Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131322e37382e3133392e302f32342d3234203d3e203137343531.roa
File:                     3131322e37382e3133392e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          xMr/eafb26GK4/P+50E02BSB4uiUjZd86UlXqKe+Xcg=
Subject key identifier:   D8:6E:EE:A8:3D:3E:94:07:3A:F3:D7:B4:52:75:06:7E:66:74:92:08
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       68E51423176D5EAD6D6927C412CC4A1D66B0A7D1
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131322e37382e3133392e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:36 +0000
ROA not before:           Wed 29 Sep 2021 23:55:36 +0000
ROA not after:            Fri 30 Sep 2022 00:00:36 +0000
asID:                     17451
IP address blocks:        112.78.139.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:e5:14:23:17:6d:5e:ad:6d:69:27:c4:12:cc:4a:1d:66:b0:a7:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:36 2021 GMT
            Not After : Sep 30 00:00:36 2022 GMT
        Subject: CN=3082010A0282010100BB0706EBE8AC7863049C5715D3631E888D2842C305344090CA07CCAEC10B07F09B3DFCF3848000CEA226977E7CB68390CBA27BE9C02233292590D84246700A3463F38FA25EB643FAC80D8AC7FF134447DE2008397F776AE3830B8ADA65B434CCE08D81B4CB680CD981A62EA372C48B9115DDFB97AB9003634F10409840B45EE96855A02C720371512F12DD92961C681722C7065F1278F157A1A1F31C66CFD24E6A48D0B402F1ED6D3FB42E157BDCE699162E7270996AB97ED81B3F7A5EC9BEFFE24A80BF3966FF339C602E783B804ABEAAF8987226865250FA0E5EFE4AD40BD29D936E4992EC503594F44DACA0404232881E10898D1C3AEAC72BB3BAFEC120E90203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:07:06:eb:e8:ac:78:63:04:9c:57:15:d3:63:
                    1e:88:8d:28:42:c3:05:34:40:90:ca:07:cc:ae:c1:
                    0b:07:f0:9b:3d:fc:f3:84:80:00:ce:a2:26:97:7e:
                    7c:b6:83:90:cb:a2:7b:e9:c0:22:33:29:25:90:d8:
                    42:46:70:0a:34:63:f3:8f:a2:5e:b6:43:fa:c8:0d:
                    8a:c7:ff:13:44:47:de:20:08:39:7f:77:6a:e3:83:
                    0b:8a:da:65:b4:34:cc:e0:8d:81:b4:cb:68:0c:d9:
                    81:a6:2e:a3:72:c4:8b:91:15:dd:fb:97:ab:90:03:
                    63:4f:10:40:98:40:b4:5e:e9:68:55:a0:2c:72:03:
                    71:51:2f:12:dd:92:96:1c:68:17:22:c7:06:5f:12:
                    78:f1:57:a1:a1:f3:1c:66:cf:d2:4e:6a:48:d0:b4:
                    02:f1:ed:6d:3f:b4:2e:15:7b:dc:e6:99:16:2e:72:
                    70:99:6a:b9:7e:d8:1b:3f:7a:5e:c9:be:ff:e2:4a:
                    80:bf:39:66:ff:33:9c:60:2e:78:3b:80:4a:be:aa:
                    f8:98:72:26:86:52:50:fa:0e:5e:fe:4a:d4:0b:d2:
                    9d:93:6e:49:92:ec:50:35:94:f4:4d:ac:a0:40:42:
                    32:88:1e:10:89:8d:1c:3a:ea:c7:2b:b3:ba:fe:c1:
                    20:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:6E:EE:A8:3D:3E:94:07:3A:F3:D7:B4:52:75:06:7E:66:74:92:08
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131322e37382e3133392e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  112.78.139.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:71:2d:97:37:ae:4c:2b:29:2c:b6:98:95:9f:f9:65:19:23:
         72:b9:b8:9f:fb:76:3b:61:3d:83:d0:06:0e:eb:de:06:e8:c3:
         b7:a6:5e:41:6e:79:03:f1:8d:22:a0:e7:f0:d2:f7:d7:9e:44:
         78:24:87:69:7c:92:b2:ec:e8:96:1c:cb:40:05:9b:22:b7:7c:
         b1:f8:aa:07:02:d8:aa:56:95:ba:c1:dc:27:67:b9:05:9c:31:
         59:64:bf:2b:07:c2:71:22:9a:51:75:e9:5f:b6:1c:c9:9a:fe:
         82:6a:e1:a8:18:17:15:1a:70:70:70:2d:84:f7:97:65:7f:91:
         6a:9c:d9:04:b3:bb:3d:2a:0d:bd:40:f2:94:f7:ec:94:71:b5:
         9a:4d:2c:3c:60:a8:56:d7:2a:d5:b7:ce:34:3e:cc:54:65:73:
         3b:13:d8:28:2d:e5:fb:a9:cc:64:c2:cc:d6:95:c3:b6:80:d7:
         3d:75:ae:81:26:18:38:26:4a:cb:6c:fc:2b:80:83:4a:bb:a7:
         a9:74:b0:74:87:c4:bc:af:16:aa:b2:cb:7d:db:d6:08:2b:29:
         99:56:60:3d:ba:25:e1:0a:79:cb:e3:d4:90:f8:01:86:0d:76:
         7b:5c:ba:5d:61:32:cd:40:4f:eb:46:85:6b:c3:f1:82:69:67:
         10:3b:23:b7
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUaOUUIxdtXq1taSfEEsxKHWawp9EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MzZaFw0yMjA5MzAwMDAwMzZaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQkIwNzA2RUJFOEFDNzg2MzA0
OUM1NzE1RDM2MzFFODg4RDI4NDJDMzA1MzQ0MDkwQ0EwN0NDQUVDMTBCMDdGMDlC
M0RGQ0YzODQ4MDAwQ0VBMjI2OTc3RTdDQjY4MzkwQ0JBMjdCRTlDMDIyMzMyOTI1
OTBEODQyNDY3MDBBMzQ2M0YzOEZBMjVFQjY0M0ZBQzgwRDhBQzdGRjEzNDQ0N0RF
MjAwODM5N0Y3NzZBRTM4MzBCOEFEQTY1QjQzNENDRTA4RDgxQjRDQjY4MENEOTgx
QTYyRUEzNzJDNDhCOTExNURERkI5N0FCOTAwMzYzNEYxMDQwOTg0MEI0NUVFOTY4
NTVBMDJDNzIwMzcxNTEyRjEyREQ5Mjk2MUM2ODE3MjJDNzA2NUYxMjc4RjE1N0Ex
QTFGMzFDNjZDRkQyNEU2QTQ4RDBCNDAyRjFFRDZEM0ZCNDJFMTU3QkRDRTY5OTE2
MkU3MjcwOTk2QUI5N0VEODFCM0Y3QTVFQzlCRUZGRTI0QTgwQkYzOTY2RkYzMzlD
NjAyRTc4M0I4MDRBQkVBQUY4OTg3MjI2ODY1MjUwRkEwRTVFRkU0QUQ0MEJEMjlE
OTM2RTQ5OTJFQzUwMzU5NEY0NERBQ0EwNDA0MjMyODgxRTEwODk4RDFDM0FFQUM3
MkJCM0JBRkVDMTIwRTkwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAuwcG6+iseGMEnFcV02MeiI0oQsMFNECQygfMrsELB/CbPfzzhIAA
zqIml358toOQy6J76cAiMyklkNhCRnAKNGPzj6JetkP6yA2Kx/8TREfeIAg5f3dq
44MLitpltDTM4I2BtMtoDNmBpi6jcsSLkRXd+5erkANjTxBAmEC0XuloVaAscgNx
US8S3ZKWHGgXIscGXxJ48VehofMcZs/STmpI0LQC8e1tP7QuFXvc5pkWLnJwmWq5
ftgbP3peyb7/4kqAvzlm/zOcYC54O4BKvqr4mHImhlJQ+g5e/krUC9Kdk25JkuxQ
NZT0TaygQEIyiB4QiY0cOurHK7O6/sEg6QIDAQABo4ICMjCCAi4wHQYDVR0OBBYE
FNhu7qg9PpQHOvPXtFJ1Bn5mdJIIMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGiBggrBgEFBQcB
CwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTMxMzIyZTM3MzgyZTMxMzMzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzcz
NDM1MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBABwToswDQYJKoZIhvcNAQELBQADggEBAKpxLZc3rkwr
KSy2mJWf+WUZI3K5uJ/7djthPYPQBg7r3gbow7emXkFueQPxjSKg5/DS99eeRHgk
h2l8krLs6JYcy0AFmyK3fLH4qgcC2KpWlbrB3CdnuQWcMVlkvysHwnEimlF16V+2
HMma/oJq4agYFxUacHBwLYT3l2V/kWqc2QSzuz0qDb1A8pT37JRxtZpNLDxgqFbX
KtW3zjQ+zFRlczsT2Cgt5fupzGTCzNaVw7aA1z11roEmGDgmSsts/CuAg0q7p6l0
sHSHxLyvFqqyy33b1ggrKZlWYD26JeEKecvj1JD4AYYNdntcul1hMs1AT+tGhWvD
8YJpZxA7I7c=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:44 2023 by rpki-client on console-fra.rpki-client.org