Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/bd35bf79-e84a-40e0-8fd4-f169c186be8f/0/3130332e3130382e3135392e302f32342d3234203d3e20313337333036.roa
File:                     3130332e3130382e3135392e302f32342d3234203d3e20313337333036.roa (raw, json)
Hash identifier:          GUkubUhimoKPJmonASsNiHI6K213rol3kSeOR5RKciI=
Subject key identifier:   57:94:9A:99:DB:B1:30:2B:2C:70:C4:F1:8B:06:D9:A7:4C:BE:32:BF
Certificate issuer:       /CN=E72622AE0F69B4CDABC9CD223B3E06C7DC5E1014
Certificate serial:       0C18F220157F4D521504A49EB02D5F3583BF787D
Authority key identifier: E7:26:22:AE:0F:69:B4:CD:AB:C9:CD:22:3B:3E:06:C7:DC:5E:10:14
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E72622AE0F69B4CDABC9CD223B3E06C7DC5E1014.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/bd35bf79-e84a-40e0-8fd4-f169c186be8f/0/3130332e3130382e3135392e302f32342d3234203d3e20313337333036.roa
Signing time:             Sun 28 Aug 2022 23:02:37 +0000
ROA not before:           Sun 28 Aug 2022 22:57:37 +0000
ROA not after:            Sun 27 Aug 2023 23:02:37 +0000
asID:                     137306
IP address blocks:        103.108.159.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:18:f2:20:15:7f:4d:52:15:04:a4:9e:b0:2d:5f:35:83:bf:78:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E72622AE0F69B4CDABC9CD223B3E06C7DC5E1014
        Validity
            Not Before: Aug 28 22:57:37 2022 GMT
            Not After : Aug 27 23:02:37 2023 GMT
        Subject: CN=57949A99DBB1302B2C70C4F18B06D9A74CBE32BF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:1c:d5:1f:fa:ed:c5:17:6e:ac:f1:24:b0:05:
                    b2:00:83:02:30:51:63:45:63:ac:80:55:70:e9:66:
                    e0:59:66:f1:0f:53:00:c5:6c:7f:ed:5f:bd:93:e4:
                    ea:59:3a:e3:7d:28:27:78:e8:c4:7e:87:84:04:06:
                    17:bb:08:b2:22:1a:3e:a7:14:08:97:65:0f:05:77:
                    68:12:fd:42:18:e4:9c:3e:30:3f:95:2b:5c:23:f9:
                    84:57:94:a5:c5:0e:b5:44:b9:79:35:b8:79:92:5a:
                    ea:59:06:55:64:70:f1:be:91:d0:47:18:fb:87:0a:
                    e0:13:be:8a:89:64:4c:2d:e1:3c:51:4e:9a:cf:2f:
                    9e:b4:03:70:ab:74:a7:77:ab:f4:4b:43:6d:0e:ce:
                    c6:58:57:9a:f7:c7:a2:df:c0:c3:be:71:87:8c:29:
                    db:a7:f7:87:7e:ad:d7:fe:d2:6e:a0:4e:38:84:10:
                    ed:30:bb:ce:1d:58:68:f5:af:fa:f9:28:c6:53:3f:
                    c6:51:d8:3b:6f:1e:ab:fa:f8:2f:de:51:07:fe:12:
                    2e:67:c4:4d:d8:3c:b0:a9:4e:cc:ce:72:71:d4:48:
                    70:0f:03:ea:59:e1:d9:31:dd:de:e0:0b:5a:89:b4:
                    27:76:d9:6d:a9:58:14:02:0e:17:cf:32:26:a4:60:
                    bf:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:94:9A:99:DB:B1:30:2B:2C:70:C4:F1:8B:06:D9:A7:4C:BE:32:BF
            X509v3 Authority Key Identifier:
                keyid:E7:26:22:AE:0F:69:B4:CD:AB:C9:CD:22:3B:3E:06:C7:DC:5E:10:14

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/bd35bf79-e84a-40e0-8fd4-f169c186be8f/0/E72622AE0F69B4CDABC9CD223B3E06C7DC5E1014.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E72622AE0F69B4CDABC9CD223B3E06C7DC5E1014.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bd35bf79-e84a-40e0-8fd4-f169c186be8f/0/3130332e3130382e3135392e302f32342d3234203d3e20313337333036.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.108.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:61:f4:a4:aa:e2:ac:7d:da:a6:6f:3a:0d:9f:ae:20:1c:1a:
         6b:e7:ec:8a:bd:42:df:04:54:aa:78:65:a1:ec:2d:9a:41:35:
         57:f8:ac:b6:c9:3b:87:15:d2:a3:46:d3:db:ce:a9:e1:db:15:
         23:03:fa:12:ea:86:62:d5:d6:02:6d:47:a4:b1:40:ee:40:79:
         ce:8f:9e:9d:2a:54:5c:4d:b9:a1:a9:af:be:3c:fc:86:20:fc:
         e1:18:5e:6a:67:da:16:f7:26:84:bf:d5:8d:ae:b0:d9:9e:34:
         e7:db:03:ad:d5:fd:30:d5:c4:d0:1d:32:e2:d9:4e:b2:14:c5:
         88:04:63:ec:c0:a1:71:6e:71:ae:c1:d3:a2:72:c8:f0:4c:a1:
         aa:06:f2:3c:34:ad:79:63:0b:75:5d:3c:68:02:f4:dc:99:96:
         6a:5e:86:5a:18:79:2f:bd:63:88:ac:c2:9c:d7:74:6f:82:49:
         32:b7:6a:f2:67:e5:49:99:f2:95:49:54:75:ae:4f:70:46:77:
         d5:52:24:0f:85:d5:66:89:a6:b8:36:71:2e:97:48:da:73:18:
         02:79:4e:51:da:e4:05:d0:07:9f:68:60:bc:80:59:6b:b5:33:
         a7:24:e1:2c:be:9d:cc:57:2d:6f:30:6e:8a:e7:a9:05:03:b0:
         60:22:dc:ae
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUDBjyIBV/TVIVBKSesC1fNYO/eH0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTcyNjIyQUUwRjY5QjRDREFCQzlDRDIyM0IzRTA2QzdE
QzVFMTAxNDAeFw0yMjA4MjgyMjU3MzdaFw0yMzA4MjcyMzAyMzdaMDMxMTAvBgNV
BAMTKDU3OTQ5QTk5REJCMTMwMkIyQzcwQzRGMThCMDZEOUE3NENCRTMyQkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBHNUf+u3FF26s8SSwBbIAgwIw
UWNFY6yAVXDpZuBZZvEPUwDFbH/tX72T5OpZOuN9KCd46MR+h4QEBhe7CLIiGj6n
FAiXZQ8Fd2gS/UIY5Jw+MD+VK1wj+YRXlKXFDrVEuXk1uHmSWupZBlVkcPG+kdBH
GPuHCuATvoqJZEwt4TxRTprPL560A3CrdKd3q/RLQ20OzsZYV5r3x6LfwMO+cYeM
Kdun94d+rdf+0m6gTjiEEO0wu84dWGj1r/r5KMZTP8ZR2DtvHqv6+C/eUQf+Ei5n
xE3YPLCpTszOcnHUSHAPA+pZ4dkx3d7gC1qJtCd22W2pWBQCDhfPMiakYL+JAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUV5SamduxMCsscMTxiwbZp0y+Mr8wHwYDVR0j
BBgwFoAU5yYirg9ptM2ryc0iOz4Gx9xeEBQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i
ZDM1YmY3OS1lODRhLTQwZTAtOGZkNC1mMTY5YzE4NmJlOGYvMC9FNzI2MjJBRTBG
NjlCNENEQUJDOUNEMjIzQjNFMDZDN0RDNUUxMDE0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRTcyNjIyQUUwRjY5QjRDREFCQzlDRDIyM0IzRTA2QzdEQzVF
MTAxNC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2JkMzViZjc5LWU4NGEtNDBlMC04
ZmQ0LWYxNjljMTg2YmU4Zi8wLzMxMzAzMzJlMzEzMDM4MmUzMTM1MzkyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTMzMzczMzMwMzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnbJ8wDQYJ
KoZIhvcNAQELBQADggEBADBh9KSq4qx92qZvOg2friAcGmvn7Iq9Qt8EVKp4ZaHs
LZpBNVf4rLbJO4cV0qNG09vOqeHbFSMD+hLqhmLV1gJtR6SxQO5Aec6Pnp0qVFxN
uaGpr748/IYg/OEYXmpn2hb3JoS/1Y2usNmeNOfbA63V/TDVxNAdMuLZTrIUxYgE
Y+zAoXFuca7B06JyyPBMoaoG8jw0rXljC3VdPGgC9NyZlmpehloYeS+9Y4iswpzX
dG+CSTK3avJn5UmZ8pVJVHWuT3BGd9VSJA+F1WaJprg2cS6XSNpzGAJ5TlHa5AXQ
B59oYLyAWWu1M6ck4Sy+ncxXLW8wbornqQUDsGAi3K4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:52 2024 by rpki-client on console-ams.rpki-client.org