Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3132663a3a2f34382d3438203d3e203539323832.roa
File:                     323430303a643638303a3132663a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier:          XqH7+1UBDVO2WjnFCGnQVK+9DmRPgmd+Vuv2owWu2tE=
Subject key identifier:   11:78:75:DF:80:E8:E0:0E:45:0D:23:82:F5:4E:06:45:22:35:E7:81
Certificate issuer:       /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial:       18B8F8F9183EAF7B88FCBCB1C1E0609421A2980C
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3132663a3a2f34382d3438203d3e203539323832.roa
Signing time:             Mon 26 Sep 2022 08:01:34 +0000
ROA not before:           Mon 26 Sep 2022 07:56:34 +0000
ROA not after:            Mon 25 Sep 2023 08:01:34 +0000
asID:                     59282
IP address blocks:        2400:d680:12f::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:b8:f8:f9:18:3e:af:7b:88:fc:bc:b1:c1:e0:60:94:21:a2:98:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
        Validity
            Not Before: Sep 26 07:56:34 2022 GMT
            Not After : Sep 25 08:01:34 2023 GMT
        Subject: CN=117875DF80E8E00E450D2382F54E06452235E781
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:d0:ff:fd:f4:77:a8:03:0e:74:90:77:1c:62:
                    88:05:56:c1:4d:0b:85:c6:84:69:b0:af:67:06:da:
                    07:21:da:cd:54:40:d1:70:c4:f3:df:a0:74:f0:30:
                    5b:90:9c:14:69:7c:2a:5c:91:ba:2a:67:f4:f2:1f:
                    65:e8:9b:58:42:a4:15:db:5b:02:34:ce:97:02:8c:
                    40:67:40:c3:be:41:a9:72:49:03:d0:b6:eb:6e:f3:
                    51:4d:8a:05:04:bd:1b:ed:dd:b0:f0:44:df:a6:0c:
                    56:4b:f9:9d:71:fe:4a:46:e1:86:45:5d:5f:b7:b7:
                    41:a1:d8:66:ec:9e:0d:37:80:d0:9c:04:6a:8f:29:
                    b9:cb:9e:da:d0:07:c7:13:fe:8b:8a:cc:45:07:ac:
                    1e:f7:dd:4d:b4:65:44:cd:21:8a:64:61:66:dc:ef:
                    8e:f4:e3:2d:19:cb:ab:73:77:03:c0:32:00:01:63:
                    9b:6d:48:53:28:32:bd:4e:6b:2a:88:1a:fe:86:cb:
                    8b:bd:94:12:6c:5a:3f:7b:ab:f9:a6:7c:5a:fa:fe:
                    7e:9d:2a:0c:0d:42:f7:6c:b0:cf:5e:c4:f9:56:fb:
                    87:67:94:06:e2:b1:a3:a6:38:5d:68:15:1e:4b:69:
                    a4:da:1c:8a:1b:f0:a9:d6:59:f1:6d:eb:3a:3f:83:
                    8a:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:78:75:DF:80:E8:E0:0E:45:0D:23:82:F5:4E:06:45:22:35:E7:81
            X509v3 Authority Key Identifier:
                keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3132663a3a2f34382d3438203d3e203539323832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:d680:12f::/48

    Signature Algorithm: sha256WithRSAEncryption
         17:65:82:b0:ff:e6:95:a4:1b:72:7d:72:58:63:76:f8:67:29:
         ef:26:30:8c:a6:49:a3:b4:67:78:d0:1b:01:8e:eb:1d:fd:62:
         e9:d9:11:49:9e:43:a9:82:b8:3a:16:d3:86:7f:97:65:0f:ba:
         86:ab:30:57:8a:d1:9f:98:c7:84:6b:11:ba:12:9e:47:ec:e7:
         dd:87:67:cc:d4:f5:0f:f5:e9:96:b2:d8:ca:73:d3:c1:bb:9f:
         9e:3b:70:1a:7d:1b:0e:83:ad:78:77:72:77:9f:6f:56:b9:4c:
         81:2b:86:fd:d6:bd:b7:59:8c:2e:f1:56:0d:e9:53:39:df:b1:
         00:22:b3:a5:e2:f5:66:9e:de:db:01:2e:db:92:4b:0d:1f:a4:
         28:46:1b:e2:fa:90:12:6b:94:05:7c:7f:72:13:23:82:ef:ed:
         7e:89:b0:e0:a8:8b:33:c6:b3:94:81:f9:dd:94:c3:1f:d2:f4:
         4c:ba:ad:1a:58:cf:4e:02:cd:24:21:d0:e8:f9:10:a6:95:12:
         46:02:97:c7:22:29:fb:52:10:42:47:12:5d:a3:c5:c2:93:ab:
         a2:c8:dd:52:da:2e:78:8d:f7:11:99:3f:80:65:df:e1:fd:e0:
         06:a7:06:98:63:3e:22:5a:76:f7:97:1d:50:3c:17:b2:6f:e4:
         d1:9b:0d:3f
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUGLj4+Rg+r3uI/LyxweBglCGimAwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yMjA5MjYwNzU2MzRaFw0yMzA5MjUwODAxMzRaMDMxMTAvBgNV
BAMTKDExNzg3NURGODBFOEUwMEU0NTBEMjM4MkY1NEUwNjQ1MjIzNUU3ODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDb0P/99HeoAw50kHccYogFVsFN
C4XGhGmwr2cG2gch2s1UQNFwxPPfoHTwMFuQnBRpfCpckboqZ/TyH2Xom1hCpBXb
WwI0zpcCjEBnQMO+QalySQPQtutu81FNigUEvRvt3bDwRN+mDFZL+Z1x/kpG4YZF
XV+3t0Gh2Gbsng03gNCcBGqPKbnLntrQB8cT/ouKzEUHrB733U20ZUTNIYpkYWbc
74704y0Zy6tzdwPAMgABY5ttSFMoMr1OayqIGv6Gy4u9lBJsWj97q/mmfFr6/n6d
KgwNQvdssM9exPlW+4dnlAbisaOmOF1oFR5LaaTaHIob8KnWWfFt6zo/g4pvAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUEXh134Do4A5FDSOC9U4GRSI154EwHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhMzEzMjY2M2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzUzOTMyMzgzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQA1oAB
LzANBgkqhkiG9w0BAQsFAAOCAQEAF2WCsP/mlaQbcn1yWGN2+Gcp7yYwjKZJo7Rn
eNAbAY7rHf1i6dkRSZ5DqYK4OhbThn+XZQ+6hqswV4rRn5jHhGsRuhKeR+zn3Ydn
zNT1D/XplrLYynPTwbufnjtwGn0bDoOteHdyd59vVrlMgSuG/da9t1mMLvFWDelT
Od+xACKzpeL1Zp7e2wEu25JLDR+kKEYb4vqQEmuUBXx/chMjgu/tfomw4KiLM8az
lIH53ZTDH9L0TLqtGljPTgLNJCHQ6PkQppUSRgKXxyIp+1IQQkcSXaPFwpOrosjd
UtoueI33EZk/gGXf4f3gBqcGmGM+Ilp295cdUDwXsm/k0ZsNPw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:13 2024 by rpki-client on console-fra.rpki-client.org