Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131322e37382e3135382e302f32342d3234203d3e203137343531.roa
File:                     3131322e37382e3135382e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          x1rzNTzMHXMn4T28kog66xjeT4QjZvau/2uTu8RoFlI=
Subject key identifier:   65:86:F2:46:AD:69:36:78:C2:B6:11:EB:84:48:7D:C2:93:D9:23:3D
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       73C7F4DC65F918CA91B6AA6D944C604734272AE7
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131322e37382e3135382e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:44 +0000
ROA not before:           Wed 29 Sep 2021 23:55:44 +0000
ROA not after:            Fri 30 Sep 2022 00:00:44 +0000
asID:                     17451
IP address blocks:        112.78.158.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:c7:f4:dc:65:f9:18:ca:91:b6:aa:6d:94:4c:60:47:34:27:2a:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:44 2021 GMT
            Not After : Sep 30 00:00:44 2022 GMT
        Subject: CN=3082010A0282010100C8B91F8F57BDFB9D1B16F417403D668B4D2FCBCA4A3C7EE40E032A33D8C774EDC0A1FD5F677372DBB7D4AD0AD35F42CC743CF9117B27C602DCDF65F2907CD9E22F3064C4E7AD1A0665FBC25C68DDD004B49D39AD8A175BC6CBA1D14E35D50777B215AC47735F0DDBF5B7877A3484FE02E1A91ADD73F637E100E1BF60C09D106D441E4CA26AFAA61D18163436BCEDD3AC5C9C99430BF0C82671FE0C6B281B77D5EC3849F719DA17E6614306AEE7C359CCB249602512FE7AC7669FEA112A760DE362C5BA19849F6B9DA21943C86FF2D37CA303C80667A83ED83B2939B5E672A90949FB00485F8BB945A0F69385A1D6D23833DF3931F5BB8E282EC077C4A646E1E10203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:b9:1f:8f:57:bd:fb:9d:1b:16:f4:17:40:3d:
                    66:8b:4d:2f:cb:ca:4a:3c:7e:e4:0e:03:2a:33:d8:
                    c7:74:ed:c0:a1:fd:5f:67:73:72:db:b7:d4:ad:0a:
                    d3:5f:42:cc:74:3c:f9:11:7b:27:c6:02:dc:df:65:
                    f2:90:7c:d9:e2:2f:30:64:c4:e7:ad:1a:06:65:fb:
                    c2:5c:68:dd:d0:04:b4:9d:39:ad:8a:17:5b:c6:cb:
                    a1:d1:4e:35:d5:07:77:b2:15:ac:47:73:5f:0d:db:
                    f5:b7:87:7a:34:84:fe:02:e1:a9:1a:dd:73:f6:37:
                    e1:00:e1:bf:60:c0:9d:10:6d:44:1e:4c:a2:6a:fa:
                    a6:1d:18:16:34:36:bc:ed:d3:ac:5c:9c:99:43:0b:
                    f0:c8:26:71:fe:0c:6b:28:1b:77:d5:ec:38:49:f7:
                    19:da:17:e6:61:43:06:ae:e7:c3:59:cc:b2:49:60:
                    25:12:fe:7a:c7:66:9f:ea:11:2a:76:0d:e3:62:c5:
                    ba:19:84:9f:6b:9d:a2:19:43:c8:6f:f2:d3:7c:a3:
                    03:c8:06:67:a8:3e:d8:3b:29:39:b5:e6:72:a9:09:
                    49:fb:00:48:5f:8b:b9:45:a0:f6:93:85:a1:d6:d2:
                    38:33:df:39:31:f5:bb:8e:28:2e:c0:77:c4:a6:46:
                    e1:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:86:F2:46:AD:69:36:78:C2:B6:11:EB:84:48:7D:C2:93:D9:23:3D
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131322e37382e3135382e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  112.78.158.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:b8:20:cf:ba:b2:9f:bc:6e:6a:e7:1e:5f:96:6e:21:51:ec:
         88:36:95:c8:18:53:8a:ee:94:8f:bb:79:94:f9:b2:a8:e0:ea:
         64:16:59:01:d8:20:37:fe:dd:0e:9f:01:0b:31:d5:1c:ae:15:
         2a:c4:77:f1:47:39:2e:f5:2b:a0:41:54:e3:c2:86:7b:55:ef:
         2b:f7:4e:cf:27:bb:4f:99:bb:b6:a7:9b:da:7c:16:91:4e:37:
         c9:81:4f:31:75:ab:3b:13:6e:46:21:d3:f5:cf:ec:a8:91:06:
         c7:28:ac:53:40:d0:8e:1a:9b:8c:6d:24:75:71:fe:61:f6:95:
         41:7f:c1:8d:2a:fb:90:38:d1:f5:56:d2:17:71:36:83:95:7b:
         34:fe:e5:2a:17:5c:da:7d:4e:62:eb:f1:38:d8:ea:7e:12:9e:
         5f:d7:da:ae:dd:38:1b:37:32:bf:a1:66:06:dd:0f:86:3c:83:
         c8:e3:d7:b6:f8:7a:2c:bd:51:c6:df:a8:35:6f:73:c0:88:22:
         63:47:b9:1e:ec:cd:ff:f9:fe:d0:8e:15:c0:38:64:e0:00:c2:
         b2:a2:e7:1f:56:11:71:29:3a:4e:2f:34:0d:3e:ca:46:9b:09:
         17:01:dd:3f:9b:a3:63:53:6a:c7:a2:45:45:14:2d:71:bb:59:
         0c:09:a1:56
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUc8f03GX5GMqRtqptlExgRzQnKucwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1NDRaFw0yMjA5MzAwMDAwNDRaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQzhCOTFGOEY1N0JERkI5RDFC
MTZGNDE3NDAzRDY2OEI0RDJGQ0JDQTRBM0M3RUU0MEUwMzJBMzNEOEM3NzRFREMw
QTFGRDVGNjc3MzcyREJCN0Q0QUQwQUQzNUY0MkNDNzQzQ0Y5MTE3QjI3QzYwMkRD
REY2NUYyOTA3Q0Q5RTIyRjMwNjRDNEU3QUQxQTA2NjVGQkMyNUM2OERERDAwNEI0
OUQzOUFEOEExNzVCQzZDQkExRDE0RTM1RDUwNzc3QjIxNUFDNDc3MzVGMEREQkY1
Qjc4NzdBMzQ4NEZFMDJFMUE5MUFERDczRjYzN0UxMDBFMUJGNjBDMDlEMTA2RDQ0
MUU0Q0EyNkFGQUE2MUQxODE2MzQzNkJDRUREM0FDNUM5Qzk5NDMwQkYwQzgyNjcx
RkUwQzZCMjgxQjc3RDVFQzM4NDlGNzE5REExN0U2NjE0MzA2QUVFN0MzNTlDQ0Iy
NDk2MDI1MTJGRTdBQzc2NjlGRUExMTJBNzYwREUzNjJDNUJBMTk4NDlGNkI5REEy
MTk0M0M4NkZGMkQzN0NBMzAzQzgwNjY3QTgzRUQ4M0IyOTM5QjVFNjcyQTkwOTQ5
RkIwMDQ4NUY4QkI5NDVBMEY2OTM4NUExRDZEMjM4MzNERjM5MzFGNUJCOEUyODJF
QzA3N0M0QTY0NkUxRTEwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAyLkfj1e9+50bFvQXQD1mi00vy8pKPH7kDgMqM9jHdO3Aof1fZ3Ny
27fUrQrTX0LMdDz5EXsnxgLc32XykHzZ4i8wZMTnrRoGZfvCXGjd0AS0nTmtihdb
xsuh0U411Qd3shWsR3NfDdv1t4d6NIT+AuGpGt1z9jfhAOG/YMCdEG1EHkyiavqm
HRgWNDa87dOsXJyZQwvwyCZx/gxrKBt31ew4SfcZ2hfmYUMGrufDWcyySWAlEv56
x2af6hEqdg3jYsW6GYSfa52iGUPIb/LTfKMDyAZnqD7YOyk5teZyqQlJ+wBIX4u5
RaD2k4Wh1tI4M985MfW7jiguwHfEpkbh4QIDAQABo4ICMjCCAi4wHQYDVR0OBBYE
FGWG8kataTZ4wrYR64RIfcKT2SM9MB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGiBggrBgEFBQcB
CwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTMxMzIyZTM3MzgyZTMxMzUzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzcz
NDM1MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBABwTp4wDQYJKoZIhvcNAQELBQADggEBADy4IM+6sp+8
bmrnHl+WbiFR7Ig2lcgYU4rulI+7eZT5sqjg6mQWWQHYIDf+3Q6fAQsx1RyuFSrE
d/FHOS71K6BBVOPChntV7yv3Ts8nu0+Zu7anm9p8FpFON8mBTzF1qzsTbkYh0/XP
7KiRBscorFNA0I4am4xtJHVx/mH2lUF/wY0q+5A40fVW0hdxNoOVezT+5SoXXNp9
TmLr8TjY6n4Snl/X2q7dOBs3Mr+hZgbdD4Y8g8jj17b4eiy9UcbfqDVvc8CIImNH
uR7szf/5/tCOFcA4ZOAAwrKi5x9WEXEpOk4vNA0+ykabCRcB3T+bo2NTaseiRUUU
LXG7WQwJoVY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:44 2023 by rpki-client on console-fra.rpki-client.org