Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/ccbcc00d-ce79-4216-a62b-e3d50cc79442/0/3132302e38392e38382e302f32332d3233203d3e203435323839.roa
File:                     3132302e38392e38382e302f32332d3233203d3e203435323839.roa (raw, json)
Hash identifier:          RUB/WOjbx3iAOeyRFTZ7gzRw9R28K1jYx3ExdGpJIaM=
Subject key identifier:   AC:CD:54:4C:16:44:79:0A:B5:5A:74:5D:83:E1:42:E5:70:62:31:D9
Certificate issuer:       /CN=9973E5D6F7F65DCF015E9DAFCEF394F512E4FD61
Certificate serial:       151C85B8F31B70E1DE823A774EF4BEC94644B189
Authority key identifier: 99:73:E5:D6:F7:F6:5D:CF:01:5E:9D:AF:CE:F3:94:F5:12:E4:FD:61
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9973E5D6F7F65DCF015E9DAFCEF394F512E4FD61.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/ccbcc00d-ce79-4216-a62b-e3d50cc79442/0/3132302e38392e38382e302f32332d3233203d3e203435323839.roa
Signing time:             Sat 15 Apr 2023 05:46:32 +0000
ROA not before:           Sat 15 Apr 2023 05:41:32 +0000
ROA not after:            Sat 13 Apr 2024 05:46:32 +0000
asID:                     45289
IP address blocks:        120.89.88.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:1c:85:b8:f3:1b:70:e1:de:82:3a:77:4e:f4:be:c9:46:44:b1:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9973E5D6F7F65DCF015E9DAFCEF394F512E4FD61
        Validity
            Not Before: Apr 15 05:41:32 2023 GMT
            Not After : Apr 13 05:46:32 2024 GMT
        Subject: CN=ACCD544C1644790AB55A745D83E142E5706231D9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:ab:96:63:43:be:4b:f3:84:9c:80:ac:e0:dd:
                    4a:f4:e0:48:b1:7d:65:b7:cc:c8:c5:93:c8:49:e9:
                    c2:90:5c:b7:1c:bb:f0:64:ca:27:ec:c4:0f:11:61:
                    d5:60:6a:aa:ca:8f:9c:30:6a:80:0b:a9:d8:bd:13:
                    21:d1:52:48:e2:82:02:58:1c:74:03:03:cb:18:fc:
                    60:1e:50:80:0c:0f:98:61:02:15:79:df:cc:8b:0e:
                    83:04:78:dd:45:0f:1e:21:19:eb:e6:1f:52:bb:3e:
                    06:3a:8a:2d:ce:8e:cd:fa:4c:d9:83:0d:cd:a7:6b:
                    fe:ac:2e:2c:da:c6:7c:bb:eb:8a:6c:00:46:e3:76:
                    20:38:3a:3f:30:f0:2b:f5:fc:09:9d:49:57:28:6c:
                    a4:00:5d:2d:09:e4:48:3b:3f:f1:de:0c:9f:41:48:
                    f7:a0:8d:15:7c:a9:3a:c0:dd:f4:3f:e8:14:76:b0:
                    4f:63:f9:cd:43:a9:d2:dd:f7:62:f3:67:1e:e8:90:
                    ab:06:c0:51:70:87:00:23:9e:62:ab:a9:74:62:38:
                    1c:6b:a3:4f:62:b6:86:e5:64:60:aa:05:1a:7f:ee:
                    72:2f:f3:2b:41:a2:1d:7c:78:f8:71:43:07:05:64:
                    6a:9a:c1:c3:e7:c6:81:92:a7:47:bd:f6:2a:45:d5:
                    d4:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:CD:54:4C:16:44:79:0A:B5:5A:74:5D:83:E1:42:E5:70:62:31:D9
            X509v3 Authority Key Identifier:
                keyid:99:73:E5:D6:F7:F6:5D:CF:01:5E:9D:AF:CE:F3:94:F5:12:E4:FD:61

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/ccbcc00d-ce79-4216-a62b-e3d50cc79442/0/9973E5D6F7F65DCF015E9DAFCEF394F512E4FD61.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9973E5D6F7F65DCF015E9DAFCEF394F512E4FD61.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ccbcc00d-ce79-4216-a62b-e3d50cc79442/0/3132302e38392e38382e302f32332d3233203d3e203435323839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  120.89.88.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7e:d9:67:fa:e1:0d:a0:cc:13:45:85:27:d4:2b:dc:e9:d8:29:
         30:af:69:74:a8:37:45:f9:7d:27:77:db:d5:9e:2b:03:29:44:
         33:5d:bf:58:fb:f5:48:49:4c:6e:ad:53:92:ff:6b:18:58:68:
         c0:67:ee:bd:96:09:fd:86:c6:84:37:be:89:bc:3f:8b:29:2b:
         93:fb:a7:48:e3:0e:e2:9a:73:cc:c8:a0:aa:8e:b7:e8:6b:d2:
         df:78:bd:a1:82:d2:64:92:00:df:90:ba:ea:1e:64:70:03:90:
         07:61:80:71:5a:13:5c:17:6e:20:d5:07:b4:cd:b8:20:81:24:
         d8:b8:cd:bb:c4:24:8b:45:39:47:0d:7c:b6:30:c3:23:a1:3f:
         a7:ce:1b:2a:c6:56:10:67:7f:fb:15:7a:ab:35:97:c8:95:3b:
         65:ea:f9:31:81:93:7b:32:6f:74:91:76:78:62:27:71:5b:b6:
         c1:78:30:6e:17:b8:c2:50:b2:23:14:68:e3:82:f9:0a:59:d5:
         e9:2c:9f:79:20:2b:cb:f2:2b:a6:51:b3:f9:8d:b2:3a:f9:ac:
         43:1f:2f:b6:b0:7c:66:82:49:48:cf:e0:c1:00:0f:2e:ed:a0:
         0f:5f:0d:9f:65:e5:ee:c9:bb:8a:4d:eb:f4:df:02:2f:30:37:
         0b:8e:bf:aa
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUFRyFuPMbcOHegjp3TvS+yUZEsYkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTk3M0U1RDZGN0Y2NURDRjAxNUU5REFGQ0VGMzk0RjUx
MkU0RkQ2MTAeFw0yMzA0MTUwNTQxMzJaFw0yNDA0MTMwNTQ2MzJaMDMxMTAvBgNV
BAMTKEFDQ0Q1NDRDMTY0NDc5MEFCNTVBNzQ1RDgzRTE0MkU1NzA2MjMxRDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLq5ZjQ75L84ScgKzg3Ur04Eix
fWW3zMjFk8hJ6cKQXLccu/BkyifsxA8RYdVgaqrKj5wwaoALqdi9EyHRUkjiggJY
HHQDA8sY/GAeUIAMD5hhAhV538yLDoMEeN1FDx4hGevmH1K7PgY6ii3Ojs36TNmD
Dc2na/6sLizaxny764psAEbjdiA4Oj8w8Cv1/AmdSVcobKQAXS0J5Eg7P/HeDJ9B
SPegjRV8qTrA3fQ/6BR2sE9j+c1DqdLd92LzZx7okKsGwFFwhwAjnmKrqXRiOBxr
o09itoblZGCqBRp/7nIv8ytBoh18ePhxQwcFZGqawcPnxoGSp0e99ipF1dQxAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUrM1UTBZEeQq1WnRdg+FC5XBiMdkwHwYDVR0j
BBgwFoAUmXPl1vf2Xc8BXp2vzvOU9RLk/WEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
Y2JjYzAwZC1jZTc5LTQyMTYtYTYyYi1lM2Q1MGNjNzk0NDIvMC85OTczRTVENkY3
RjY1RENGMDE1RTlEQUZDRUYzOTRGNTEyRTRGRDYxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOTk3M0U1RDZGN0Y2NURDRjAxNUU5REFGQ0VGMzk0RjUxMkU0
RkQ2MS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2NjYmNjMDBkLWNlNzktNDIxNi1h
NjJiLWUzZDUwY2M3OTQ0Mi8wLzMxMzIzMDJlMzgzOTJlMzgzODJlMzAyZjMyMzMy
ZDMyMzMyMDNkM2UyMDM0MzUzMjM4Mzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAF4WVgwDQYJKoZIhvcN
AQELBQADggEBAH7ZZ/rhDaDME0WFJ9Qr3OnYKTCvaXSoN0X5fSd329WeKwMpRDNd
v1j79UhJTG6tU5L/axhYaMBn7r2WCf2GxoQ3vom8P4spK5P7p0jjDuKac8zIoKqO
t+hr0t94vaGC0mSSAN+QuuoeZHADkAdhgHFaE1wXbiDVB7TNuCCBJNi4zbvEJItF
OUcNfLYwwyOhP6fOGyrGVhBnf/sVeqs1l8iVO2Xq+TGBk3syb3SRdnhiJ3FbtsF4
MG4XuMJQsiMUaOOC+QpZ1eksn3kgK8vyK6ZRs/mNsjr5rEMfL7awfGaCSUjP4MEA
Dy7toA9fDZ9l5e7Ju4pN6/TfAi8wNwuOv6o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:52 2024 by rpki-client on console-ams.rpki-client.org