Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3133653a3a2f34382d3438203d3e203539323832.roa
File:                     323430303a643638303a3133653a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier:          W/BjHUwMSvvp2QhSCAPQz5Vu+IlrrWS6igjFrByF4MQ=
Subject key identifier:   FB:47:5C:58:1B:BF:9A:0F:7F:48:CE:C8:2E:44:FA:A7:E9:38:98:87
Certificate issuer:       /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial:       15A616B3F7B08D9076A4643F4A0F806B8F68BC61
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3133653a3a2f34382d3438203d3e203539323832.roa
Signing time:             Mon 26 Sep 2022 08:01:21 +0000
ROA not before:           Mon 26 Sep 2022 07:56:21 +0000
ROA not after:            Mon 25 Sep 2023 08:01:21 +0000
asID:                     59282
IP address blocks:        2400:d680:13e::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:a6:16:b3:f7:b0:8d:90:76:a4:64:3f:4a:0f:80:6b:8f:68:bc:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
        Validity
            Not Before: Sep 26 07:56:21 2022 GMT
            Not After : Sep 25 08:01:21 2023 GMT
        Subject: CN=FB475C581BBF9A0F7F48CEC82E44FAA7E9389887
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:f4:ea:57:d9:a7:53:12:9e:4c:fe:13:13:2a:
                    71:8f:13:30:30:3b:28:fd:b4:da:97:87:11:c5:6d:
                    a4:f6:3e:d4:fa:7f:d2:67:1f:52:45:76:03:1e:db:
                    6c:15:90:3f:1a:24:ca:e0:a3:56:ef:87:7e:a0:1c:
                    33:9c:c4:db:e7:9c:13:8b:9f:5d:21:6b:a5:a4:7e:
                    4a:7e:a3:55:60:71:70:3e:2c:a7:e4:9b:76:8d:64:
                    49:7b:4d:b4:0d:70:9b:7d:07:78:39:84:14:da:e4:
                    4e:e9:a7:76:91:94:53:57:fd:e8:e3:60:46:d2:24:
                    9a:aa:06:71:45:bd:b6:51:3e:5f:7a:21:79:75:29:
                    08:98:c8:da:97:32:4e:c8:3b:89:89:a1:e1:08:3f:
                    b4:0d:84:4b:01:2b:68:52:e5:f7:43:c5:68:34:e8:
                    3c:ed:c6:e3:11:71:73:b2:3e:fd:ec:80:35:8a:4a:
                    fd:2a:a6:f1:fc:3d:67:45:0c:db:44:20:e9:ed:53:
                    2f:3d:63:f2:82:5f:22:ae:5e:db:7b:4f:16:04:36:
                    81:d5:22:bb:9e:cd:11:17:5b:49:90:00:eb:49:dd:
                    78:6d:8e:d0:e0:41:41:40:a8:c9:0a:43:9f:4c:4a:
                    a8:44:27:21:f6:0d:66:98:0c:b9:57:9f:a8:2c:1a:
                    be:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:47:5C:58:1B:BF:9A:0F:7F:48:CE:C8:2E:44:FA:A7:E9:38:98:87
            X509v3 Authority Key Identifier:
                keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3133653a3a2f34382d3438203d3e203539323832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:d680:13e::/48

    Signature Algorithm: sha256WithRSAEncryption
         79:4f:43:31:f3:d0:bd:8b:e1:a7:cd:59:f9:b9:6f:3b:d6:fe:
         ea:f0:04:41:98:af:45:8d:3e:29:f1:ff:00:22:58:05:ba:ac:
         91:1f:3c:90:0d:ac:20:88:18:c4:1e:0f:30:fa:a7:e8:9f:c5:
         43:94:a7:c1:21:80:da:d4:19:3f:6f:b9:29:c6:36:74:2a:14:
         fe:63:e8:9a:80:2a:4f:e9:34:f2:bc:6c:73:32:85:26:86:f3:
         a4:44:9a:cc:e2:4d:32:33:49:a3:5d:29:d9:23:6b:81:f9:80:
         a5:d6:de:7b:32:da:c4:93:1a:29:e6:9e:31:a1:98:df:bd:c3:
         13:c5:9a:dc:bf:3a:b4:7c:a4:de:d0:15:d6:a4:b5:e9:84:fb:
         86:4c:8f:97:a2:7b:55:d6:e3:8b:9d:cc:bb:df:4d:5d:a4:dd:
         89:96:73:ce:cc:c0:b9:00:f9:fc:4b:0b:22:fd:30:2d:4f:32:
         a9:8c:c3:e8:8b:2d:c7:f5:69:8d:97:27:b7:86:de:28:8b:db:
         c5:2a:55:e8:8a:2d:15:11:31:7c:8c:b0:be:82:a7:d7:6a:ad:
         92:3b:93:b6:92:ca:c9:a6:19:33:92:e0:e2:2e:e7:96:dc:60:
         81:e4:c0:ef:1f:18:42:4b:04:ee:16:49:b0:06:06:0f:df:a6:
         17:23:e5:d3
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUFaYWs/ewjZB2pGQ/Sg+Aa49ovGEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yMjA5MjYwNzU2MjFaFw0yMzA5MjUwODAxMjFaMDMxMTAvBgNV
BAMTKEZCNDc1QzU4MUJCRjlBMEY3RjQ4Q0VDODJFNDRGQUE3RTkzODk4ODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz9OpX2adTEp5M/hMTKnGPEzAw
Oyj9tNqXhxHFbaT2PtT6f9JnH1JFdgMe22wVkD8aJMrgo1bvh36gHDOcxNvnnBOL
n10ha6Wkfkp+o1VgcXA+LKfkm3aNZEl7TbQNcJt9B3g5hBTa5E7pp3aRlFNX/ejj
YEbSJJqqBnFFvbZRPl96IXl1KQiYyNqXMk7IO4mJoeEIP7QNhEsBK2hS5fdDxWg0
6DztxuMRcXOyPv3sgDWKSv0qpvH8PWdFDNtEIOntUy89Y/KCXyKuXtt7TxYENoHV
IruezREXW0mQAOtJ3XhtjtDgQUFAqMkKQ59MSqhEJyH2DWaYDLlXn6gsGr7NAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU+0dcWBu/mg9/SM7ILkT6p+k4mIcwHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhMzEzMzY1M2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzUzOTMyMzgzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQA1oAB
PjANBgkqhkiG9w0BAQsFAAOCAQEAeU9DMfPQvYvhp81Z+blvO9b+6vAEQZivRY0+
KfH/ACJYBbqskR88kA2sIIgYxB4PMPqn6J/FQ5SnwSGA2tQZP2+5KcY2dCoU/mPo
moAqT+k08rxsczKFJobzpESazOJNMjNJo10p2SNrgfmApdbeezLaxJMaKeaeMaGY
373DE8Wa3L86tHyk3tAV1qS16YT7hkyPl6J7Vdbji53Mu99NXaTdiZZzzszAuQD5
/EsLIv0wLU8yqYzD6Istx/VpjZcnt4beKIvbxSpV6IotFRExfIywvoKn12qtkjuT
tpLKyaYZM5Lg4i7nltxggeTA7x8YQksE7hZJsAYGD9+mFyPl0w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:49 2024 by rpki-client on console-ams.rpki-client.org