Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a31303a3a2f34382d3438203d3e203539323832.roa
File:                     323430303a643638303a31303a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier:          NwHBJnllsVyxojTtasjPNoLbIJyH9bNA7SrRlaL2Pbs=
Subject key identifier:   0D:D7:8D:48:DD:7B:8E:A8:66:0B:57:CE:CF:86:FE:BE:13:3E:4B:1F
Certificate issuer:       /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial:       0D2E7DAA38DF1FF791919EE35EB5F26D76F5D9A9
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a31303a3a2f34382d3438203d3e203539323832.roa
Signing time:             Mon 26 Sep 2022 07:00:06 +0000
ROA not before:           Mon 26 Sep 2022 06:55:06 +0000
ROA not after:            Mon 25 Sep 2023 07:00:06 +0000
asID:                     59282
IP address blocks:        2400:d680:10::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:2e:7d:aa:38:df:1f:f7:91:91:9e:e3:5e:b5:f2:6d:76:f5:d9:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
        Validity
            Not Before: Sep 26 06:55:06 2022 GMT
            Not After : Sep 25 07:00:06 2023 GMT
        Subject: CN=0DD78D48DD7B8EA8660B57CECF86FEBE133E4B1F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:b7:bb:26:88:23:7c:85:98:bd:d6:4d:ae:3f:
                    5c:85:1c:9c:e8:c2:f5:e0:cf:98:98:bb:5b:3d:f5:
                    be:f2:dc:9a:eb:6e:29:94:c0:b3:25:39:85:f9:5b:
                    ed:aa:0b:c9:ac:c9:6c:a5:6c:4d:00:8d:37:e5:cc:
                    2b:ff:7e:6a:96:69:e9:32:4e:7f:56:76:f0:72:9a:
                    94:3e:ce:c3:46:52:f3:cb:29:b7:1d:d4:98:ce:58:
                    56:b8:95:17:61:d8:72:d8:b4:db:de:ed:91:43:7b:
                    7c:a1:eb:62:e4:5a:8b:e0:fc:91:3f:16:7b:20:73:
                    75:84:f1:62:b6:6a:28:b5:26:e4:80:13:1c:30:2b:
                    f4:1b:e6:83:ea:5b:9e:76:2b:09:49:99:ce:05:0e:
                    69:90:74:6a:5b:50:fb:65:cb:5f:ba:5a:c6:75:d2:
                    b0:a1:c6:f9:eb:27:5d:ae:eb:2a:9d:e8:da:35:b9:
                    b8:e5:a2:9e:2f:bf:7a:b2:ba:5f:13:e4:2b:b3:f3:
                    9d:da:7c:8e:a6:5d:92:7a:09:b8:d1:15:04:75:01:
                    37:2d:71:aa:e5:50:7b:f1:86:4f:18:32:c3:c4:9e:
                    11:0f:46:81:04:f0:13:d9:07:55:63:d4:a2:07:0e:
                    fe:b2:b4:1f:24:38:91:06:ae:d0:08:e7:77:4b:2d:
                    18:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:D7:8D:48:DD:7B:8E:A8:66:0B:57:CE:CF:86:FE:BE:13:3E:4B:1F
            X509v3 Authority Key Identifier:
                keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a31303a3a2f34382d3438203d3e203539323832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:d680:10::/48

    Signature Algorithm: sha256WithRSAEncryption
         c2:62:03:20:f3:86:f2:7f:17:57:79:c1:70:0e:4d:fb:2c:f6:
         a8:7f:d9:04:09:dc:ab:3d:dd:9f:7c:27:74:9a:46:f8:de:71:
         d9:26:d0:75:72:3f:97:8e:91:09:63:49:96:ac:15:b2:b4:32:
         46:7b:25:ae:d0:15:7b:3f:4c:03:10:12:8d:cd:bc:48:58:02:
         c2:17:0d:3f:7a:11:2b:d0:d6:38:6e:e4:c8:f8:37:e0:b7:79:
         53:79:fe:40:fe:6b:be:bc:be:ea:c8:d7:09:d0:fe:81:65:df:
         47:fc:32:d8:65:74:83:e9:52:67:b1:bf:f5:c9:55:42:b0:c6:
         fe:10:56:72:b4:a7:ca:08:0f:7d:48:c8:2d:8d:54:79:44:56:
         9d:6d:85:49:a3:1f:a0:0e:f6:4a:1b:7c:f0:52:04:09:20:2c:
         6f:eb:57:22:b7:e0:33:6d:55:d8:0c:b0:2b:ee:d4:7c:1a:78:
         51:7b:87:dd:bf:b0:87:ad:7e:9f:7a:b2:7e:a6:97:9b:d1:6e:
         27:98:10:58:d7:a9:c8:e3:45:a6:f4:2c:5e:fd:56:07:78:5b:
         7a:00:3d:6b:80:3a:ff:8b:ab:8d:a4:5f:bd:b3:56:8c:06:ae:
         3f:51:13:2c:9b:ae:f9:4f:f7:95:00:7f:bc:f1:dc:42:1b:bf:
         ab:61:ac:57
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUDS59qjjfH/eRkZ7jXrXybXb12akwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yMjA5MjYwNjU1MDZaFw0yMzA5MjUwNzAwMDZaMDMxMTAvBgNV
BAMTKDBERDc4RDQ4REQ3QjhFQTg2NjBCNTdDRUNGODZGRUJFMTMzRTRCMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFt7smiCN8hZi91k2uP1yFHJzo
wvXgz5iYu1s99b7y3JrrbimUwLMlOYX5W+2qC8msyWylbE0AjTflzCv/fmqWaeky
Tn9WdvBympQ+zsNGUvPLKbcd1JjOWFa4lRdh2HLYtNve7ZFDe3yh62LkWovg/JE/
Fnsgc3WE8WK2aii1JuSAExwwK/Qb5oPqW552KwlJmc4FDmmQdGpbUPtly1+6WsZ1
0rChxvnrJ12u6yqd6No1ubjlop4vv3qyul8T5Cuz853afI6mXZJ6CbjRFQR1ATct
carlUHvxhk8YMsPEnhEPRoEE8BPZB1Vj1KIHDv6ytB8kOJEGrtAI53dLLRgBAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUDdeNSN17jqhmC1fOz4b+vhM+Sx8wHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhMzEzMDNhM2Ey
ZjM0MzgyZDM0MzgyMDNkM2UyMDM1MzkzMjM4MzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkANaAABAw
DQYJKoZIhvcNAQELBQADggEBAMJiAyDzhvJ/F1d5wXAOTfss9qh/2QQJ3Ks93Z98
J3SaRvjecdkm0HVyP5eOkQljSZasFbK0MkZ7Ja7QFXs/TAMQEo3NvEhYAsIXDT96
ESvQ1jhu5Mj4N+C3eVN5/kD+a768vurI1wnQ/oFl30f8MthldIPpUmexv/XJVUKw
xv4QVnK0p8oID31IyC2NVHlEVp1thUmjH6AO9kobfPBSBAkgLG/rVyK34DNtVdgM
sCvu1HwaeFF7h92/sIetfp96sn6ml5vRbieYEFjXqcjjRab0LF79Vgd4W3oAPWuA
Ov+Lq42kX72zVowGrj9REyybrvlP95UAf7zx3EIbv6thrFc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:13 2024 by rpki-client on console-fra.rpki-client.org