Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131322e37382e3135392e302f32342d3234203d3e203137343531.roa
File:                     3131322e37382e3135392e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          uL1HkrQBqdvq1zCVSeqZNZkr6DCzpFtBdyIWG5h8EDE=
Subject key identifier:   CB:44:3C:74:80:4C:55:B6:57:FF:C3:AA:A7:FA:53:47:C5:E7:A0:4B
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       12B381D9BCD3FD8B7F1F11066C1126C1F32EE479
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131322e37382e3135392e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:46 +0000
ROA not before:           Wed 29 Sep 2021 23:55:46 +0000
ROA not after:            Fri 30 Sep 2022 00:00:46 +0000
asID:                     17451
IP address blocks:        112.78.159.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:b3:81:d9:bc:d3:fd:8b:7f:1f:11:06:6c:11:26:c1:f3:2e:e4:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:46 2021 GMT
            Not After : Sep 30 00:00:46 2022 GMT
        Subject: CN=3082010A0282010100D80C5AD690D376FF00C8EFDEFAB5267E75E994F96DE5CF5D4C07A045A7E3EC1A9A7CD1B1AD88E1A6ECCDF7E8E9B3A4931C451C869115429C365A17FE3F6DAA1BC618D56E2A747903F4542D103C620E5506CE993F6685381046FECC6EA9C51961526C81AC9F87CF2D18AF32038A6E0BEFD0C203A6A329E20751E073A9786A7FE32032E2684D6E544837BDBFB5AE70F556AA4FD8AED3E3E63CC57942DE08E08DE3842ECB6B7BCC11F6EC65D1894998247957A53E9FBC5A39DA38139D26BB7A748B6AD961797A57DF178D7F6B92F1F1671C71392A7578215F6C6CAB5335BFA247F81E0834E934173E3D1E930C835685AA5C535616B36B87075843509A3EDF452ADF0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:0c:5a:d6:90:d3:76:ff:00:c8:ef:de:fa:b5:
                    26:7e:75:e9:94:f9:6d:e5:cf:5d:4c:07:a0:45:a7:
                    e3:ec:1a:9a:7c:d1:b1:ad:88:e1:a6:ec:cd:f7:e8:
                    e9:b3:a4:93:1c:45:1c:86:91:15:42:9c:36:5a:17:
                    fe:3f:6d:aa:1b:c6:18:d5:6e:2a:74:79:03:f4:54:
                    2d:10:3c:62:0e:55:06:ce:99:3f:66:85:38:10:46:
                    fe:cc:6e:a9:c5:19:61:52:6c:81:ac:9f:87:cf:2d:
                    18:af:32:03:8a:6e:0b:ef:d0:c2:03:a6:a3:29:e2:
                    07:51:e0:73:a9:78:6a:7f:e3:20:32:e2:68:4d:6e:
                    54:48:37:bd:bf:b5:ae:70:f5:56:aa:4f:d8:ae:d3:
                    e3:e6:3c:c5:79:42:de:08:e0:8d:e3:84:2e:cb:6b:
                    7b:cc:11:f6:ec:65:d1:89:49:98:24:79:57:a5:3e:
                    9f:bc:5a:39:da:38:13:9d:26:bb:7a:74:8b:6a:d9:
                    61:79:7a:57:df:17:8d:7f:6b:92:f1:f1:67:1c:71:
                    39:2a:75:78:21:5f:6c:6c:ab:53:35:bf:a2:47:f8:
                    1e:08:34:e9:34:17:3e:3d:1e:93:0c:83:56:85:aa:
                    5c:53:56:16:b3:6b:87:07:58:43:50:9a:3e:df:45:
                    2a:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:44:3C:74:80:4C:55:B6:57:FF:C3:AA:A7:FA:53:47:C5:E7:A0:4B
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131322e37382e3135392e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  112.78.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:dc:c2:2d:24:e7:36:89:65:b8:ed:6f:09:a7:85:6e:fc:c0:
         33:15:ee:46:ad:04:62:2d:bc:9b:ea:44:23:a9:c8:73:5d:67:
         5d:71:c5:4e:16:e7:95:b2:13:78:c5:bd:da:f8:f9:c6:c9:1f:
         1e:05:18:bd:04:b1:7b:1d:e6:fe:58:f1:b7:66:44:3a:da:da:
         27:5c:0e:81:c8:7d:c0:81:47:02:80:f5:00:9a:ac:79:ad:95:
         a8:7a:85:94:7f:63:f2:30:34:45:6d:07:36:d0:39:e5:f8:5d:
         7b:3f:9b:67:ab:f0:1a:79:c7:fc:08:a1:82:13:0e:be:33:7a:
         36:05:53:1c:46:97:25:c2:07:44:e3:57:ff:4c:1c:49:f7:57:
         51:15:f3:9f:e6:4b:d6:05:40:ea:d1:57:b3:6c:75:b9:85:50:
         96:4c:ee:0c:37:b4:76:28:6a:38:3f:63:bc:d6:0d:fa:d0:b9:
         ea:30:3d:3b:ee:8a:18:a3:e0:fe:ed:b2:c4:86:39:0c:a5:d3:
         86:80:98:57:96:7b:64:58:fb:e7:79:58:f0:8c:05:c5:90:bf:
         25:01:de:84:6d:f7:5d:9d:8a:e2:22:f4:5b:7a:fd:2d:63:bf:
         91:11:90:49:17:f4:6e:5b:8d:ab:d4:3b:e1:5b:00:68:97:99:
         71:64:5e:c3
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUErOB2bzT/Yt/HxEGbBEmwfMu5HkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1NDZaFw0yMjA5MzAwMDAwNDZaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRDgwQzVBRDY5MEQzNzZGRjAw
QzhFRkRFRkFCNTI2N0U3NUU5OTRGOTZERTVDRjVENEMwN0EwNDVBN0UzRUMxQTlB
N0NEMUIxQUQ4OEUxQTZFQ0NERjdFOEU5QjNBNDkzMUM0NTFDODY5MTE1NDI5QzM2
NUExN0ZFM0Y2REFBMUJDNjE4RDU2RTJBNzQ3OTAzRjQ1NDJEMTAzQzYyMEU1NTA2
Q0U5OTNGNjY4NTM4MTA0NkZFQ0M2RUE5QzUxOTYxNTI2QzgxQUM5Rjg3Q0YyRDE4
QUYzMjAzOEE2RTBCRUZEMEMyMDNBNkEzMjlFMjA3NTFFMDczQTk3ODZBN0ZFMzIw
MzJFMjY4NEQ2RTU0NDgzN0JEQkZCNUFFNzBGNTU2QUE0RkQ4QUVEM0UzRTYzQ0M1
Nzk0MkRFMDhFMDhERTM4NDJFQ0I2QjdCQ0MxMUY2RUM2NUQxODk0OTk4MjQ3OTU3
QTUzRTlGQkM1QTM5REEzODEzOUQyNkJCN0E3NDhCNkFEOTYxNzk3QTU3REYxNzhE
N0Y2QjkyRjFGMTY3MUM3MTM5MkE3NTc4MjE1RjZDNkNBQjUzMzVCRkEyNDdGODFF
MDgzNEU5MzQxNzNFM0QxRTkzMEM4MzU2ODVBQTVDNTM1NjE2QjM2Qjg3MDc1ODQz
NTA5QTNFREY0NTJBREYwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA2Axa1pDTdv8AyO/e+rUmfnXplPlt5c9dTAegRafj7BqafNGxrYjh
puzN9+jps6STHEUchpEVQpw2Whf+P22qG8YY1W4qdHkD9FQtEDxiDlUGzpk/ZoU4
EEb+zG6pxRlhUmyBrJ+Hzy0YrzIDim4L79DCA6ajKeIHUeBzqXhqf+MgMuJoTW5U
SDe9v7WucPVWqk/YrtPj5jzFeULeCOCN44Quy2t7zBH27GXRiUmYJHlXpT6fvFo5
2jgTnSa7enSLatlheXpX3xeNf2uS8fFnHHE5KnV4IV9sbKtTNb+iR/geCDTpNBc+
PR6TDINWhapcU1YWs2uHB1hDUJo+30Uq3wIDAQABo4ICMjCCAi4wHQYDVR0OBBYE
FMtEPHSATFW2V//Dqqf6U0fF56BLMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGiBggrBgEFBQcB
CwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTMxMzIyZTM3MzgyZTMxMzUzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzcz
NDM1MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBABwTp8wDQYJKoZIhvcNAQELBQADggEBAHPcwi0k5zaJ
ZbjtbwmnhW78wDMV7katBGItvJvqRCOpyHNdZ11xxU4W55WyE3jFvdr4+cbJHx4F
GL0EsXsd5v5Y8bdmRDra2idcDoHIfcCBRwKA9QCarHmtlah6hZR/Y/IwNEVtBzbQ
OeX4XXs/m2er8Bp5x/wIoYITDr4zejYFUxxGlyXCB0TjV/9MHEn3V1EV85/mS9YF
QOrRV7NsdbmFUJZM7gw3tHYoajg/Y7zWDfrQueowPTvuihij4P7tssSGOQyl04aA
mFeWe2RY++d5WPCMBcWQvyUB3oRt912diuIi9Ft6/S1jv5ERkEkX9G5bjavUO+Fb
AGiXmXFkXsM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:59 2023 by rpki-client on console-ams.rpki-client.org