Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131322e37382e3133342e302f32342d3234203d3e203137343531.roa
File:                     3131322e37382e3133342e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          iouAuHANHEStxKHNWuxKTv3ofjIiAc3aJ4NoH3Of6p4=
Subject key identifier:   AD:19:05:66:A7:63:E2:0E:42:04:C1:46:4C:E0:85:79:3A:2D:23:6A
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       7F69F583FE456D3D1157BDCF6DDBFE6102B0894A
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131322e37382e3133342e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:22 +0000
ROA not before:           Wed 29 Sep 2021 23:55:22 +0000
ROA not after:            Fri 30 Sep 2022 00:00:22 +0000
asID:                     17451
IP address blocks:        112.78.134.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:69:f5:83:fe:45:6d:3d:11:57:bd:cf:6d:db:fe:61:02:b0:89:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:22 2021 GMT
            Not After : Sep 30 00:00:22 2022 GMT
        Subject: CN=3082010A0282010100E526ED30355FA71C9A2FA51B79643D980C28229C27448D210D6118BA3D789A49D4E0E9C8791001A4F4F2AC1A37FDB53863F2859DFB739077F39BA1554A7AA0A946C037EB068C38C002E61307ADABECB49E63BA51F5E93B49AE6E500E38C20BA2405997AA82153B6884931966647CBE54D6A07D45C8368154C4853FA613CD19BA8DB380CFE046051ACA4BF4606864EED167EB040E503E8A3F59B9A892328371B477D2810EBABA9F9DC5F2745986A0CB94CDEB401BE15047F6D7655C93FC6F5F3B379689992A9DD87E0911C66BAAD755765B461F9F139609B57E3D3C2293FCB4F36501A3566AA8536CF2604FAC45CE5C38A4B4CC060B24398445D243C630FF01010203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:26:ed:30:35:5f:a7:1c:9a:2f:a5:1b:79:64:
                    3d:98:0c:28:22:9c:27:44:8d:21:0d:61:18:ba:3d:
                    78:9a:49:d4:e0:e9:c8:79:10:01:a4:f4:f2:ac:1a:
                    37:fd:b5:38:63:f2:85:9d:fb:73:90:77:f3:9b:a1:
                    55:4a:7a:a0:a9:46:c0:37:eb:06:8c:38:c0:02:e6:
                    13:07:ad:ab:ec:b4:9e:63:ba:51:f5:e9:3b:49:ae:
                    6e:50:0e:38:c2:0b:a2:40:59:97:aa:82:15:3b:68:
                    84:93:19:66:64:7c:be:54:d6:a0:7d:45:c8:36:81:
                    54:c4:85:3f:a6:13:cd:19:ba:8d:b3:80:cf:e0:46:
                    05:1a:ca:4b:f4:60:68:64:ee:d1:67:eb:04:0e:50:
                    3e:8a:3f:59:b9:a8:92:32:83:71:b4:77:d2:81:0e:
                    ba:ba:9f:9d:c5:f2:74:59:86:a0:cb:94:cd:eb:40:
                    1b:e1:50:47:f6:d7:65:5c:93:fc:6f:5f:3b:37:96:
                    89:99:2a:9d:d8:7e:09:11:c6:6b:aa:d7:55:76:5b:
                    46:1f:9f:13:96:09:b5:7e:3d:3c:22:93:fc:b4:f3:
                    65:01:a3:56:6a:a8:53:6c:f2:60:4f:ac:45:ce:5c:
                    38:a4:b4:cc:06:0b:24:39:84:45:d2:43:c6:30:ff:
                    01:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:19:05:66:A7:63:E2:0E:42:04:C1:46:4C:E0:85:79:3A:2D:23:6A
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131322e37382e3133342e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  112.78.134.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:ba:e4:26:26:bd:71:a1:08:9a:79:7a:2f:c3:30:b2:f6:b8:
         8a:ab:a6:94:cc:aa:21:64:14:e5:f4:dc:0b:22:78:09:bd:2b:
         8f:c2:5b:31:6f:8d:d1:32:91:0a:ea:b7:3b:41:6b:67:fc:ef:
         d2:7b:90:fd:15:da:dd:ab:d5:9a:a7:ef:ab:a9:59:2d:bb:68:
         f5:c1:42:b8:a3:a9:3b:0d:0b:21:0a:59:a6:d8:ba:00:81:38:
         e3:23:98:7b:be:60:46:86:7d:cc:92:29:bf:86:1e:ee:57:27:
         d8:72:ef:46:67:b7:f2:e4:f8:1d:7e:48:14:b3:c5:70:3b:48:
         8e:13:2a:37:58:dd:89:c8:b8:9f:83:b2:99:68:8b:c6:d1:dc:
         48:95:51:48:70:64:6e:73:dd:4b:15:2b:76:2f:2b:cc:57:18:
         25:ef:b7:9d:56:ff:a2:72:f5:72:9e:dc:94:52:ec:9b:63:39:
         e4:1f:78:82:4d:35:00:99:77:4c:07:60:12:4f:75:42:94:d1:
         0c:b9:bb:8d:01:a6:a5:42:40:16:cd:1b:74:61:c7:c9:78:05:
         ab:0a:ee:b8:e7:64:04:32:a0:1f:87:9d:6a:75:b2:b1:d5:7b:
         d7:2c:28:8e:c7:af:c7:b1:11:d4:69:b8:5f:08:15:e7:2f:a3:
         af:b9:e4:12
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUf2n1g/5FbT0RV73Pbdv+YQKwiUowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MjJaFw0yMjA5MzAwMDAwMjJaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRTUyNkVEMzAzNTVGQTcxQzlB
MkZBNTFCNzk2NDNEOTgwQzI4MjI5QzI3NDQ4RDIxMEQ2MTE4QkEzRDc4OUE0OUQ0
RTBFOUM4NzkxMDAxQTRGNEYyQUMxQTM3RkRCNTM4NjNGMjg1OURGQjczOTA3N0Yz
OUJBMTU1NEE3QUEwQTk0NkMwMzdFQjA2OEMzOEMwMDJFNjEzMDdBREFCRUNCNDlF
NjNCQTUxRjVFOTNCNDlBRTZFNTAwRTM4QzIwQkEyNDA1OTk3QUE4MjE1M0I2ODg0
OTMxOTY2NjQ3Q0JFNTRENkEwN0Q0NUM4MzY4MTU0QzQ4NTNGQTYxM0NEMTlCQThE
QjM4MENGRTA0NjA1MUFDQTRCRjQ2MDY4NjRFRUQxNjdFQjA0MEU1MDNFOEEzRjU5
QjlBODkyMzI4MzcxQjQ3N0QyODEwRUJBQkE5RjlEQzVGMjc0NTk4NkEwQ0I5NENE
RUI0MDFCRTE1MDQ3RjZENzY1NUM5M0ZDNkY1RjNCMzc5Njg5OTkyQTlERDg3RTA5
MTFDNjZCQUFENzU1NzY1QjQ2MUY5RjEzOTYwOUI1N0UzRDNDMjI5M0ZDQjRGMzY1
MDFBMzU2NkFBODUzNkNGMjYwNEZBQzQ1Q0U1QzM4QTRCNENDMDYwQjI0Mzk4NDQ1
RDI0M0M2MzBGRjAxMDEwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA5SbtMDVfpxyaL6UbeWQ9mAwoIpwnRI0hDWEYuj14mknU4OnIeRAB
pPTyrBo3/bU4Y/KFnftzkHfzm6FVSnqgqUbAN+sGjDjAAuYTB62r7LSeY7pR9ek7
Sa5uUA44wguiQFmXqoIVO2iEkxlmZHy+VNagfUXINoFUxIU/phPNGbqNs4DP4EYF
GspL9GBoZO7RZ+sEDlA+ij9ZuaiSMoNxtHfSgQ66up+dxfJ0WYagy5TN60Ab4VBH
9tdlXJP8b187N5aJmSqd2H4JEcZrqtdVdltGH58Tlgm1fj08IpP8tPNlAaNWaqhT
bPJgT6xFzlw4pLTMBgskOYRF0kPGMP8BAQIDAQABo4ICMjCCAi4wHQYDVR0OBBYE
FK0ZBWanY+IOQgTBRkzghXk6LSNqMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGiBggrBgEFBQcB
CwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTMxMzIyZTM3MzgyZTMxMzMzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzcz
NDM1MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBABwToYwDQYJKoZIhvcNAQELBQADggEBAAu65CYmvXGh
CJp5ei/DMLL2uIqrppTMqiFkFOX03AsieAm9K4/CWzFvjdEykQrqtztBa2f879J7
kP0V2t2r1Zqn76upWS27aPXBQrijqTsNCyEKWabYugCBOOMjmHu+YEaGfcySKb+G
Hu5XJ9hy70Znt/Lk+B1+SBSzxXA7SI4TKjdY3YnIuJ+Dsploi8bR3EiVUUhwZG5z
3UsVK3YvK8xXGCXvt51W/6Jy9XKe3JRS7JtjOeQfeIJNNQCZd0wHYBJPdUKU0Qy5
u40BpqVCQBbNG3Rhx8l4BasK7rjnZAQyoB+HnWp1srHVe9csKI7Hr8exEdRpuF8I
Fecvo6+55BI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:44 2023 by rpki-client on console-fra.rpki-client.org