Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3135393a3a2f34382d3438203d3e203539323832.roa
File:                     323430303a643638303a3135393a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier:          uec9n6r3QocAtCtEXxwF7svZgLkRpb2uvHg+ldBjB+s=
Subject key identifier:   3B:98:A8:0E:66:D2:F1:17:1B:A0:63:A2:36:DF:FF:08:65:6B:5E:6A
Certificate issuer:       /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial:       52AF827E3D8A2167CA71CEECBF7B9E88DE03DCFA
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3135393a3a2f34382d3438203d3e203539323832.roa
Signing time:             Mon 26 Sep 2022 08:01:27 +0000
ROA not before:           Mon 26 Sep 2022 07:56:27 +0000
ROA not after:            Mon 25 Sep 2023 08:01:27 +0000
asID:                     59282
IP address blocks:        2400:d680:159::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:af:82:7e:3d:8a:21:67:ca:71:ce:ec:bf:7b:9e:88:de:03:dc:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
        Validity
            Not Before: Sep 26 07:56:27 2022 GMT
            Not After : Sep 25 08:01:27 2023 GMT
        Subject: CN=3B98A80E66D2F1171BA063A236DFFF08656B5E6A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:5b:12:63:82:68:f6:31:52:0e:fd:6b:78:b8:
                    17:ad:10:22:96:93:3a:30:a7:58:ae:f5:00:3e:7f:
                    ef:44:4b:f2:cd:24:76:d8:d3:31:c6:5a:82:5b:10:
                    a9:d8:ed:84:bc:26:e5:8b:da:ce:7e:e6:86:d6:a0:
                    f5:3d:73:e6:04:ae:26:4c:60:4a:20:55:92:c5:cd:
                    bf:7c:1a:ca:41:e6:2c:b0:59:d4:62:60:c7:2a:52:
                    77:68:ff:08:33:47:71:ce:85:03:7f:59:c1:17:a7:
                    a8:5a:38:64:3a:29:6c:8b:3c:d4:88:a4:0c:3c:2a:
                    c3:60:38:29:d6:a2:0d:e1:8b:21:a2:1a:4c:5e:7a:
                    72:5f:3d:bd:fa:89:5c:34:70:f0:36:9c:9d:92:34:
                    ab:a8:55:78:8c:02:87:97:e3:45:0c:0a:db:37:f6:
                    be:1f:32:87:17:c2:94:f2:d7:39:a5:98:29:ce:3e:
                    57:47:e2:a0:e4:bb:a8:58:76:02:c1:a6:f1:6a:b7:
                    f0:cd:83:cc:f0:88:e0:b0:a8:93:c6:da:9f:0e:71:
                    45:91:28:b5:76:96:ef:53:56:c5:71:70:11:e0:53:
                    d1:b2:82:48:af:c8:5c:18:96:dd:dc:c5:38:a5:c8:
                    7b:ae:d9:2b:bb:8f:72:5a:34:02:b1:f8:ee:8a:b1:
                    d8:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:98:A8:0E:66:D2:F1:17:1B:A0:63:A2:36:DF:FF:08:65:6B:5E:6A
            X509v3 Authority Key Identifier:
                keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3135393a3a2f34382d3438203d3e203539323832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:d680:159::/48

    Signature Algorithm: sha256WithRSAEncryption
         cf:1e:c2:ac:1b:0f:4f:49:61:b8:59:1e:76:81:81:33:b1:95:
         70:a7:68:36:f2:24:96:06:79:af:4b:04:01:df:80:8b:10:c3:
         6b:9b:9f:1d:c3:07:cf:d8:b4:4b:5f:76:2d:de:88:fa:85:a7:
         fc:8b:6a:c1:28:6b:45:23:c9:15:58:1e:c6:72:c6:a4:db:9a:
         d6:61:95:83:6f:3e:9c:34:6d:b0:20:33:36:8d:2d:e9:19:80:
         b3:57:83:d0:4a:82:1e:79:15:20:ee:79:a6:a4:8c:fc:76:db:
         ff:04:39:d7:b2:d6:a3:33:7a:91:70:f6:28:77:12:d7:ec:da:
         3f:39:37:ff:5b:b9:02:a2:0b:0d:38:3d:ad:96:38:f0:7d:24:
         9b:a1:41:1b:c6:d5:30:ac:03:61:59:1f:df:1b:b1:77:c9:8a:
         53:df:c9:39:56:d0:3a:d9:e5:ae:54:e4:97:6a:be:98:2d:38:
         33:c7:cc:fa:df:13:53:78:1e:b5:b8:9d:bc:28:91:ef:39:86:
         e8:5d:69:c6:3a:13:29:bf:0d:e9:58:24:11:10:70:88:44:48:
         5b:fc:35:ad:ba:6c:6f:fb:2f:47:fc:e9:6a:99:fe:f0:db:12:
         7a:ae:91:4e:9a:de:1c:cb:4f:04:25:90:fa:68:5f:ad:b0:88:
         91:20:46:64
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUUq+Cfj2KIWfKcc7sv3ueiN4D3PowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yMjA5MjYwNzU2MjdaFw0yMzA5MjUwODAxMjdaMDMxMTAvBgNV
BAMTKDNCOThBODBFNjZEMkYxMTcxQkEwNjNBMjM2REZGRjA4NjU2QjVFNkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLWxJjgmj2MVIO/Wt4uBetECKW
kzowp1iu9QA+f+9ES/LNJHbY0zHGWoJbEKnY7YS8JuWL2s5+5obWoPU9c+YEriZM
YEogVZLFzb98GspB5iywWdRiYMcqUndo/wgzR3HOhQN/WcEXp6haOGQ6KWyLPNSI
pAw8KsNgOCnWog3hiyGiGkxeenJfPb36iVw0cPA2nJ2SNKuoVXiMAoeX40UMCts3
9r4fMocXwpTy1zmlmCnOPldH4qDku6hYdgLBpvFqt/DNg8zwiOCwqJPG2p8OcUWR
KLV2lu9TVsVxcBHgU9GygkivyFwYlt3cxTilyHuu2Su7j3JaNAKx+O6KsdhfAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUO5ioDmbS8RcboGOiNt//CGVrXmowHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhMzEzNTM5M2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzUzOTMyMzgzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQA1oAB
WTANBgkqhkiG9w0BAQsFAAOCAQEAzx7CrBsPT0lhuFkedoGBM7GVcKdoNvIklgZ5
r0sEAd+AixDDa5ufHcMHz9i0S192Ld6I+oWn/ItqwShrRSPJFVgexnLGpNua1mGV
g28+nDRtsCAzNo0t6RmAs1eD0EqCHnkVIO55pqSM/Hbb/wQ517LWozN6kXD2KHcS
1+zaPzk3/1u5AqILDTg9rZY48H0km6FBG8bVMKwDYVkf3xuxd8mKU9/JOVbQOtnl
rlTkl2q+mC04M8fM+t8TU3getbidvCiR7zmG6F1pxjoTKb8N6VgkERBwiERIW/w1
rbpsb/svR/zpapn+8NsSeq6RTpreHMtPBCWQ+mhfrbCIkSBGZA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:50 2024 by rpki-client on console-ams.rpki-client.org