Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3132323a3a2f34382d3438203d3e203539323832.roa
File:                     323430303a643638303a3132323a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier:          T4Jw0gfz/3YTOX7wVdiauw8d6horvn7C1BqcEMeHiso=
Subject key identifier:   1F:CA:6F:88:E9:B8:30:F6:A4:A2:4D:41:C8:19:9B:F6:4B:0C:1D:97
Certificate issuer:       /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial:       2D9A14D74ADC18EF760AD1882E36CDCE71D5EAC8
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3132323a3a2f34382d3438203d3e203539323832.roa
Signing time:             Mon 26 Sep 2022 07:00:01 +0000
ROA not before:           Mon 26 Sep 2022 06:55:01 +0000
ROA not after:            Mon 25 Sep 2023 07:00:01 +0000
asID:                     59282
IP address blocks:        2400:d680:122::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:9a:14:d7:4a:dc:18:ef:76:0a:d1:88:2e:36:cd:ce:71:d5:ea:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
        Validity
            Not Before: Sep 26 06:55:01 2022 GMT
            Not After : Sep 25 07:00:01 2023 GMT
        Subject: CN=1FCA6F88E9B830F6A4A24D41C8199BF64B0C1D97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:c3:0f:2f:39:f0:51:6b:3a:4a:3c:18:79:ec:
                    3a:86:91:52:09:71:cc:59:c6:db:1d:d1:fa:bf:ef:
                    51:ee:da:65:ec:a8:24:3a:35:07:c2:99:74:94:2a:
                    6e:38:b4:21:36:cb:69:4b:9b:e7:1f:63:1d:79:a2:
                    70:8c:ee:b3:bb:77:1b:d9:57:a4:8d:f7:5f:20:de:
                    a5:2a:9f:c5:e4:8e:f0:d2:73:26:a0:ea:14:74:ba:
                    32:84:3e:95:a2:9c:af:ea:fd:99:a1:71:bb:b7:47:
                    b4:4e:8b:6b:b0:15:a4:f0:a0:b8:1b:c8:78:1b:f5:
                    0b:9c:f6:6c:c8:7c:8b:f4:e1:2d:5c:52:5f:f9:ed:
                    e8:2f:d5:fa:6d:fa:03:ce:c8:97:a6:cb:4d:6f:ff:
                    e6:74:f5:0a:28:2f:7b:7f:8e:50:f5:b2:3d:54:97:
                    7c:ab:8a:6f:dd:6e:c3:27:80:40:97:3c:3a:0e:b1:
                    44:2d:2d:c2:c2:ff:4d:b4:6d:85:b1:2a:a3:20:b8:
                    ae:46:bb:9a:38:23:ad:3d:17:08:82:0b:52:b0:9b:
                    35:fd:c7:25:98:67:a9:7a:71:d6:64:4c:36:70:c3:
                    9f:b2:84:b7:9a:fc:04:99:6f:7d:15:ac:a5:d0:54:
                    ad:87:07:72:9b:fa:89:67:c7:aa:c2:c7:19:5f:c4:
                    6f:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:CA:6F:88:E9:B8:30:F6:A4:A2:4D:41:C8:19:9B:F6:4B:0C:1D:97
            X509v3 Authority Key Identifier:
                keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3132323a3a2f34382d3438203d3e203539323832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:d680:122::/48

    Signature Algorithm: sha256WithRSAEncryption
         4d:f0:56:76:2f:92:00:74:96:e3:c4:b9:6f:cc:85:ba:02:40:
         f3:57:28:3e:30:92:7e:4b:a2:c7:a4:0c:79:f3:a3:ae:8e:5c:
         6b:10:f5:bc:05:f9:f8:74:16:11:cc:33:81:2d:5e:78:a8:29:
         97:3f:c1:3c:69:64:37:57:e6:c0:0b:a4:a5:31:a7:4e:c1:ad:
         70:db:8b:5d:d4:d2:89:61:f1:28:b5:9b:f2:e3:ce:03:6d:cc:
         24:a1:48:7b:6a:59:32:02:5f:6f:71:84:f7:c1:5c:17:8d:df:
         91:20:6b:30:04:3e:81:a3:3e:7a:d3:bd:b3:6d:c3:7e:46:00:
         3f:3f:a5:a9:ab:b5:6b:be:68:49:eb:f9:df:4f:c8:bc:f2:b3:
         ab:06:91:88:90:c8:73:bf:4b:22:7b:c5:b1:ae:6b:18:3c:5e:
         85:ec:04:1d:e9:0c:03:ab:34:30:ed:be:12:58:19:69:03:0b:
         a5:75:3b:78:02:2d:87:2a:7e:b9:fb:82:e6:f5:ff:17:2a:4d:
         4b:1b:a5:f3:e8:ad:1a:d9:ec:0e:ba:f1:bd:fd:7d:bc:90:8a:
         d8:eb:aa:bd:78:4b:f6:ea:b0:06:75:a9:da:dd:d2:fe:94:46:
         1e:6c:55:6d:24:52:1f:30:8b:bf:f6:24:56:0a:e3:03:82:20:
         41:fe:4e:cf
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIULZoU10rcGO92CtGILjbNznHV6sgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yMjA5MjYwNjU1MDFaFw0yMzA5MjUwNzAwMDFaMDMxMTAvBgNV
BAMTKDFGQ0E2Rjg4RTlCODMwRjZBNEEyNEQ0MUM4MTk5QkY2NEIwQzFEOTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiww8vOfBRazpKPBh57DqGkVIJ
ccxZxtsd0fq/71Hu2mXsqCQ6NQfCmXSUKm44tCE2y2lLm+cfYx15onCM7rO7dxvZ
V6SN918g3qUqn8XkjvDScyag6hR0ujKEPpWinK/q/Zmhcbu3R7ROi2uwFaTwoLgb
yHgb9Quc9mzIfIv04S1cUl/57egv1fpt+gPOyJemy01v/+Z09QooL3t/jlD1sj1U
l3yrim/dbsMngECXPDoOsUQtLcLC/020bYWxKqMguK5Gu5o4I609FwiCC1KwmzX9
xyWYZ6l6cdZkTDZww5+yhLea/ASZb30VrKXQVK2HB3Kb+olnx6rCxxlfxG//AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUH8pviOm4MPakok1ByBmb9ksMHZcwHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhMzEzMjMyM2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzUzOTMyMzgzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQA1oAB
IjANBgkqhkiG9w0BAQsFAAOCAQEATfBWdi+SAHSW48S5b8yFugJA81coPjCSfkui
x6QMefOjro5caxD1vAX5+HQWEcwzgS1eeKgplz/BPGlkN1fmwAukpTGnTsGtcNuL
XdTSiWHxKLWb8uPOA23MJKFIe2pZMgJfb3GE98FcF43fkSBrMAQ+gaM+etO9s23D
fkYAPz+lqau1a75oSev530/IvPKzqwaRiJDIc79LInvFsa5rGDxehewEHekMA6s0
MO2+ElgZaQMLpXU7eAIthyp+ufuC5vX/FypNSxul8+itGtnsDrrxvf19vJCK2Ouq
vXhL9uqwBnWp2t3S/pRGHmxVbSRSHzCLv/YkVgrjA4IgQf5Ozw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:49 2024 by rpki-client on console-ams.rpki-client.org