Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131322e37382e3136302e302f32312d3231203d3e203137343531.roa
File:                     3131322e37382e3136302e302f32312d3231203d3e203137343531.roa (raw, json)
Hash identifier:          UIqa47s6U4uNTMisbobpKx6J1F4lM3hXX+3LHdOCark=
Subject key identifier:   BF:6B:DF:E8:ED:09:4C:FB:FC:49:51:12:1F:29:F6:59:64:40:84:78
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       3F50FE06869C9C28DADA42A6901C2E8F13B44475
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131322e37382e3136302e302f32312d3231203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:33 +0000
ROA not before:           Wed 29 Sep 2021 23:55:33 +0000
ROA not after:            Fri 30 Sep 2022 00:00:33 +0000
asID:                     17451
IP address blocks:        112.78.160.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:50:fe:06:86:9c:9c:28:da:da:42:a6:90:1c:2e:8f:13:b4:44:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:33 2021 GMT
            Not After : Sep 30 00:00:33 2022 GMT
        Subject: CN=3082010A0282010100C4BDC7EB52AD231D39E3484D73B41479BA47B7E6F2EFCB1359DA94E3751C907AC1FD84CBE948022FC6087036E13FD218A42CBA24A0544EB509C86CAF3732FB06A07B40DAED49CA26CE0AF0A73A30BFEF8850F191795187B255D56DCB4F8A44ED2BD752CCF2E5024B255FDA5A6CF6F5980610A2E41B41764C0BEA3E93EA160372090FEE20B3EEF8A0AAF765E2C9808A6E139CBCC4EFD21BA6DF0964729FAB09C911E109277C4651903C061A4D0044647FF3D3C946918EB181BC7011E56C41928F75822C0B2C9B29BDB95A98969E2AB1FF3C95DAC3701737029522E73608116805B8F4B2599A773A6A44B7CB67277AD7868BD6E75B086E06546C9E8F6E5E9623230203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:bd:c7:eb:52:ad:23:1d:39:e3:48:4d:73:b4:
                    14:79:ba:47:b7:e6:f2:ef:cb:13:59:da:94:e3:75:
                    1c:90:7a:c1:fd:84:cb:e9:48:02:2f:c6:08:70:36:
                    e1:3f:d2:18:a4:2c:ba:24:a0:54:4e:b5:09:c8:6c:
                    af:37:32:fb:06:a0:7b:40:da:ed:49:ca:26:ce:0a:
                    f0:a7:3a:30:bf:ef:88:50:f1:91:79:51:87:b2:55:
                    d5:6d:cb:4f:8a:44:ed:2b:d7:52:cc:f2:e5:02:4b:
                    25:5f:da:5a:6c:f6:f5:98:06:10:a2:e4:1b:41:76:
                    4c:0b:ea:3e:93:ea:16:03:72:09:0f:ee:20:b3:ee:
                    f8:a0:aa:f7:65:e2:c9:80:8a:6e:13:9c:bc:c4:ef:
                    d2:1b:a6:df:09:64:72:9f:ab:09:c9:11:e1:09:27:
                    7c:46:51:90:3c:06:1a:4d:00:44:64:7f:f3:d3:c9:
                    46:91:8e:b1:81:bc:70:11:e5:6c:41:92:8f:75:82:
                    2c:0b:2c:9b:29:bd:b9:5a:98:96:9e:2a:b1:ff:3c:
                    95:da:c3:70:17:37:02:95:22:e7:36:08:11:68:05:
                    b8:f4:b2:59:9a:77:3a:6a:44:b7:cb:67:27:7a:d7:
                    86:8b:d6:e7:5b:08:6e:06:54:6c:9e:8f:6e:5e:96:
                    23:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:6B:DF:E8:ED:09:4C:FB:FC:49:51:12:1F:29:F6:59:64:40:84:78
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131322e37382e3136302e302f32312d3231203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  112.78.160.0/21

    Signature Algorithm: sha256WithRSAEncryption
         a5:3d:a5:e4:ee:ce:85:fc:1b:cd:72:1d:5f:af:55:cb:59:e4:
         58:60:cf:f8:ae:2d:e1:89:4b:af:5a:17:a2:c7:56:8d:e1:4e:
         f2:93:84:48:b7:75:fb:69:4c:90:60:3b:f4:2c:61:94:e9:10:
         20:1e:00:79:62:ab:a5:f8:cc:70:5c:6a:e0:ec:05:1e:e4:09:
         26:32:f4:05:ac:b0:5d:d3:4a:79:c6:83:10:ed:9d:6f:56:38:
         89:8d:61:0e:a3:90:a6:ff:4a:75:ce:ff:b7:76:35:45:95:44:
         89:87:eb:1c:10:0a:a7:6d:78:00:c9:a1:ac:56:ac:d2:76:27:
         97:43:4e:05:28:47:83:5f:14:14:ec:6f:d7:db:c9:c4:e6:1c:
         a3:a6:f5:fa:72:ef:f7:9e:e7:4a:4a:0a:1b:43:e6:d8:e0:04:
         40:ba:aa:56:e6:03:70:e2:d1:c1:e5:a4:ca:38:75:83:eb:b5:
         57:12:66:f0:29:19:17:3e:48:53:16:08:ba:b0:ff:6d:28:50:
         44:1e:a1:99:db:b3:f8:6e:3c:bd:db:9c:37:7c:d8:bd:c6:7a:
         bb:1f:94:f8:0b:cd:6b:6b:78:28:0b:90:dd:fa:bf:14:ec:a8:
         00:6e:36:52:9d:20:a4:65:93:73:f3:b8:9f:b9:f8:3a:55:50:
         2c:b2:8e:4d
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUP1D+BoacnCja2kKmkBwujxO0RHUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MzNaFw0yMjA5MzAwMDAwMzNaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQzRCREM3RUI1MkFEMjMxRDM5
RTM0ODRENzNCNDE0NzlCQTQ3QjdFNkYyRUZDQjEzNTlEQTk0RTM3NTFDOTA3QUMx
RkQ4NENCRTk0ODAyMkZDNjA4NzAzNkUxM0ZEMjE4QTQyQ0JBMjRBMDU0NEVCNTA5
Qzg2Q0FGMzczMkZCMDZBMDdCNDBEQUVENDlDQTI2Q0UwQUYwQTczQTMwQkZFRjg4
NTBGMTkxNzk1MTg3QjI1NUQ1NkRDQjRGOEE0NEVEMkJENzUyQ0NGMkU1MDI0QjI1
NUZEQTVBNkNGNkY1OTgwNjEwQTJFNDFCNDE3NjRDMEJFQTNFOTNFQTE2MDM3MjA5
MEZFRTIwQjNFRUY4QTBBQUY3NjVFMkM5ODA4QTZFMTM5Q0JDQzRFRkQyMUJBNkRG
MDk2NDcyOUZBQjA5QzkxMUUxMDkyNzdDNDY1MTkwM0MwNjFBNEQwMDQ0NjQ3RkYz
RDNDOTQ2OTE4RUIxODFCQzcwMTFFNTZDNDE5MjhGNzU4MjJDMEIyQzlCMjlCREI5
NUE5ODk2OUUyQUIxRkYzQzk1REFDMzcwMTczNzAyOTUyMkU3MzYwODExNjgwNUI4
RjRCMjU5OUE3NzNBNkE0NEI3Q0I2NzI3N0FENzg2OEJENkU3NUIwODZFMDY1NDZD
OUU4RjZFNUU5NjIzMjMwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAxL3H61KtIx0540hNc7QUebpHt+by78sTWdqU43UckHrB/YTL6UgC
L8YIcDbhP9IYpCy6JKBUTrUJyGyvNzL7BqB7QNrtScomzgrwpzowv++IUPGReVGH
slXVbctPikTtK9dSzPLlAkslX9pabPb1mAYQouQbQXZMC+o+k+oWA3IJD+4gs+74
oKr3ZeLJgIpuE5y8xO/SG6bfCWRyn6sJyRHhCSd8RlGQPAYaTQBEZH/z08lGkY6x
gbxwEeVsQZKPdYIsCyybKb25WpiWniqx/zyV2sNwFzcClSLnNggRaAW49LJZmnc6
akS3y2cneteGi9bnWwhuBlRsno9uXpYjIwIDAQABo4ICMjCCAi4wHQYDVR0OBBYE
FL9r3+jtCUz7/ElREh8p9llkQIR4MB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGiBggrBgEFBQcB
CwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTMxMzIyZTM3MzgyZTMxMzYzMDJlMzAyZjMyMzEyZDMyMzEyMDNkM2UyMDMxMzcz
NDM1MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBANwTqAwDQYJKoZIhvcNAQELBQADggEBAKU9peTuzoX8
G81yHV+vVctZ5Fhgz/iuLeGJS69aF6LHVo3hTvKThEi3dftpTJBgO/QsYZTpECAe
AHliq6X4zHBcauDsBR7kCSYy9AWssF3TSnnGgxDtnW9WOImNYQ6jkKb/SnXO/7d2
NUWVRImH6xwQCqdteADJoaxWrNJ2J5dDTgUoR4NfFBTsb9fbycTmHKOm9fpy7/ee
50pKChtD5tjgBEC6qlbmA3Di0cHlpMo4dYPrtVcSZvApGRc+SFMWCLqw/20oUEQe
oZnbs/huPL3bnDd82L3GersflPgLzWtreCgLkN36vxTsqABuNlKdIKRlk3PzuJ+5
+DpVUCyyjk0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:59 2023 by rpki-client on console-ams.rpki-client.org