Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3131643a3a2f34382d3438203d3e203539323832.roa
File:                     323430303a643638303a3131643a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier:          v2eFrYhXLDzrC+qfWVoYWiO2SGxGFpPbWre9dV4LUrs=
Subject key identifier:   4E:02:83:9A:8E:D1:B1:72:7F:D4:A0:48:28:D3:9F:B4:9B:6D:09:D4
Certificate issuer:       /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial:       3226184F325ACCA03403BFAD480911FB0AB92D94
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3131643a3a2f34382d3438203d3e203539323832.roa
Signing time:             Mon 26 Sep 2022 08:01:29 +0000
ROA not before:           Mon 26 Sep 2022 07:56:29 +0000
ROA not after:            Mon 25 Sep 2023 08:01:29 +0000
asID:                     59282
IP address blocks:        2400:d680:11d::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:26:18:4f:32:5a:cc:a0:34:03:bf:ad:48:09:11:fb:0a:b9:2d:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
        Validity
            Not Before: Sep 26 07:56:29 2022 GMT
            Not After : Sep 25 08:01:29 2023 GMT
        Subject: CN=4E02839A8ED1B1727FD4A04828D39FB49B6D09D4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:6b:c1:5a:a5:83:01:a1:da:c9:0c:cd:54:8b:
                    1f:e1:1f:a2:ae:01:15:52:ae:4b:db:85:14:f6:1b:
                    c9:57:3f:10:01:35:25:b4:91:22:5f:67:94:ae:28:
                    58:46:9e:e7:6c:92:ff:81:03:d0:62:7c:57:15:05:
                    6a:76:db:60:ec:88:9b:5b:b9:b6:21:1d:c6:2e:32:
                    97:d3:97:01:4a:73:a7:e5:70:de:0c:04:db:66:46:
                    39:c2:9b:0f:9e:71:d9:1d:73:8d:87:d0:5e:8a:6d:
                    7e:4e:c2:b3:6b:ba:0f:c3:62:f0:6b:34:8e:1c:0d:
                    ce:77:57:50:d8:48:02:db:8a:21:ed:8d:a8:79:81:
                    a6:f0:71:86:71:18:40:89:86:e7:90:a3:0b:59:06:
                    cc:76:00:d6:b1:ac:3d:7d:57:1e:ce:8d:b0:6f:7d:
                    18:7d:46:d4:5b:a4:50:c4:2d:af:e1:15:71:ac:e0:
                    1c:3c:11:40:fa:77:6e:f3:e3:15:a3:0e:fb:c7:ca:
                    10:18:ea:82:ed:21:a4:75:b0:d1:c1:91:a5:bb:8b:
                    f8:5c:a9:1a:28:a4:74:48:18:5e:29:35:78:3e:e3:
                    2c:f2:ad:dc:03:a6:05:d0:c9:89:2e:81:0e:88:9d:
                    b3:84:b7:4d:93:9f:0e:20:0e:13:f4:98:b2:4f:21:
                    63:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:02:83:9A:8E:D1:B1:72:7F:D4:A0:48:28:D3:9F:B4:9B:6D:09:D4
            X509v3 Authority Key Identifier:
                keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3131643a3a2f34382d3438203d3e203539323832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:d680:11d::/48

    Signature Algorithm: sha256WithRSAEncryption
         82:a3:34:d8:92:ec:f5:9f:dc:01:10:8c:64:aa:bf:28:ae:af:
         ef:7b:56:49:96:5b:b2:0d:43:33:bb:de:62:1e:23:87:d7:a4:
         69:7a:40:e7:d7:eb:56:67:3e:10:18:3a:e9:1c:d8:1a:65:52:
         89:81:0b:95:6b:11:a0:56:07:84:83:9c:18:13:1c:07:65:30:
         40:ac:23:6f:a8:7b:c4:4b:b7:e3:9a:5d:53:67:72:4c:37:cb:
         b9:33:8a:59:ef:49:bb:84:1d:bc:18:82:81:53:16:3c:5b:e6:
         2c:90:80:4f:af:1a:e7:0a:02:07:70:c8:67:57:33:f7:1b:6e:
         dd:90:db:ab:a5:96:b2:71:9e:da:63:78:7d:93:a9:da:68:2c:
         95:71:02:ac:c1:d0:fe:67:2d:65:cf:ec:6b:51:02:9d:4a:fe:
         84:38:fb:5d:cf:72:88:44:d5:6e:47:ed:56:e1:d3:0b:9e:a8:
         ca:d7:60:91:02:39:7c:3c:7b:73:5b:0d:6c:d6:4c:73:3e:75:
         d3:2e:46:a0:99:ca:3a:fe:70:9f:27:c8:b1:17:c0:90:d9:79:
         66:09:01:cd:cb:fa:c6:ba:3f:23:d1:37:7e:1c:11:62:16:cc:
         7c:45:8f:c7:74:31:bb:fb:3b:45:f1:77:6c:d9:a4:85:c2:34:
         74:83:79:14
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUMiYYTzJazKA0A7+tSAkR+wq5LZQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yMjA5MjYwNzU2MjlaFw0yMzA5MjUwODAxMjlaMDMxMTAvBgNV
BAMTKDRFMDI4MzlBOEVEMUIxNzI3RkQ0QTA0ODI4RDM5RkI0OUI2RDA5RDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCta8FapYMBodrJDM1Uix/hH6Ku
ARVSrkvbhRT2G8lXPxABNSW0kSJfZ5SuKFhGnudskv+BA9BifFcVBWp222DsiJtb
ubYhHcYuMpfTlwFKc6flcN4MBNtmRjnCmw+ecdkdc42H0F6KbX5OwrNrug/DYvBr
NI4cDc53V1DYSALbiiHtjah5gabwcYZxGECJhueQowtZBsx2ANaxrD19Vx7OjbBv
fRh9RtRbpFDELa/hFXGs4Bw8EUD6d27z4xWjDvvHyhAY6oLtIaR1sNHBkaW7i/hc
qRoopHRIGF4pNXg+4yzyrdwDpgXQyYkugQ6InbOEt02Tnw4gDhP0mLJPIWN7AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUTgKDmo7RsXJ/1KBIKNOftJttCdQwHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhMzEzMTY0M2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzUzOTMyMzgzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQA1oAB
HTANBgkqhkiG9w0BAQsFAAOCAQEAgqM02JLs9Z/cARCMZKq/KK6v73tWSZZbsg1D
M7veYh4jh9ekaXpA59frVmc+EBg66RzYGmVSiYELlWsRoFYHhIOcGBMcB2UwQKwj
b6h7xEu345pdU2dyTDfLuTOKWe9Ju4QdvBiCgVMWPFvmLJCAT68a5woCB3DIZ1cz
9xtu3ZDbq6WWsnGe2mN4fZOp2mgslXECrMHQ/mctZc/sa1ECnUr+hDj7Xc9yiETV
bkftVuHTC56oytdgkQI5fDx7c1sNbNZMcz510y5GoJnKOv5wnyfIsRfAkNl5ZgkB
zcv6xro/I9E3fhwRYhbMfEWPx3Qxu/s7RfF3bNmkhcI0dIN5FA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:49 2024 by rpki-client on console-ams.rpki-client.org