Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3130663a3a2f34382d3438203d3e203539323832.roa
File:                     323430303a643638303a3130663a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier:          Uv55ZVCs7DhFtNyCKDGzb25jTUWOkHA61m/O03uoXpE=
Subject key identifier:   F4:64:06:99:37:A7:AA:E5:99:79:54:1A:92:29:BC:C9:51:A8:BC:D0
Certificate issuer:       /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial:       4F44A0DAAD1BA828A2B2B8507A73D02FCF14F5BC
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3130663a3a2f34382d3438203d3e203539323832.roa
Signing time:             Mon 26 Sep 2022 08:01:58 +0000
ROA not before:           Mon 26 Sep 2022 07:56:58 +0000
ROA not after:            Mon 25 Sep 2023 08:01:58 +0000
asID:                     59282
IP address blocks:        2400:d680:10f::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:44:a0:da:ad:1b:a8:28:a2:b2:b8:50:7a:73:d0:2f:cf:14:f5:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
        Validity
            Not Before: Sep 26 07:56:58 2022 GMT
            Not After : Sep 25 08:01:58 2023 GMT
        Subject: CN=F464069937A7AAE59979541A9229BCC951A8BCD0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:48:78:e8:e2:2b:28:f6:72:5b:82:cc:b3:f8:
                    ae:03:10:f1:ef:7f:81:8f:09:78:7c:f7:b7:73:1c:
                    64:70:9f:a4:aa:79:98:3c:66:ec:0d:20:f9:ab:70:
                    77:c2:c8:05:58:29:b4:7c:9d:e5:ff:67:99:2b:45:
                    7d:f8:d1:dd:00:fc:3d:bf:43:12:c9:a4:6c:06:56:
                    8d:f8:49:24:8c:d0:ae:2e:cb:6a:13:fb:c6:af:d7:
                    6a:17:ef:d0:8c:6e:10:8d:a5:1d:d1:6a:55:92:e6:
                    96:d5:49:19:78:06:14:35:be:bd:23:fe:04:96:34:
                    4d:ad:7a:32:64:ca:63:2a:02:8c:f9:b2:74:da:eb:
                    3a:29:92:0e:b1:ec:95:b6:f3:65:7e:50:79:c4:25:
                    83:cf:d4:8a:de:91:83:05:94:2e:7f:7d:ee:fe:0b:
                    e0:88:d7:02:f9:d4:c0:f1:fd:09:af:60:5d:7f:51:
                    d9:b9:66:09:fd:c7:88:0d:87:48:16:4d:a5:d6:11:
                    80:b1:36:bf:57:f4:5e:8a:bd:58:64:90:c2:e0:69:
                    f3:ea:6a:7f:13:0a:82:f6:17:a9:3c:46:91:19:50:
                    76:42:e7:62:3a:2a:93:ee:a1:cd:4c:b0:fe:fb:92:
                    d6:0c:2c:30:12:85:c9:ee:2d:ff:96:20:af:7e:83:
                    48:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:64:06:99:37:A7:AA:E5:99:79:54:1A:92:29:BC:C9:51:A8:BC:D0
            X509v3 Authority Key Identifier:
                keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3130663a3a2f34382d3438203d3e203539323832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:d680:10f::/48

    Signature Algorithm: sha256WithRSAEncryption
         71:8a:20:7d:3c:39:48:da:ab:47:32:ad:11:af:f1:b4:88:13:
         6c:8c:49:99:a7:5b:ff:cb:1d:92:98:66:c6:ff:37:12:9a:62:
         12:d2:b3:22:ca:be:e8:86:c8:7e:b4:4d:34:5e:ff:dc:87:a9:
         4d:61:c8:39:c0:84:d2:57:31:69:db:a0:96:f8:0f:2f:98:88:
         35:b6:84:c4:9d:35:41:61:e8:35:19:1e:2c:ae:88:0e:fc:23:
         91:1e:fd:0e:2e:fa:63:57:1f:05:10:c6:43:98:66:42:06:e8:
         25:02:c1:a3:f8:f1:21:c3:45:10:23:b9:35:bd:6f:72:a9:89:
         ff:c0:77:78:1a:a7:66:3e:be:2d:9b:2b:12:af:06:01:2e:21:
         3f:cd:a5:e8:e0:22:33:56:ff:4d:fe:d9:2a:c7:f2:de:66:0d:
         ac:c9:29:51:48:1b:3e:a6:7c:d4:57:9a:da:f3:fd:b4:df:d2:
         67:c1:82:00:4c:ef:3f:59:99:f5:f2:47:9d:37:22:bf:b7:8a:
         27:d0:c9:d1:b3:ab:02:9c:24:c4:1d:98:c7:0a:d6:19:a4:c1:
         21:92:4c:ac:88:1d:67:61:aa:84:8d:74:b2:25:fa:ee:64:84:
         a2:51:28:d4:63:cf:7a:65:bf:68:78:be:b9:38:2e:6e:7f:fb:
         06:e3:77:34
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUT0Sg2q0bqCiisrhQenPQL88U9bwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yMjA5MjYwNzU2NThaFw0yMzA5MjUwODAxNThaMDMxMTAvBgNV
BAMTKEY0NjQwNjk5MzdBN0FBRTU5OTc5NTQxQTkyMjlCQ0M5NTFBOEJDRDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3SHjo4iso9nJbgsyz+K4DEPHv
f4GPCXh897dzHGRwn6SqeZg8ZuwNIPmrcHfCyAVYKbR8neX/Z5krRX340d0A/D2/
QxLJpGwGVo34SSSM0K4uy2oT+8av12oX79CMbhCNpR3RalWS5pbVSRl4BhQ1vr0j
/gSWNE2tejJkymMqAoz5snTa6zopkg6x7JW282V+UHnEJYPP1IrekYMFlC5/fe7+
C+CI1wL51MDx/QmvYF1/Udm5Zgn9x4gNh0gWTaXWEYCxNr9X9F6KvVhkkMLgafPq
an8TCoL2F6k8RpEZUHZC52I6KpPuoc1MsP77ktYMLDAShcnuLf+WIK9+g0gZAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU9GQGmTenquWZeVQakim8yVGovNAwHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhMzEzMDY2M2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzUzOTMyMzgzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQA1oAB
DzANBgkqhkiG9w0BAQsFAAOCAQEAcYogfTw5SNqrRzKtEa/xtIgTbIxJmadb/8sd
kphmxv83EppiEtKzIsq+6IbIfrRNNF7/3IepTWHIOcCE0lcxaduglvgPL5iINbaE
xJ01QWHoNRkeLK6IDvwjkR79Di76Y1cfBRDGQ5hmQgboJQLBo/jxIcNFECO5Nb1v
cqmJ/8B3eBqnZj6+LZsrEq8GAS4hP82l6OAiM1b/Tf7ZKsfy3mYNrMkpUUgbPqZ8
1Fea2vP9tN/SZ8GCAEzvP1mZ9fJHnTciv7eKJ9DJ0bOrApwkxB2YxwrWGaTBIZJM
rIgdZ2GqhI10siX67mSEolEo1GPPemW/aHi+uTgubn/7BuN3NA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:13 2024 by rpki-client on console-fra.rpki-client.org