Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3132313a3a2f34382d3438203d3e203539323832.roa
File:                     323430303a643638303a3132313a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier:          w04jqQUHL4COzgY/8MwH1oIHUsAhtv5UQKSw7mEWkCk=
Subject key identifier:   3A:36:4C:11:99:C8:B8:08:D7:71:D1:3E:CD:AD:28:3C:E6:5A:3B:B8
Certificate issuer:       /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial:       6A1240779E720D30987534889F6F1BB7C7208EC0
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3132313a3a2f34382d3438203d3e203539323832.roa
Signing time:             Mon 26 Sep 2022 08:01:32 +0000
ROA not before:           Mon 26 Sep 2022 07:56:32 +0000
ROA not after:            Mon 25 Sep 2023 08:01:32 +0000
asID:                     59282
IP address blocks:        2400:d680:121::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:12:40:77:9e:72:0d:30:98:75:34:88:9f:6f:1b:b7:c7:20:8e:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
        Validity
            Not Before: Sep 26 07:56:32 2022 GMT
            Not After : Sep 25 08:01:32 2023 GMT
        Subject: CN=3A364C1199C8B808D771D13ECDAD283CE65A3BB8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:b7:2a:99:cd:a8:dc:a0:da:02:ea:a9:59:0a:
                    5b:ec:11:37:f8:ab:db:18:fb:06:01:94:1b:43:5e:
                    81:fb:09:b6:ff:ae:c6:93:6d:8a:5e:1b:49:69:29:
                    3d:f9:94:63:7e:cc:bc:dc:a8:b1:69:79:a6:e0:1a:
                    c8:34:c2:47:fa:7a:20:ba:10:2d:e6:e1:24:be:51:
                    3a:4e:06:1d:da:53:43:df:33:f1:f5:96:50:be:a9:
                    b1:6d:78:eb:19:16:a4:eb:12:5c:cd:5d:a0:38:92:
                    13:0d:e0:d2:6e:71:f7:7a:7c:c2:25:78:63:cd:e0:
                    c7:67:02:5f:31:a0:9a:52:fc:65:e6:54:d5:06:9b:
                    1f:aa:75:71:af:8a:20:23:52:65:cf:83:a3:a6:2a:
                    9b:ba:5e:b5:50:e1:c7:08:c9:70:6d:48:fd:55:e0:
                    12:3e:92:b7:02:1a:51:73:c2:ae:7a:bc:be:6b:94:
                    00:53:6e:e7:49:2f:21:1c:b3:e4:57:f8:58:6b:40:
                    5d:e6:53:b5:25:5d:57:f2:b5:26:5e:64:5a:08:fb:
                    f6:bf:b4:ef:d4:ea:f3:ad:18:24:6c:fa:38:95:90:
                    69:6b:d4:3e:66:11:e9:a8:0d:f0:a7:d5:ae:11:65:
                    3a:26:af:e0:5e:1d:16:69:fd:6a:9a:bf:8d:bf:3d:
                    c5:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:36:4C:11:99:C8:B8:08:D7:71:D1:3E:CD:AD:28:3C:E6:5A:3B:B8
            X509v3 Authority Key Identifier:
                keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3132313a3a2f34382d3438203d3e203539323832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:d680:121::/48

    Signature Algorithm: sha256WithRSAEncryption
         0c:48:84:4a:ae:89:19:c8:91:f1:38:45:90:a8:fe:36:8a:48:
         46:82:6e:36:31:2e:7d:fb:7b:df:f9:c3:af:1f:24:8f:46:41:
         a7:95:ff:26:ac:ae:15:66:06:2b:c9:95:30:1f:16:80:f4:f1:
         d0:7e:71:03:0f:89:a6:3e:59:d0:22:99:d3:04:cd:58:d9:5c:
         18:5d:23:c6:51:79:a6:0c:59:ca:4c:9d:13:df:35:5b:6a:57:
         5c:e6:46:dd:45:64:2d:fc:18:4d:2a:bf:1a:ba:fe:0b:a4:26:
         48:66:85:bd:14:75:b8:1e:ad:02:b8:dc:c2:4f:90:90:87:d0:
         16:7e:4e:d6:1e:4a:14:05:1d:f6:bc:b8:d5:84:d6:b7:ad:38:
         ca:fc:fe:83:cc:5d:30:32:07:e3:c2:ec:92:59:71:da:d7:c4:
         54:55:7b:cf:47:d9:72:8a:a3:af:99:56:a7:c9:19:ba:97:33:
         56:f2:22:5a:7a:78:87:b2:a3:4d:5b:9e:7a:58:14:ca:b6:60:
         10:f4:4c:af:22:4e:76:31:ac:93:67:f3:e6:86:f9:be:2b:97:
         3b:e0:64:84:b9:3f:eb:0f:5b:52:c5:58:27:49:d1:89:2a:a4:
         61:40:a6:43:f7:67:b1:93:f7:1f:1b:f7:27:e4:cd:5b:f7:68:
         db:d3:c9:e2
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUahJAd55yDTCYdTSIn28bt8cgjsAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yMjA5MjYwNzU2MzJaFw0yMzA5MjUwODAxMzJaMDMxMTAvBgNV
BAMTKDNBMzY0QzExOTlDOEI4MDhENzcxRDEzRUNEQUQyODNDRTY1QTNCQjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmtyqZzajcoNoC6qlZClvsETf4
q9sY+wYBlBtDXoH7Cbb/rsaTbYpeG0lpKT35lGN+zLzcqLFpeabgGsg0wkf6eiC6
EC3m4SS+UTpOBh3aU0PfM/H1llC+qbFteOsZFqTrElzNXaA4khMN4NJucfd6fMIl
eGPN4MdnAl8xoJpS/GXmVNUGmx+qdXGviiAjUmXPg6OmKpu6XrVQ4ccIyXBtSP1V
4BI+krcCGlFzwq56vL5rlABTbudJLyEcs+RX+FhrQF3mU7UlXVfytSZeZFoI+/a/
tO/U6vOtGCRs+jiVkGlr1D5mEemoDfCn1a4RZTomr+BeHRZp/Wqav42/PcXZAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUOjZMEZnIuAjXcdE+za0oPOZaO7gwHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhMzEzMjMxM2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzUzOTMyMzgzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQA1oAB
ITANBgkqhkiG9w0BAQsFAAOCAQEADEiESq6JGciR8ThFkKj+NopIRoJuNjEufft7
3/nDrx8kj0ZBp5X/JqyuFWYGK8mVMB8WgPTx0H5xAw+Jpj5Z0CKZ0wTNWNlcGF0j
xlF5pgxZykydE981W2pXXOZG3UVkLfwYTSq/Grr+C6QmSGaFvRR1uB6tArjcwk+Q
kIfQFn5O1h5KFAUd9ry41YTWt604yvz+g8xdMDIH48Lskllx2tfEVFV7z0fZcoqj
r5lWp8kZupczVvIiWnp4h7KjTVueelgUyrZgEPRMryJOdjGsk2fz5ob5viuXO+Bk
hLk/6w9bUsVYJ0nRiSqkYUCmQ/dnsZP3Hxv3J+TNW/do29PJ4g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:13 2024 by rpki-client on console-fra.rpki-client.org