB
CTANBgkqhkiG9w0BAQsFAAOCAQEATR809xbXbno2LvDhyTosw7/Tkn5N6YjCMhT+
X16sWf+9mufWXXrsxIK9YBmld+rzm/13ldUCl1cXWiWAGKjkfAB7sL5YRxtmu+q2
Oo0WcqCP9ZM7wo4A0AubZHpg5oIs4Ytr5D+QLMpLPgBl2SshJKf7b26sgNGA/b+0
n6VbAvZ96eXZdck6DcRsr2MvffcuvcUcptbX62F6ZyIw6uHbmd0knX2rF24FpK8z
wBCFY5byBfpdGQprWP2i61oPIedb5INbBBzRL89jb4P4hqkVlXMtcS3M/xhmvKXQ
FS/YR7aBj3o4B4YQp7sv/AZ0yRAQ40g1U5cWZbuYRxNZlSDmFA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:49 2024 by rpki-client on console-ams.rpki-client.org