Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/f34ecc40-6b84-49e8-b60b-6e9904128ca8/0/3131352e3137382e3133362e302f32332d3234203d3e20313331373336.roa
File:                     3131352e3137382e3133362e302f32332d3234203d3e20313331373336.roa (raw, json)
Hash identifier:          uaki3l+7oViY0TB/WIgEvN2DpPTF6y5630M8rg7hFSA=
Subject key identifier:   B1:60:52:9F:5A:41:FC:21:BE:01:43:0A:A7:99:C6:3F:0F:DB:49:B9
Certificate issuer:       /CN=09A6F1FA4FC532D6B4E13462FC234C9C763CF361
Certificate serial:       522C2612B4BD44E6467A44B3451827E49670E84F
Authority key identifier: 09:A6:F1:FA:4F:C5:32:D6:B4:E1:34:62:FC:23:4C:9C:76:3C:F3:61
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/09A6F1FA4FC532D6B4E13462FC234C9C763CF361.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/f34ecc40-6b84-49e8-b60b-6e9904128ca8/0/3131352e3137382e3133362e302f32332d3234203d3e20313331373336.roa
Signing time:             Fri 04 Mar 2022 07:44:51 +0000
ROA not before:           Fri 04 Mar 2022 07:39:51 +0000
ROA not after:            Sat 04 Mar 2023 07:44:51 +0000
asID:                     131736
IP address blocks:        115.178.136.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:2c:26:12:b4:bd:44:e6:46:7a:44:b3:45:18:27:e4:96:70:e8:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=09A6F1FA4FC532D6B4E13462FC234C9C763CF361
        Validity
            Not Before: Mar  4 07:39:51 2022 GMT
            Not After : Mar  4 07:44:51 2023 GMT
        Subject: CN=3082010A0282010100C8885141F188958C18DF4997269F052C6E8FB06A6DA790DE4DB397835A0C00E91BBA781AEA98CCC65DBE7C47A81A41AE0CFD71DD5422F0F7FFE2784AE866242D3E763C61E74E8166140721374F1E07E1474549DEB8E66997EFEE90AE96641BA8DA4DB7618B01FC9A39C75AC55EFFA35C33E6F5C886B5D7FF1840CE6701D884A625878B5083DD559059072939028358A0B3C24BB1030BECFF2E8AAE527E7C63989650FFF9E8055E6C6F654AFCDD5C3DB2B4D418F82BB5BE15B9B19957F09C34A2325BCC15714054C5BDDEA9D5629E1F0831026A9431DEDF64EFE9D895B1E70A218524A999C5CCADC1430D25A0F1BAA095A8948EF60E6E0A851929952D236909A50203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:88:51:41:f1:88:95:8c:18:df:49:97:26:9f:
                    05:2c:6e:8f:b0:6a:6d:a7:90:de:4d:b3:97:83:5a:
                    0c:00:e9:1b:ba:78:1a:ea:98:cc:c6:5d:be:7c:47:
                    a8:1a:41:ae:0c:fd:71:dd:54:22:f0:f7:ff:e2:78:
                    4a:e8:66:24:2d:3e:76:3c:61:e7:4e:81:66:14:07:
                    21:37:4f:1e:07:e1:47:45:49:de:b8:e6:69:97:ef:
                    ee:90:ae:96:64:1b:a8:da:4d:b7:61:8b:01:fc:9a:
                    39:c7:5a:c5:5e:ff:a3:5c:33:e6:f5:c8:86:b5:d7:
                    ff:18:40:ce:67:01:d8:84:a6:25:87:8b:50:83:dd:
                    55:90:59:07:29:39:02:83:58:a0:b3:c2:4b:b1:03:
                    0b:ec:ff:2e:8a:ae:52:7e:7c:63:98:96:50:ff:f9:
                    e8:05:5e:6c:6f:65:4a:fc:dd:5c:3d:b2:b4:d4:18:
                    f8:2b:b5:be:15:b9:b1:99:57:f0:9c:34:a2:32:5b:
                    cc:15:71:40:54:c5:bd:de:a9:d5:62:9e:1f:08:31:
                    02:6a:94:31:de:df:64:ef:e9:d8:95:b1:e7:0a:21:
                    85:24:a9:99:c5:cc:ad:c1:43:0d:25:a0:f1:ba:a0:
                    95:a8:94:8e:f6:0e:6e:0a:85:19:29:95:2d:23:69:
                    09:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:60:52:9F:5A:41:FC:21:BE:01:43:0A:A7:99:C6:3F:0F:DB:49:B9
            X509v3 Authority Key Identifier:
                keyid:09:A6:F1:FA:4F:C5:32:D6:B4:E1:34:62:FC:23:4C:9C:76:3C:F3:61

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/f34ecc40-6b84-49e8-b60b-6e9904128ca8/0/09A6F1FA4FC532D6B4E13462FC234C9C763CF361.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/09A6F1FA4FC532D6B4E13462FC234C9C763CF361.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/f34ecc40-6b84-49e8-b60b-6e9904128ca8/0/3131352e3137382e3133362e302f32332d3234203d3e20313331373336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  115.178.136.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b0:30:3c:85:35:4e:a3:23:8d:88:fd:6a:f2:d1:f3:74:43:13:
         2a:d6:d2:93:47:19:cb:59:11:ea:77:5b:31:77:dd:6b:71:21:
         69:c4:b5:35:1d:70:28:2f:de:85:dd:cf:1c:47:bd:a7:87:87:
         73:49:17:b4:46:8c:1c:5f:c9:8b:72:a3:4d:d1:0e:b6:17:b8:
         10:cf:f8:9f:21:12:a9:a4:1b:c5:8b:bc:90:7c:15:a9:52:76:
         19:f6:a2:07:54:86:05:28:3d:aa:a2:9c:f6:e2:91:96:6a:86:
         b8:b1:da:a9:35:1a:b4:08:bf:8a:92:5e:aa:0c:1f:e0:f5:ff:
         53:ee:ac:15:34:e1:12:fd:61:c4:c9:c6:08:b7:47:79:41:b8:
         57:62:2d:9b:74:33:a7:d5:11:ab:fb:7d:fb:7f:81:ca:a4:0b:
         e0:f0:fd:d0:7d:8b:d5:f9:47:76:fc:a1:bc:c0:a8:74:a8:d7:
         6f:2b:33:68:ef:3d:e6:77:19:a8:44:47:c6:46:bd:93:39:0e:
         1b:50:bd:1f:d3:44:c1:03:5b:30:d3:dc:f8:e9:f8:89:c9:81:
         2e:55:f4:71:08:ec:c9:b2:bd:6d:00:7b:3f:62:0c:36:20:c8:
         45:cc:13:55:2c:5d:c0:ff:94:74:73:9d:7b:12:b7:48:f0:72:
         28:6e:f8:85
-----BEGIN CERTIFICATE-----
MIIHKDCCBhCgAwIBAgIUUiwmErS9ROZGekSzRRgn5JZw6E8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDlBNkYxRkE0RkM1MzJENkI0RTEzNDYyRkMyMzRDOUM3
NjNDRjM2MTAeFw0yMjAzMDQwNzM5NTFaFw0yMzAzMDQwNzQ0NTFaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQzg4ODUxNDFGMTg4OTU4QzE4
REY0OTk3MjY5RjA1MkM2RThGQjA2QTZEQTc5MERFNERCMzk3ODM1QTBDMDBFOTFC
QkE3ODFBRUE5OENDQzY1REJFN0M0N0E4MUE0MUFFMENGRDcxREQ1NDIyRjBGN0ZG
RTI3ODRBRTg2NjI0MkQzRTc2M0M2MUU3NEU4MTY2MTQwNzIxMzc0RjFFMDdFMTQ3
NDU0OURFQjhFNjY5OTdFRkVFOTBBRTk2NjQxQkE4REE0REI3NjE4QjAxRkM5QTM5
Qzc1QUM1NUVGRkEzNUMzM0U2RjVDODg2QjVEN0ZGMTg0MENFNjcwMUQ4ODRBNjI1
ODc4QjUwODNERDU1OTA1OTA3MjkzOTAyODM1OEEwQjNDMjRCQjEwMzBCRUNGRjJF
OEFBRTUyN0U3QzYzOTg5NjUwRkZGOUU4MDU1RTZDNkY2NTRBRkNERDVDM0RCMkI0
RDQxOEY4MkJCNUJFMTVCOUIxOTk1N0YwOUMzNEEyMzI1QkNDMTU3MTQwNTRDNUJE
REVBOUQ1NjI5RTFGMDgzMTAyNkE5NDMxREVERjY0RUZFOUQ4OTVCMUU3MEEyMTg1
MjRBOTk5QzVDQ0FEQzE0MzBEMjVBMEYxQkFBMDk1QTg5NDhFRjYwRTZFMEE4NTE5
Mjk5NTJEMjM2OTA5QTUwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAyIhRQfGIlYwY30mXJp8FLG6PsGptp5DeTbOXg1oMAOkbunga6pjM
xl2+fEeoGkGuDP1x3VQi8Pf/4nhK6GYkLT52PGHnToFmFAchN08eB+FHRUneuOZp
l+/ukK6WZBuo2k23YYsB/Jo5x1rFXv+jXDPm9ciGtdf/GEDOZwHYhKYlh4tQg91V
kFkHKTkCg1igs8JLsQML7P8uiq5SfnxjmJZQ//noBV5sb2VK/N1cPbK01Bj4K7W+
FbmxmVfwnDSiMlvMFXFAVMW93qnVYp4fCDECapQx3t9k7+nYlbHnCiGFJKmZxcyt
wUMNJaDxuqCVqJSO9g5uCoUZKZUtI2kJpQIDAQABo4ICNjCCAjIwHQYDVR0OBBYE
FLFgUp9aQfwhvgFDCqeZxj8P20m5MB8GA1UdIwQYMBaAFAmm8fpPxTLWtOE0Yvwj
TJx2PPNhMA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZjM0ZWNjNDAtNmI4NC00OWU4LWI2
MGItNmU5OTA0MTI4Y2E4LzAvMDlBNkYxRkE0RkM1MzJENkI0RTEzNDYyRkMyMzRD
OUM3NjNDRjM2MS5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yLzA5QTZGMUZB
NEZDNTMyRDZCNEUxMzQ2MkZDMjM0QzlDNzYzQ0YzNjEuY2VyMIGmBggrBgEFBQcB
CwSBmTCBljCBkwYIKwYBBQUHMAuGgYZyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby9mMzRlY2M0MC02Yjg0LTQ5ZTgtYjYwYi02ZTk5MDQxMjhjYTgvMC8z
MTMxMzUyZTMxMzczODJlMzEzMzM2MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzEz
MzMxMzczMzM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQBc7KIMA0GCSqGSIb3DQEBCwUAA4IBAQCwMDyF
NU6jI42I/Wry0fN0QxMq1tKTRxnLWRHqd1sxd91rcSFpxLU1HXAoL96F3c8cR72n
h4dzSRe0RowcX8mLcqNN0Q62F7gQz/ifIRKppBvFi7yQfBWpUnYZ9qIHVIYFKD2q
opz24pGWaoa4sdqpNRq0CL+Kkl6qDB/g9f9T7qwVNOES/WHEycYIt0d5QbhXYi2b
dDOn1RGr+337f4HKpAvg8P3QfYvV+Ud2/KG8wKh0qNdvKzNo7z3mdxmoREfGRr2T
OQ4bUL0f00TBA1sw09z46fiJyYEuVfRxCOzJsr1tAHs/Ygw2IMhFzBNVLF3A/5R0
c517ErdI8HIobviF
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:16 2024 by rpki-client on console-fra.rpki-client.org