Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3132653a3a2f34382d3438203d3e203539323832.roa
File:                     323430303a643638303a3132653a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier:          raJ3uOw3jVRKvBTQYRZQTCA43m7o2FLxXAhdERUkOKw=
Subject key identifier:   03:87:36:C1:76:93:79:82:CB:FD:48:3D:A0:9C:BD:47:88:42:00:50
Certificate issuer:       /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial:       0FE57D9FFACCEDDAD6CF43DB6D0ABCE12F966BF6
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3132653a3a2f34382d3438203d3e203539323832.roa
Signing time:             Mon 26 Sep 2022 08:01:55 +0000
ROA not before:           Mon 26 Sep 2022 07:56:55 +0000
ROA not after:            Mon 25 Sep 2023 08:01:55 +0000
asID:                     59282
IP address blocks:        2400:d680:12e::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:e5:7d:9f:fa:cc:ed:da:d6:cf:43:db:6d:0a:bc:e1:2f:96:6b:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
        Validity
            Not Before: Sep 26 07:56:55 2022 GMT
            Not After : Sep 25 08:01:55 2023 GMT
        Subject: CN=038736C176937982CBFD483DA09CBD4788420050
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:e6:b2:ae:67:76:24:16:fa:6e:1e:2b:59:b7:
                    7b:ad:42:c1:0f:9a:0c:93:89:0e:7a:6c:ea:f5:0f:
                    8a:74:01:eb:8f:1a:75:ad:ba:28:69:45:2a:71:7a:
                    82:36:3a:49:da:f8:c5:bb:ac:6a:f1:8b:b5:77:c8:
                    ac:ed:f0:58:75:19:85:67:87:34:3d:e1:9e:28:2b:
                    aa:0f:d0:dc:7c:b0:26:ee:3e:74:6d:2d:e5:5c:da:
                    62:3f:8c:b1:84:1a:22:51:02:db:d7:46:99:ca:0a:
                    1d:c9:12:59:73:cc:a4:5f:2a:1c:03:6e:0a:9d:9e:
                    2f:38:28:7b:47:74:06:36:fb:6b:0b:c5:5f:c4:52:
                    fd:64:a5:e0:d3:16:46:f9:cd:c3:29:22:7d:9d:1b:
                    6d:8b:6a:49:bf:92:b3:b5:9d:9e:f5:07:94:0e:b6:
                    c7:f4:e7:27:85:d9:d9:5d:84:29:f9:58:de:f9:a4:
                    77:d4:7e:6b:45:b0:0d:d9:f9:54:84:5a:18:bf:88:
                    a2:f4:47:63:5b:4e:bf:4f:3c:29:36:0b:ce:1f:7e:
                    ed:79:a9:76:d5:65:5a:61:37:55:59:02:f6:9a:c2:
                    77:09:95:74:cb:f9:76:7b:85:93:00:89:96:91:df:
                    04:b3:a6:37:4f:df:80:ba:ed:18:61:8e:87:b5:34:
                    28:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:87:36:C1:76:93:79:82:CB:FD:48:3D:A0:9C:BD:47:88:42:00:50
            X509v3 Authority Key Identifier:
                keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3132653a3a2f34382d3438203d3e203539323832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:d680:12e::/48

    Signature Algorithm: sha256WithRSAEncryption
         60:2c:d3:91:67:38:8e:d5:42:2f:a3:c0:8c:5b:a6:2d:0f:98:
         c4:c0:36:52:52:6e:cb:33:03:6b:0e:f8:8a:f1:d0:53:e0:68:
         b1:ed:c8:cf:4d:b9:72:8b:88:d9:9a:b6:ba:58:d4:6d:e0:e0:
         81:ac:0a:e7:1a:7f:ff:c1:8d:ce:2c:a9:e0:38:4b:91:30:d5:
         bb:f5:63:1e:b9:44:53:ab:64:bf:85:fc:b7:f6:12:01:d5:8b:
         0c:3b:f7:99:06:bf:d3:32:ed:e8:31:26:b8:01:b1:04:a8:6e:
         8b:da:a0:cb:12:1e:57:11:a0:39:04:b6:c5:1e:20:b6:f7:64:
         76:e5:f8:35:ff:18:77:e0:aa:b9:fc:3f:4d:4e:6e:c3:49:d9:
         98:a8:42:c9:7f:9c:f4:f7:27:93:e1:27:1e:8e:da:9d:64:6c:
         f5:f8:de:7e:d1:40:ef:95:d5:c4:fb:ef:68:bf:22:d7:b2:00:
         6c:87:ff:81:e7:0b:02:ae:48:b3:cf:27:da:6c:03:1a:49:1b:
         d9:d1:a8:63:6a:0d:b7:fb:61:bf:52:7e:94:2b:e6:ac:ca:38:
         0e:35:01:66:42:8b:52:a2:ed:a6:78:26:1d:b0:fb:9b:97:ac:
         50:91:79:73:18:fa:34:8a:2f:cc:5c:20:64:a0:7f:86:02:c6:
         cb:b5:d6:7f
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUD+V9n/rM7drWz0PbbQq84S+Wa/YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yMjA5MjYwNzU2NTVaFw0yMzA5MjUwODAxNTVaMDMxMTAvBgNV
BAMTKDAzODczNkMxNzY5Mzc5ODJDQkZENDgzREEwOUNCRDQ3ODg0MjAwNTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCb5rKuZ3YkFvpuHitZt3utQsEP
mgyTiQ56bOr1D4p0AeuPGnWtuihpRSpxeoI2Okna+MW7rGrxi7V3yKzt8Fh1GYVn
hzQ94Z4oK6oP0Nx8sCbuPnRtLeVc2mI/jLGEGiJRAtvXRpnKCh3JEllzzKRfKhwD
bgqdni84KHtHdAY2+2sLxV/EUv1kpeDTFkb5zcMpIn2dG22Lakm/krO1nZ71B5QO
tsf05yeF2dldhCn5WN75pHfUfmtFsA3Z+VSEWhi/iKL0R2NbTr9PPCk2C84ffu15
qXbVZVphN1VZAvaawncJlXTL+XZ7hZMAiZaR3wSzpjdP34C67Rhhjoe1NCgZAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUA4c2wXaTeYLL/Ug9oJy9R4hCAFAwHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhMzEzMjY1M2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzUzOTMyMzgzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQA1oAB
LjANBgkqhkiG9w0BAQsFAAOCAQEAYCzTkWc4jtVCL6PAjFumLQ+YxMA2UlJuyzMD
aw74ivHQU+Bose3Iz025couI2Zq2uljUbeDggawK5xp//8GNziyp4DhLkTDVu/Vj
HrlEU6tkv4X8t/YSAdWLDDv3mQa/0zLt6DEmuAGxBKhui9qgyxIeVxGgOQS2xR4g
tvdkduX4Nf8Yd+Cqufw/TU5uw0nZmKhCyX+c9Pcnk+EnHo7anWRs9fjeftFA75XV
xPvvaL8i17IAbIf/gecLAq5Is88n2mwDGkkb2dGoY2oNt/thv1J+lCvmrMo4DjUB
ZkKLUqLtpngmHbD7m5esUJF5cxj6NIovzFwgZKB/hgLGy7XWfw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:13 2024 by rpki-client on console-fra.rpki-client.org