Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3134383a3a2f34382d3438203d3e203539323832.roa
File:                     323430303a643638303a3134383a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier:          aBvd4kG6Nqh7J5lcmxjnj7EsYuW649RyvteVnflEcAQ=
Subject key identifier:   00:29:7C:C0:35:3C:6D:D7:E8:54:5C:39:E2:38:6C:47:EB:89:E1:13
Certificate issuer:       /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial:       437318D8BC6BCAD9C496B35F1FACD9C90217AE77
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3134383a3a2f34382d3438203d3e203539323832.roa
Signing time:             Mon 26 Sep 2022 08:01:32 +0000
ROA not before:           Mon 26 Sep 2022 07:56:32 +0000
ROA not after:            Mon 25 Sep 2023 08:01:32 +0000
asID:                     59282
IP address blocks:        2400:d680:148::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:73:18:d8:bc:6b:ca:d9:c4:96:b3:5f:1f:ac:d9:c9:02:17:ae:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
        Validity
            Not Before: Sep 26 07:56:32 2022 GMT
            Not After : Sep 25 08:01:32 2023 GMT
        Subject: CN=00297CC0353C6DD7E8545C39E2386C47EB89E113
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:19:71:65:40:53:a9:f2:b9:45:bd:0f:14:ae:
                    10:95:44:89:ed:a5:8b:ad:6b:97:64:37:80:30:95:
                    93:29:bf:c8:6d:18:c0:c6:42:9e:38:22:42:a2:86:
                    02:5a:28:b5:6f:70:ee:91:cc:26:cc:99:6d:89:f0:
                    84:90:66:db:5e:38:97:59:5e:cc:31:2b:e4:3c:a3:
                    a1:8a:84:98:fe:4b:ed:c4:a0:eb:49:18:7f:0e:16:
                    33:c8:f8:6a:28:13:4c:c0:9b:d5:f2:1a:47:6a:85:
                    eb:83:d7:23:91:37:26:be:92:70:35:9f:b0:e2:fe:
                    d1:f7:97:02:1d:e4:b1:da:40:9c:f4:5a:6b:aa:44:
                    d4:b3:e8:9c:7e:3c:54:5c:dc:1f:f8:b4:e5:8e:08:
                    51:a5:5d:fe:0d:65:0c:3d:5c:34:73:29:7a:a4:fc:
                    83:ea:53:c1:dc:c5:bc:f7:e4:3e:bf:32:76:68:02:
                    fd:72:47:d9:df:6c:f1:01:ad:40:e8:e1:b6:92:f6:
                    f5:07:c1:9e:76:b0:e9:6a:b0:c5:88:b9:45:ba:ba:
                    9b:8f:72:ef:a8:f0:24:8d:c4:4e:75:45:99:67:f1:
                    79:eb:8e:d8:3e:e3:5b:22:6c:a4:cc:ed:cd:b3:01:
                    4a:02:10:b9:f9:fc:70:ea:2a:f0:78:7e:f4:62:47:
                    a8:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:29:7C:C0:35:3C:6D:D7:E8:54:5C:39:E2:38:6C:47:EB:89:E1:13
            X509v3 Authority Key Identifier:
                keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3134383a3a2f34382d3438203d3e203539323832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:d680:148::/48

    Signature Algorithm: sha256WithRSAEncryption
         8b:c3:e6:5a:7c:79:d6:9f:00:95:ac:b1:5e:5e:e0:7d:f5:73:
         ee:6e:65:c9:67:25:a2:53:59:58:37:8f:c0:97:25:73:d8:14:
         4f:62:62:44:81:b2:a3:31:93:ea:14:70:13:74:49:99:88:8d:
         02:2a:fb:25:f3:a8:bf:40:d7:38:d4:8f:bd:47:65:4e:f3:04:
         c0:c7:ec:e8:9b:8d:da:0b:63:d7:77:38:fa:f4:3f:92:58:33:
         7e:d5:b5:b6:c9:cf:05:b4:7e:27:e2:aa:50:47:be:e4:3d:81:
         02:98:29:5a:ed:88:32:62:bc:e3:7c:69:69:a7:fa:3d:f2:e9:
         de:b0:5e:63:69:29:1c:56:69:91:16:2b:c8:d7:d6:b9:a9:cb:
         90:2f:01:a2:36:3f:92:49:d8:af:83:c5:fd:34:80:ee:1d:bd:
         58:a8:47:10:22:b4:24:87:e1:3d:c5:72:f8:52:39:27:1b:63:
         5f:29:e3:99:10:5c:e1:2d:4f:31:32:aa:31:0f:1f:f0:f2:84:
         19:23:d0:48:0d:38:cc:37:41:8f:d5:35:e2:1e:17:12:f0:27:
         77:3d:be:61:df:1c:1f:eb:d5:e8:9a:30:76:ce:c6:3b:e5:41:
         ab:d8:67:04:86:c3:3f:6f:ef:cf:3a:fa:b6:b2:ba:5c:73:34:
         c2:89:d7:58
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUQ3MY2LxrytnElrNfH6zZyQIXrncwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yMjA5MjYwNzU2MzJaFw0yMzA5MjUwODAxMzJaMDMxMTAvBgNV
BAMTKDAwMjk3Q0MwMzUzQzZERDdFODU0NUMzOUUyMzg2QzQ3RUI4OUUxMTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdGXFlQFOp8rlFvQ8UrhCVRInt
pYuta5dkN4AwlZMpv8htGMDGQp44IkKihgJaKLVvcO6RzCbMmW2J8ISQZtteOJdZ
XswxK+Q8o6GKhJj+S+3EoOtJGH8OFjPI+GooE0zAm9XyGkdqheuD1yORNya+knA1
n7Di/tH3lwId5LHaQJz0WmuqRNSz6Jx+PFRc3B/4tOWOCFGlXf4NZQw9XDRzKXqk
/IPqU8Hcxbz35D6/MnZoAv1yR9nfbPEBrUDo4baS9vUHwZ52sOlqsMWIuUW6upuP
cu+o8CSNxE51RZln8Xnrjtg+41sibKTM7c2zAUoCELn5/HDqKvB4fvRiR6hXAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUACl8wDU8bdfoVFw54jhsR+uJ4RMwHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhMzEzNDM4M2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzUzOTMyMzgzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQA1oAB
SDANBgkqhkiG9w0BAQsFAAOCAQEAi8PmWnx51p8AlayxXl7gffVz7m5lyWclolNZ
WDePwJclc9gUT2JiRIGyozGT6hRwE3RJmYiNAir7JfOov0DXONSPvUdlTvMEwMfs
6JuN2gtj13c4+vQ/klgzftW1tsnPBbR+J+KqUEe+5D2BApgpWu2IMmK843xpaaf6
PfLp3rBeY2kpHFZpkRYryNfWuanLkC8BojY/kknYr4PF/TSA7h29WKhHECK0JIfh
PcVy+FI5JxtjXynjmRBc4S1PMTKqMQ8f8PKEGSPQSA04zDdBj9U14h4XEvAndz2+
Yd8cH+vV6Jowds7GO+VBq9hnBIbDP2/vzzr6trK6XHM0wonXWA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:13 2024 by rpki-client on console-fra.rpki-client.org