Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/b899a15b-d5ae-45ec-8012-a6caab3dd88b/0/3130332e3135362e3134362e302f32332d3233203d3e20313431303933.roa
File:                     3130332e3135362e3134362e302f32332d3233203d3e20313431303933.roa (raw, json)
Hash identifier:          HetjMKZlQpzrBNtg6rjZKDvI6CZgz7gvn4i1FiVLxKU=
Subject key identifier:   EB:E3:61:4E:CC:15:90:21:CE:1B:9D:FB:F0:5E:23:A5:4B:25:7F:EF
Certificate issuer:       /CN=20FD166550369352D6C4C8AB8E9E4203C5D9ABEE
Certificate serial:       557459E98FC6C9B6CB4978C1A714FD07FBC08272
Authority key identifier: 20:FD:16:65:50:36:93:52:D6:C4:C8:AB:8E:9E:42:03:C5:D9:AB:EE
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20FD166550369352D6C4C8AB8E9E4203C5D9ABEE.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/b899a15b-d5ae-45ec-8012-a6caab3dd88b/0/3130332e3135362e3134362e302f32332d3233203d3e20313431303933.roa
Signing time:             Mon 08 Aug 2022 08:22:29 +0000
ROA not before:           Mon 08 Aug 2022 08:17:29 +0000
ROA not after:            Mon 07 Aug 2023 08:22:29 +0000
asID:                     141093
IP address blocks:        103.156.146.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:74:59:e9:8f:c6:c9:b6:cb:49:78:c1:a7:14:fd:07:fb:c0:82:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20FD166550369352D6C4C8AB8E9E4203C5D9ABEE
        Validity
            Not Before: Aug  8 08:17:29 2022 GMT
            Not After : Aug  7 08:22:29 2023 GMT
        Subject: CN=EBE3614ECC159021CE1B9DFBF05E23A54B257FEF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:83:c2:35:2a:a1:b5:80:49:28:8c:5c:da:55:
                    5b:03:94:a5:68:ce:0b:7c:26:e7:d2:7f:16:c0:19:
                    b6:a9:b3:9f:3f:d0:7a:fd:55:c4:68:cf:e5:1a:72:
                    c2:fd:32:de:97:b3:9a:2b:81:15:8a:f9:19:b5:5b:
                    eb:73:d5:ad:0a:ad:17:2c:46:46:d3:c3:9d:25:ae:
                    51:e7:8d:54:ef:fc:af:37:46:45:e3:5d:20:f5:49:
                    d2:b2:db:1a:63:e5:45:1b:44:a7:bd:88:a6:9d:3e:
                    cc:13:ee:ee:79:88:0a:ed:ad:fa:d1:8e:a2:34:bf:
                    40:45:32:63:6b:9d:f9:8d:a8:31:ac:5e:75:c1:3a:
                    c0:b1:8c:7b:e5:39:b5:ec:39:8a:cd:b1:a7:00:53:
                    04:64:4a:b5:5a:b6:37:45:f8:9a:42:4a:41:69:9d:
                    ae:6a:13:30:cb:b9:ea:d4:f8:94:84:b8:48:57:18:
                    df:bd:0c:6a:19:1e:79:74:ae:a0:2c:d2:56:12:5e:
                    bd:4a:d0:76:8e:da:4a:d6:c5:73:63:38:18:f3:a6:
                    fd:34:06:d6:e1:70:ee:73:10:b8:fc:a1:35:bc:37:
                    82:67:2c:3b:26:79:50:cf:fe:0b:e4:70:a9:26:da:
                    a3:c5:cc:f8:e3:17:e9:e8:fb:3b:9f:f9:0e:fe:c7:
                    8e:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:E3:61:4E:CC:15:90:21:CE:1B:9D:FB:F0:5E:23:A5:4B:25:7F:EF
            X509v3 Authority Key Identifier:
                keyid:20:FD:16:65:50:36:93:52:D6:C4:C8:AB:8E:9E:42:03:C5:D9:AB:EE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/b899a15b-d5ae-45ec-8012-a6caab3dd88b/0/20FD166550369352D6C4C8AB8E9E4203C5D9ABEE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20FD166550369352D6C4C8AB8E9E4203C5D9ABEE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b899a15b-d5ae-45ec-8012-a6caab3dd88b/0/3130332e3135362e3134362e302f32332d3233203d3e20313431303933.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.156.146.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2a:9e:7e:e8:0a:ba:06:98:63:9c:3d:23:2a:63:06:5a:09:30:
         15:89:49:b5:46:35:da:45:a8:3c:31:49:72:67:6e:cf:45:87:
         dc:91:13:62:93:ba:5b:ec:6b:9a:8c:85:7d:5f:78:89:ff:7d:
         e2:36:00:cf:b7:ed:cc:0e:12:97:88:7a:6f:cb:dd:7c:00:ba:
         ae:07:20:77:e4:fa:58:24:28:b3:1e:ab:9e:6a:38:53:59:d7:
         3a:4c:69:ca:da:83:a3:0b:05:7a:d6:2a:ef:77:5a:c3:51:78:
         35:f7:e0:8a:cf:71:b2:c5:11:2e:df:bd:b2:d6:7d:ef:dc:9e:
         3e:86:8f:87:18:3e:a8:65:ce:d5:e8:13:0d:5d:5c:ca:50:f4:
         b5:32:dc:d3:f9:09:b9:69:04:8d:a3:10:00:03:1e:9e:60:c3:
         c5:32:c3:34:11:42:2f:af:bb:69:52:84:91:7a:4e:c9:a6:6d:
         70:cc:8e:04:24:b7:ee:1e:1e:08:07:b5:9f:08:c5:0a:69:68:
         9b:fe:fb:d9:ef:f8:d6:9f:38:33:37:69:ea:b5:ec:4c:6b:0a:
         65:de:6e:20:dd:2d:0d:6c:17:20:52:63:ac:cf:e8:85:75:3a:
         e8:06:5e:a5:f0:1f:40:25:e6:19:3c:a9:92:1e:74:36:5a:7d:
         b6:11:07:46
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUVXRZ6Y/GybbLSXjBpxT9B/vAgnIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjBGRDE2NjU1MDM2OTM1MkQ2QzRDOEFCOEU5RTQyMDND
NUQ5QUJFRTAeFw0yMjA4MDgwODE3MjlaFw0yMzA4MDcwODIyMjlaMDMxMTAvBgNV
BAMTKEVCRTM2MTRFQ0MxNTkwMjFDRTFCOURGQkYwNUUyM0E1NEIyNTdGRUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7g8I1KqG1gEkojFzaVVsDlKVo
zgt8JufSfxbAGbaps58/0Hr9VcRoz+UacsL9Mt6Xs5orgRWK+Rm1W+tz1a0KrRcs
RkbTw50lrlHnjVTv/K83RkXjXSD1SdKy2xpj5UUbRKe9iKadPswT7u55iArtrfrR
jqI0v0BFMmNrnfmNqDGsXnXBOsCxjHvlObXsOYrNsacAUwRkSrVatjdF+JpCSkFp
na5qEzDLuerU+JSEuEhXGN+9DGoZHnl0rqAs0lYSXr1K0HaO2krWxXNjOBjzpv00
BtbhcO5zELj8oTW8N4JnLDsmeVDP/gvkcKkm2qPFzPjjF+no+zuf+Q7+x46HAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQU6+NhTswVkCHOG5378F4jpUslf+8wHwYDVR0j
BBgwFoAUIP0WZVA2k1LWxMirjp5CA8XZq+4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i
ODk5YTE1Yi1kNWFlLTQ1ZWMtODAxMi1hNmNhYWIzZGQ4OGIvMC8yMEZEMTY2NTUw
MzY5MzUyRDZDNEM4QUI4RTlFNDIwM0M1RDlBQkVFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjBGRDE2NjU1MDM2OTM1MkQ2QzRDOEFCOEU5RTQyMDNDNUQ5
QUJFRS5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2I4OTlhMTViLWQ1YWUtNDVlYy04
MDEyLWE2Y2FhYjNkZDg4Yi8wLzMxMzAzMzJlMzEzNTM2MmUzMTM0MzYyZTMwMmYz
MjMzMmQzMjMzMjAzZDNlMjAzMTM0MzEzMDM5MzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnnJIwDQYJ
KoZIhvcNAQELBQADggEBACqefugKugaYY5w9IypjBloJMBWJSbVGNdpFqDwxSXJn
bs9Fh9yRE2KTulvsa5qMhX1feIn/feI2AM+37cwOEpeIem/L3XwAuq4HIHfk+lgk
KLMeq55qOFNZ1zpMacrag6MLBXrWKu93WsNReDX34IrPcbLFES7fvbLWfe/cnj6G
j4cYPqhlztXoEw1dXMpQ9LUy3NP5CblpBI2jEAADHp5gw8UywzQRQi+vu2lShJF6
TsmmbXDMjgQkt+4eHggHtZ8IxQppaJv++9nv+NafODM3aeq17ExrCmXebiDdLQ1s
FyBSY6zP6IV1OugGXqXwH0Al5hk8qZIedDZafbYRB0Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:52 2024 by rpki-client on console-ams.rpki-client.org