Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/f34ecc40-6b84-49e8-b60b-6e9904128ca8/0/3131352e3137382e3135362e302f32322d3234203d3e20313331373336.roa
File:                     3131352e3137382e3135362e302f32322d3234203d3e20313331373336.roa (raw, json)
Hash identifier:          jyUteHk6rAk2VFzvMslI5rLlEfPOxJ4t92KhyyAtQVo=
Subject key identifier:   58:A9:9E:D2:3C:D8:C3:21:4E:77:13:C4:19:D1:A3:FB:4A:62:7E:BC
Certificate issuer:       /CN=09A6F1FA4FC532D6B4E13462FC234C9C763CF361
Certificate serial:       25B4BF3EC28A674F90687BE806FEBE14B3076C1E
Authority key identifier: 09:A6:F1:FA:4F:C5:32:D6:B4:E1:34:62:FC:23:4C:9C:76:3C:F3:61
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/09A6F1FA4FC532D6B4E13462FC234C9C763CF361.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/f34ecc40-6b84-49e8-b60b-6e9904128ca8/0/3131352e3137382e3135362e302f32322d3234203d3e20313331373336.roa
Signing time:             Wed 16 Mar 2022 07:38:04 +0000
ROA not before:           Wed 16 Mar 2022 07:33:04 +0000
ROA not after:            Wed 15 Mar 2023 07:38:04 +0000
asID:                     131736
IP address blocks:        115.178.156.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:b4:bf:3e:c2:8a:67:4f:90:68:7b:e8:06:fe:be:14:b3:07:6c:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=09A6F1FA4FC532D6B4E13462FC234C9C763CF361
        Validity
            Not Before: Mar 16 07:33:04 2022 GMT
            Not After : Mar 15 07:38:04 2023 GMT
        Subject: CN=58A99ED23CD8C3214E7713C419D1A3FB4A627EBC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:bf:03:ae:de:04:a4:ed:9e:ca:5b:01:53:5e:
                    5e:3d:a6:0e:bc:72:97:8c:7c:a1:97:5b:a9:c8:23:
                    8c:96:2b:ba:f8:90:64:0f:4f:94:69:4b:3c:89:a0:
                    9d:b5:d9:47:df:32:04:33:7e:b7:40:78:54:ed:63:
                    8d:3f:b6:52:ad:57:20:5c:30:8e:10:1a:1f:c4:08:
                    76:fb:75:2f:bb:db:60:12:99:ca:98:8d:cf:fe:18:
                    b2:fa:ee:f7:74:5f:da:0f:2a:b6:a8:c8:5a:6e:42:
                    56:29:16:e1:d2:8c:cb:35:b4:d4:3c:a3:06:99:13:
                    16:8d:7f:dd:fa:f7:01:e4:02:d4:17:fc:3a:ea:d3:
                    c4:83:8d:cf:12:70:09:7d:fc:c6:d4:8b:8a:05:e9:
                    f1:6c:af:3f:3b:9c:49:02:a3:f0:21:76:0e:3f:73:
                    9d:45:41:86:ad:8f:2e:b4:fc:20:49:df:17:96:e4:
                    69:dd:fd:8c:b5:44:c8:45:27:f0:be:5a:bf:a6:a6:
                    8a:bd:89:ef:df:d4:c4:31:3d:1a:5e:9c:61:3b:ed:
                    28:d3:e0:f8:8c:18:fe:fe:eb:1b:4b:07:06:f2:a7:
                    b4:e6:5c:79:53:b0:69:e4:09:ca:cc:66:ce:4a:59:
                    ea:06:52:3f:4c:04:54:d2:bb:42:93:61:4e:5d:fc:
                    3b:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:A9:9E:D2:3C:D8:C3:21:4E:77:13:C4:19:D1:A3:FB:4A:62:7E:BC
            X509v3 Authority Key Identifier:
                keyid:09:A6:F1:FA:4F:C5:32:D6:B4:E1:34:62:FC:23:4C:9C:76:3C:F3:61

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/f34ecc40-6b84-49e8-b60b-6e9904128ca8/0/09A6F1FA4FC532D6B4E13462FC234C9C763CF361.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/09A6F1FA4FC532D6B4E13462FC234C9C763CF361.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/f34ecc40-6b84-49e8-b60b-6e9904128ca8/0/3131352e3137382e3135362e302f32322d3234203d3e20313331373336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  115.178.156.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3f:24:08:10:bb:a0:80:fd:3c:de:c6:32:37:02:66:4c:2e:50:
         5d:ee:e3:84:80:c0:d7:50:3b:8f:b8:b5:68:27:af:e2:e4:c5:
         44:5a:ed:bd:ef:86:59:3d:da:23:26:f6:01:bb:db:51:77:d3:
         11:77:f5:17:4a:ff:59:f6:43:33:cc:9e:1e:b5:76:c2:06:b7:
         72:29:63:e3:45:3d:4e:fd:9e:1c:0c:82:c9:62:d8:45:c5:f3:
         76:ec:bd:c9:e3:d7:0b:4a:bb:0c:ac:09:d3:d2:be:e3:a5:f4:
         d5:34:7b:33:50:1b:5f:91:68:0e:54:f6:05:87:38:89:77:1f:
         a5:42:82:1d:e2:aa:85:1c:33:dd:19:9b:a3:99:d2:16:82:eb:
         21:8d:9d:fe:21:11:45:16:03:c0:66:ce:29:d3:86:4d:c4:73:
         0f:f4:25:f7:8e:84:70:c3:08:3c:9c:c5:0c:7a:07:0d:70:61:
         87:40:76:ce:89:1b:43:a5:47:f2:19:0c:3d:37:97:b7:a5:80:
         08:05:02:06:66:cf:0c:83:17:98:55:e4:f2:b5:6e:c8:20:5e:
         52:de:66:72:1f:48:b7:2f:cf:86:ee:d1:4f:ad:06:d0:af:61:
         f4:62:0c:83:35:bc:b7:32:6a:54:2b:14:c7:8a:c7:49:35:ae:
         9f:15:44:af
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUJbS/PsKKZ0+QaHvoBv6+FLMHbB4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDlBNkYxRkE0RkM1MzJENkI0RTEzNDYyRkMyMzRDOUM3
NjNDRjM2MTAeFw0yMjAzMTYwNzMzMDRaFw0yMzAzMTUwNzM4MDRaMDMxMTAvBgNV
BAMTKDU4QTk5RUQyM0NEOEMzMjE0RTc3MTNDNDE5RDFBM0ZCNEE2MjdFQkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTvwOu3gSk7Z7KWwFTXl49pg68
cpeMfKGXW6nII4yWK7r4kGQPT5RpSzyJoJ212UffMgQzfrdAeFTtY40/tlKtVyBc
MI4QGh/ECHb7dS+722ASmcqYjc/+GLL67vd0X9oPKraoyFpuQlYpFuHSjMs1tNQ8
owaZExaNf9369wHkAtQX/Drq08SDjc8ScAl9/MbUi4oF6fFsrz87nEkCo/Ahdg4/
c51FQYatjy60/CBJ3xeW5Gnd/Yy1RMhFJ/C+Wr+mpoq9ie/f1MQxPRpenGE77SjT
4PiMGP7+6xtLBwbyp7TmXHlTsGnkCcrMZs5KWeoGUj9MBFTSu0KTYU5d/DtNAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUWKme0jzYwyFOdxPEGdGj+0pifrwwHwYDVR0j
BBgwFoAUCabx+k/FMta04TRi/CNMnHY882EwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m
MzRlY2M0MC02Yjg0LTQ5ZTgtYjYwYi02ZTk5MDQxMjhjYTgvMC8wOUE2RjFGQTRG
QzUzMkQ2QjRFMTM0NjJGQzIzNEM5Qzc2M0NGMzYxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMDlBNkYxRkE0RkM1MzJENkI0RTEzNDYyRkMyMzRDOUM3NjND
RjM2MS5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2YzNGVjYzQwLTZiODQtNDllOC1i
NjBiLTZlOTkwNDEyOGNhOC8wLzMxMzEzNTJlMzEzNzM4MmUzMTM1MzYyZTMwMmYz
MjMyMmQzMjM0MjAzZDNlMjAzMTMzMzEzNzMzMzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJzspwwDQYJ
KoZIhvcNAQELBQADggEBAD8kCBC7oID9PN7GMjcCZkwuUF3u44SAwNdQO4+4tWgn
r+LkxURa7b3vhlk92iMm9gG721F30xF39RdK/1n2QzPMnh61dsIGt3IpY+NFPU79
nhwMgsli2EXF83bsvcnj1wtKuwysCdPSvuOl9NU0ezNQG1+RaA5U9gWHOIl3H6VC
gh3iqoUcM90Zm6OZ0haC6yGNnf4hEUUWA8BmzinThk3Ecw/0JfeOhHDDCDycxQx6
Bw1wYYdAds6JG0OlR/IZDD03l7elgAgFAgZmzwyDF5hV5PK1bsggXlLeZnIfSLcv
z4bu0U+tBtCvYfRiDIM1vLcyalQrFMeKx0k1rp8VRK8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:52 2024 by rpki-client on console-ams.rpki-client.org