Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3131373a3a2f34382d3438203d3e203539323832.roa
File:                     323430303a643638303a3131373a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier:          Gg8akBfbmiHtQFSpclGVTp7rPL+WUGQsh7qkI9gGdwA=
Subject key identifier:   3A:33:06:EE:1C:69:02:51:72:7C:AD:2C:B8:66:C4:E3:84:CB:F7:47
Certificate issuer:       /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial:       7149D5507BAB492EB66A6DE81D545057304274C6
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3131373a3a2f34382d3438203d3e203539323832.roa
Signing time:             Mon 26 Sep 2022 08:01:30 +0000
ROA not before:           Mon 26 Sep 2022 07:56:30 +0000
ROA not after:            Mon 25 Sep 2023 08:01:30 +0000
asID:                     59282
IP address blocks:        2400:d680:117::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:49:d5:50:7b:ab:49:2e:b6:6a:6d:e8:1d:54:50:57:30:42:74:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
        Validity
            Not Before: Sep 26 07:56:30 2022 GMT
            Not After : Sep 25 08:01:30 2023 GMT
        Subject: CN=3A3306EE1C690251727CAD2CB866C4E384CBF747
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:a0:d3:1a:89:bf:5a:22:ce:b3:3e:d3:e5:2d:
                    b2:da:8e:17:cc:0e:f4:43:88:23:48:c0:0a:d4:84:
                    08:6d:12:ad:7b:bb:66:7f:eb:57:76:f0:b3:9a:5d:
                    b9:37:8a:ae:b6:6e:5f:9f:9c:c2:6d:29:41:65:11:
                    ee:2e:42:3e:43:d0:75:c2:52:e9:d2:5b:cc:8a:a4:
                    15:35:9b:8b:b5:6e:07:5b:9b:21:36:18:e8:b8:75:
                    29:e5:38:6d:b1:04:bd:56:8e:eb:4c:fa:35:b5:97:
                    9c:ec:82:84:21:89:60:56:35:f1:53:c2:aa:91:f0:
                    f3:f2:53:75:f9:3f:a5:6d:06:0f:a7:c7:1c:c3:b8:
                    bf:6f:1f:fc:6c:c8:4b:90:ff:2c:75:1a:35:54:33:
                    ae:ea:66:d8:36:d0:5e:9e:e7:fd:60:2d:4e:32:27:
                    ab:19:db:23:33:5a:54:34:a6:4b:c1:10:e2:88:fe:
                    b9:ac:5c:e7:8d:84:c3:3d:8c:45:1b:05:6a:c8:18:
                    e6:49:81:35:b5:45:a6:7a:9b:2c:19:52:b2:52:e7:
                    0c:b1:99:23:32:cc:a1:b9:64:93:ba:d2:f5:29:9e:
                    01:12:b2:38:2e:85:09:06:4f:a8:c3:d4:64:51:4f:
                    43:d8:c1:31:22:32:1b:e6:2f:49:b3:d2:4f:5b:14:
                    a4:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:33:06:EE:1C:69:02:51:72:7C:AD:2C:B8:66:C4:E3:84:CB:F7:47
            X509v3 Authority Key Identifier:
                keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3131373a3a2f34382d3438203d3e203539323832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:d680:117::/48

    Signature Algorithm: sha256WithRSAEncryption
         9b:f1:61:43:fc:63:16:31:06:ee:6d:50:23:0f:48:a8:c1:53:
         5c:3b:b9:38:f9:9c:76:30:ee:bf:42:b7:3c:e8:27:f1:9e:d3:
         ed:17:18:0a:ed:4f:c6:d4:e4:8b:f8:08:c6:5e:da:8f:bd:00:
         5c:0e:08:ad:25:30:4d:f1:dd:a4:52:bc:67:5e:17:e1:2d:11:
         f4:eb:b0:72:32:dd:b2:4f:96:b8:2a:4f:7b:3e:9a:92:ab:6a:
         f0:63:93:c0:a2:b8:9f:9a:66:28:06:1f:db:43:0c:20:2a:5a:
         bd:ce:84:08:90:df:70:83:db:7b:0a:6e:95:6f:ac:6a:fd:7e:
         af:23:9c:87:3f:5e:d6:2f:2f:e7:de:2a:0e:fe:f3:68:c6:35:
         db:53:c1:4a:fb:48:97:00:54:5c:86:d4:83:e8:05:c2:f1:e5:
         bf:cb:59:47:22:7c:44:a0:a5:0f:28:65:e8:57:88:50:80:20:
         9c:cf:5f:22:9d:70:96:ed:4a:59:14:a7:d9:e0:71:2d:ad:4f:
         43:d6:69:9f:42:ab:d9:17:ec:24:48:0f:9d:d1:a9:13:ce:15:
         77:f8:26:a0:60:4a:96:c0:47:57:d5:c5:47:a9:e5:41:2a:cd:
         57:00:25:13:79:94:c6:08:92:74:e8:dc:58:b6:43:ac:a0:6d:
         3d:e7:f9:b2
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUcUnVUHurSS62am3oHVRQVzBCdMYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yMjA5MjYwNzU2MzBaFw0yMzA5MjUwODAxMzBaMDMxMTAvBgNV
BAMTKDNBMzMwNkVFMUM2OTAyNTE3MjdDQUQyQ0I4NjZDNEUzODRDQkY3NDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7oNMaib9aIs6zPtPlLbLajhfM
DvRDiCNIwArUhAhtEq17u2Z/61d28LOaXbk3iq62bl+fnMJtKUFlEe4uQj5D0HXC
UunSW8yKpBU1m4u1bgdbmyE2GOi4dSnlOG2xBL1WjutM+jW1l5zsgoQhiWBWNfFT
wqqR8PPyU3X5P6VtBg+nxxzDuL9vH/xsyEuQ/yx1GjVUM67qZtg20F6e5/1gLU4y
J6sZ2yMzWlQ0pkvBEOKI/rmsXOeNhMM9jEUbBWrIGOZJgTW1RaZ6mywZUrJS5wyx
mSMyzKG5ZJO60vUpngESsjguhQkGT6jD1GRRT0PYwTEiMhvmL0mz0k9bFKTpAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUOjMG7hxpAlFyfK0suGbE44TL90cwHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhMzEzMTM3M2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzUzOTMyMzgzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQA1oAB
FzANBgkqhkiG9w0BAQsFAAOCAQEAm/FhQ/xjFjEG7m1QIw9IqMFTXDu5OPmcdjDu
v0K3POgn8Z7T7RcYCu1PxtTki/gIxl7aj70AXA4IrSUwTfHdpFK8Z14X4S0R9Ouw
cjLdsk+WuCpPez6akqtq8GOTwKK4n5pmKAYf20MMICpavc6ECJDfcIPbewpulW+s
av1+ryOchz9e1i8v594qDv7zaMY121PBSvtIlwBUXIbUg+gFwvHlv8tZRyJ8RKCl
Dyhl6FeIUIAgnM9fIp1wlu1KWRSn2eBxLa1PQ9Zpn0Kr2RfsJEgPndGpE84Vd/gm
oGBKlsBHV9XFR6nlQSrNVwAlE3mUxgiSdOjcWLZDrKBtPef5sg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:49 2024 by rpki-client on console-ams.rpki-client.org