Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3133643a3a2f34382d3438203d3e203539323832.roa
File:                     323430303a643638303a3133643a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier:          GytYjQhiZ71IoKp4nXIa+3IpC+gcvXUU9gzflQAKFl8=
Subject key identifier:   07:5D:2B:0E:69:98:F2:D3:85:41:F3:B0:32:31:70:F1:30:D4:3F:54
Certificate issuer:       /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial:       4121F3C1EE329CAF7B57CC8B4230D20B3597C5F6
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3133643a3a2f34382d3438203d3e203539323832.roa
Signing time:             Mon 26 Sep 2022 08:02:19 +0000
ROA not before:           Mon 26 Sep 2022 07:57:19 +0000
ROA not after:            Mon 25 Sep 2023 08:02:19 +0000
asID:                     59282
IP address blocks:        2400:d680:13d::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:21:f3:c1:ee:32:9c:af:7b:57:cc:8b:42:30:d2:0b:35:97:c5:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
        Validity
            Not Before: Sep 26 07:57:19 2022 GMT
            Not After : Sep 25 08:02:19 2023 GMT
        Subject: CN=075D2B0E6998F2D38541F3B0323170F130D43F54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:ca:13:8c:80:ac:8e:46:dc:23:f7:04:36:44:
                    6b:96:37:a4:90:38:64:d8:69:15:ee:84:82:22:d0:
                    b6:1a:36:e5:a6:fe:8f:2f:ab:a4:51:06:63:b9:7a:
                    f7:9d:e3:df:46:8b:6e:dd:7b:da:bb:78:32:ad:5d:
                    00:ad:c4:fd:86:77:d6:24:4c:57:99:ee:91:e6:43:
                    32:d0:e3:99:a8:6e:b4:25:47:3a:16:86:26:8c:c9:
                    8d:6f:c2:a7:62:56:11:13:7e:af:b7:bc:e0:d6:06:
                    cf:3e:8c:f1:3d:00:d7:49:11:9c:62:30:55:0a:7e:
                    04:89:78:f3:c0:cd:06:8b:a5:2d:5e:c9:2b:41:0e:
                    b4:68:75:51:8c:a5:3e:cb:47:8e:ec:8d:25:44:d5:
                    4b:7a:5b:c3:51:6c:0b:cd:2a:19:ad:81:02:76:11:
                    12:ff:33:d7:1c:01:b0:fe:9f:fb:81:87:a8:0d:00:
                    51:de:c7:78:17:fa:fd:01:9e:21:db:f8:0f:01:d9:
                    58:f1:36:16:69:eb:97:cc:48:e0:37:9f:b6:a0:dc:
                    80:3f:44:6d:2d:49:e6:0c:c5:96:66:7a:32:a2:9c:
                    7c:51:cc:e9:e9:61:c7:43:96:cf:41:60:73:b2:80:
                    9b:0b:08:99:17:c7:42:c3:46:18:1c:1a:32:bf:c0:
                    94:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:5D:2B:0E:69:98:F2:D3:85:41:F3:B0:32:31:70:F1:30:D4:3F:54
            X509v3 Authority Key Identifier:
                keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3133643a3a2f34382d3438203d3e203539323832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:d680:13d::/48

    Signature Algorithm: sha256WithRSAEncryption
         95:ba:ea:65:5e:60:a5:de:9d:c1:39:8c:7a:c7:01:24:43:96:
         59:c3:45:97:14:98:12:9e:61:94:58:06:b6:db:72:e4:11:22:
         5f:e1:3d:23:ca:ae:e5:07:e8:a6:45:bf:41:b7:91:c3:35:c5:
         18:fe:2e:73:be:67:9f:60:9b:5d:1c:19:0b:e9:af:7d:48:8e:
         9a:c9:24:0a:a8:85:d8:11:25:30:46:1d:ef:c2:c8:8d:84:db:
         df:7d:5c:dc:b6:1f:ba:85:99:b5:6d:93:53:0c:14:4c:cb:3a:
         c4:6f:8a:b9:35:07:03:bc:03:cf:94:10:83:97:c8:fc:6e:00:
         8e:20:4f:85:42:17:3b:06:bb:0c:f4:72:01:20:9b:82:2c:5b:
         73:49:e1:77:56:5c:82:79:fc:1f:a8:fa:e0:39:a7:b0:4d:98:
         04:b2:06:80:b6:4c:0a:7b:aa:97:a9:5b:e2:f3:3d:dc:86:20:
         8c:64:6a:7b:85:02:6b:49:2c:61:f5:ee:ae:cd:78:4d:a5:56:
         13:a8:f7:32:34:fc:09:25:fb:e1:96:fa:86:de:a0:39:72:02:
         8c:63:f0:7d:c3:41:e0:81:41:28:0b:24:dd:77:09:a3:54:bc:
         a1:4a:22:ac:09:a8:86:d1:82:07:9b:a8:57:99:33:60:85:ba:
         7f:81:18:8e
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUQSHzwe4ynK97V8yLQjDSCzWXxfYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yMjA5MjYwNzU3MTlaFw0yMzA5MjUwODAyMTlaMDMxMTAvBgNV
BAMTKDA3NUQyQjBFNjk5OEYyRDM4NTQxRjNCMDMyMzE3MEYxMzBENDNGNTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvyhOMgKyORtwj9wQ2RGuWN6SQ
OGTYaRXuhIIi0LYaNuWm/o8vq6RRBmO5eved499Gi27de9q7eDKtXQCtxP2Gd9Yk
TFeZ7pHmQzLQ45mobrQlRzoWhiaMyY1vwqdiVhETfq+3vODWBs8+jPE9ANdJEZxi
MFUKfgSJePPAzQaLpS1eyStBDrRodVGMpT7LR47sjSVE1Ut6W8NRbAvNKhmtgQJ2
ERL/M9ccAbD+n/uBh6gNAFHex3gX+v0BniHb+A8B2VjxNhZp65fMSOA3n7ag3IA/
RG0tSeYMxZZmejKinHxRzOnpYcdDls9BYHOygJsLCJkXx0LDRhgcGjK/wJSpAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUB10rDmmY8tOFQfOwMjFw8TDUP1QwHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhMzEzMzY0M2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzUzOTMyMzgzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQA1oAB
PTANBgkqhkiG9w0BAQsFAAOCAQEAlbrqZV5gpd6dwTmMescBJEOWWcNFlxSYEp5h
lFgGttty5BEiX+E9I8qu5QfopkW/QbeRwzXFGP4uc75nn2CbXRwZC+mvfUiOmskk
CqiF2BElMEYd78LIjYTb331c3LYfuoWZtW2TUwwUTMs6xG+KuTUHA7wDz5QQg5fI
/G4AjiBPhUIXOwa7DPRyASCbgixbc0nhd1Zcgnn8H6j64DmnsE2YBLIGgLZMCnuq
l6lb4vM93IYgjGRqe4UCa0ksYfXurs14TaVWE6j3MjT8CSX74Zb6ht6gOXICjGPw
fcNB4IFBKAsk3XcJo1S8oUoirAmohtGCB5uoV5kzYIW6f4EYjg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:13 2024 by rpki-client on console-fra.rpki-client.org