Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131372e3130322e3130332e302f32342d3234203d3e203137343531.roa
File:                     3131372e3130322e3130332e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          RUKbcMjlbkXtQes9WDsp4dSsD38b5t7qWBirUlRTu8c=
Subject key identifier:   C1:D3:68:4D:CF:DD:8D:1C:13:D8:4A:CF:C7:37:E2:3E:2D:DE:8C:BB
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       495FAB8B5ED10480053D66F6B7815D9C314EA460
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131372e3130322e3130332e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:22 +0000
ROA not before:           Wed 29 Sep 2021 23:55:22 +0000
ROA not after:            Fri 30 Sep 2022 00:00:22 +0000
asID:                     17451
IP address blocks:        117.102.103.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:5f:ab:8b:5e:d1:04:80:05:3d:66:f6:b7:81:5d:9c:31:4e:a4:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:22 2021 GMT
            Not After : Sep 30 00:00:22 2022 GMT
        Subject: CN=3082010A0282010100A1E1736F046E41533FB5BB1B7AB4D53A22EF2839BC21FF8C2EFCFC9351889361AB7554A4321C42971EF8B31A307F5EA2246287CE16CF03AC94EBFE4FEA1558485944DF7DC036FB953DB5A64E0D64DC26A8139AF52B4177BEA2ACCA7236E8E7EB4CD33BB1A0C3565B19CDB1FBBE92E80F14D1C977AA6BC377C3F8E645F12579841B2ED76135C565A156243B64446A7CD5343741640EB3396D6675D7CC73428E5911BCC16778F063171D5FB71AF0B47290EF4268941D60F51CFC2ABEEFCCCA97D00296AC2E8F0A8013E6DED095D718F8A4871F578331AB1FA73671E4A4865DF72BAB41D8DF1765F477809A6EC0B5F8D96B432A1C8A7B49A031CB0029E6D43CD6D90203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:e1:73:6f:04:6e:41:53:3f:b5:bb:1b:7a:b4:
                    d5:3a:22:ef:28:39:bc:21:ff:8c:2e:fc:fc:93:51:
                    88:93:61:ab:75:54:a4:32:1c:42:97:1e:f8:b3:1a:
                    30:7f:5e:a2:24:62:87:ce:16:cf:03:ac:94:eb:fe:
                    4f:ea:15:58:48:59:44:df:7d:c0:36:fb:95:3d:b5:
                    a6:4e:0d:64:dc:26:a8:13:9a:f5:2b:41:77:be:a2:
                    ac:ca:72:36:e8:e7:eb:4c:d3:3b:b1:a0:c3:56:5b:
                    19:cd:b1:fb:be:92:e8:0f:14:d1:c9:77:aa:6b:c3:
                    77:c3:f8:e6:45:f1:25:79:84:1b:2e:d7:61:35:c5:
                    65:a1:56:24:3b:64:44:6a:7c:d5:34:37:41:64:0e:
                    b3:39:6d:66:75:d7:cc:73:42:8e:59:11:bc:c1:67:
                    78:f0:63:17:1d:5f:b7:1a:f0:b4:72:90:ef:42:68:
                    94:1d:60:f5:1c:fc:2a:be:ef:cc:ca:97:d0:02:96:
                    ac:2e:8f:0a:80:13:e6:de:d0:95:d7:18:f8:a4:87:
                    1f:57:83:31:ab:1f:a7:36:71:e4:a4:86:5d:f7:2b:
                    ab:41:d8:df:17:65:f4:77:80:9a:6e:c0:b5:f8:d9:
                    6b:43:2a:1c:8a:7b:49:a0:31:cb:00:29:e6:d4:3c:
                    d6:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:D3:68:4D:CF:DD:8D:1C:13:D8:4A:CF:C7:37:E2:3E:2D:DE:8C:BB
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131372e3130322e3130332e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  117.102.103.0/24

    Signature Algorithm: sha256WithRSAEncryption
         38:5e:64:29:6d:4c:93:82:38:fb:8f:b6:a3:7b:8c:f1:57:a5:
         de:c5:20:8b:0f:24:2a:8d:43:7f:53:16:59:93:5f:99:19:d7:
         e3:29:78:2c:5d:32:1d:5e:88:20:95:37:10:37:49:d4:dd:dd:
         2d:3b:76:cc:54:a9:07:ea:e8:87:09:e5:00:18:c1:94:b1:12:
         b7:0a:3d:a0:e5:8e:78:8c:f4:e3:ac:f3:9a:83:e3:ab:80:83:
         47:84:f0:be:d3:80:65:5e:37:c3:a6:b8:37:7c:64:4f:9f:cc:
         b2:43:fd:9e:3e:b5:36:ec:12:6a:92:1f:c7:f8:6b:9d:57:46:
         50:b1:5e:bd:18:56:b8:be:15:b1:6f:32:59:a0:4e:a0:77:0f:
         2f:0c:72:6b:d1:30:27:82:5d:a4:b0:72:c6:39:b1:7d:72:65:
         01:8c:ac:2f:33:51:fd:48:6d:4a:b2:e1:51:56:80:07:23:af:
         80:3d:6b:c4:55:3c:a1:85:97:25:86:f8:e8:60:f7:cd:5f:cc:
         74:e3:33:02:be:ea:bc:f4:0a:26:9f:d7:c3:85:2c:ae:09:05:
         d9:ab:69:d1:c1:ef:91:e8:11:7d:59:67:93:2a:b5:6f:49:23:
         86:32:bf:84:0f:a4:95:c6:e1:b5:bd:ff:1e:c0:12:fd:37:f7:
         05:a0:b2:f9
-----BEGIN CERTIFICATE-----
MIIHJjCCBg6gAwIBAgIUSV+ri17RBIAFPWb2t4FdnDFOpGAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MjJaFw0yMjA5MzAwMDAwMjJaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQTFFMTczNkYwNDZFNDE1MzNG
QjVCQjFCN0FCNEQ1M0EyMkVGMjgzOUJDMjFGRjhDMkVGQ0ZDOTM1MTg4OTM2MUFC
NzU1NEE0MzIxQzQyOTcxRUY4QjMxQTMwN0Y1RUEyMjQ2Mjg3Q0UxNkNGMDNBQzk0
RUJGRTRGRUExNTU4NDg1OTQ0REY3REMwMzZGQjk1M0RCNUE2NEUwRDY0REMyNkE4
MTM5QUY1MkI0MTc3QkVBMkFDQ0E3MjM2RThFN0VCNENEMzNCQjFBMEMzNTY1QjE5
Q0RCMUZCQkU5MkU4MEYxNEQxQzk3N0FBNkJDMzc3QzNGOEU2NDVGMTI1Nzk4NDFC
MkVENzYxMzVDNTY1QTE1NjI0M0I2NDQ0NkE3Q0Q1MzQzNzQxNjQwRUIzMzk2RDY2
NzVEN0NDNzM0MjhFNTkxMUJDQzE2Nzc4RjA2MzE3MUQ1RkI3MUFGMEI0NzI5MEVG
NDI2ODk0MUQ2MEY1MUNGQzJBQkVFRkNDQ0E5N0QwMDI5NkFDMkU4RjBBODAxM0U2
REVEMDk1RDcxOEY4QTQ4NzFGNTc4MzMxQUIxRkE3MzY3MUU0QTQ4NjVERjcyQkFC
NDFEOERGMTc2NUY0Nzc4MDlBNkVDMEI1RjhEOTZCNDMyQTFDOEE3QjQ5QTAzMUNC
MDAyOUU2RDQzQ0Q2RDkwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAoeFzbwRuQVM/tbsberTVOiLvKDm8If+MLvz8k1GIk2GrdVSkMhxC
lx74sxowf16iJGKHzhbPA6yU6/5P6hVYSFlE333ANvuVPbWmTg1k3CaoE5r1K0F3
vqKsynI26OfrTNM7saDDVlsZzbH7vpLoDxTRyXeqa8N3w/jmRfEleYQbLtdhNcVl
oVYkO2REanzVNDdBZA6zOW1mddfMc0KOWRG8wWd48GMXHV+3GvC0cpDvQmiUHWD1
HPwqvu/MypfQApasLo8KgBPm3tCV1xj4pIcfV4Mxqx+nNnHkpIZd9yurQdjfF2X0
d4CabsC1+NlrQyocintJoDHLACnm1DzW2QIDAQABo4ICNDCCAjAwHQYDVR0OBBYE
FMHTaE3P3Y0cE9hKz8c34j4t3oy7MB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGkBggrBgEFBQcB
CwSBlzCBlDCBkQYIKwYBBQUHMAuGgYRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTMxMzcyZTMxMzAzMjJlMzEzMDMzMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEz
NzM0MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEAHVmZzANBgkqhkiG9w0BAQsFAAOCAQEAOF5kKW1M
k4I4+4+2o3uM8Vel3sUgiw8kKo1Df1MWWZNfmRnX4yl4LF0yHV6IIJU3EDdJ1N3d
LTt2zFSpB+rohwnlABjBlLEStwo9oOWOeIz046zzmoPjq4CDR4TwvtOAZV43w6a4
N3xkT5/MskP9nj61NuwSapIfx/hrnVdGULFevRhWuL4VsW8yWaBOoHcPLwxya9Ew
J4JdpLByxjmxfXJlAYysLzNR/UhtSrLhUVaAByOvgD1rxFU8oYWXJYb46GD3zV/M
dOMzAr7qvPQKJp/Xw4UsrgkF2atp0cHvkegRfVlnkyq1b0kjhjK/hA+klcbhtb3/
HsAS/Tf3BaCy+Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:44 2023 by rpki-client on console-fra.rpki-client.org