Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/d924fa9a-e5f3-4265-9e1d-84e4535961d0/0/3130332e3130352e3139322e302f32322d3232203d3e20313336383738.roa
File:                     3130332e3130352e3139322e302f32322d3232203d3e20313336383738.roa (raw, json)
Hash identifier:          78VvnOxjwA81uRTsrubMfR76LulwPtgJWcfGQimDARA=
Subject key identifier:   8A:49:22:C0:B1:43:C0:C6:85:99:2A:43:F3:EB:2C:5E:82:D0:00:BD
Certificate issuer:       /CN=BD5D46B5BFE72F2AA1188A9096B10E01474244B1
Certificate serial:       1E24627E8FFC7DD20060337E7259A1CAE0B28C03
Authority key identifier: BD:5D:46:B5:BF:E7:2F:2A:A1:18:8A:90:96:B1:0E:01:47:42:44:B1
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD5D46B5BFE72F2AA1188A9096B10E01474244B1.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/d924fa9a-e5f3-4265-9e1d-84e4535961d0/0/3130332e3130352e3139322e302f32322d3232203d3e20313336383738.roa
Signing time:             Mon 21 Feb 2022 15:10:31 +0000
ROA not before:           Mon 21 Feb 2022 15:05:31 +0000
ROA not after:            Tue 21 Feb 2023 15:10:31 +0000
asID:                     136878
IP address blocks:        103.105.192.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:24:62:7e:8f:fc:7d:d2:00:60:33:7e:72:59:a1:ca:e0:b2:8c:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BD5D46B5BFE72F2AA1188A9096B10E01474244B1
        Validity
            Not Before: Feb 21 15:05:31 2022 GMT
            Not After : Feb 21 15:10:31 2023 GMT
        Subject: CN=3082010A0282010100EA03ABE978BE3FE22AA777D9A769E0126BA42FFCF666B0A769A12BD9732503146F266E60AA4ED11AAB418DBE57D3C84982C5ECA26D58D339070B6F0754653CAF3EEC8FFC6CA3728E4DF4DD160F31F93129217D234FE1A772D2B476B2363F25B78B18114796355955BEFC3EBB01D2D8A0617719C6578CD341F1F0AE069840CE103D2A83D90896FAD5686B7E27039ED6B9EA6E6630584EC15ADCEE7BF17A84D65AC6921F356077F532DAB5E53331DED92FB53860225D0FEB918BFD9CED06DB782EBB03FA24EE4CDA2BA06B566C9AC436D34E7C8FA68E81A32448519CDB135615FF78AE24A9525DD22A1E5B8CB2E17031A6876486273A4BEC88991809AF0BA6F0470203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:03:ab:e9:78:be:3f:e2:2a:a7:77:d9:a7:69:
                    e0:12:6b:a4:2f:fc:f6:66:b0:a7:69:a1:2b:d9:73:
                    25:03:14:6f:26:6e:60:aa:4e:d1:1a:ab:41:8d:be:
                    57:d3:c8:49:82:c5:ec:a2:6d:58:d3:39:07:0b:6f:
                    07:54:65:3c:af:3e:ec:8f:fc:6c:a3:72:8e:4d:f4:
                    dd:16:0f:31:f9:31:29:21:7d:23:4f:e1:a7:72:d2:
                    b4:76:b2:36:3f:25:b7:8b:18:11:47:96:35:59:55:
                    be:fc:3e:bb:01:d2:d8:a0:61:77:19:c6:57:8c:d3:
                    41:f1:f0:ae:06:98:40:ce:10:3d:2a:83:d9:08:96:
                    fa:d5:68:6b:7e:27:03:9e:d6:b9:ea:6e:66:30:58:
                    4e:c1:5a:dc:ee:7b:f1:7a:84:d6:5a:c6:92:1f:35:
                    60:77:f5:32:da:b5:e5:33:31:de:d9:2f:b5:38:60:
                    22:5d:0f:eb:91:8b:fd:9c:ed:06:db:78:2e:bb:03:
                    fa:24:ee:4c:da:2b:a0:6b:56:6c:9a:c4:36:d3:4e:
                    7c:8f:a6:8e:81:a3:24:48:51:9c:db:13:56:15:ff:
                    78:ae:24:a9:52:5d:d2:2a:1e:5b:8c:b2:e1:70:31:
                    a6:87:64:86:27:3a:4b:ec:88:99:18:09:af:0b:a6:
                    f0:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:49:22:C0:B1:43:C0:C6:85:99:2A:43:F3:EB:2C:5E:82:D0:00:BD
            X509v3 Authority Key Identifier:
                keyid:BD:5D:46:B5:BF:E7:2F:2A:A1:18:8A:90:96:B1:0E:01:47:42:44:B1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/d924fa9a-e5f3-4265-9e1d-84e4535961d0/0/BD5D46B5BFE72F2AA1188A9096B10E01474244B1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD5D46B5BFE72F2AA1188A9096B10E01474244B1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d924fa9a-e5f3-4265-9e1d-84e4535961d0/0/3130332e3130352e3139322e302f32322d3232203d3e20313336383738.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.105.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         29:f0:bf:dc:d2:4d:ce:b4:4f:d0:51:a7:12:02:9b:7c:7b:51:
         a6:f7:65:bb:69:cd:a6:80:21:54:9e:0c:8f:5a:97:c4:6d:f7:
         df:b6:e8:66:c7:43:bc:fb:f6:d7:4a:d6:8b:e8:78:4d:7d:55:
         7c:2b:f1:5e:9a:70:74:94:2f:ce:56:6f:2a:1c:7e:31:b4:7e:
         e6:d6:c4:05:24:b9:58:c1:5b:cd:1d:35:e3:6b:83:39:9b:d4:
         be:25:db:d3:5d:6d:75:99:a8:ce:c9:50:29:cb:84:1f:d8:04:
         1e:e1:8f:bf:c6:ae:47:ce:a0:48:19:41:11:a4:49:fa:f8:60:
         c3:36:5b:8e:52:40:71:1f:c5:bb:9a:b4:40:0f:e0:7e:3f:53:
         5b:b1:92:56:1b:f6:e6:c7:13:cf:4d:ee:9e:81:70:83:f4:1a:
         28:ba:a2:13:f8:1f:c1:ca:58:f5:a7:35:9a:84:fd:b0:d1:a3:
         53:c1:c8:f3:48:a4:18:a4:ca:13:9d:76:11:60:b1:7f:f8:2e:
         73:56:d9:e0:b0:d9:8b:3c:b7:f2:93:c6:e8:d5:01:67:88:10:
         e2:42:8d:1e:09:7f:fa:80:d8:4f:32:4f:68:e4:f3:1f:49:f4:
         20:86:1f:03:c6:cc:90:cf:df:4f:2e:2c:72:ff:29:87:94:51:
         c0:cb:76:bd
-----BEGIN CERTIFICATE-----
MIIHKDCCBhCgAwIBAgIUHiRifo/8fdIAYDN+clmhyuCyjAMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkQ1RDQ2QjVCRkU3MkYyQUExMTg4QTkwOTZCMTBFMDE0
NzQyNDRCMTAeFw0yMjAyMjExNTA1MzFaFw0yMzAyMjExNTEwMzFaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRUEwM0FCRTk3OEJFM0ZFMjJB
QTc3N0Q5QTc2OUUwMTI2QkE0MkZGQ0Y2NjZCMEE3NjlBMTJCRDk3MzI1MDMxNDZG
MjY2RTYwQUE0RUQxMUFBQjQxOERCRTU3RDNDODQ5ODJDNUVDQTI2RDU4RDMzOTA3
MEI2RjA3NTQ2NTNDQUYzRUVDOEZGQzZDQTM3MjhFNERGNEREMTYwRjMxRjkzMTI5
MjE3RDIzNEZFMUE3NzJEMkI0NzZCMjM2M0YyNUI3OEIxODExNDc5NjM1NTk1NUJF
RkMzRUJCMDFEMkQ4QTA2MTc3MTlDNjU3OENEMzQxRjFGMEFFMDY5ODQwQ0UxMDNE
MkE4M0Q5MDg5NkZBRDU2ODZCN0UyNzAzOUVENkI5RUE2RTY2MzA1ODRFQzE1QURD
RUU3QkYxN0E4NEQ2NUFDNjkyMUYzNTYwNzdGNTMyREFCNUU1MzMzMURFRDkyRkI1
Mzg2MDIyNUQwRkVCOTE4QkZEOUNFRDA2REI3ODJFQkIwM0ZBMjRFRTRDREEyQkEw
NkI1NjZDOUFDNDM2RDM0RTdDOEZBNjhFODFBMzI0NDg1MTlDREIxMzU2MTVGRjc4
QUUyNEE5NTI1REQyMkExRTVCOENCMkUxNzAzMUE2ODc2NDg2MjczQTRCRUM4ODk5
MTgwOUFGMEJBNkYwNDcwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA6gOr6Xi+P+Iqp3fZp2ngEmukL/z2ZrCnaaEr2XMlAxRvJm5gqk7R
GqtBjb5X08hJgsXsom1Y0zkHC28HVGU8rz7sj/xso3KOTfTdFg8x+TEpIX0jT+Gn
ctK0drI2PyW3ixgRR5Y1WVW+/D67AdLYoGF3GcZXjNNB8fCuBphAzhA9KoPZCJb6
1WhrficDnta56m5mMFhOwVrc7nvxeoTWWsaSHzVgd/Uy2rXlMzHe2S+1OGAiXQ/r
kYv9nO0G23guuwP6JO5M2iuga1ZsmsQ20058j6aOgaMkSFGc2xNWFf94riSpUl3S
Kh5bjLLhcDGmh2SGJzpL7IiZGAmvC6bwRwIDAQABo4ICNjCCAjIwHQYDVR0OBBYE
FIpJIsCxQ8DGhZkqQ/PrLF6C0AC9MB8GA1UdIwQYMBaAFL1dRrW/5y8qoRiKkJax
DgFHQkSxMA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZDkyNGZhOWEtZTVmMy00MjY1LTll
MWQtODRlNDUzNTk2MWQwLzAvQkQ1RDQ2QjVCRkU3MkYyQUExMTg4QTkwOTZCMTBF
MDE0NzQyNDRCMS5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0JENUQ0NkI1
QkZFNzJGMkFBMTE4OEE5MDk2QjEwRTAxNDc0MjQ0QjEuY2VyMIGmBggrBgEFBQcB
CwSBmTCBljCBkwYIKwYBBQUHMAuGgYZyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9kOTI0ZmE5YS1lNWYzLTQyNjUtOWUxZC04NGU0NTM1OTYxZDAvMC8z
MTMwMzMyZTMxMzAzNTJlMzEzOTMyMmUzMDJmMzIzMjJkMzIzMjIwM2QzZTIwMzEz
MzM2MzgzNzM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCZ2nAMA0GCSqGSIb3DQEBCwUAA4IBAQAp8L/c
0k3OtE/QUacSApt8e1Gm92W7ac2mgCFUngyPWpfEbffftuhmx0O8+/bXStaL6HhN
fVV8K/FemnB0lC/OVm8qHH4xtH7m1sQFJLlYwVvNHTXja4M5m9S+JdvTXW11majO
yVApy4Qf2AQe4Y+/xq5HzqBIGUERpEn6+GDDNluOUkBxH8W7mrRAD+B+P1NbsZJW
G/bmxxPPTe6egXCD9BoouqIT+B/Bylj1pzWahP2w0aNTwcjzSKQYpMoTnXYRYLF/
+C5zVtngsNmLPLfyk8bo1QFniBDiQo0eCX/6gNhPMk9o5PMfSfQghh8DxsyQz99P
Lixy/ymHlFHAy3a9
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:16 2024 by rpki-client on console-fra.rpki-client.org