Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131382e39392e36362e302f32342d3234203d3e203137343531.roa
File:                     3131382e39392e36362e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          0eoIa2VHuBYBBWugIJs6f1frL+yXXUBKhj6xLy6yDII=
Subject key identifier:   11:15:A8:1B:1C:F2:53:1C:6C:81:75:E8:82:6D:9C:B5:03:8D:9E:24
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       607B2A6E3925F2EB563DE1937AF28842799C4894
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131382e39392e36362e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:01:10 +0000
ROA not before:           Wed 29 Sep 2021 23:56:10 +0000
ROA not after:            Fri 30 Sep 2022 00:01:10 +0000
asID:                     17451
IP address blocks:        118.99.66.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:7b:2a:6e:39:25:f2:eb:56:3d:e1:93:7a:f2:88:42:79:9c:48:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:56:10 2021 GMT
            Not After : Sep 30 00:01:10 2022 GMT
        Subject: CN=3082010A0282010100CA401D5003C160DA92D060E25A2CCF18D7740F6A429DC9FD013C07F2F1C5C042F6D7A2CD7A2744908346F632304C22A33B877A97CA7758DDEBDA97EF28F0E0819B26EDD4442BE0BBA184A68A8DE0C278BD6F7C93881880716B77BE0E06A4BE0129D20B245B07251C138AD5B4D9DCD6529335F486E5A4830A162ADF0F39EEC67B00B8139D30A5562C1AC7734C6AE803ABCB942E34287C4112E977410A8CE94477B0173280B1CEEE9F26580DA66038881A48FF9466B780E8EDEDD2C1D78AFFEB7EA21DC7E72E000B3B97663087295C5D3FEB218304FF83884BDCD094D9B3C471789C8E613899CABBDC5CA00A194A955EEF420971889E7C487B7B0943466172E60F0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:40:1d:50:03:c1:60:da:92:d0:60:e2:5a:2c:
                    cf:18:d7:74:0f:6a:42:9d:c9:fd:01:3c:07:f2:f1:
                    c5:c0:42:f6:d7:a2:cd:7a:27:44:90:83:46:f6:32:
                    30:4c:22:a3:3b:87:7a:97:ca:77:58:dd:eb:da:97:
                    ef:28:f0:e0:81:9b:26:ed:d4:44:2b:e0:bb:a1:84:
                    a6:8a:8d:e0:c2:78:bd:6f:7c:93:88:18:80:71:6b:
                    77:be:0e:06:a4:be:01:29:d2:0b:24:5b:07:25:1c:
                    13:8a:d5:b4:d9:dc:d6:52:93:35:f4:86:e5:a4:83:
                    0a:16:2a:df:0f:39:ee:c6:7b:00:b8:13:9d:30:a5:
                    56:2c:1a:c7:73:4c:6a:e8:03:ab:cb:94:2e:34:28:
                    7c:41:12:e9:77:41:0a:8c:e9:44:77:b0:17:32:80:
                    b1:ce:ee:9f:26:58:0d:a6:60:38:88:1a:48:ff:94:
                    66:b7:80:e8:ed:ed:d2:c1:d7:8a:ff:eb:7e:a2:1d:
                    c7:e7:2e:00:0b:3b:97:66:30:87:29:5c:5d:3f:eb:
                    21:83:04:ff:83:88:4b:dc:d0:94:d9:b3:c4:71:78:
                    9c:8e:61:38:99:ca:bb:dc:5c:a0:0a:19:4a:95:5e:
                    ef:42:09:71:88:9e:7c:48:7b:7b:09:43:46:61:72:
                    e6:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:15:A8:1B:1C:F2:53:1C:6C:81:75:E8:82:6D:9C:B5:03:8D:9E:24
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131382e39392e36362e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  118.99.66.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a7:e6:ca:54:d2:47:bf:76:91:21:41:61:c7:55:23:cb:e1:6b:
         eb:03:c8:f0:97:43:d2:0c:2c:c1:07:d8:3d:1e:3d:de:fd:b1:
         ab:74:b2:ed:ca:80:cc:97:5b:53:a6:ca:2b:71:fd:91:b5:7b:
         7a:ac:25:2b:80:a7:fe:76:e8:b6:d1:44:8a:b0:fb:d7:03:17:
         4c:68:63:da:4c:c6:81:05:0e:82:07:e6:2e:96:72:0a:66:53:
         c2:b6:18:c8:93:7c:97:37:99:63:f0:b3:34:ee:e8:e9:61:eb:
         e1:70:84:c4:aa:1a:a9:fc:39:09:91:94:fc:d6:90:96:3d:4a:
         5f:13:cd:9c:14:eb:ad:4d:0d:ba:ca:fd:02:e0:4a:57:80:32:
         9d:37:9b:53:24:24:6d:48:4e:ac:6a:98:61:7c:5f:e0:8d:70:
         68:23:7a:2a:61:a3:6c:0f:f8:5f:ad:bc:9e:34:4a:95:61:75:
         e3:87:f2:b0:33:37:ce:b5:05:02:81:84:e3:da:a5:a2:ba:da:
         82:ff:44:e4:90:b2:7b:2d:92:eb:e7:a4:8a:99:3e:4f:86:7c:
         03:5c:2b:11:92:66:84:94:79:67:38:f8:e8:ce:e9:22:dc:e8:
         4f:fa:4e:0c:91:4a:38:2c:d1:43:e1:d8:39:64:17:6b:6d:d4:
         5f:a1:87:d4
-----BEGIN CERTIFICATE-----
MIIHIjCCBgqgAwIBAgIUYHsqbjkl8utWPeGTevKIQnmcSJQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU2MTBaFw0yMjA5MzAwMDAxMTBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQ0E0MDFENTAwM0MxNjBEQTky
RDA2MEUyNUEyQ0NGMThENzc0MEY2QTQyOURDOUZEMDEzQzA3RjJGMUM1QzA0MkY2
RDdBMkNEN0EyNzQ0OTA4MzQ2RjYzMjMwNEMyMkEzM0I4NzdBOTdDQTc3NThEREVC
REE5N0VGMjhGMEUwODE5QjI2RURENDQ0MkJFMEJCQTE4NEE2OEE4REUwQzI3OEJE
NkY3QzkzODgxODgwNzE2Qjc3QkUwRTA2QTRCRTAxMjlEMjBCMjQ1QjA3MjUxQzEz
OEFENUI0RDlEQ0Q2NTI5MzM1RjQ4NkU1QTQ4MzBBMTYyQURGMEYzOUVFQzY3QjAw
QjgxMzlEMzBBNTU2MkMxQUM3NzM0QzZBRTgwM0FCQ0I5NDJFMzQyODdDNDExMkU5
Nzc0MTBBOENFOTQ0NzdCMDE3MzI4MEIxQ0VFRTlGMjY1ODBEQTY2MDM4ODgxQTQ4
RkY5NDY2Qjc4MEU4RURFREQyQzFENzhBRkZFQjdFQTIxREM3RTcyRTAwMEIzQjk3
NjYzMDg3Mjk1QzVEM0ZFQjIxODMwNEZGODM4ODRCRENEMDk0RDlCM0M0NzE3ODlD
OEU2MTM4OTlDQUJCREM1Q0EwMEExOTRBOTU1RUVGNDIwOTcxODg5RTdDNDg3QjdC
MDk0MzQ2NjE3MkU2MEYwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAykAdUAPBYNqS0GDiWizPGNd0D2pCncn9ATwH8vHFwEL216LNeidE
kING9jIwTCKjO4d6l8p3WN3r2pfvKPDggZsm7dREK+C7oYSmio3gwni9b3yTiBiA
cWt3vg4GpL4BKdILJFsHJRwTitW02dzWUpM19IblpIMKFirfDznuxnsAuBOdMKVW
LBrHc0xq6AOry5QuNCh8QRLpd0EKjOlEd7AXMoCxzu6fJlgNpmA4iBpI/5Rmt4Do
7e3SwdeK/+t+oh3H5y4ACzuXZjCHKVxdP+shgwT/g4hL3NCU2bPEcXicjmE4mcq7
3FygChlKlV7vQglxiJ58SHt7CUNGYXLmDwIDAQABo4ICMDCCAiwwHQYDVR0OBBYE
FBEVqBsc8lMcbIF16IJtnLUDjZ4kMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGgBggrBgEFBQcB
CwSBkzCBkDCBjQYIKwYBBQUHMAuGgYByc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTMxMzgyZTM5MzkyZTM2MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM3MzQz
NTMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQAdmNCMA0GCSqGSIb3DQEBCwUAA4IBAQCn5spU0ke/dpEh
QWHHVSPL4WvrA8jwl0PSDCzBB9g9Hj3e/bGrdLLtyoDMl1tTpsorcf2RtXt6rCUr
gKf+dui20USKsPvXAxdMaGPaTMaBBQ6CB+YulnIKZlPCthjIk3yXN5lj8LM07ujp
YevhcITEqhqp/DkJkZT81pCWPUpfE82cFOutTQ26yv0C4EpXgDKdN5tTJCRtSE6s
aphhfF/gjXBoI3oqYaNsD/hfrbyeNEqVYXXjh/KwMzfOtQUCgYTj2qWiutqC/0Tk
kLJ7LZLr56SKmT5PhnwDXCsRkmaElHlnOPjozuki3OhP+k4MkUo4LNFD4dg5ZBdr
bdRfoYfU
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:00 2023 by rpki-client on console-ams.rpki-client.org