Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131382e39392e36372e302f32342d3234203d3e203137343531.roa
File:                     3131382e39392e36372e302f32342d3234203d3e203137343531.roa (raw, json)
Hash identifier:          sd5EAERcnNE2NJgkLhWuBZdCwe0/B7vXqTYZX3z9fyE=
Subject key identifier:   6D:B6:F1:F7:1A:7F:55:D3:33:06:21:67:EC:45:AD:30:71:46:F3:0A
Certificate issuer:       /CN=AC555447BA62C39107F16BF572F82A417F728DBF
Certificate serial:       0E5B04AFC378A8C6E56F5C1C74E85B7F3DE34EC1
Authority key identifier: AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131382e39392e36372e302f32342d3234203d3e203137343531.roa
Signing time:             Thu 30 Sep 2021 00:00:29 +0000
ROA not before:           Wed 29 Sep 2021 23:55:29 +0000
ROA not after:            Fri 30 Sep 2022 00:00:29 +0000
asID:                     17451
IP address blocks:        118.99.67.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:5b:04:af:c3:78:a8:c6:e5:6f:5c:1c:74:e8:5b:7f:3d:e3:4e:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC555447BA62C39107F16BF572F82A417F728DBF
        Validity
            Not Before: Sep 29 23:55:29 2021 GMT
            Not After : Sep 30 00:00:29 2022 GMT
        Subject: CN=3082010A0282010100D19B1CBA3BACB0E71FFD3B094996841D9AFFA30F6AC60AEB08B6FB663AA7375FE07B8C76F12377FF18D38245EDDDC5FCA0F1AC4890402FE97210793E1158F003B3C1ED15EE94A50E403B2DE38C2ED1F9726DB17EAF02180B0220278C51F529A3C37866C0786115A89A59FBDADC63BFA344CF71B1323F4D88D535B21FF0CD45647569ED93015AFE75D79391FBEF89B132A0BCA8B312238BAE462925472C73945F9CB0238DDD9CAAD4E82CB8BA431B04D21DAA22C5AB253D2057BE19B49D8C3C8B3E99DF243EFF081938EDE3D9858F2FDF66809D965EADEE0EECA717A628C1640A0BEDF4AEDD20F4FAA621C9FC923612343DD5AAB5EB20051591647D2A8D5B34950203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:9b:1c:ba:3b:ac:b0:e7:1f:fd:3b:09:49:96:
                    84:1d:9a:ff:a3:0f:6a:c6:0a:eb:08:b6:fb:66:3a:
                    a7:37:5f:e0:7b:8c:76:f1:23:77:ff:18:d3:82:45:
                    ed:dd:c5:fc:a0:f1:ac:48:90:40:2f:e9:72:10:79:
                    3e:11:58:f0:03:b3:c1:ed:15:ee:94:a5:0e:40:3b:
                    2d:e3:8c:2e:d1:f9:72:6d:b1:7e:af:02:18:0b:02:
                    20:27:8c:51:f5:29:a3:c3:78:66:c0:78:61:15:a8:
                    9a:59:fb:da:dc:63:bf:a3:44:cf:71:b1:32:3f:4d:
                    88:d5:35:b2:1f:f0:cd:45:64:75:69:ed:93:01:5a:
                    fe:75:d7:93:91:fb:ef:89:b1:32:a0:bc:a8:b3:12:
                    23:8b:ae:46:29:25:47:2c:73:94:5f:9c:b0:23:8d:
                    dd:9c:aa:d4:e8:2c:b8:ba:43:1b:04:d2:1d:aa:22:
                    c5:ab:25:3d:20:57:be:19:b4:9d:8c:3c:8b:3e:99:
                    df:24:3e:ff:08:19:38:ed:e3:d9:85:8f:2f:df:66:
                    80:9d:96:5e:ad:ee:0e:ec:a7:17:a6:28:c1:64:0a:
                    0b:ed:f4:ae:dd:20:f4:fa:a6:21:c9:fc:92:36:12:
                    34:3d:d5:aa:b5:eb:20:05:15:91:64:7d:2a:8d:5b:
                    34:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:B6:F1:F7:1A:7F:55:D3:33:06:21:67:EC:45:AD:30:71:46:F3:0A
            X509v3 Authority Key Identifier:
                keyid:AC:55:54:47:BA:62:C3:91:07:F1:6B:F5:72:F8:2A:41:7F:72:8D:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/AC555447BA62C39107F16BF572F82A417F728DBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AC555447BA62C39107F16BF572F82A417F728DBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3993f350-b756-4916-8d84-484f025dffcc/0/3131382e39392e36372e302f32342d3234203d3e203137343531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  118.99.67.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:fc:07:ea:4a:35:db:5b:f6:43:14:59:72:d7:ac:8f:20:2e:
         a3:8f:fe:7d:bb:ad:76:84:99:53:a7:22:40:05:3e:ea:79:9d:
         ec:03:b3:fc:35:5e:70:bf:96:00:87:4b:6c:62:5a:90:61:a6:
         88:cb:79:be:49:42:9b:b9:f9:57:20:34:75:58:46:99:5a:d8:
         5e:af:dc:55:f6:f6:6b:60:dd:8b:88:59:bf:94:f1:9a:5f:88:
         f1:c2:a3:af:3b:9a:e1:9f:25:a2:50:5a:a5:3e:69:97:13:e0:
         da:b2:2d:a5:2e:37:0e:97:37:50:9c:ef:29:4a:a2:79:ab:b7:
         a4:fa:3b:d6:1d:53:2e:35:79:fb:ff:0f:70:6f:55:b5:99:01:
         b7:d7:22:73:d0:28:5e:22:ab:95:b0:90:2e:23:73:ef:de:98:
         00:1f:c4:f1:a1:a9:b1:97:43:4a:e5:8a:aa:ec:3d:b4:d8:2b:
         32:f1:e3:79:f4:0e:af:43:52:01:6f:03:98:83:f7:00:2b:63:
         bf:d5:f5:2a:6b:a1:6e:9f:6a:af:1c:00:ee:6f:7d:48:56:ac:
         7d:a8:64:72:36:ba:86:ab:aa:63:97:67:85:ef:81:a5:cb:89:
         12:89:64:cb:9d:33:cd:91:a8:23:75:61:1e:14:7a:bf:b8:d5:
         9a:51:7f:c6
-----BEGIN CERTIFICATE-----
MIIHIjCCBgqgAwIBAgIUDlsEr8N4qMblb1wcdOhbfz3jTsEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJBNDE3
RjcyOERCRjAeFw0yMTA5MjkyMzU1MjlaFw0yMjA5MzAwMDAwMjlaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRDE5QjFDQkEzQkFDQjBFNzFG
RkQzQjA5NDk5Njg0MUQ5QUZGQTMwRjZBQzYwQUVCMDhCNkZCNjYzQUE3Mzc1RkUw
N0I4Qzc2RjEyMzc3RkYxOEQzODI0NUVERERDNUZDQTBGMUFDNDg5MDQwMkZFOTcy
MTA3OTNFMTE1OEYwMDNCM0MxRUQxNUVFOTRBNTBFNDAzQjJERTM4QzJFRDFGOTcy
NkRCMTdFQUYwMjE4MEIwMjIwMjc4QzUxRjUyOUEzQzM3ODY2QzA3ODYxMTVBODlB
NTlGQkRBREM2M0JGQTM0NENGNzFCMTMyM0Y0RDg4RDUzNUIyMUZGMENENDU2NDc1
NjlFRDkzMDE1QUZFNzVENzkzOTFGQkVGODlCMTMyQTBCQ0E4QjMxMjIzOEJBRTQ2
MjkyNTQ3MkM3Mzk0NUY5Q0IwMjM4REREOUNBQUQ0RTgyQ0I4QkE0MzFCMDREMjFE
QUEyMkM1QUIyNTNEMjA1N0JFMTlCNDlEOEMzQzhCM0U5OURGMjQzRUZGMDgxOTM4
RURFM0Q5ODU4RjJGREY2NjgwOUQ5NjVFQURFRTBFRUNBNzE3QTYyOEMxNjQwQTBC
RURGNEFFREQyMEY0RkFBNjIxQzlGQzkyMzYxMjM0M0RENUFBQjVFQjIwMDUxNTkx
NjQ3RDJBOEQ1QjM0OTUwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA0ZscujussOcf/TsJSZaEHZr/ow9qxgrrCLb7ZjqnN1/ge4x28SN3
/xjTgkXt3cX8oPGsSJBAL+lyEHk+EVjwA7PB7RXulKUOQDst44wu0flybbF+rwIY
CwIgJ4xR9Smjw3hmwHhhFaiaWfva3GO/o0TPcbEyP02I1TWyH/DNRWR1ae2TAVr+
ddeTkfvvibEyoLyosxIji65GKSVHLHOUX5ywI43dnKrU6Cy4ukMbBNIdqiLFqyU9
IFe+GbSdjDyLPpnfJD7/CBk47ePZhY8v32aAnZZere4O7KcXpijBZAoL7fSu3SD0
+qYhyfySNhI0PdWqtesgBRWRZH0qjVs0lQIDAQABo4ICMDCCAiwwHQYDVR0OBBYE
FG228fcaf1XTMwYhZ+xFrTBxRvMKMB8GA1UdIwQYMBaAFKxVVEe6YsORB/Fr9XL4
KkF/co2/MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzk5M2YzNTAtYjc1Ni00OTE2LThk
ODQtNDg0ZjAyNWRmZmNjLzAvQUM1NTU0NDdCQTYyQzM5MTA3RjE2QkY1NzJGODJB
NDE3RjcyOERCRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0FDNTU1NDQ3
QkE2MkMzOTEwN0YxNkJGNTcyRjgyQTQxN0Y3MjhEQkYuY2VyMIGgBggrBgEFBQcB
CwSBkzCBkDCBjQYIKwYBBQUHMAuGgYByc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8zOTkzZjM1MC1iNzU2LTQ5MTYtOGQ4NC00ODRmMDI1ZGZmY2MvMC8z
MTMxMzgyZTM5MzkyZTM2MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM3MzQz
NTMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQAdmNDMA0GCSqGSIb3DQEBCwUAA4IBAQCd/AfqSjXbW/ZD
FFly16yPIC6jj/59u612hJlTpyJABT7qeZ3sA7P8NV5wv5YAh0tsYlqQYaaIy3m+
SUKbuflXIDR1WEaZWther9xV9vZrYN2LiFm/lPGaX4jxwqOvO5rhnyWiUFqlPmmX
E+Dasi2lLjcOlzdQnO8pSqJ5q7ek+jvWHVMuNXn7/w9wb1W1mQG31yJz0CheIquV
sJAuI3Pv3pgAH8Txoamxl0NK5Yqq7D202Csy8eN59A6vQ1IBbwOYg/cAK2O/1fUq
a6Fun2qvHADub31IVqx9qGRyNrqGq6pjl2eF74Gly4kSiWTLnTPNkagjdWEeFHq/
uNWaUX/G
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:00 2023 by rpki-client on console-ams.rpki-client.org